Abstract
The smart grid evolution digitalizes the traditional power distribution grid, by integrating information communication technology into its operation and control. A particularly interesting challenge is the integration of grid topology monitoring and decision support systems with the remote control of breakers in the grid and at the subscribers’ premises. In this paper we outline and discuss the results from a recent information security risk assessment of such an integrated system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
Systems that control SCADA operations are subject to dedicated legislation, which today in practice is considered a showstopper in most European countries.
- 4.
Note that some of the threats will also implicitly affect the supporting assets.
References
Cherepanov, A., Lipovsky, R.: Industroyer: Biggest threat to industrial control systems since stuxnet. WeLiveSecurity by eset (2017). https://www.welivesecurity.com/2017/06/12/industroyer-biggest-threat-industrial-control-systems-since-stuxnet/
Cleveland, F.: Cyber security issues for advanced metering infrastructure (AMI), pp. 1–5 (2008)
Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet Dossier (2011). http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf
Frøystad, C., Jaatun, M.G., Bernsmed, K., Moe, M.: ROS-analyse AMS-DMS-SCADA - risikoanalyse av økt integrasjon mellom AMS, DMS og SCADA. Technical report, 2018:01083, SINTEF Digital (2018). http://publikasjoner.nve.no/eksternrapport/2018/eksternrapport2018_15.pdf
Goel, S., Hong, Y.: Security challenges in smart grid implementation. Smart Grid Security. SC, pp. 1–39. Springer, London (2015). https://doi.org/10.1007/978-1-4471-6663-4_1
Hawk, C., Kaushiva, A.: Cybersecurity and the smarter grid. Electricity J. 27(8), 84–95 (2014). http://www.sciencedirect.com/science/article/pii/S1040619014001791
ISO: Information technology - security techniques - information security risk management. ISO/IEC Standard 27005:2018 (2018). https://www.iso.org/standard/75281.html
Lee, R.M., Assante, M.J., Conway, T.: Analysis of the cyber attack on the Ukrainian power grid, defense use case. SANS ICS and E-ISAC white paper (2016). https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf
Norges vassdrags- og energidirektorat: Veiledning i risiko- og sĂĄrbarhetsanalyser for kraftforsyningen. Technical report, Norges vassdrags- og energidirektorat (2010). http://publikasjoner.nve.no/veileder/2010/veileder2010_02.pdf
Otuoze, A.O., Mustafa, M.W., Larik, R.M.: Smart grids security challenges: classification by sources of threats. J. Electrical Syst. Inf. Technol. 5(3), 468–483 (2018). http://www.sciencedirect.com/science/article/pii/S2314717218300163
Pietre-Cambacedes, L., Tritschler, M., Ericsson, G.N.: Cybersecurity myths on power control systems: 21 misconceptions and false beliefs. IEEE Trans. Power Deliv. 26(1), 161–172 (2011)
Sanjab, A., Saad, W., Güvenç, I., Sarwat, A.I., Biswas, S.: Smart grid security: threats, challenges, and solutions. CoRR abs/1606.06992 (2016). http://arxiv.org/abs/1606.06992
Shostack, A.: Experiences threat modeling at Microsoft. In: Proceedings of the Workshop on Modeling Security (MODSEC08). CEUR Workshop Proceedings (2008). http://ceur-ws.org/Vol-413/paper12.pdf
Skapalen, F., Jonassen, B.: Veileder til sikkerhet i avanserte mĂĄle- og styringssystem. Technical report, Norges vassdrags- og energidirektorat (2012). https://www.nve.no/Media/5525/veiledertil-sikkerhet-i-ams.pdf
Symantec Security Response: Dragonfly: Cyberespionage attacks against energy suppliers (2014). https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf
Acknowledgments
This paper is based on a risk assessment assignment performed for NVE, and further developed as part of the RCN FME Cineldi research centre, project no. 257626 (www.sintef.no/projectweb/cineldi).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Bernsmed, K., Jaatun, M.G., Frøystad, C. (2019). Is a Smarter Grid Also Riskier?. In: Mauw, S., Conti, M. (eds) Security and Trust Management. STM 2019. Lecture Notes in Computer Science(), vol 11738. Springer, Cham. https://doi.org/10.1007/978-3-030-31511-5_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-31511-5_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-31510-8
Online ISBN: 978-3-030-31511-5
eBook Packages: Computer ScienceComputer Science (R0)