• DocumentCode
    1638406
  • Title

    Moving beyond defense-in-depth to strategic resilience for critical control systems

  • Author

    Khurana, Himanshu

  • Author_Institution
    Honeywell Automation and Control Solutions Laboratory
  • fYear
    2011
  • Firstpage
    1
  • Lastpage
    3
  • Abstract
    Critical control systems such as the North American Power Grid are undergoing significant modernization involving increased use of computer and communication systems. While these advances promise better capabilities, for example, an electric grid with increased reliability and efficiency, they also increase the risk to the control systems from cyber attacks. A significant effort is underway by government, industry, national labs and academia to develop and deploy security technologies that assess and mitigate this increased risk. This effort includes select programs funded by the US Departments of Energy1 and Homeland Security2, the US Reinvestment and Recovery Act, the National Institute of Standards and Technologies led Smart Grid Interoperability Panel3, and standard development bodies to name a few. The focus of this effort includes electric grid systems ranging from smart meters and SCADA (Supervisory Control and Data Acquisition) systems to synchrophasor based Wide Area Measurement Systems4, oil and gas SCADA systems, and industrial control systems. A timely challenge in this environment, therefore, is to explore the right cyber security constructs and principles that can guide the effort and ultimately result in secure critical infrastructure for the nation. It is our contention that commonly employed defense-in-depth constructs centered on building layers of defense are insufficient to achieve that objective. Instead, there is a need to explore strategic resilience-based approaches that involve designing the systems to protect critical components and functions, strive to provide service in the face of cyber attacks, and ensure timely response and recovery if the attacks succeed.
  • Keywords
    SCADA systems; power grids; power meters; power system measurement; SCADA; critical control systems; defense-in-depth; power grid; smart meters; strategic resilience; supervisory control and data acquisition systems; wide area measurement systems; Buildings; Computer security; Context modeling; Resilience; SCADA systems;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Power and Energy Society General Meeting, 2011 IEEE
  • Conference_Location
    San Diego, CA
  • ISSN
    1944-9925
  • Print_ISBN
    978-1-4577-1000-1
  • Electronic_ISBN
    1944-9925
  • Type

    conf

  • DOI
    10.1109/PES.2011.6039873
  • Filename
    6039873