Title: Integrating information security requirements in critical infrastructures: smart metering case

Authors: Layla AlAbdulkarim, Zofia Lukszo

Addresses: Section Energy and Industry, Faculty of Technology, Policy and Management, Delft University of Technology, P.O. Box 5015, 2600 GA, Delft, The Netherlands. ' Section Energy and Industry, Faculty of Technology, Policy and Management, Delft University of Technology, P.O. Box 5015, 2600 GA, Delft, The Netherlands

Abstract: In recent years, critical infrastructures have witnessed rapid developments in the way their services are being implemented and delivered to consumers; this was instigated by the adaptation of the latest technologies in Information Technology (IT). Despite the evident advantages of such transformation, this lead to the emergence of new challenges facing these infrastructures such as preserving the security of the information generated and maintained by the IT systems supporting the operation of these critical infrastructures. An example of such a case is smart metering in the energy sector. In this article, we present an analysis of information security threats and their consequences, emphasising the importance of incorporating information security as nonfunctional requirements in the early stages of system development rather than an afterthought of the system implementation and deployment. We also present a four dimensional information security assurance model for the smart metering system; this model provides guidelines to designers of IT systems supporting the operation of critical infrastructures.

Keywords: critical infrastructures; information security; smart metering; modelling.

DOI: 10.1504/IJCIS.2010.031074

International Journal of Critical Infrastructures, 2010 Vol.6 No.2, pp.187 - 209

Published online: 20 Jan 2010 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article