Towards an adapted classification methodology for graded security approaches in epu architectures

CIGRE 2013 Lisbon Symposium - Smarts Grids: Next Generation Grids for Energy Trends

Volumn 2013-April, Issue , 2013, Pages

  Zerbst, J ^a   Zimmermann, S ^b   Holstein, D K ^c   Poirier, C ^d  

^a RINGHALS AB   (Sweden)

^b Vattenfall Europe Mining AG   (Germany)

^c OPUS Consulting Group   (United States)

^d EDF R AND D   (France)

Author keywords

CYBER SECURITY; GRADED SECURITY APPROACH; SECURITY CLASSIFICATION.; ZONE MODEL

Indexed keywords

ELECTRIC POWER SYSTEMS; LAWS AND LEGISLATION;

CLASSIFICATION METHODOLOGIES; COMMUNICATION ARCHITECTURES; CYBER SECURITY; INDUSTRIAL AUTOMATION AND CONTROL SYSTEM (IACS); REAL-WORLD IMPLEMENTATION; SECURITY APPROACH; SECURITY CLASSIFICATION; ZONE MODEL;

ELECTRIC POWER SYSTEM CONTROL;

EID: 84980423935     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (20)

1. L. Pietre-Cambacedes, M. Tritschler and G. Ericsson, "Cyber security myths on power control systems: 21 misconceptions and false beliefs," IEEE Transactions on Power Delivery, Vol. 26, Issue 1, pp. 161-172, January 2011
2. W32.Stuxnet Dossier, 2011, Nicolas Falliere, Liam O Murchu, Eric Chien Available at: http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf (last visited 27th December 2012)
3. IEC 62443-1, 2008, “Industrial communication networks - Network and system security Part 1 Terminology, concepts and models”, 7 et. sqq.
4. IAEA Nuclear Security Series No. 17: Technical Guidance, Computer Security at Nuclear Facilities, 2011
5. U.S. Nuclear Regulatory Commission (NRC), 2010, “Regulatory Guide 5.71 - Cyber Security programs for Nuclear Facilities”, pp. 35
6. J.-T. Zerbst, L. Pietre-Cambacedes, Å. Torkilseng and O. Breton, "Graded approach to cyber security for EPUs: Clarifying the security levels and zones concepts," 2011 CIGRE D2 Colloquium, Buenos Aires, Argentina, October 2011
7. NERC: reliability considerations from the integration of Smart Grid available at http://www.nerc.com/files/SGTF_Report_Final_posted.pdf in particular see defense in depth p 89
8. IEC 61508 edition 2.0, 2010, “Functional safety of electrical/electronic/programmable electronic safety-related systems”
9. NERC CIP-002 to NERC CIP-009, “Cyber Security Standard of NERC”, 2006, http://www.nerc.com (last visited 27th December 2012)
10. "Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security", 2010, NIST
11. "IT-Grundschutz-Standards", 2008, Federal Office for Information Security of Germany (BSI)
12. "ABB White Paper: Security for Industrial Automation and Control Systems", 2010, ABB
13. "Cyber Security Compliant Architecture for the Nuclear Industry" 2011, Invensys
14. ArchiMate® 2.0, 2012, The Open Group
15. "Zone principles as Cyber Security architecture element for Smart Grids", 2010, Jens Zerbst, Martin Schaefer, Iiro Rinta-Jouppi
16. PERA Enterprise Model, Gary Rathwell, Available at: http://www.pera.net/Pera/PERA_Papers/Levels-4Rs/4r_pres.htm (last visited 27th December 2012)
17. "Data Structures And Algorithms", 1983, A.A. Puntambekar
18. “Protection Profile for the Security Module of a Smart Meter Gateway (Security Module PP)”, Bundesamt für Sicherheit in der Informationstechnik, 2012, Available at: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/SmartMeter/PP_Security_%20Module.pdf?__blob=publicationFile (last visited 27th December 2012)’
19. Payment Card Industry (PCI) Data Security Standard 2.0, 2010, PCI Security Standard Council
20. L. Pietre-Cambacedes and M. Bouissou, "Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes)," Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics (SMC 2010), Istanbul, Turkia, pp. 2852-2861, October 2010