Practical Risk Assessment Using a Cumulative Smart Grid Model

Markus Kammerstetter, Lucie Langer, Florian Skopik, Friederich Kupzog, Wolfgang Kastner

2014

Abstract

Due to the massive increase of green energy, today’s power grids are in an ongoing transformation to smart grids. While traditionally ICT technologies were utilized to control and monitor only a limited amount of grid systems down to the station level, they will reach billions of customers in near future. One of the downsides of this development is the exposure of previously locked down communication networks to a wide range of potential attackers. To mitigate the risks involved, proper risk management needs to be in place. Together with leading manufacturers and utilities, we focused on European smart grids and analyzed existing security standards in the Smart Grid Security Guidance (SG)2 project. As our study showed that these standards are of limited practical use to utilities, we developed a cumulative smart grid architecture model in a joint approach with manufacturers and utilities to represent both current and future European smart grids. Based on that model, we developed a practical, light-weight risk assessment methodology covering a wide range of potential threats that have been evaluated and refined in course of expert interviews with utility providers and manufacturers.

References

  1. Hou, H., Zhou, J., Zhang, Y., and He, X. (2011). A brief analysis on differences of risk assessment between smart grid and traditional power grid. In Knowledge Acquisition and Modeling (KAM), 2011 Fourth International Symposium on, pages 188-191.
  2. Klimafonds (2012). DG DemoNet - Smart LV Grid. http://www.ait.ac.at/departments/energy/researchareas/electric-energy-infrastructure/smart-grids/dgdemonet-smart-lv-grid/. [Online; accessed 16- October-2013].
  3. Lu, Z., Lu, X., Wang, W., and Wang, C. (2010). Review and evaluation of security threats on the communication networks in the smart grid. In MILITARY COMMUNICATIONS CONFERENCE, 2010 - MILCOM 2010, pages 1830-1835.
  4. Mohan, A. and Khurana, H. (2012). Towards addressing common security issues in smart grid specifications. In Resilient Control Systems (ISRCS), 2012 5th International Symposium on, pages 174-180.
  5. NIST (2013a). NIST Special Publication 1108R2 - NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 2.0.
  6. NIST (2013b). NISTIR 7628 - Guidelines for Smart Grid Cybersecurity.
  7. OGEMA (2012). The German ICT Gateway Approach. http://www.ogema.org. [Online; accessed 16- October-2013].
  8. OpenNode (2012). http://www.opennode.eu. October-2013].
  9. European FP7 Project. [Online; accessed 16-
  10. Ray, P., Harnoor, R., and Hentea, M. (2010). Smart power grid security: A unified risk management approach. In Security Technology (ICCST), 2010 IEEE International Carnahan Conference on, pages 276-285.
  11. Sauter, T., Soucek, S., Kastner, W., and Dietrich, D. (2011). The evolution of factory and building automation. In IEEE Magazine on Industrial Electronics, pages 35- 48.
  12. Skopik, F. and Langer, L. (2013). Cyber security challenges in heterogeneous ict infrastructures of smart grids. Journal of Communications, 8(8):463-472.
  13. Smart Grid Coordination Group, CEN-CENELECETSI (2012a). Reports in response to smart grid mandate m/490. http://www. cencenelec.eu/standards/sectors/SmartGrids/Pages/ default.aspx. [Online; accessed 16-October-2013].
  14. Smart Grid Coordination Group, CEN-CENELECETSI (2012b). Smart grid reference architecture. http://ec.europa.eu/energy/gas electricity/smartgrids /doc/xpert group1 reference architecture.pdf. [Online; accessed 15-October-2013].
  15. Smart Grid Modellregion Salzburg (2010). ZUQDE. http://www.smartgridssalzburg.at/forschungsfelder /stromnetze/zuqde/. [Online; accessed 16-October2013].
  16. Smart Grid Modellregion Salzburg (2011). Smart Web Grid. http://www.smart gridssalzburg.at/forschungsfelder /ikt/smart-webgrid/. [Online; accessed 16-October-2013].
  17. Varaiya, P., Wu, F., and Bialek, J. (2011). Smart operation of smart grid: Risk-limiting dispatch. Proceedings of the IEEE, 99(1):40-57.
  18. Vigo, R., Yuksel, E., and Ramli, C. (2012). Smart grid security a smart meter-centric perspective. In Telecommunications Forum (TELFOR), 2012 20th, pages 127- 130.
  19. Yan, Y., Qian, Y., Sharif, H., and Tipper, D. (2012). A survey on cyber security for smart grid communications. Communications Surveys Tutorials, IEEE, 14(4):998- 1010.
  20. Yufei, W., Bo, Z., WeiMin, L., and Tao, Z. (2011). Smart grid information security - a research on standards. In Advanced Power System Automation and Protection (APAP), 2011 International Conference on, volume 2, pages 1188-1194.
Download


Paper Citation


in Harvard Style

Kammerstetter M., Langer L., Skopik F., Kupzog F. and Kastner W. (2014). Practical Risk Assessment Using a Cumulative Smart Grid Model . In Proceedings of the 3rd International Conference on Smart Grids and Green IT Systems - Volume 1: SMARTGREENS, ISBN 978-989-758-025-3, pages 31-42. DOI: 10.5220/0004860900310042


in Bibtex Style

@conference{smartgreens14,
author={Markus Kammerstetter and Lucie Langer and Florian Skopik and Friederich Kupzog and Wolfgang Kastner},
title={Practical Risk Assessment Using a Cumulative Smart Grid Model},
booktitle={Proceedings of the 3rd International Conference on Smart Grids and Green IT Systems - Volume 1: SMARTGREENS,},
year={2014},
pages={31-42},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004860900310042},
isbn={978-989-758-025-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Smart Grids and Green IT Systems - Volume 1: SMARTGREENS,
TI - Practical Risk Assessment Using a Cumulative Smart Grid Model
SN - 978-989-758-025-3
AU - Kammerstetter M.
AU - Langer L.
AU - Skopik F.
AU - Kupzog F.
AU - Kastner W.
PY - 2014
SP - 31
EP - 42
DO - 10.5220/0004860900310042