Model-Based Cybersecurity Assessment with NESCOR Smart Grid Failure Scenarios

Proceedings - 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing, PRDC 2015

Volumn , Issue , 2016, Pages 319-324

  Jauhar, Sumeet ^a   Chen, Binbin ^a   Temple, William G ^a   Dong, Xinshu ^a   Kalbarczyk, Zbigniew ^b   Sanders, William H ^b   Nicol, David M ^b  

^a ADVANCED DIGITAL SCIENCES CENTER   (Singapore)

^b UNIVERSITY OF ILLINOIS AT URBANA CHAMPAIGN   (United States)

Author keywords

cybersecurity; NESCOR; Smart grid

Indexed keywords

ELECTRIC POWER TRANSMISSION NETWORKS; OUTAGES; RISK ASSESSMENT; RISK PERCEPTION;

ASSESSMENT TOOL; CYBER SECURITY; FAILURE SCENARIOS; MODEL-BASED OPC; NESCOR; SMART GRID; TECHNICAL WORKING GROUPS; TRADITIONAL POWER SYSTEM;

SMART POWER GRIDS;

EID: 84964318272     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/PRDC.2015.37     Document Type: Conference Paper

References (22)

1. ENISA, "Appropriate security measures for smart grids," 2012.
2. R. Habash, V. Groza, D. Krewski, and G. Paoli, "A risk assessment framework for the smart grid," in IEEE EPEC, Aug. 2013.
3. NIST: The Smart Grid Interoperability Panel - Cyber Security Working Group, "NISTIR 7628, Guidelines for Smart Grid Cyber Security, Revision 1," 2014.
4. National Electric Sector Cybersecurity Organization Resource, "Electric sector failure scenarios and impact analyses," Electric Power Research Institute, Tech. Rep. 2.0, Jun. 2014.
5. A. H. Vu, N. O. Tippenhauer, B. Chen, D. M. Nicol, and Z. Kalbarczyk, "CyberSAGE: A tool for automatic security assessment of cyber physical systems," in QEST, Sep. 2014.
6. N. O. Tippenhauer, W. G. Temple, A. H. Vu, B. Chen, D. M. Nicol, Z. Kalbarczyk, and W. Sanders, "Automatic generation of security argument graphs," in PRDC, Nov. 2014.
7. G. Sindre, "Mal-activity diagrams for capturing attacks on business processes," in REFSQ, Jun. 2007.
8. National Electric Sector Cybersecurity Organization Resource, "Electric sector failure scenarios common vulnerabilities and mitigations mapping," Electric Power Research Institute, Tech. Rep., Jun. 2014.
9. A. Lee, "Integrating electricity subsector failure scenarios into a risk assessment methodology," Electric Power Research Institute, Tech. Rep., Dec. 2013.
10. R. Abercrombie, B. Schlicher, and F. Sheldon, "Security analysis of selected ami failure scenarios using agent based game theoretic simulation," in HICSS, Jan. 2014.
11. R. Berthier and W. H. Sanders., "Monitoring advanced metering infrastructures with amilyzer," in C&ESAR, Nov. 2013.
12. C. Hawk and A. Kaushiva, "Cybersecurity and the smarter grid," The Electricity Journal, Vol. 27, no. 8, pp. 84-95, 2014.
13. T. Sommestad, M. Ekstedt, and H. Holm, "The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures," Systems Journal, IEEE, Vol. 7, no. 3, Sep. 2013.
14. E. LeMay, M. Ford, K. Keefe, W. Sanders, and C. Muehrke, "Modelbased security metrics using ADversary VIew Security Evaluation (ADVISE)," in QEST, Sep. 2011.
15. B. Kordy, L. Pietre-Cambacedes, and P. Schweitzer, "DAG-based attack and defense modeling: Don't miss the forest for the attack trees," CoRR, Vol. abs/1303.7397, 2013.
16. B. Chen, Z. Kalbarczyk, D. M. Nicol, W. H. Sanders, R. Tan, W. G. Temple, N. O. Tippenhauer, A. H. Vu, and D. K. Yau, "Go with the flow: Toward workflow-oriented security assessment," in NSPW, 2013.
17. NIST: Joint Task Force Transformation Initiative, "Nist special publication 800-53, security and privacy controls for federal information systems and organizations, revision 4," 2013.
18. The North American Electric Reliability Corporation (NERC), "Security guidelines for the electricity sector: Vulnerability and risk assessment, version 1.0," 2012.
19. ICS-CERT, "CSET: The cyber security evaluation tool."
20. EPRI, "Failure scenario based risk assessment toolkit for the electricity subsector," June 2014, prototype Version 0.3.
21. "CyberSAGE NESCOR Tech Report," https://www.illinois.adsc.com.sg/papers/CyberSAGE-NESCOR-TechReport.pdf, Tech. Rep.
22. "CyberSAGE," https://www.illinois.adsc.com.sg/cybersage/.