Publisher : The Korean Institute of Electrical Engineers
DOI : 10.5370/JEET.2015.10.3.888
Title & Authors
Towards Cyber Security Risks Assessment in Electric Utility SCADA Systems Woo, Pil Sung; Kim, Balho H.; Hur, Don;
This paper presents a unified model based assessment framework to quantify threats and vulnerabilities associated with control systems, especially in the SCADA (Supervisory Control and Data Acquisition) system. In the past, this system was primarily utilized as an isolated facility on a local basis, and then it started to be integrated with wide-area networks as the communication technology would make rapid progress. The introduction of smart grid, which is an innovative application of digital processing and communications to the power grid, might lead to more and more cyber threats originated from IT systems. However, an up-to-date power system often requires the real-time operations, which clearly implies that the cyber security would turn out to be a complicated but also crucial issue for the power system. In short, the purpose of this paper is to streamline a comprehensive approach to prioritizing cyber security risks which are expressed by the combination of threats, vulnerabilities, and values in the SCADA components.
Asset value;Cyber security;Risk;SCADA (Supervisory Control and Data Acquisition) system;Threat;Vulnerability;
SANS Institute InfoSec Reading Room, Vulnerability Assessment, July 2001, http://www.sans.org/readingroom/whitepapers/basics/vulnerability-assessment-421.
S. Massoud Amin, “Cyber and Critical Infrastructure Security: Toward Smarter and More Secure Power and Energy Infrastructures,” Canada-U.S. Workshop on Smart Grid Technologies at Vancouver, March 25, 2010.
A. Hussain, C. J. Seok, M. S. Choi, S. J. Lee, and S. I. Lim, “Line Security Evaluation of WANS Considering Protectability of Relays and Vulnerability of Lines,” Journal Elec. Eng. Tech., vol. 9, no. 6, pp. 1864-1872, November 2014.
P. Burris and C. King, "A Few Good Security Metrics," METAGroup Inc., October 11, 2000.
M. Negrete-Pincetic, F. Yoshida, and G. Gross, “Towards Quantifying the Impacts of Cyber Attacks in the Competitive Electricity Market Environment,” in Proceedings of IEEE Power Tech Conference, Bucharest, Romania, July 2009.
Ernest H. Forman, Decision by Objective: Analytical Hierarchy Process, http://www.dept.aoe.vt.edu/- cdhall/courses/aoe4065/AHPslides.pdf.
Korea Electrotechnology Research Institute and Incheon National University, A Study to Investigate Industrial Customer Interruption Cost for Power System Planning, Ministry of Commerce Industry and Energy, February 2008.
B. Hu, X. H. He, and K. Cao, “Reliability Evaluation Technique for Electrical Distribution Networks Considering Planned Outages,” Journal Elec. Eng. Tech., vol. 9, no. 5, pp. 1482-1488, September 2014.