JOURNAL BROWSE
Search
Advanced SearchSearch Tips
A Case Study of the Impact of a Cybersecurity Breach on a Smart Grid Based on an AMI Attack Scenario
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Case Study of the Impact of a Cybersecurity Breach on a Smart Grid Based on an AMI Attack Scenario
Jun, Hyo-Jung; Kim, Tae-Sung;
  PDF(new window)
 Abstract
The smart grid, a new open platform, is a core application for facilitating a creative economy in the era of the Internet of Things (IoT). Advanced Metering Infrastructure (AMI) is one of the components of the smart grid and a two-way communications infrastructure between the main utility operator and customer. The smart meter records consumption of electrical energy and communicates that information back to the utility for monitoring and billing. This paper investigates the impact of a cybersecurity attack on the smart meter. We analyze the cost to the smart grid in the case of a smart meter attack by authorized users based on a high risk scenario from NESCOR. Our findings could be used by policy makers and utility operators to create investment decision-making models for smart grid security.
 Keywords
Smart Grid;Advanced Metering Infrastructure;Cybersecurity Breach;Attack Scenario;
 Language
Korean
 Cited by
 References
1.
MOEIA, Smart grid national roadmap, Jan. 2010.

2.
CSPC, Securing the U.S. electrical grid, July 2014.

3.
KSGA, Smart grid AMI technology trend report, Sep. 2012.

4.
KSGA, Smart grid security technology trend report, Sep. 2012.

5.
Ernst&Young, Cybersecurity and the Internet of Things, Mar. 2015

6.
L.A. Gordon, and M.P Loeb, Managing cybersecurity resources: A cost-benefit analysis, New York: McGraw-Hill, Sep. 2005.

7.
H. Cavusoglu, B. Mishra and S. Raghunathan, "A model for evaluating IT security investments," Communications of the ACM, 47(7), pp.87-92, July. 2004.

8.
L.D. Bodin, L.A. Gordon and M.P. Loeb, "Evaluating information security investments using the analytic hierarchy process," Communications of the ACM, 48(2), pp.78-83, Feb. 2005.

9.
R.L. Kumar, S. Park and C. Subramaniam, "Understanding the value of countermeasure portfolios in information systems security," Journal of Management Information Systems, 25(2), pp.241-280, Sep. 2008.

10.
RAND Corporation, The defender's dilemma: Charting a course toward cybersecurity, June 2015.

11.
Jang SangSoo, "Information security management system development and application", Life and Power Press, June 2015.

12.
DOE, Electricity subsector cybersecurity risk management process, May 2012.

13.
KATS and KSA, R&D roadmap based on technology standards: Smart grid, Apr. 2014.

14.
D. Grochocki, J.H. Huh, R. Berthier, R, Bobba, W.H. Sanders, A. Cardenas and J.G. Jetcheva, "AMI threats, intrusion detection requirements and deployment recommendations," 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm), pp.395-400, Nov. 2012.

15.
Kang Seong-ku and Seo Jung-Taek, "An analysis of the security threats and security requirements for electric vehicle charging infrastructure," Journal of the Korea Institute of Information Security and Cryptology, 22(5), pp.1027-1037, Oct. 2012.

16.
H. Suleiman and D. Svetinovic, D., "Evaluating the effectiveness of the security quality requirements engineering (SQUARE) method: a case study using smart grid advanced metering infrastructure," Requirements Engineering, 18(3), pp.251-279, Sep. 2013. crossref(new window)

17.
F. Aloul, A.R. Al-Ali, R. Al-Dalky, M. Al-Mardini and W. El-Hajj, "Smart grid security: Threats, vulnerabilities and solutions," International Journal of Smart Grid and Clean Energy, 1(1), pp.1-6, Sep. 2012.

18.
G. Kalogridis, C. Efthymiou, S.Z. Denic, T. Lewis and R. Cepeda, "Privacy for smart meters: Towards undetectable appliance load signatures," 2010 First IEEE International Conference on Smart Grid Communications (SmartGridComm), pp.232-237, Oct. 2010.

19.
R.C. Parks, "Advanced metering infrastructure security considerations," SANDIA REPORT: Sandia National Laboratories, Oct. 2007.

20.
H. Chaudhry and T. Bohn, "Security concerns of a plug-in vehicle," 2012 IEEE PES Innovative Smart Grid Technologies (ISGT), Jan. 2012.

21.
S. Clements and H. Kirkham, "Cyber-security considerations for the smart grid," 2012 IEEE Power and Energy Society General Meeting, July 2012.

22.
S. McLaughlin, D. Podkuiko and P. McDaniel, "Energy theft in the advanced metering infrastructure," Critical Information Infrastructures Security, pp.176-187, Aug. 2010.

23.
V. Aravinthan, V. Namboodiri, S. Sunku, and W. Jewell, "Wireless AMI application and security for controlled home area networks," IEEE Power and Energy Society General Meeting, pp.1-8, July 2011.

24.
W. Su, H. Eichi, W. Zeng and M.Y. Chow, "A survey on the electrification of transportation in a smart grid environment," IEEE Transactions on Industrial Informatics, 8(1), pp.1-10, Jan. 2012. crossref(new window)

25.
NESCOR, Analysis of Selected Electric Sector High Risk Failure Scenarios, Sep. 2013.

26.
NIST, NIST framework and roadmap for smart grid interoperability standards, Release 1.0, Jan. 2010.

27.
NESCOR, Attack trees for selected electric sector high risk failure scenarios, Sep. 2013.

28.
KETEP, The market report for 2013-2014 energy technology, Jan. 2014.

29.
MOTIE, Plan smart meter and ESS supply, June 2013.

30.
http://www.etnews.com/201402100504 (Feb. 2014)

31.
http://krebsonsecurity.com/2012/04/fbi-smart-meter-hacks-likely-to-spread/ (Apr. 2012)

32.
http://home.kepco.co.kr/kepco/KE/E/htmlView/KEEBPP0010101.do?menuCd=FN270101 (Sep. 2015)

33.
http://www.cj-ilbo.com/news/article-View.html?idxno=903155 (Aug. 2015)

34.
A. Acquisti, A. Friedman and R. Telang, "Is there cost privacy breaches? An event study," The 5th Workshop on the Economics of Information Security(WEIS), June 2006.

35.
M. Ishiguro, H. Tanaka, K. Matsuura and I. Murase, "The effect of information security incidents on corporate values in the japanese stock market," Workshop on the Economics of Securing the Information Infrastructure(WESII), Aug. 2006.

36.
MOI, Understanding privacy act, Dec. 2012.

37.
Kim Sehun, "Information Security Management and Policy", Life and Power Press, Nov. 2002.

38.
KIET, "Making secure net for Internet of Things: Convergence security industry", e-KIET Industry Economics Information, 586, pp.1-12, Apr. 2014.

39.
http://www.msip.go.kr/webzine/posts.do?postIdx=149 (Dec. 2015)