Abstract
Abstract
Power grids are becoming increasingly intelligent. In this regard, they benefit considerably from the information technology (IT) networks coupled with their underlying operational technology (OT) networks. While IT networks provide sufficient controllability and observability of power grid assets such as voltage and reactive power controllers, distributed energy resources, among others, they make those critical assets vulnerable to cyber threats and risks. In such systems, however, several technical and economic factors can significantly affect the patching and upgrading decisions of their components including, but not limited to, limited time and budget as well as legal constraints. Thus, resolving all vulnerabilities at once could seem like an insuperable hurdle. To figure out where to start, an involved decision maker (e.g. a security team) has to prudently prioritize the possible vulnerability remediation actions. The key objective of prioritization is to efficiently reduce the inherent security risk to which the system in question is exposed. Due to the critical role of power systems, their decision makers tend to enhance the system resilience against extreme events. Thus, they seek to avoid decision options associated with likely severe risks. Practically, this risk attitude guides the decision-making process in such critical organizations and hence the sought-after prioritization as well.Therefore, the contribution of this work is to provide an integrated risk-based decision-support methodology for prioritizing possible remediation activities. It leverages the Time-To-Compromise security metric to quantitatively assess the risk of compromise. The developed risk estimator considers several factors including: i) the inherent assessment uncertainty, ii) interdependencies between the network components, iii) different adversary skill levels, and iv) public vulnerability and exploit information. Additionally, our methodology employs game theory principles to support the strategic decision-making process by constructing a chain of security games. Technically, the remediation actions are prioritized through successively playing a set of dependent zero-sum games. The underlying game-theoretical model considers carefully the stochastic nature of risk assessments and the specific risk attitude of the decision makers involved in the patch management process across electric power organizations.
Publisher
Springer Science and Business Media LLC
Subject
Computer Networks and Communications,Energy Engineering and Power Technology,Information Systems
Reference34 articles.
1. Alshawish, A., de Meer H (2019) Prioritize when patch everything is impossible! In: 2019 IEEE 44th Conference on Local Computer Networks (LCN) (LCN 2019).. IEEE, Osnabrück. in press.
2. Alshawish, A, de Meer H (2019) Risk-based decision-support for vulnerability remediation in electric power networks In: Proceedings of the Tenth ACM International Conference on Future Energy Systems, 378–380.. ACM. https://doi.org/10.1145/3307772.3330157.
3. Barnes, K, Johnson B (2009) National scada test bed substation automation evaluation report. Tech Rep Idaho Natl Lab (INL). https://doi.org/10.2172/968658.
4. Berr, J (2017) WannaCry ransomware attack losses could reach $4 billion. https://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses/. Accessed 19 Sept 2018.
5. Bhajanka, P, Lawson C (2018) Implement a risk-based approach to vulnerability management. Gartner.
Cited by
6 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献