Threat Modeling of AMI

The introduction of an advanced metering infrastructure (AMI) into the power grid forces the power industry to address information security threats and consumer privacy more extensively than before. The industry needs practical advice on methods and tools to use in this context. Threat modeling is well-known among information security professionals as a method for investigating a system’s vulnerabilities. This paper documents the threat modeling of one actual AMI configuration. The results are both a demonstration of how these techniques can be applied to AMI, and a documentation of risks associated with this specific AMI configuration.

[1]  F.M. Cleveland,et al.  Cyber security issues for Advanced Metering Infrasttructure (AMI) , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[2]  Martin Gilje Jaatun,et al.  Covering Your Assets in Software Engineering , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[3]  Peng Ning,et al.  A Resilient Real-Time System Design for a Secure and Reconfigurable Power Grid , 2011, IEEE Transactions on Smart Grid.

[4]  Inger Anne Tøndel,et al.  Idea: Reusability of Threat Models - Two Approaches with an Experimental Evaluation , 2010, ESSoS.

[5]  Andreas L. Opdahl,et al.  Experimental comparison of attack trees and misuse cases for security threat identification , 2009, Inf. Softw. Technol..

[6]  Adam Shostack,et al.  Experiences Threat Modeling at Microsoft , 2008, MODSEC@MoDELS.

[7]  Martin Gilje Jaatun,et al.  Cyber security challenges in Smart Grids , 2011, 2011 2nd IEEE PES International Conference and Exhibition on Innovative Smart Grid Technologies.