Threat Navigator: Grouping and Ranking Malicious External Threats to Current and Future Urban Smart Grids
Deriving value judgements about threat rankings for large and entangled systems, such as those of urban smart grids, is a challenging task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance for ranking more relevant and filtering out the less relevant threats is desirable. This requires a method able to distil the list of all possible threat events in a traceable and repeatable manner, given a set of assumptions about the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are described in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-to-Threat dependencies). The method is demonstrated on a sample urban Smart Grid. The ranked list of threat events obtained is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies.
KeywordsSmart grid Threat assessment FAIR NIST Risk analysis
This work has been partially supported by the Joint Program Initiative (JPI) Urban Europe via the IRENE project. We would like to thank Prof. Roel Wieringa for his valuable contribution.
- 1.CS-CERT: ICS-CERT year in review. https://ics-cert.us-cert.gov/sites/default/files/Annual_Reports/Year_in_Review_FY2014_Final.pdf
- 2.The Open Group: Technical standard. Risk taxonomy. http://pubs.opengroup.org/onlinepubs/9699919899/toc.pdf
- 3.Intel IT: Prioritizing information security risks with threat agent risk assessment. http://www.intel.com/Assets/en_US/PDF/whitepaper/wp_IT_Security_RiskAssessment.pdf
- 4.Najgebauer, A., Antkiewicz, R., Chmielewski, M., Kasprzyk, R.: The prediction of terrorist threat on the basis of semantic association acquisition and complex network evolution. J. Telecommun. Inf. Technol. 2008, 14–20 (2008)Google Scholar
- 7.IRENE: D2.1 threats identification and ranking. http://www.ireneproject.eu
- 8.IRENE: D2.2 societal impact of attacks and attack motivations. http://www.ireneproject.eu
- 9.Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains, p. 3. Lockheed Martin Corporation, Bethesda (2010)Google Scholar
- 10.Le, A., Chen, Y., Chai, M., Vasenev, A., Montoya, L: Assessing loss event frequencies of smart grid cyber threats: encoding flexibility into FAIR using bayesian network approach, smartgifts conference on smart grid inspired future technologies (2016)Google Scholar