Security assessment for communication networks of power control systems using attack graph and MCDM

IEEE Transactions on Power Delivery

Volumn 25, Issue 3, 2010, Pages 1492-1500

  Liu, Nian ^a   Zhang, Jianhua ^a   Zhang, Hao ^b   Liu, Wenxia ^a  

^a NORTH CHINA ELECTRIC POWER UNIVERSITY   (China)

^b North China Grid Company Limited   (China)

Author keywords

Attack graph; communication network; multiple criteria decision making; power control system; security assessment

Indexed keywords

ATTACK GRAPH; BASIC CONCEPTS; COMMUNICATION NETWORKS; CONNECTION MODEL; CONSTRUCTION ALGORITHMS; CYBER-ATTACKS; MULTIPLE CRITERIA DECISION MAKING; SECURITY ANALYSIS; SECURITY ASSESSMENT; TECHNIQUE FOR ORDER PREFERENCE BY SIMILARITY TO IDEAL SOLUTIONS;

COMMUNICATION; COMPUTER CRIME; CONTROL SYSTEM ANALYSIS; CONTROL SYSTEMS; DECISION MAKING; DECISION THEORY; HIERARCHICAL SYSTEMS; PNEUMATIC CONTROL EQUIPMENT; POWER CONTROL; SECURITY OF DATA; SECURITY SYSTEMS; TELECOMMUNICATION NETWORKS;

PROCESS CONTROL;

EID: 77953994369     PISSN: 08858977     EISSN: None     Source Type: Journal    
DOI: 10.1109/TPWRD.2009.2033930     Document Type: Article

References (24)

1. CLEVELAND F. IEC TC57 Security Standards for the Power System's Information Infrastructure\Beyond Simple Encryption.//IEEE Power Eng. Soc. Transm. Distrib. 2005/2006, May 21-24, 2006.
2. D. Dzung, M. Naedele, T. V. hoff, and M. Crevatin, "Security for industrial communication systems, " Proc. IEEE, vol.93, no.6, pp. 1152-1177, Jun. 2005.
3. S. Sheng, W. Chan, K. Li, D. Xianzhong, and Z. Xiangjun, "Context information-based cyber security defense of protection system, " IEEE Trans. Power Del., vol.22, no.3, pp. 1477-1481, Jul. 2007.
4. G. Ericsson and A. Torkilseng, "Management of information security for an electric power utility\on security domains and use of ISO/IEC 17799 standard, " IEEE Trans. Power Del., vol.20, no.2, pp. 683-690, Apr. 2005.
5. G. Ericsson, "Toward a framework for managing information security for an electric power utility\CIGRE experiences, " IEEE Trans. Power Del., vol.22, no.3, pp. 1461-1469, Jul. 2007.
6. N. Liu, B. Duan, J. Wang, and S. Huang, "Study on PMI based access control of substation automation system, " in Proc. IEEE Power Eng. Soc. General Meeting, Montreal, QC, Canada, Jun. 18-22, 2006.
7. L. Wang, T. Mander, H. Cheung, F. Nabhani, and R. Cheung, "Security operation modes for enhancement of utility computer network cyber-security, " presented at the IEEE Power Eng. Soc. General Meeting, Tampa, FL, Jun. 24-28, 2007.
8. N. Liu, J. Zhang, and W. Liu, "A security mechanism of web services-based communication for wind power plants, " IEEE Trans. Power Del., vol.23, no.4, pp. 1930-1938, Oct. 2008.
9. G. Y. Liao, Y. J. Chen, W. C. Lu, and T. C. Cheng, "Toward authenticating the master in the modbus protocol, " IEEE Trans. Power Del., vol.23, no.4, pp. 2628-2629, Oct. 2008.
10. IEC TS 62351-1. Power Systems Management and Associated Information Exchange\Data and Communications Security\Part 1: Communication Network and System Security\Introduction to Security Issues, IEC TS 62351-62361, May 2007.
11. J. Yu, A. Mao, and Z. Guo, "Vulnerability assessment of cyber security in power industry, " in Proc. IEEE Power Eng. Soc. Power Systems Conf. Expo., Atlanta, GA, Nov. 1, 2006, pp. 2200-2205.
12. K. Lin and K. E. Holbert, "PRA for vulnerability assessment of power system infrastructure security, " in Proc. 37th Annu. North American Power Symp., Oct. 23-25, 2005, pp. 43-51.
13. C. Taylor, A. Krings, and J. Alves-Foss, "Risk analysis and probabilistic survivability assessment (RAPSA): An assessment approach for power substation hardening, " presented at the ACM SACT, Washington, DC, Nov. 2002.
14. D. Leon, J. Alves-foss, A. Krings, and P. Oman, "Modeling complex control systems to identify remotely accessible devices vulnerable to cyber attack, " presented at the ACM SACT, Washington, DC, Nov. 2002.
15. L. Nordstrom, "Assessment of information security levels in power communication systems using evidential reasoning, " IEEE Trans. Power Del., vol.23, no.3, pp. 1384-1391, Jul. 2008.
16. O. M. Sheyner, "Scenario graphs and attack graphs, " Ph.D. dissertation, Dept. Comput. Sci., Carnegie Mellon Univ., Pittsburgh, PA, 2004.
17. T. L. Saaty, The Analytic Hierarchy Process. New York, McGraw-Hill:, 1980.
18. S. J. Chen and C. L. Hwang, Fuzzy Multiple Attributes Decision Making: Methods and Applications. Berlin, Germany: Springer, 1992.
19. IEC 61850-5, Communication Networks and Systems in Substations\Part 5: Communication Requirements for Functions and Device Models IEC, IEC 61850-61855, 2003.
20. P. Feng, Y. Lian, and Y. Dai, "A vulnerability model of distributed systems based on reliability theory, " (in Chinese) J. Softw., vol.17, no.7, pp. 1633-1640, 2006
21. IEC61850-1, Communication Network and Systems in Substations\Part 1: Introduction and Overview, IEC, IEC61850-1, 2003.
22. IEC 61850-7-2, Communication Networks and Systems in Substation-Part 7-2: Basic Communication Structure for Substation and Feeder Equipment-Abstract Communication Service Interface (ACSI), IEC, IEC 61850-7-12, 2003
23. IEC 61850-8-1, Communication Networks and Systems in Substation-Part 8-1: Specific Communication Service Mapping (SCSM)\Map-ping to MMS(ISO/IEC 9506-1 and ISO/IEC 9506-2) and to ISO/IEC 8802-3, IEC, IEC 61850-8-11, 2003
24. IEC 61850-9-1, Communication Networks and Systems in Substation-Part 9-1: Specific Communication Service Mapping (SCSM)-Sampled Values Over Serial Unidirectional Multidrop Point to Point Link, IEC, IEC 61850-9-11, 2003.