By Topic

Smart power grid security: A unified risk management approach

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Ray, P.D. ; Albeado Inc., Saratoga, CA, USA ; Harnoor, R. ; Hentea, M.

Power grid information security and protection has aspects of both Industrial Control Systems (ICS) as well as Information Technology (IT) Systems. Although both ICS and IT systems require information security services to combat malicious attacks, the specifics of how these services are used for the power grid depend upon appropriate risk assessment and risk control. Distinct types of attacks targeting ICS and IT systems as well as different performance requirements of these systems determine a specific priority order of the security services implemented for each system. Threat profiles of the power transmission and distribution management functions, where availability is paramount to all other security services, differ significantly from threat profiles of IT functions such as utility customer billing where confidentiality is a greater concern hence warranting different security posturing. This paper discusses different approaches for security risk management in the context of the smart power grid. Methodologies proposed for risk assessment include threat and vulnerability modeling schemes which help in identifying and categorizing the threats, as well as in analyzing their impacts, and subsequently prioritizing them. Risk management planning techniques as they apply to both ICS and IT systems are also discussed.

Published in:

Security Technology (ICCST), 2010 IEEE International Carnahan Conference on

Date of Conference:

5-8 Oct. 2010