2,370 research outputs found
Towards a Layered Architectural View for Security Analysis in SCADA Systems
Supervisory Control and Data Acquisition (SCADA) systems support and control
the operation of many critical infrastructures that our society depend on, such
as power grids. Since SCADA systems become a target for cyber attacks and the
potential impact of a successful attack could lead to disastrous consequences
in the physical world, ensuring the security of these systems is of vital
importance. A fundamental prerequisite to securing a SCADA system is a clear
understanding and a consistent view of its architecture. However, because of
the complexity and scale of SCADA systems, this is challenging to acquire. In
this paper, we propose a layered architectural view for SCADA systems, which
aims at building a common ground among stakeholders and supporting the
implementation of security analysis. In order to manage the complexity and
scale, we define four interrelated architectural layers, and uses the concept
of viewpoints to focus on a subset of the system. We indicate the applicability
of our approach in the context of SCADA system security analysis.Comment: 7 pages, 4 figure
Quantitative dependability and interdependency models for large-scale cyber-physical systems
Cyber-physical systems link cyber infrastructure with physical processes through an integrated network of physical components, sensors, actuators, and computers that are interconnected by communication links. Modern critical infrastructures such as smart grids, intelligent water distribution networks, and intelligent transportation systems are prominent examples of cyber-physical systems. Developed countries are entirely reliant on these critical infrastructures, hence the need for rigorous assessment of the trustworthiness of these systems. The objective of this research is quantitative modeling of dependability attributes -- including reliability and survivability -- of cyber-physical systems, with domain-specific case studies on smart grids and intelligent water distribution networks. To this end, we make the following research contributions: i) quantifying, in terms of loss of reliability and survivability, the effect of introducing computing and communication technologies; and ii) identifying and quantifying interdependencies in cyber-physical systems and investigating their effect on fault propagation paths and degradation of dependability attributes.
Our proposed approach relies on observation of system behavior in response to disruptive events. We utilize a Markovian technique to formalize a unified reliability model. For survivability evaluation, we capture temporal changes to a service index chosen to represent the extent of functionality retained. In modeling of interdependency, we apply correlation and causation analyses to identify links and use graph-theoretical metrics for quantifying them. The metrics and models we propose can be instrumental in guiding investments in fortification of and failure mitigation for critical infrastructures. To verify the success of our proposed approach in meeting these goals, we introduce a failure prediction tool capable of identifying system components that are prone to failure as a result of a specific disruptive event. Our prediction tool can enable timely preventative actions and mitigate the consequences of accidental failures and malicious attacks --Abstract, page iii
Smart Grid Security: Threats, Challenges, and Solutions
The cyber-physical nature of the smart grid has rendered it vulnerable to a
multitude of attacks that can occur at its communication, networking, and
physical entry points. Such cyber-physical attacks can have detrimental effects
on the operation of the grid as exemplified by the recent attack which caused a
blackout of the Ukranian power grid. Thus, to properly secure the smart grid,
it is of utmost importance to: a) understand its underlying vulnerabilities and
associated threats, b) quantify their effects, and c) devise appropriate
security solutions. In this paper, the key threats targeting the smart grid are
first exposed while assessing their effects on the operation and stability of
the grid. Then, the challenges involved in understanding these attacks and
devising defense strategies against them are identified. Potential solution
approaches that can help mitigate these threats are then discussed. Last, a
number of mathematical tools that can help in analyzing and implementing
security solutions are introduced. As such, this paper will provide the first
comprehensive overview on smart grid security
Impact Assessment of Hypothesized Cyberattacks on Interconnected Bulk Power Systems
The first-ever Ukraine cyberattack on power grid has proven its devastation
by hacking into their critical cyber assets. With administrative privileges
accessing substation networks/local control centers, one intelligent way of
coordinated cyberattacks is to execute a series of disruptive switching
executions on multiple substations using compromised supervisory control and
data acquisition (SCADA) systems. These actions can cause significant impacts
to an interconnected power grid. Unlike the previous power blackouts, such
high-impact initiating events can aggravate operating conditions, initiating
instability that may lead to system-wide cascading failure. A systemic
evaluation of "nightmare" scenarios is highly desirable for asset owners to
manage and prioritize the maintenance and investment in protecting their
cyberinfrastructure. This survey paper is a conceptual expansion of real-time
monitoring, anomaly detection, impact analyses, and mitigation (RAIM) framework
that emphasizes on the resulting impacts, both on steady-state and dynamic
aspects of power system stability. Hypothetically, we associate the
combinatorial analyses of steady state on substations/components outages and
dynamics of the sequential switching orders as part of the permutation. The
expanded framework includes (1) critical/noncritical combination verification,
(2) cascade confirmation, and (3) combination re-evaluation. This paper ends
with a discussion of the open issues for metrics and future design pertaining
the impact quantification of cyber-related contingencies
Multi-Layer Cyber-Physical Security and Resilience for Smart Grid
The smart grid is a large-scale complex system that integrates communication
technologies with the physical layer operation of the energy systems. Security
and resilience mechanisms by design are important to provide guarantee
operations for the system. This chapter provides a layered perspective of the
smart grid security and discusses game and decision theory as a tool to model
the interactions among system components and the interaction between attackers
and the system. We discuss game-theoretic applications and challenges in the
design of cross-layer robust and resilient controller, secure network routing
protocol at the data communication and networking layers, and the challenges of
the information security at the management layer of the grid. The chapter will
discuss the future directions of using game-theoretic tools in addressing
multi-layer security issues in the smart grid.Comment: 16 page
- …