@inproceedings{854e39ac592041f7a57f619564eb9d0f,
title = "Model-Based Cybersecurity Assessment with NESCOR Smart Grid Failure Scenarios",
abstract = "The transformation of traditional power systems to smart grids brings significant benefits, but also exposes the grids to various cyber threats. The recent effort led by US National Electric Sector Cybersecurity Organization Resource (NESCOR) Technical Working Group 1 to compile failure scenarios is an important initiative to document typical cybersecurity threats to smart grids. While these scenarios are an invaluable thought-aid, companies still face challenges in systematically and efficiently applying the failure scenarios to assess security risks for their specific infrastructure. In this work, we develop a model-based process for assessing the security risks from NESCOR failure scenarios. We extend our cybersecurity assessment tool, Cyber-SAGE, to support this process, and use it to analyze 25 failure scenarios. Our results show that CyberSAGE can generate precise and structured security argument graphs to quantitatively reason about the risk of each failure scenario. Further, CyberSAGE can significantly reduce the assessment effort by allowing the reuse of models across different failure scenarios, systems, and attacker profiles to perform what if? analysis.",
keywords = "NESCOR, Smart grid, cybersecurity",
author = "Sumeet Jauhar and Binbin Chen and Temple, {William G.} and Xinshu Dong and Zbigniew Kalbarczyk and Sanders, {William H.} and Nicol, {David M.}",
note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 21st IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2015 ; Conference date: 18-11-2015 Through 20-11-2015",
year = "2016",
month = jan,
day = "4",
doi = "10.1109/PRDC.2015.37",
language = "English (US)",
series = "Proceedings - 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing, PRDC 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "319--324",
editor = "Dong Xiang and Tatsuhiro Tsuchiya and Guojun Wang",
booktitle = "Proceedings - 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing, PRDC 2015",
address = "United States",
}