Advertisement

Is a Smarter Grid Also Riskier?

  • Karin Bernsmed
  • Martin Gilje JaatunEmail author
  • Christian Frøystad
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11738)

Abstract

The smart grid evolution digitalizes the traditional power distribution grid, by integrating information communication technology into its operation and control. A particularly interesting challenge is the integration of grid topology monitoring and decision support systems with the remote control of breakers in the grid and at the subscribers’ premises. In this paper we outline and discuss the results from a recent information security risk assessment of such an integrated system.

Keywords

Smartgrid Cyber security Risk assessment 

Notes

Acknowledgments

This paper is based on a risk assessment assignment performed for NVE, and further developed as part of the RCN FME Cineldi research centre, project no. 257626 (www.sintef.no/projectweb/cineldi).

References

  1. 1.
    Cherepanov, A., Lipovsky, R.: Industroyer: Biggest threat to industrial control systems since stuxnet. WeLiveSecurity by eset (2017). https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/
  2. 2.
    Cleveland, F.: Cyber security issues for advanced metering infrastructure (AMI), pp. 1–5 (2008)Google Scholar
  3. 3.
  4. 4.
    Frøystad, C., Jaatun, M.G., Bernsmed, K., Moe, M.: ROS-analyse AMS-DMS-SCADA - risikoanalyse av økt integrasjon mellom AMS, DMS og SCADA. Technical report, 2018:01083, SINTEF Digital (2018). http://publikasjoner.nve.no/eksternrapport/2018/eksternrapport2018_15.pdf
  5. 5.
    Goel, S., Hong, Y.: Security challenges in smart grid implementation. Smart Grid Security. SC, pp. 1–39. Springer, London (2015).  https://doi.org/10.1007/978-1-4471-6663-4_1CrossRefGoogle Scholar
  6. 6.
    Hawk, C., Kaushiva, A.: Cybersecurity and the smarter grid. Electricity J. 27(8), 84–95 (2014). http://www.sciencedirect.com/science/article/pii/S1040619014001791CrossRefGoogle Scholar
  7. 7.
    ISO: Information technology - security techniques - information security risk management. ISO/IEC Standard 27005:2018 (2018). https://www.iso.org/standard/75281.html
  8. 8.
    Lee, R.M., Assante, M.J., Conway, T.: Analysis of the cyber attack on the Ukrainian power grid, defense use case. SANS ICS and E-ISAC white paper (2016). https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf
  9. 9.
    Norges vassdrags- og energidirektorat: Veiledning i risiko- og sårbarhetsanalyser for kraftforsyningen. Technical report, Norges vassdrags- og energidirektorat (2010). http://publikasjoner.nve.no/veileder/2010/veileder2010_02.pdf
  10. 10.
    Otuoze, A.O., Mustafa, M.W., Larik, R.M.: Smart grids security challenges: classification by sources of threats. J. Electrical Syst. Inf. Technol. 5(3), 468–483 (2018). http://www.sciencedirect.com/science/article/pii/S2314717218300163Google Scholar
  11. 11.
    Pietre-Cambacedes, L., Tritschler, M., Ericsson, G.N.: Cybersecurity myths on power control systems: 21 misconceptions and false beliefs. IEEE Trans. Power Deliv. 26(1), 161–172 (2011)CrossRefGoogle Scholar
  12. 12.
    Sanjab, A., Saad, W., Güvenç, I., Sarwat, A.I., Biswas, S.: Smart grid security: threats, challenges, and solutions. CoRR abs/1606.06992 (2016). http://arxiv.org/abs/1606.06992
  13. 13.
    Shostack, A.: Experiences threat modeling at Microsoft. In: Proceedings of the Workshop on Modeling Security (MODSEC08). CEUR Workshop Proceedings (2008). http://ceur-ws.org/Vol-413/paper12.pdf
  14. 14.
    Skapalen, F., Jonassen, B.: Veileder til sikkerhet i avanserte måle- og styringssystem. Technical report, Norges vassdrags- og energidirektorat (2012). https://www.nve.no/Media/5525/veiledertil-sikkerhet-i-ams.pdf
  15. 15.
    Symantec Security Response: Dragonfly: Cyberespionage attacks against energy suppliers (2014). https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Karin Bernsmed
    • 1
  • Martin Gilje Jaatun
    • 1
    Email author
  • Christian Frøystad
    • 2
  1. 1.SINTEF DigitalTrondheimNorway
  2. 2.Secure PracticeTrondheimNorway

Personalised recommendations