SecureCyber: Risk-Based Optimization through Common Vulnerability Systems Scoring Over Energy Smart Grid

This paper introduces the idea of CVSS-host scores which utilize CVSS parameters to provide impact scoring for Smart Grid Environment. This scoring mechanism presents a novel view of system risk by framing an-upper bounds on the criticality of potential vulnerabilities in that system. Once this scoring system has been established, the CVSS vectors can then be utilized to perform more sophisticated calculations to investigate optimal costs and benefits for future security enhancements.

[1]  Tanya L. Brewer,et al.  Smart Grid Cyber Security Strategy and Requirements , 2009 .

[2]  Karen Scarfone,et al.  Improving the Common Vulnerability Scoring System , 2007, IET Inf. Secur..

[3]  Siv Hilde Houmb,et al.  Quantifying security risk level from CVSS estimates of frequency and impact , 2010, J. Syst. Softw..

[4]  Barry W. Boehm,et al.  Value Driven Security Threat Modeling Based on Attack Path Analysis , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[5]  Karen Scarfone,et al.  An analysis of CVSS version 2 vulnerability scoring , 2009, 2009 3rd International Symposium on Empirical Software Engineering and Measurement.

[6]  A. Nur Zincir-Heywood,et al.  VEA-bility Security Metric: A Network Security Analysis Tool , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[7]  Carl Eklund,et al.  National Institute for Standards and Technology , 2009, Encyclopedia of Biometrics.

[8]  Marianne M. Swanson,et al.  Standards for Security Categorization of Federal Information and Information Systems , 2004 .