Integrated smart grid systems security threat model

The smart grid (SG) integrates the power grid and the Information and Communication Technology (ICT) with the aim of achieving more reliable and safe power transmission and distribution to the customers. Integrating the power grid with the ICT exposes the SG to systems security threats and vulnerabilities that could be compromised by malicious users and attackers. This paper presents a SG systems threats analysis and integrated SG Systems Security Threat Model (SSTM). The reference architecture of the SG, with its components and communication interfaces used to exchange the energy-related information, is integrated with the results of SG systems security threat analysis to produce a comprehensive, integrated SG SSTM. The SG SSTM in this paper helps better depict and understand the vulnerabilities exploited by attackers to compromise the components and communication links of the SG. The SG SSTM provides a reference of the systems security threats for industrial security practitioners, and can be used for design and implementation of SG systems security controls and countermeasures.

[1]  Davor Svetinovic,et al.  Inter-Domain Analysis of Smart Grid Domain Dependencies Using Domain-Link Matrices , 2012, IEEE Transactions on Smart Grid.

[2]  Mario Piattini,et al.  Applying a Security Requirements Engineering Process , 2006, ESORICS.

[3]  Z.Y. Dong,et al.  RSA-grid: a grid computing based framework for power system reliability and security analysis , 2006, 2006 IEEE Power Engineering Society General Meeting.

[4]  Chen-Ching Liu,et al.  Cyber-vulnerability of power grid monitoring and control systems , 2008, CSIIRW '08.

[5]  L. Toledo-Pereyra Trust , 2006, Mediation Behaviour.

[6]  G. Manimaran,et al.  Cyber Attack Exposure Evaluation Framework for the Smart Grid , 2011, IEEE Transactions on Smart Grid.

[7]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[8]  Edin Arnautovic,et al.  System Security Requirements Analysis:A Smart Grid Case Study , 2014, Syst. Eng..

[9]  Hamed Mohsenian Rad,et al.  Distributed Internet-Based Load Altering Attacks Against Smart Power Grids , 2011, IEEE Transactions on Smart Grid.

[10]  Feisal Keblawi,et al.  Applying the common criteria in systems engineering , 2006, IEEE Security & Privacy.

[11]  Nancy R. Mead,et al.  Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.

[12]  Davor Svetinovic,et al.  Evaluating the effectiveness of the security quality requirements engineering (SQUARE) method: a case study using smart grid advanced metering infrastructure , 2012, Requirements Engineering.

[13]  Jun Wang,et al.  Smart grid technologies , 2009, IEEE Industrial Electronics Magazine.

[14]  A. Mahmood,et al.  Design and implementation of AMR Smart Grid System , 2008, 2008 IEEE Canada Electric Power Conference.

[15]  Jianying Zhou,et al.  On smart grid cybersecurity standardization: Issues of designing with NISTIR 7628 , 2013, IEEE Communications Magazine.

[16]  Rob Shein Security Measures for Advanced Metering Infrastructure Components , 2010, 2010 Asia-Pacific Power and Energy Engineering Conference.

[17]  G. Manimaran,et al.  Vulnerability Assessment of Cybersecurity for SCADA Systems , 2008, IEEE Transactions on Power Systems.

[18]  SuleimanHusam,et al.  Evaluating the effectiveness of the security quality requirements engineering (SQUARE) method , 2013 .

[19]  Gerald J. FitzPatrick,et al.  NIST interoperability framework and action plans , 2010, IEEE PES General Meeting.

[20]  Taskin Koçak,et al.  Smart Grid Technologies: Communication Technologies and Standards , 2011, IEEE Transactions on Industrial Informatics.

[21]  Eduardo B. Fernández,et al.  Designing Secure SCADA Systems Using Security Patterns , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[22]  Sergio Bruno,et al.  Load control through smart-metering on distribution networks , 2009, 2009 IEEE Bucharest PowerTech.

[23]  Xudong Wang,et al.  Security Framework for Wireless Communications in Smart Distribution Grid , 2011, IEEE Transactions on Smart Grid.

[24]  Mohsen Jafari,et al.  An integrated security system of protecting Smart Grid against cyber attacks , 2010, 2010 Innovative Smart Grid Technologies (ISGT).

[25]  Dong Wei,et al.  Protecting Smart Grid Automation Systems Against Cyberattacks , 2011, IEEE Transactions on Smart Grid.

[26]  Dmitry Podkuiko,et al.  Energy Theft in the Advanced Metering Infrastructure , 2009, CRITIS.

[27]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[28]  B. Howe,et al.  The future's smart delivery system [electric power supply] , 2004, IEEE Power and Energy Magazine.

[29]  Min Chen,et al.  Energy Efficient Security Algorithm for Power Grid Wide Area Monitoring System , 2011, IEEE Transactions on Smart Grid.

[30]  Jason Stamp,et al.  Reliability impacts from cyber attack on electric power systems , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[31]  G. Manimaran,et al.  Cybersecurity for electric power control and automation systems , 2007, 2007 IEEE International Conference on Systems, Man and Cybernetics.

[32]  Chen-Ching Liu,et al.  Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees , 2007, 2007 IEEE Power Engineering Society General Meeting.

[33]  Zofia Lukszo,et al.  Information security implementation difficulties in critical infrastructures: Smart metering case , 2010, 2010 International Conference on Networking, Sensing and Control (ICNSC).

[34]  Jyotsna Bapat,et al.  Data communication over the smart grid , 2009, 2009 IEEE International Symposium on Power Line Communications and Its Applications.

[35]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[36]  Wenye Wang,et al.  Review and evaluation of security threats on the communication networks in the smart grid , 2010, 2010 - MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE.

[37]  Edin Arnautovic,et al.  Bitcoin‐Based Decentralized Carbon Emissions Trading Infrastructure Model , 2015, Syst. Eng..

[38]  Göran N Ericsson,et al.  Cyber Security and Power System Communication—Essential Parts of a Smart Grid Infrastructure , 2010, IEEE Transactions on Power Delivery.

[39]  Zahir Tari,et al.  SCADASim—A Framework for Building SCADA Simulations , 2011, IEEE Transactions on Smart Grid.

[40]  B.F. Wollenberg,et al.  Toward a smart grid: power delivery for the 21st century , 2005, IEEE Power and Energy Magazine.