Towards adaptive and proactive security assessment for energy delivery systems

Recently, energy delivery systems (EDS) have undergone an intensive modernization process that includes the introduction of dedicated cyber-infrastructures for the purposes of monitoring, control, and optimization of resources. While extremely convenient, the introduction of software-based control over computer networks has also opened the door for the exploitation of non-trivial security vulnerabilities by malicious third-parties. As demonstrated by recent incidents, EDS systems worldwide are vulnerable to sophisticated attacks that include a well-thought out combination of strategies at various levels of abstraction. In such a context, a comprehensive solution supporting automated monitoring and assessment, that can assist security officials in effectively preventing and mitigating such attacks, is highly desired. With this in mind, this paper presents an ongoing effort that takes security requirements obtained from existing documents on guidelines and best practices on EDS, and implements a proof-of-concept framework based on adaptive and customizable software modules that collect and process security-relevant data for assuring the security of EDS.

[1]  Barbara J. Grosz,et al.  Natural-Language Processing , 1982, Artificial Intelligence.

[2]  Robin A. Gandhi,et al.  Ontology-based active requirements engineering framework , 2005, 12th Asia-Pacific Software Engineering Conference (APSEC'05).

[3]  Cliff Glantz,et al.  Cybersecurity procurement language for energy delivery systems , 2014, CISR '14.

[4]  William H. Sanders,et al.  Model-Based Cybersecurity Assessment with NESCOR Smart Grid Failure Scenarios , 2015, 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing (PRDC).

[5]  Zahid Anwar,et al.  Automatic security assessment of critical cyber-infrastructures , 2008, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN).

[6]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[7]  Anna Scaglione,et al.  A Real-Time Testbed Environment for Cyber-Physical Security on the Power Grid , 2015, CPS-SPC@CCS.

[8]  Daniel Krauss,et al.  Ontology-based detection of cyber-attacks to SCADA-systems in critical infrastructures , 2016, 2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP).

[9]  Robin A. Gandhi,et al.  Certification process artifacts defined as measurable units for software assurance , 2007, Softw. Process. Improv. Pract..