Affiliation:
1. The University of Tulsa, USA
Abstract
The Smart Grid will incorporate computer networking technologies into the electrical generation, transmission, and distribution sectors. Thus, there will be an underlying Critical Information Infrastructure (CII) based on these network connections. This CII is vulnerable to traditional cyber or computer based attacks typically geared toward disabling devices or networks. However, the Smart Grid is also vulnerable to physical attacks where sensors are tricked into reporting false conditions that cause the control system to react in an inappropriate manner. Cyber-physical attacks blending both cyber and physical attack components are also a possibility. Techniques to model cyber-attacks exist, and this chapter presents a modeling methodology, termed hybrid attack graphs, to model cyber-physical attacks. The hybrid attack graph formalism can be applied to develop best practice guidelines and security patches for the Smart Grid. This formalism can also be applied to other cyber-physical domains as well to help bridge the gap between the physical, logical, and network domains.
Reference43 articles.
1. Hybrid automata: An algorithmic approach to the specification and verification of hybrid systems
2. Ammann, P., Wijesekera, D., & Kaushik, S. (2002). Scalable, graph-based network vulnerability analysis. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 217--224).
3. Anderson, D., & Leischner, G. (2007). Cybersecurity as part of modern substations. Schweitzer Engineering Laboratories, Inc. Retrieved January 21, 2011, from http://www.selinc.com/WorkArea/DownloadAsset.aspx?id=3530
4. Artz, M. L. (2002). NetSPA: A network security planning architecture. Unpublished M.S. thesis, Massachusetts Institute of Technology, Cambridge, MA.
5. Clark, K., Tyree, S., Dawkins, J., & Hale, J. (2004, June). Quantitative and qualitative analytical techniques for network security assessment. Proceedings of the 2004 IEEE Workshop on Information Assurance and Security (pp. 321-328). IEEE.