Oliver Gehrke
ABSTRACT
In this paper we present an approach for the integration of cybersecurity tools from multiple domains into an overall risk assessment framework which takes the complex interactions between domains in smart grid systems into account. The approach is based on generating hypotheses from a template, which are then analyzed for their probability and associated impact on the system. The feasibility of the proposed approach is discussed using a very simple example case to serve as a proof of concept. Furthermore, we introduce a generic software framework for the processing of hypothesis templates.
- CEN-CENELEC-ETSI Smart Grid Coordination Group. 2012. Smart Grid Information Security. (November 2012).Google Scholar
- V. Chandola, A. Banerjee, and V. Kumar. 2009. Anomaly detection: A survey. ACM computing surveys (CSUR) 41, 3 (2009), 15.Google Scholar
- Thomas M Chen, Juan Carlos Sanchez-Aarnoutse, and John Buford. 2011. Petri net modeling of cyber-physical attacks on smart grid. IEEE Transactions on Smart Grid 2, 4 (2011), 741--749.Google ScholarCross Ref
- Hannes Holm, Khurram Shahzad, Markus Buschle, and Mathias Ekstedt. 2015. P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language. IEEE Transactions on Dependable and Secure Computing 12 (Nov.-Dec 2015), 626--639. Google ScholarCross Ref
- Y. Isozaki, S. Yoshizawa, Y. Fujimoto, H. Ishii, I. Ono, T. Onoda, and Y Hayashi. 2014. On detection of cyber attacks against voltage control in distribution power grids. In Smart Grid Communications (SmartGridComm), 2014. Proceedings. 2014 IEEE Int. Conf. on. IEEE, 842--847. Google ScholarCross Ref
- Barbara Kordy, Ludovic Piètre-Cambacédès, and Patrick Schweitzer. 2014. DAG-based attack and defense modeling: Don't miss the forest for the attack trees. Computer science review 13 (2014), 1--38. Google ScholarDigital Library
- Sudha Krishnamurthy, Soumik Sarkar, and Ashutosh Tewari. 2014. Scalable anomaly detection and isolation in cyber-physical systems using bayesian networks. In ASME 2014 Dynamic Systems and Control Conference. American Society of Mechanical Engineers, V002T26A006--V002T26A006. Google ScholarCross Ref
- E. LeMay, M. D. Ford, K. Keefe, W. H. Sanders, and C. Muehrcke. 2011. Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE). In Proc. Eighth Int. Conf. Quantitative Evaluation of SysTems. 191--200. Google ScholarDigital Library
- K. Mets, J. A. Ojea, and C. Develder. 2014. Combining Power and Communication Network Simulation for Cost-Effective Smart Grid Analysis. IEEE Communications Surveys Tutorials 16, 3 (Third 2014), 1771--1796. DOI: http://dx.doi.org/10.1109/SURV.2014.021414.00116 Google ScholarCross Ref
- Yilin Mo, Tiffany Hyun-Jin Kim, Kenneth Brancik, Dona Dickinson, Heejo Lee, Adrian Perrig, and Bruno Sinopoli. 2012. Cyber--physical security of a smart grid infrastructure. Proc. IEEE 100, 1 (2012), 195--209. Google ScholarCross Ref
- National Technical Authority for Information Assurance. 2009. HMG IA Standard No. 1 Technical Risk assessment. Cheltenham, United Kingdom: National Technical Authority for Information Assurance. (2009).Google Scholar
- Xinming Ou, Sudhakar Govindavajhala, and Andrew W Appel. 2005. MulVAL: A Logic-based Network Security Analyzer. In USENIX security.Google Scholar
- Fabio Pasqualetti, Florian Dörfler, and Francesco Bullo. 2013. Attack detection and identification in cyber-physical systems. IEEE Trans. Automat. Control 58, 11 (2013), 2715--2729. Google ScholarCross Ref
- M. Sanz-Bobi, A.M. San Roque, A. de Marcos, and M. Bada. 2012. Intelligent system for a remote diagnosis of a photovoltaic solar power plant. Journal of Physics: Conference Series 364, 1 (2012). Google ScholarCross Ref
- Oleg Sheyner, Joshua Haines, Somesh Jha, Richard Lippmann, and Jeannette M Wing. 2002. Automated generation and analysis of attack graphs. In Security and privacy, 2002. Proceedings. 2002 IEEE Symposium on. IEEE, 273--284.Google ScholarDigital Library
- Teodor Sommestad, Mathias Ekstedt, and Hannes Holm. 2013. The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures. Systems Journal, IEEE 7, 3 (Sept 2013), 363--373. Google ScholarCross Ref
- Siddharth Sridhar, Adam Hahn, and Manimaran Govindarasu. 2012. Cyber--physical system security for the electric power grid. Proc. IEEE 100, 1 (2012), 210--224. Google ScholarCross Ref
- The Open Group. 2013. Open Group Standard: Risk Analysis (O-RA. Berkshire, United Kingdom: The Open Group. (2013). https://www2.opengroup.org/ogsys/catalog/C13GGoogle Scholar
- An Hoa Vu, Nils Ole Tippenhauer, Binbin Chen, David M. Nicol, and Zbigniew Kalbarczyk. 2014. CyberSAGE: A Tool for Automatic Security Assessment of Cyber-Physical Systems. In Quantitative Evaluation of Systems. Springer.Google Scholar
- D. Yang, A. Usynin, and J.W. Hines. 2006. Anomaly-based intrusion detection for SCADA systems. In Nuclear Plant Instrumentation Controls and Human Machine Interface Technology, 2006. Proceedings. 5. Intl. Topical Meeting on. American Nuclear Society, 797--803.Google Scholar
- Tim Yardley, Robin Berthier, David Nicol, and William H Sanders. 2013. Smart grid protocol testing through cyber-physical testbeds. In Innovative Smart Grid Technologies (ISGT), 2013 IEEE PES. IEEE, 1--6.Google Scholar
- A. Zaher, S. McArthur, D. Infield, and Y. Patel. 2009. Online wind turbine fault detection through automated SCADA data analysis. Wind Energy 12, 6 (2009), 574.Google ScholarCross Ref
- Kim Zetter. 2016. Inside the cunning, unprecented hack of Ukraine's power grid. (2016). https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/Google Scholar
Recommendations
A CMMI-Based Automated Risk Assessment Framework
APSEC '14: Proceedings of the 2014 21st Asia-Pacific Software Engineering Conference - Volume 02Risk assessment is crucial to the increase of software development project success. Current risk assessment approaches provide only a rough guide. Risk assessment experts and domain experts are required in conducting risk assessments in software ...
Product Incremental Security Risk Assessment Using DevSecOps Practices
Computer Security. ESORICS 2022 International WorkshopsAbstractSecurity risk assessment is often a heavy manual process, making it expensive to perform. DevOps, that aims at improving software quality and speed of delivery, as well as DevSecOps that augments DevOps with the automation of security activities, ...
Risk Management and Risk Assessment at ENISA: Issues and Challenges
ARES '06: Proceedings of the First International Conference on Availability, Reliability and SecurityIn this talk, the main directions followed in current and future work in the area of Risk Management and Risk Assessment at ENISA will be presented. The efforts in this area range from an initial inventory of Risk Management /Risk Assessment methods and ...
Comments