1 / 15

STRIDE to a secure Smart Grid in a hybrid cloud

STRIDE to a secure Smart Grid in a hybrid cloud. Bojan Jelacic *, Daniela Rosic*, Imre Lendák *, Marina Stanojevic *, Sebastijan Stoja * *Faculty of technical sciences, University of Novi Sad, Serbia. CyberICPS 2017 Oslo , 2 017.09.15. Overview. Problem Definition

vidrined
Download Presentation

STRIDE to a secure Smart Grid in a hybrid cloud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. STRIDE to a secure Smart Grid in a hybrid cloud BojanJelacic*,Daniela Rosic*, Imre Lendák*, Marina Stanojevic*, SebastijanStoja* *Faculty of technical sciences, University of Novi Sad, Serbia CyberICPS 2017 Oslo, 2017.09.15.

  2. Overview • Problem Definition • Smart Grid ICS Architecture • Risk Management • Risk Analysis • Migration to the Cloud • Conclusion

  3. Problem definition • Number of electricity consumers is continuously increasing. • Existing energy networks are not able to supply this increasing demand without significant investments in infrastructure and automated computer systems. • The migration to a computing cloud is a considerable challenge, both because of multiple decade-long reliance on closed and utility-owned computing resources and its possible impact on information security. • This paper presents an migration proposal in witch current level of information security is preserved.

  4. Smart Grid ICS Architecture

  5. SCADA Subsystem • Collects data from IEDs in order to monitor and control system • OMS – component responsible for restoration of power • NMS – component responsible for storing and providing access to a static network model of the power system. Contains information about the connectivity of the network • EMS – performs calculations on the transmission and sub-transmission levels • DMS – executes various analytical calculations on the subsystem for electricity distribution • The Historian collects and records all changes in the system • WOM – manages the work orders • MDM – works with smart meters

  6. Risk Management Criteria for Impact Levels

  7. Risk Management Criteria for Likelihood Levels

  8. Risk Management Risk matrix 8

  9. Risk Analysis • Security assessment of Smart Grid ICS components is performed by Microsoft’s Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege (STRIDE) methodology. • Impact for each Smart Grid component is assessed and graded with one of the following levels: Low (L), Medium (M) and High (H). • The likelihood is determined with one of the following levels: Very Likely (V), Moderate (M) and Rare (R). • The risk (R) is determined according to the risk matrix.

  10. Analysis of DMS and EMS

  11. Migration to the Cloud • Hybrid cloud is a composition of private and public/community cloud infrastructures that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability. • Components should be deployed in the private cloud if their violation can lead to destroying the whole system, losing of human life, damaging to equipment or financial costs and the degree of risk is high. • Otherwise, components should be moved to the community cloud.

  12. Proposed migration scenario Secure Smart Grid on a hybrid cloud

  13. Conclusions & future work • Based on the results of the risk assessment, an optimal Smart Grid ICS cloud migration scenario was proposed. • Future Work: • Introduce other measures of the Smart Grid ICS, e.g. factoring in the cost of the necessary computing and storage capacities, the cost of IT departments maintaining the data centers. • Focus on STRIDE analysis of the business and process subsystem.

  14. Summary • This paper presents an STRIDE analysis of Smart Grid ICS. • Aim was to identify the common elements of a Smart Grid ICS, perform their security assessment and based on that propose a migration scenario to a hybrid computing cloud. • Key requirement while creating the proposed architecture was to maintain the existing level of information system security. • In the proposed architecture, the components whose violation can lead to destroying the whole system, losing of human life, damaging to equipment or financial costs are deployed in the private cloud. Otherwise in the community cloud.

More Related