JOURNAL BROWSE
Search
Advanced SearchSearch Tips
A Proposal of Risk Management Framework for Design as a Secure Power Control System
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Proposal of Risk Management Framework for Design as a Secure Power Control System
Park, Jun Yong; Shin, Sumin; Song, Kyoung-Young;
  PDF(new window)
 Abstract
In smart grid, enhancement of efficiency and interoperability of electric power system is achieved through the connection with outer network, and this induces that power grid system is threatened increasingly, becomes the main target of cyber terrorism, and is sincerely required to design the secure power system. Although SSDLC(Secure System Development Life Cycle) is used for risk management from the design phase, traditional development life cycle is somewhat limited for satisfaction of information security indicator of power control system. Despite that power control system should reflect control entities of information security considering its own characteristics, validation elements are insufficient to apply into real tasks based on existing compliance. To make design of diagnostic model and assessment process for power control system possible and to give a direction for information security and present related indicator, we propose the new risk management framework of power control system which is applied operational security controls and standard architecture presented by IEC 62351 TC 57 with enterprise risk management framework.
 Keywords
Risk Management;SCADA Network;Secure Power Control;Smart Grid;
 Language
Korean
 Cited by
 References
1.
NIST, "NIST framework and Roadmap for smart grid interoperability standards, Release 3.0," pp.29, May. 2014.

2.
Gartner, "Gartner identifies the top 10 technologies for information security," http://www.gartner.com/us/symposium, pp. 1-2, Oct. 2014.

3.
NIST, "NIST framework and roadmap for smart grid interoperability standards, Release 1.0," Jan. 2010.

4.
NIST, "NIST framework and roadmap for smart grid interoperability standards, Release 2.0," Feb. 2012.

5.
NIST, "NIST framework and roadmap for smart grid interoperability standards, Release 3.0," May 2014.

6.
BIR, "The five leading industrial in the future - technology development and status of participating companies ," pp.311-313, Nov. 2011. from http://www.birbook.com

7.
IEC TR 62351-10, "Power systems management and associated information exchange - data and communications security - Part 10 : security architecture guidelines," Oct. 2012.

8.
NIST, "Special publication 800-82, Revision 1 : Guide to industrial control systems (ICS) security," pp.5, May. 2013.

9.
Microsoft, M. Curphey, J. Scambray, and E. Olson, Improving web application security threat and countermeasures, pp.45-48, Jun. 2003.

10.
W.V. Grembergen, Strategies for Information Technolies Governance, 1st Ed., Idea Group Publishing, Jul. 2003.

11.
Microsoft MSDN, "Developer network," from http://social.msdn.microsoft.com

12.
Homeland Security, "Cyber security assessments of industrial control systems," Nov. 2010.

13.
Young-dai Ko, Sang-jin Lee, "A proposal of personal information DB encryption assurance framework," pp.406-407, Korea Institute of Information Security & Cryptology(KIISC), 24(2), pp. 397-409, Apr. 2014. crossref(new window)