Integrated Multi-Domain Risk Assessment Using Automated Hypothesis Testing

In this paper we present an approach for the integration of cybersecurity tools from multiple domains into an overall risk assessment framework which takes the complex interactions between domains in smart grid systems into account. The approach is based on generating hypotheses from a template, which are then analyzed for their probability and associated impact on the system. The feasibility of the proposed approach is discussed using a very simple example case to serve as a proof of concept. Furthermore, we introduce a generic software framework for the processing of hypothesis templates.

[1]  William H. Sanders,et al.  Smart grid protocol testing through cyber-physical testbeds , 2013, 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT).

[2]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[3]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[4]  David Infield,et al.  Online wind turbine fault detection through automated SCADA data analysis , 2009 .

[5]  Thomas M. Chen,et al.  Petri Net Modeling of Cyber-Physical Attacks on Smart Grid , 2011, IEEE Transactions on Smart Grid.

[6]  David M. Nicol,et al.  CyberSAGE: A Tool for Automatic Security Assessment of Cyber-Physical Systems , 2014, QEST.

[7]  Dayu Yang,et al.  Anomaly-Based Intrusion Detection for SCADA Systems , 2006 .

[8]  Khurram Shahzad,et al.  P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language , 2015, IEEE Trans. Dependable Secur. Comput..

[9]  Chris Develder,et al.  Combining Power and Communication Network Simulation for Cost-Effective Smart Grid Analysis , 2014, IEEE Communications Surveys & Tutorials.

[10]  Barbara Kordy,et al.  DAG-based attack and defense modeling: Don't miss the forest for the attack trees , 2013, Comput. Sci. Rev..

[11]  William H. Sanders,et al.  Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE) , 2011, 2011 Eighth International Conference on Quantitative Evaluation of SysTems.

[12]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[13]  Mathias Ekstedt,et al.  The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures , 2013, IEEE Systems Journal.

[14]  Soumik Sarkar,et al.  Scalable Anomaly Detection and Isolation in Cyber-Physical Systems Using Bayesian Networks , 2014 .

[15]  Andrew W. Appel,et al.  MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.

[16]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[17]  Isao Ono,et al.  On detection of cyber attacks against voltage control in distribution power grids , 2014, 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[18]  Miguel A. Sanz-Bobi,et al.  Intelligent system for a remote diagnosis of a photovoltaic solar power plant , 2012 .

[19]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.