This offers a fair approach to identify costly and risky changes and thus guide the decision-making process. For instance, a change in the security policy may not be possible due to the current infrastructure. Risk-based testing and model-based approaches allow anticipating the impact of a change (either in the offered services, in the architecture or in the security requirements). The practice shows that maintaining the alignment of a security policy with the system extensions/evolutions is hard. In a long-term vision, security and services have to evolve in harmony, with an underlying infrastructure and an existing legacy. Two dimensions are targeted: testing that the security requirements are correctly implemented and testing that the security mechanisms may resist (to which limit) to a set of attack scenarios. Systematic Testing in a dynamic approach is used to efficiently check the conformance of the deployed security mechanisms (access control, confidentiality, robustness to attack scenarios) with the requirements. Due to the cyber-physical system nature of the Smart Grid and the great impact of energy systems, a primary security objective for Smart Grid operation is availability 3, DoS attacks which have an immediate impact on the availability of communication systems and control systems become the primary network security threats in the Smart Grid. Vulnerability detection, risk and impact analysis.Analysis of robust, scalable security frameworks.Methodologies that include model-driven development, requirement analysis, quality reasoning and evaluation frameworks.More specifically, to address this objective, SnT considers: This should deal with potential current, but also future attacks or vulnerabilities. In this context, the overall objective is to develop innovative methods to ensure a satisfactory level of security and privacy S&P in the smart metering context to design a secure, evolvable and reliable infrastructure. That is typically the case for smart grid for which S&P are even more an issue (1) because the devices are able to impact the everyday life of users (2) because data present on the smart grid are directly related to the privacy of a user. In this new kind of "cyber physical system", it's challenging to ensure a satisfactory level of Security and Privacy (S&P), at least because any system based on interconnected devices depends on the security of each device as well as on the security of the communications. Smart grids involve interconnected and evolvable smart meters, databases, hubs, and potentially other smart devices through several kinds of communication infrastructure (such as optical fibre, radio, PLC, GPRS. However, the beauty of the Smart Grid innovation comes with its danger: the integration and dependence on cyber infrastructure would greatly increase the risks. Reactive Cyber-Security for Smart Grids Using a Model-Driven Reasoning Engine
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |