A Framework for Risk Analysis in Smart Grid

Perspective Based Approach
  • Rani Yesudas
  • Roger Clarke
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8328)

Abstract

Smart Grids have great potential for the management of energy consumption. However, moving from a traditional grid to a smart grid introduces significant new risk to the energy sector that were not present in the power grids that operated in isolation. The data that is generated in the smart metering systems can possibly harm its stakeholders. Hence it is important to protect all the stakeholders by providing effective controls to the vulnerable elements in the smart metering system. This highlights the necessity to conduct a risk analysis to evaluate the harms, threats and vulnerabilities that are introduced into this critical infrastructure by modernization. Currently there are numerous risk analysis methodologies available; there are many differences among them, and hence selecting an appropriate one is challenging. Risk that technical experts perceive to be minor often elicits strong public concerns. Consequently during risk analysis, different perspectives need to be considered. This article reports on an extensive analysis of risk management frameworks, which resulted in a framework specifically targeted at smart grid and smart metering systems. Perspective of risk analysis is a key element in this framework.

Keywords

smart meter smart grid security risk assessment risk analysis framework 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Danahy, J., Bochman, A.: Smart Grid for the CSO (2009)Google Scholar
  2. 2.
    Baumeister, T.: Literature Review on Smart Grid Cyber Security, Department of Information and Computer Sciences. University of Hawaii, Hawaii (2010)Google Scholar
  3. 3.
    Kasperson, R.E., Renn, O., Slovic, P., et al.: The Social Amplification of Risk - a Conceptual-Framework. Risk Analysis 8, 177–187 (1988)CrossRefGoogle Scholar
  4. 4.
    Roberts, S., Redgrove, Z.: The smart metering programme: a consumer review. The Centre for Sustainable Energy, Bristol (2011)Google Scholar
  5. 5.
    Quinn, E.L.: Privacy and the new energy infrastructure. SSRN eLibrary (2009)Google Scholar
  6. 6.
    Fang, Y.D.: Smart Grid – The New and Improved Power Grid. IEEE Communications Surveys Tutorials PP, pp. 1–37 (2011)Google Scholar
  7. 7.
    Farhangi, H.: The path of the smart grid. IEEE Power and Energy Magazine 8(1), 18–28 (2010)CrossRefMathSciNetGoogle Scholar
  8. 8.
    Deloitte, Department of Treasury and Finance- Advanced metering infrastructure cost benefit analysis- Final Report, Victoria (2011)Google Scholar
  9. 9.
    Lockstep Consulting, Privacy Impact Assessment Report - Advanced Metering Infrastructure (AMI), Victoria, Australia (2011)Google Scholar
  10. 10.
    Rambi, J.: Lessons learned from the new Smart Meter Risk Analysis Methodology in the Netherlands, Chairman Policy Committee Privacy & Security Netbeheer Nederland (January 16, 2013)Google Scholar
  11. 11.
    NIST, National Institute of Standard and Technology, NIST Framework and Roadmap for Smart Grid Interoperability Standards Release 1.0, Office of the National Coordinator for Smart Grid Interoperability (2010)Google Scholar
  12. 12.
    CEN-CENELEC-ETSI, Smart Grid Coordination Group Smart Grid Information Security (2012)Google Scholar
  13. 13.
    ISO/IEC 27005, ISO/lEC 27005 Information technology - Security techniques - Information security risk management, ISO/IEC 2008 (2008)Google Scholar
  14. 14.
    Stoneburner, G., Goguen, A., Fering, A.: Risk Management Guide for Information Technology Systems. NIST Special Publication 800-30, VA 22042 (2002)Google Scholar
  15. 15.
    ENISA, Risk Management: Implementation principles and Inventories for Risk Management/Risk Assessment methods and tools, http://www.enisa.europa.eu/activities/risk-management (2005-2013)
  16. 16.
    SRA, Society for Risk Analysis (SRA) (2013), http://www.sra.org/
  17. 17.
    Kaplan, S.: The words of risk analysis. Risk Analysis 17(4), 407–441 (1997)CrossRefGoogle Scholar
  18. 18.
    WP 29, Opinion 04/2013 on the Data Protection Impact Assessment Template for Smart Grid and Smart Metering Systems (‘DPIA Template’) prepared by Expert Group 2 of the Commission’s Smart Grid Task Force, Article 29 Data Protection Working Party (2013)Google Scholar
  19. 19.
    Dimitrakos, T., Raptis, D., Ritchie, B., Stølen, K.: Model based Security Risk Analysis for Web Applications: The CORAS approach (2002)Google Scholar
  20. 20.
    Marek, P., Paulina, J.: The OCTAVE methodology as a risk analysis tool for business resources. In: International Multi-Conference on Computer Science and Information Technology (2006)Google Scholar
  21. 21.
    BSI, BSI-Standard 100-3: Risk analysis based on IT-Grundschutz (2008) Google Scholar
  22. 22.
    Security Risk Analysis Group, Introduction to Risk Analysis (2003), http://www.security-risk-analysis.com/introduction.htm
  23. 23.
    NRECA, Guide to Developing a Cyber Security and Risk Mitigation Plan, National Rural Electric Cooperative Association/Cooperative Research Network, Arlington, VA (2011)Google Scholar
  24. 24.
    EMF Safety Network, Smart Meter Fires and Explosions (2012), http://emfsafetynetwork.org/?page_id=1280

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  • Rani Yesudas
    • 1
  • Roger Clarke
    • 1
  1. 1.College of Engineering and Computer ScienceThe Australian National UniversityCanberraAustralia

Personalised recommendations