Vulnerability assessment of cybersecurity for SCADA systems using attack trees

2007 IEEE Power Engineering Society General Meeting, PES

Volumn , Issue , 2007, Pages

  Ten, Chee Wooi ^a,b   Liu, Chen Ching ^a,b   Govindarasu, Manimaran ^a,b  

^a IEEE

^b Iowa State University of Science and Technology   (United States)

Author keywords

Attack tree; Cybersecurity; Defense systems; Power system control; Security vulnerability

Indexed keywords

ELECTRIC POWER SYSTEMS; ONLINE SYSTEMS; POWER CONTROL; TREES (MATHEMATICS);

CYBERSECURITY; POWER SYSTEM CONTROL;

SECURITY OF DATA;

EID: 42549101645     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/PES.2007.385876     Document Type: Conference Paper

References (16)

1. J. Eisenhauer, P. Donnelly, M. Ellis, and M. O'Brien, "Roadmap to secure control systems in the energy sector," Energetics of Columbia. MD, January 2006.
2. Government Accountability Office (GAO) Report to Congressional Requesters, "Critical Infrastructure Protection: Department of Homeland Security Faces Challenges in Fulfilling Cybersecurity Responsibility," GAO-05-434, May 2005.
3. "NERC cybersecurity standards (final version)," http://www.nerc.com/-filez/standards/Cyber-Security-Permanent.html.
4. G. N. Ericsson and A. Torkilseng. "Management of information security for an electric power utility - on security domains and use of ISO/IEC 17799 standard." IEEE Transactions on Power Delivery. Vol. 20, No. 2, April 2005, pp. 683-690.
5. E. Goetz, "Cyber security of the electric power industry," Institute for Security Technology Studies at Dartmouth College. December 2002.
6. L. A. Gordon, M. P. Loeb, W. Lucyshyn, and R. Richardson, "CSI/FBI computer crime and security survey," Computer Security Institute, 2005.
7. J. Tang, R. Hovsapian, M. Sloderbeck, J. Langston, R. Meeker, P.G.McLaren, D. Becker, B. Richardson, M. Baca, J. Trent, Z. Hartley, R. Parks, and S. Smith, "The CAPS-SNL power system security testbed," Proc. CRIS, Third international Conference on Critical Infrastructures, Alexandria. VA, September 2006.
8. C. L. DeMarco and Y. Braden. "Threats to electric power grid security through hacking of networked generation control," Proc. CRIS, Third International Conference on Critical Infrastructures, Alexandria, VA, September 2006.
9. B A. P. Moore, R. J. Ellison, and R. C. Linger, "Attack modeling for information security and survivability," CMU/SEI-2001-TN-001, March 2001.
10. B. Schneier, "Attack trees: modeling security threats," Dr. Dobb's Journal, December 1999.
11. "Vulnerability assessment methodology for electric power infrastructure," US Department of Energy, Office of Energy Assurance. September 30, 2002.
12. Government Accountability Office (GAO) Report to Congressional Requesters, "Information security: technologies to secure federal systems," GAO-04-467, March 2004.
13. C. E. Landwehr, "Computer security," Springer-Verlag. July 2001.
14. M. Amin, "North America's electricity infrastructure: are we ready for more perfect storms'?" IEEE Computer Society: Security & Privacy, 2003, pp. 19-25.
15. J. Jung, C.-C. Liu, M. Hong, M. Gallanti, and G. Tornielli, "Multiple hypotheses and their credibility in on-line fault diagnosis," IEEE Transactions on Power Delivery, Vol. 16, No. 2, April 2001, pp. 225-230.
16. "Cybersecurity standards workshop," user manual for the workshop, North American Electric Reliability Council, September 28-29, Minneapolis, MN.