Threat Navigator: Grouping and Ranking Malicious External Threats to Current and Future Urban Smart Grids

  • Alexandr Vasenev
  • Lorena Montoya
  • Andrea Ceccarelli
  • Anhtuan Le
  • Dan Ionita
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 175)

Abstract

Deriving value judgements about threat rankings for large and entangled systems, such as those of urban smart grids, is a challenging task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance for ranking more relevant and filtering out the less relevant threats is desirable. This requires a method able to distil the list of all possible threat events in a traceable and repeatable manner, given a set of assumptions about the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are described in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-to-Threat dependencies). The method is demonstrated on a sample urban Smart Grid. The ranked list of threat events obtained is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies.

Keywords

Smart grid Threat assessment FAIR NIST Risk analysis 

Notes

Acknowledgments

This work has been partially supported by the Joint Program Initiative (JPI) Urban Europe via the IRENE project. We would like to thank Prof. Roel Wieringa for his valuable contribution.

References

  1. 1.
  2. 2.
    The Open Group: Technical standard. Risk taxonomy. http://pubs.opengroup.org/onlinepubs/9699919899/toc.pdf
  3. 3.
    Intel IT: Prioritizing information security risks with threat agent risk assessment. http://www.intel.com/Assets/en_US/PDF/whitepaper/wp_IT_Security_RiskAssessment.pdf
  4. 4.
    Najgebauer, A., Antkiewicz, R., Chmielewski, M., Kasprzyk, R.: The prediction of terrorist threat on the basis of semantic association acquisition and complex network evolution. J. Telecommun. Inf. Technol. 2008, 14–20 (2008)Google Scholar
  5. 5.
    Lund, M.S., Solhaug, B., Stølen, K.: Risk analysis of changing and evolving systems using CORAS. In: Aldini, A., Gorrieri, R. (eds.) FOSAD 2011. LNCS, vol. 6858, pp. 231–274. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-23082-0_9 CrossRefGoogle Scholar
  6. 6.
    Morison, K., Wang, L., Kundur, P.: Power system security assessment. IEEE Power Energy Mag. 2(5), 30–39 (2004)CrossRefGoogle Scholar
  7. 7.
    IRENE: D2.1 threats identification and ranking. http://www.ireneproject.eu
  8. 8.
    IRENE: D2.2 societal impact of attacks and attack motivations. http://www.ireneproject.eu
  9. 9.
    Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains, p. 3. Lockheed Martin Corporation, Bethesda (2010)Google Scholar
  10. 10.
    Le, A., Chen, Y., Chai, M., Vasenev, A., Montoya, L: Assessing loss event frequencies of smart grid cyber threats: encoding flexibility into FAIR using bayesian network approach, smartgifts conference on smart grid inspired future technologies (2016)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2017

Authors and Affiliations

  • Alexandr Vasenev
    • 1
  • Lorena Montoya
    • 1
  • Andrea Ceccarelli
    • 2
  • Anhtuan Le
    • 3
  • Dan Ionita
    • 1
  1. 1.University of TwenteEnschedeThe Netherlands
  2. 2.University of FlorenceFirenzeItaly
  3. 3.Queen Mary University of LondonLondonUnited Kingdom

Personalised recommendations