Exploring security metrics for electric grid infrastructures leveraging attack graphs
- 1 January 2016
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
The electric grid is a critical cyber-physical infrastructure that serves as lifeline for modern society. With the increasing trend of cyber-attacks, electric grid security has become a significant concern. System operators have the difficult task of reducing the risk exposure and maintaining operational reliability under the constant threat of cyber-attacks. Good security metrics for assessing and monitoring the risk to the cyber-physical power grid infrastructure would be very valuable for grid operators. However, security metrics to assess the security posture and risk to even traditional enterprise cyber infrastructure have been a long standing challenge. Cyber-physical systems (CPS) that have interconnected cyber and physical infrastructure add an additional layer of complexity. In this work, we explore security metrics that can be used to monitor the security posture and risk exposure of the electric grid infrastructure. These metrics take both the cyber security posture and physical impact of an attack into account. We consider both individual and coordinated attacks that can cause cascading outages. To illustrate the usefulness of the proposed metrics, we use cyber-physical models for 9-bus and 39-bus test systems. Our metrics provide a novel way to identify and prioritize assets critical to the system and help operators take steps to improve the overall security posture of the system.Keywords
This publication has 15 references indexed in Scilit:
- Cyber-Physical models for power grid security analysis: 8-substation casePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- Dynamic Modeling of Cascading Failure in Power SystemsIEEE Transactions on Power Systems, 2015
- Metrics suite for network attack graph analyticsPublished by Association for Computing Machinery (ACM) ,2014
- Go with the flowPublished by Association for Computing Machinery (ACM) ,2013
- k-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown VulnerabilitiesIEEE Transactions on Dependable and Secure Computing, 2013
- Adversary-driven state-based system security evaluationPublished by Association for Computing Machinery (ACM) ,2010
- Empirical Estimates and Observations of 0Day VulnerabilitiesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- A weakest-adversary security metric for network configuration security analysisPublished by Association for Computing Machinery (ACM) ,2006
- Validating and Restoring Defense in Depth Using Attack GraphsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006
- A Set of Measures of Centrality Based on BetweennessSociometry, 1977