Int. J. of Electronic Security and Digital Forensics   »   2012 Vol.4, No.2/3

 

 

Title: A situational awareness framework for securing the smart grid using monitoring sensors and threat models

 

Authors: Anastasia Mavridou; Victor Zhou; Jerald Dawkins; Mauricio Papa

 

Addresses:
Institute for Information Security, University of Tulsa, 800 S. Tucker Dr., Tulsa, OK 74104, USA.
Institute for Information Security, University of Tulsa, 800 S. Tucker Dr., Tulsa, OK 74104, USA.
True Digital Security, 5110 S Yale Ave., Suite 310, Tulsa, OK 74133, USA.
Institute for Information Security, University of Tulsa, 800 S. Tucker Dr., Tulsa, OK 74104, USA

 

Abstract: Security, access control and risk mitigation in the smart grid are matters of great impact for this important sector of the critical infrastructure. Situational awareness requires a means of aggregating information and presenting that information in a manner conducive to assessing risk. While major components of the electric power grid were traditionally deployed in physically isolated networks, they are now utilising IP-based, open, interconnected networks to transmit and manage the supervisory control and data acquisition (SCADA) messages. Unfortunately, SCADA protocols used for communications and the systems that implement those protocols were not originally designed with security in mind. Therefore, in order to enhance security and detect potential malicious behaviour, smart grid operators need detailed and accurate information about the status, integrity, configuration and network topology of SCADA devices as well as information about any threats that may impact the grid. This paper describes a comprehensive framework that provides situational awareness (SA) for SCADA devices and their operations in a smart grid environment. Situational awareness is achieved by processing information collected by monitoring sensors and understanding threats that may affect operations. The proposed framework employs a threat modelling methodology to support this mission.

 

Keywords: cyber security; situational awareness; threat modelling; sensor monitoring; smart grid; supervisory control; data acquisition; SCADA devices; access control; risk mitigation; power grids.

 

DOI: 10.1504/IJESDF.2012.048417

 

Int. J. of Electronic Security and Digital Forensics, 2012 Vol.4, No.2/3, pp.138 - 153

 

Submission date: 05 Dec 2011
Date of acceptance: 12 Apr 2012
Available online: 05 Aug 2012

 

 

Editors Full text accessAccess for SubscribersPurchase this articleComment on this article