Model-Based Cybersecurity Assessment with NESCOR Smart Grid Failure Scenarios

Sumeet Jauhar, Binbin Chen, William G. Temple, Xinshu Dong, Zbigniew Kalbarczyk, William H. Sanders, David M. Nicol

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The transformation of traditional power systems to smart grids brings significant benefits, but also exposes the grids to various cyber threats. The recent effort led by US National Electric Sector Cybersecurity Organization Resource (NESCOR) Technical Working Group 1 to compile failure scenarios is an important initiative to document typical cybersecurity threats to smart grids. While these scenarios are an invaluable thought-aid, companies still face challenges in systematically and efficiently applying the failure scenarios to assess security risks for their specific infrastructure. In this work, we develop a model-based process for assessing the security risks from NESCOR failure scenarios. We extend our cybersecurity assessment tool, Cyber-SAGE, to support this process, and use it to analyze 25 failure scenarios. Our results show that CyberSAGE can generate precise and structured security argument graphs to quantitatively reason about the risk of each failure scenario. Further, CyberSAGE can significantly reduce the assessment effort by allowing the reuse of models across different failure scenarios, systems, and attacker profiles to perform what if? analysis.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing, PRDC 2015
EditorsDong Xiang, Tatsuhiro Tsuchiya, Guojun Wang
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages319-324
Number of pages6
ISBN (Electronic)9781467393768
DOIs
StatePublished - Jan 4 2016
Event21st IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2015 - Zhangjiajie, China
Duration: Nov 18 2015Nov 20 2015

Publication series

NameProceedings - 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing, PRDC 2015

Other

Other21st IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2015
CountryChina
CityZhangjiajie
Period11/18/1511/20/15

Keywords

  • NESCOR
  • Smart grid
  • cybersecurity

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Model-Based Cybersecurity Assessment with NESCOR Smart Grid Failure Scenarios'. Together they form a unique fingerprint.

Cite this