A Novel Network Modeling and Evaluation Approach for Security Vulnerability Quantification in Substation Automation Systems
Summary :
With the proliferation of smart grids and the construction of various electric IT systems and networks, a next-generation substation automation system (SAS) based on IEC 61850 has been agreed upon as a core element of smart grids. However, research on security vulnerability analysis and quantification for automated substations is still in the preliminary phase. In particular, it is not suitable to apply existing security vulnerability quantification approaches to IEC 61850-based SAS because of its heterogeneous characteristics. In this paper, we propose an IEC 61850-based SAS network modeling and evaluation approach for security vulnerability quantification. The proposed approach uses network-level and device groupings to categorize the characteristic of the SAS. In addition, novel attack scenarios are proposed through a zoning scheme to evaluate the network model. Finally, an MTTC (Mean Time-to-Compromise) scheme is used to verify the proposed network model using a sample attack scenario.
- Publication
- IEICE TRANSACTIONS on Information Vol.E96-D No.9 pp.2021-2025
- Publication Date
- 2013/09/01
- Publicized
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.E96.D.2021
- Type of Manuscript
- Special Section LETTER (Special Section on Dependable Computing)
- Category
Authors
Jongbin KO
Ajou University
Seokjun LEE
Ajou University
Yong-hun LIM
Korea Electric Power Corporation (KEPCO) Research Institute
Seong-ho JU
Korea Electric Power Corporation (KEPCO) Research Institute
Taeshik SHON
Ajou University
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Jongbin KO, Seokjun LEE, Yong-hun LIM, Seong-ho JU, Taeshik SHON, "A Novel Network Modeling and Evaluation Approach for Security Vulnerability Quantification in Substation Automation Systems" in IEICE TRANSACTIONS on Information,
vol. E96-D, no. 9, pp. 2021-2025, September 2013, doi: 10.1587/transinf.E96.D.2021.
Abstract: With the proliferation of smart grids and the construction of various electric IT systems and networks, a next-generation substation automation system (SAS) based on IEC 61850 has been agreed upon as a core element of smart grids. However, research on security vulnerability analysis and quantification for automated substations is still in the preliminary phase. In particular, it is not suitable to apply existing security vulnerability quantification approaches to IEC 61850-based SAS because of its heterogeneous characteristics. In this paper, we propose an IEC 61850-based SAS network modeling and evaluation approach for security vulnerability quantification. The proposed approach uses network-level and device groupings to categorize the characteristic of the SAS. In addition, novel attack scenarios are proposed through a zoning scheme to evaluate the network model. Finally, an MTTC (Mean Time-to-Compromise) scheme is used to verify the proposed network model using a sample attack scenario.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E96.D.2021/_p
Copy
@ARTICLE{e96-d_9_2021,
author={Jongbin KO, Seokjun LEE, Yong-hun LIM, Seong-ho JU, Taeshik SHON, },
journal={IEICE TRANSACTIONS on Information},
title={A Novel Network Modeling and Evaluation Approach for Security Vulnerability Quantification in Substation Automation Systems},
year={2013},
volume={E96-D},
number={9},
pages={2021-2025},
abstract={With the proliferation of smart grids and the construction of various electric IT systems and networks, a next-generation substation automation system (SAS) based on IEC 61850 has been agreed upon as a core element of smart grids. However, research on security vulnerability analysis and quantification for automated substations is still in the preliminary phase. In particular, it is not suitable to apply existing security vulnerability quantification approaches to IEC 61850-based SAS because of its heterogeneous characteristics. In this paper, we propose an IEC 61850-based SAS network modeling and evaluation approach for security vulnerability quantification. The proposed approach uses network-level and device groupings to categorize the characteristic of the SAS. In addition, novel attack scenarios are proposed through a zoning scheme to evaluate the network model. Finally, an MTTC (Mean Time-to-Compromise) scheme is used to verify the proposed network model using a sample attack scenario.},
keywords={},
doi={10.1587/transinf.E96.D.2021},
ISSN={1745-1361},
month={September},}
Copy
TY - JOUR
TI - A Novel Network Modeling and Evaluation Approach for Security Vulnerability Quantification in Substation Automation Systems
T2 - IEICE TRANSACTIONS on Information
SP - 2021
EP - 2025
AU - Jongbin KO
AU - Seokjun LEE
AU - Yong-hun LIM
AU - Seong-ho JU
AU - Taeshik SHON
PY - 2013
DO - 10.1587/transinf.E96.D.2021
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E96-D
IS - 9
JA - IEICE TRANSACTIONS on Information
Y1 - September 2013
AB - With the proliferation of smart grids and the construction of various electric IT systems and networks, a next-generation substation automation system (SAS) based on IEC 61850 has been agreed upon as a core element of smart grids. However, research on security vulnerability analysis and quantification for automated substations is still in the preliminary phase. In particular, it is not suitable to apply existing security vulnerability quantification approaches to IEC 61850-based SAS because of its heterogeneous characteristics. In this paper, we propose an IEC 61850-based SAS network modeling and evaluation approach for security vulnerability quantification. The proposed approach uses network-level and device groupings to categorize the characteristic of the SAS. In addition, novel attack scenarios are proposed through a zoning scheme to evaluate the network model. Finally, an MTTC (Mean Time-to-Compromise) scheme is used to verify the proposed network model using a sample attack scenario.
ER -
English
