Skip to main content
SpringerLink
Log in

Is a Smarter Grid Also Riskier?

  • Conference paper
  • First Online:
Security and Trust Management (STM 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11738))

Included in the following conference series:

Abstract

The smart grid evolution digitalizes the traditional power distribution grid, by integrating information communication technology into its operation and control. A particularly interesting challenge is the integration of grid topology monitoring and decision support systems with the remote control of breakers in the grid and at the subscribers’ premises. In this paper we outline and discuss the results from a recent information security risk assessment of such an integrated system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.nve.no/english/.

  2. 2.

    http://www.theworldcafe.com/key-concepts-resources/world-cafe-method/.

  3. 3.

    Systems that control SCADA operations are subject to dedicated legislation, which today in practice is considered a showstopper in most European countries.

  4. 4.

    Note that some of the threats will also implicitly affect the supporting assets.

References

  1. Cherepanov, A., Lipovsky, R.: Industroyer: Biggest threat to industrial control systems since stuxnet. WeLiveSecurity by eset (2017). https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/

  2. Cleveland, F.: Cyber security issues for advanced metering infrastructure (AMI), pp. 1–5 (2008)

    Google Scholar 

  3. Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet Dossier (2011). http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf

  4. Frøystad, C., Jaatun, M.G., Bernsmed, K., Moe, M.: ROS-analyse AMS-DMS-SCADA - risikoanalyse av økt integrasjon mellom AMS, DMS og SCADA. Technical report, 2018:01083, SINTEF Digital (2018). http://publikasjoner.nve.no/eksternrapport/2018/eksternrapport2018_15.pdf

  5. Goel, S., Hong, Y.: Security challenges in smart grid implementation. Smart Grid Security. SC, pp. 1–39. Springer, London (2015). https://doi.org/10.1007/978-1-4471-6663-4_1

    Chapter  Google Scholar 

  6. Hawk, C., Kaushiva, A.: Cybersecurity and the smarter grid. Electricity J. 27(8), 84–95 (2014). http://www.sciencedirect.com/science/article/pii/S1040619014001791

    Article  Google Scholar 

  7. ISO: Information technology - security techniques - information security risk management. ISO/IEC Standard 27005:2018 (2018). https://www.iso.org/standard/75281.html

  8. Lee, R.M., Assante, M.J., Conway, T.: Analysis of the cyber attack on the Ukrainian power grid, defense use case. SANS ICS and E-ISAC white paper (2016). https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf

  9. Norges vassdrags- og energidirektorat: Veiledning i risiko- og sĂĄrbarhetsanalyser for kraftforsyningen. Technical report, Norges vassdrags- og energidirektorat (2010). http://publikasjoner.nve.no/veileder/2010/veileder2010_02.pdf

  10. Otuoze, A.O., Mustafa, M.W., Larik, R.M.: Smart grids security challenges: classification by sources of threats. J. Electrical Syst. Inf. Technol. 5(3), 468–483 (2018). http://www.sciencedirect.com/science/article/pii/S2314717218300163

    Google Scholar 

  11. Pietre-Cambacedes, L., Tritschler, M., Ericsson, G.N.: Cybersecurity myths on power control systems: 21 misconceptions and false beliefs. IEEE Trans. Power Deliv. 26(1), 161–172 (2011)

    Article  Google Scholar 

  12. Sanjab, A., Saad, W., Güvenç, I., Sarwat, A.I., Biswas, S.: Smart grid security: threats, challenges, and solutions. CoRR abs/1606.06992 (2016). http://arxiv.org/abs/1606.06992

  13. Shostack, A.: Experiences threat modeling at Microsoft. In: Proceedings of the Workshop on Modeling Security (MODSEC08). CEUR Workshop Proceedings (2008). http://ceur-ws.org/Vol-413/paper12.pdf

  14. Skapalen, F., Jonassen, B.: Veileder til sikkerhet i avanserte mĂĄle- og styringssystem. Technical report, Norges vassdrags- og energidirektorat (2012). https://www.nve.no/Media/5525/veiledertil-sikkerhet-i-ams.pdf

  15. Symantec Security Response: Dragonfly: Cyberespionage attacks against energy suppliers (2014). https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf

Download references

Acknowledgments

This paper is based on a risk assessment assignment performed for NVE, and further developed as part of the RCN FME Cineldi research centre, project no. 257626 (www.sintef.no/projectweb/cineldi).

Author information

Authors and Affiliations

  1. SINTEF Digital, Trondheim, Norway

    Karin Bernsmed & Martin Gilje Jaatun

  2. Secure Practice, Trondheim, Norway

    Christian Frøystad

Authors
  1. Karin Bernsmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Gilje Jaatun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christian Frøystad
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Martin Gilje Jaatun .

Editor information

Editors and Affiliations

  1. University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Sjouke Mauw

  2. University of Padua, Padua, Italy

    Mauro Conti

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bernsmed, K., Jaatun, M.G., Frøystad, C. (2019). Is a Smarter Grid Also Riskier?. In: Mauw, S., Conti, M. (eds) Security and Trust Management. STM 2019. Lecture Notes in Computer Science(), vol 11738. Springer, Cham. https://doi.org/10.1007/978-3-030-31511-5_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-31511-5_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-31510-8

  • Online ISBN: 978-3-030-31511-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation