access icon openaccess ARCADES: analysis of risk from cyberattack against defensive strategies for the power grid

In this study, the authors introduce ARCADES (Analysis of Risk from Cyberattack against DEfensive Strategy), a technique to systematically explore the cybersecurity defence strategies based on contingency rankings in power systems. While cybersecurity defensive standards exist, these approaches are primarily based on expert opinions, rather than systematic studies of risk. ARCADES presents an approach to identify improved cybersecurity defensive strategies based on a graph-based cyber-physical security model that is evaluated by resistance-distance metrics and then prioritised based on contingency analysis studies of the system. This study also proposed a technique that identifies the most critical cybersecurity mechanisms to protect the power grid. Planning and operation: those two applications for cybersecurity on power grid mainly explored in this study. For planning, a systematic method is developed to verify the effectiveness of security strategies and for operation, prioritised the security mechanism for auditing and monitoring purpose. As a case study, they analyse the IEEE-14 bus, IEEE-30 bus, and IEEE-118 bus systems, observe the defensive strategies, and calculate substation criticality ranking by using the authors’ proposed method.

Inspec keywords: security of data; power system security; substations; power system reliability; graph theory; power grids

Other keywords: power grid; critical cybersecurity mechanisms; cyberattack; contingency analysis studies; case study; security strategies; power systems; ARCADES; improved cybersecurity defensive strategies; systematic method; DEfensive Strategy; cybersecurity defensive standards; cybersecurity defence strategies; contingency rankings; cyber-physical security model; IEEE-118 bus systems

Subjects: Power system control; Reliability; Power system management, operation and economics; Optimisation techniques; Data security

References

    1. 1)
      • 16. Kundur, D., Feng, X., Liu, S., et al: ‘Towards a framework for cyber attack impact analysis of the electric smart grid’, IEEE SmartGridComm, Gaithersburg, MD, USA, 2010.
    2. 2)
      • 26. North American Electricity Reliability Council (NERC): ‘NERC CIP-003-7 – cyber security – security management controls’, October 2014.
    3. 3)
      • 24. Verendel, V.: ‘Quantified security is a weak hypothesis: A critical survey of results and assumptions’. Proc. of the ACM Workshop on New Security Paradigms, New York, NY, USA, 2009, pp. 3750.
    4. 4)
      • 6. Patapanchala, P.S., Huo, C., Bobba, R.B., et al: ‘Exploring security metrics for electric grid infrastructures leveraging attack graphs’. IEEE Conf. on Technologies and Sustainability, Phoenix, AZ, USA, April 2016.
    5. 5)
      • 20. Vellaithurai, C., Srivastava, A., Zonouz, S., et al: ‘CPIndex: cyber-physical vulnerability assessment for power-grid infrastructures’, IEEE Trans. Smart Grid, 2015, 6, (2), pp. 566575.
    6. 6)
      • 21. Zonouz, S., Davis, C.M., Davis, K.R., et al: ‘Socca: a security-oriented cyber-physical contingency analysis in power infrastructures’, IEEE Trans. Smart Grid, 2014, 5, (1), pp. 313.
    7. 7)
      • 13. Manadhata, P., Wing, J.: ‘An attack surface metric’, IEEE Trans. Softw. Eng., 2010, 37, pp. 371386.
    8. 8)
      • 23. Ernster, T.A., Srivastava, A.K.: ‘Power system vulnerability analysis towards validation of centrality measures’. IEEE PES Transmission and Distribution Conf. and Exposition, Florida, USA, 2012.
    9. 9)
      • 7. Chopade, P., Bikdash, M.: ‘New centrality measures for assessing smart grid vulnerabilities and predicting brownouts and blackouts’, Int. J. Crit. Infrastruct. Prot., 2016, 12, pp. 2945.
    10. 10)
      • 15. Ten, C.-W., Manimaran, G., Liu, C.-C.: ‘Cybersecurity for critical infrastructures: attack and defense modeling’, IEEE Trans. Syst. Man Cybernet. A, Syst. Humans, 2008, 23, (4), pp. 18361846.
    11. 11)
      • 30. Ten, C.-W., Liu, C.-C., Manimaran, G.: ‘Vulnerability assessment of cybersecurity for SCADA systems’, IEEE Trans. Power Syst., 2010, 40, (4), pp. 853865.
    12. 12)
      • 38. Univ. Washington: ‘Power systems test case archive’, Seattle, WA, USA.
    13. 13)
      • 25. North American Electricity Reliability Council (NERC): ‘NERC CIP-007-5 – cyber security – systems security management’, November 2013.
    14. 14)
      • 34. Estrada, E., Hatano, N.: ‘Resistance distance, information centrality, node vulnerability and vibrations in complex networks’, ‘Network science’ (Springer, London, 2010), pp. 1329.
    15. 15)
      • 28. North American Electricity Reliability Council (NERC): ‘NERC CIP-002-1 – cyber security – critical cyber assets identification’, June 2006.
    16. 16)
      • 18. Stamp, J., McIntyre, A., Ricardson, B.: ‘Reliability impacts from cyber attack on electric power systems’. IEEE/PES Power Systems Conf. and Exposition, Seattle, May 2009, pp. 18.
    17. 17)
      • 17. Zonouz, S.A., Berthier, R., Khurana, H., et al: ‘Seclius: an information flow-based, consequence-centric security metric’, IEEE Trans. Parallel Distrib. Syst., 2015, 26, (2), pp. 562573.
    18. 18)
      • 3. North American Electricity Reliability Council (NERC): ‘NERC critical infrastructure protection (CIP) reliability standards’, 2015.
    19. 19)
      • 19. Oman, P., Schweitzer, E., Roberts, J.: ‘Safeguarding IEDs, substations, and SCADA systems against electronic intrusions’. Proc. of the 2001 Western Power Delivery Automation Conf., Pullman, WA, USA, 2001, pp. 912.
    20. 20)
      • 27. National Institute of Standards and Technologies (NIST): ‘Framework and roadmap for smart grid interoperability standards ‘release v3.0’’ (NIST Special Publication, Gaithersburg, MD, 2014).
    21. 21)
      • 11. Wang, L., Singhal, A., Jajodia, S.: ‘Toward measuring network security using attack graphs’. Proc. of the ACM Workshop on Quality of Protection, Virginia, USA, 2007.
    22. 22)
      • 39. Wang, W., Lu, Z.: ‘Cybersecurity in the smart grid: survey and challenges’, Comput. Netw., 2013, 57, (5), pp. 13441371.
    23. 23)
      • 32. Gordon, L., Loeb, M., Lucyshyn, W., et al: ‘Externalities and the magnitude of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb model’, J. Inf. Secur., 2014, 6, pp. 2430.
    24. 24)
      • 35. Klein, D.J., Randic, M.: ‘Resistance distance’, J. Math. Chem., 1993, 12, (1), pp. 8195.
    25. 25)
      • 31. Gordon, L., Loeb, M.: ‘The economics of information security investment’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2002, 5, pp. 438457.
    26. 26)
      • 29. North American Electricity Reliability Council (NERC): ‘NERC reliability concept-version 1.0.2’, December 2007.
    27. 27)
      • 22. Xiang, Y., Wang, L., Yu, D., et al: ‘Coordinated attacks against power grids: load redistribution attack coordinating with generator and line attacks’. IEEE Power Energy Society General Meeting, Denver, USA, July 2015, pp. 15.
    28. 28)
      • 36. Bompard, E., Pons, E., Wu, D.: ‘Extended topological metrics for the analysis of power grid vulnerability’, IEEE Syst. J., 2012, 6, (3), pp. 481487.
    29. 29)
      • 8. Hahn, A., Govindarasu, M.: ‘Cyber attack exposure evaluation framework for the smart grid’, IEEE Trans. Smart Grid, 2010, 2, (4), pp. 835843.
    30. 30)
      • 12. LeMay, E., Ford, M.D., Keefe, K., et al: ‘Model-based security metrics using adversary view security evaluation (advise)’. Eighth Int. Conf. on Quantitative Evaluation of Systems (QEST), Aachen, Germany, September 2011, pp. 191200.
    31. 31)
      • 9. Dacier, M., Deswarte, Y., Kaniche, M.: ‘Quantitative assessment of operational security: Models and tools’. LAAS Research Report, 964493, May 1996.
    32. 32)
      • 37. North American Electricity Reliability Council (NERC): ‘Guidance for secure interactive remote access’, July 2011.
    33. 33)
      • 10. Dacier, M., Deswarte, Y.: ‘Priviledge graph: An extension to the typed access matrix model’. Proc. European Symp. Research in Computer Security, Berlin, Germany, 1994, pp. 319334.
    34. 34)
      • 1. Electricy Information Sharing and Analysis Center (E-ISAC)/SANS Institute: ‘Analysis of the cyber attack on the Ukrainian power grid: defense use case’, March 2016.
    35. 35)
      • 14. Wang, L., Jajodia, S., Singhal, A., et al: ‘k-zero day safety: a network security metric for measuring the risk of unknown vulnerabilities’, IEEE Trans. Dependable Secur. Comput., 2014, 11, (1), pp. 3044.
    36. 36)
      • 2. Idaho National Laboratory (INL): ‘NSTB assessments summary report: common industrial control system cyber security weaknesses’, May 2010.
    37. 37)
      • 4. North American Electricity Reliability Council (NERC): ‘NERC CIP-005-5 – cyber security – electronic security perimeter’, November 2013.
    38. 38)
      • 5. Pfleeger, S., Cunningham, R.: ‘Why measuring security is hard’, IEEE Secur. Priv., 2010, 8, (4), pp. 4654.
    39. 39)
      • 33. Hughes, J.: ‘Harmonization of IEC 61970, 61968, and 61850 models’. Electric Power Research Initiative (EPRI), Palo Alto, CA, USA, December 2006.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-cps.2017.0118
Loading

Related content

content/journals/10.1049/iet-cps.2017.0118
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading