Visible to the public Enabling Security-by-Design in Smart Grids: An Architecture-Based Approach

TitleEnabling Security-by-Design in Smart Grids: An Architecture-Based Approach
Publication TypeConference Paper
Year of Publication2019
AuthorsAranha, Helder, Masi, Massimiliano, Pavleska, Tanja, Sellitto, Giovanni Paolo
Conference Name2019 15th European Dependable Computing Conference (EDCC)
Keywordsadequate security countermeasures, Architecture, architecture-based approach, Computer architecture, computer security, control infrastructure, critical infrastructure, critical infrastructures, distributed energy resources, distributed power generation, distributed system, distribution system operators, Energy Distribution Grids, Enterprise Architecture, Europe, grid gatekeepers, methodology, Metrics, power engineering computing, power system security, privacy, pubcrawl, RAMI 4.0, Reference Model of I Information Assurance and Security, Resiliency, Resilient Security Architectures, risk analysis, RMIAS, Scalability, security goals, security of data, security-by-design, Smart Grid evolution, smart grid security, Smart grids, smart power grids, sophisticated engineering practices, Standards, surplus energy

Energy Distribution Grids are considered critical infrastructure, hence the Distribution System Operators (DSOs) have developed sophisticated engineering practices to improve their resilience. Over the last years, due to the "Smart Grid" evolution, this infrastructure has become a distributed system where prosumers (the consumers who produce and share surplus energy through the grid) can plug in distributed energy resources (DERs) and manage a bi-directional flow of data and power enabled by an advanced IT and control infrastructure. This introduces new challenges, as the prosumers possess neither the skills nor the knowledge to assess the risk or secure the environment from cyber-threats. We propose a simple and usable approach based on the Reference Model of Information Assurance & Security (RMIAS), to support the prosumers in the selection of cybesecurity measures. The purpose is to reduce the risk of being directly targeted and to establish collective responsibility among prosumers as grid gatekeepers. The framework moves from a simple risk analysis based on security goals to providing guidelines for the users for adoption of adequate security countermeasures. One of the greatest advantages of the approach is that it does not constrain the user to a specific threat model.

Citation Keyaranha_enabling_2019