Title :
Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees
Author :
Ten, Chee-Wooi ; Liu, Chen-Ching ; Govindarasu, Manimaran
Author_Institution :
Electr. Electr. & Comput. Eng. Dept., Iowa State Univ. of Sci. & Technol., Ames, IA
Abstract :
By penetrating the SCADA system, an intruder may remotely operate a power system using supervisory control privileges. Hence, cybersecurity has been recognized as a major threat due to the potential intrusion to the online system. This paper proposes a methodology to evaluate the cybersecurity vulnerability using attack trees. The attack tree formulation based on power system control networks is used to evaluate the system, scenario, and leaf vulnerabilities. The measure of vulnerabilities in the power system control framework is determined based on existing cybersecurity conditions before the vulnerability indices are evaluated. After the indices are evaluated, an upper bound is imposed on each scenario vulnerability in order to determine the pivotal attack leaves that require countermeasure improvements. The proposed framework can be extended to security investment analysis.
Keywords :
SCADA systems; power engineering computing; power system security; security of data; SCADA systems; attack trees; cybersecurity vulnerability; power system security; security investment analysis; vulnerability index; Computer security; Control systems; Power grids; Power system control; Power system protection; Power system security; SCADA systems; Supervisory control; Tree graphs; Upper bound; Attack Tree; Cybersecurity; Defense Systems; Power System Control; Security Vulnerability;
Conference_Titel :
Power Engineering Society General Meeting, 2007. IEEE
Conference_Location :
Tampa, FL
Print_ISBN :
1-4244-1296-X
Electronic_ISBN :
1932-5517
DOI :
10.1109/PES.2007.385876
