ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems

Josephine Lamp; Carlos E. Rubio-Medrano; Ziming Zhao; Gail Joon Ahn

doi:10.1109/MSCPES.2019.8738791

ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems

Josephine Lamp, Carlos E. Rubio-Medrano, Ziming Zhao, Gail Joon Ahn

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.

Original language	English (US)
Title of host publication	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9781728106373
DOIs	https://doi.org/10.1109/MSCPES.2019.8738791
State	Published - Apr 2019
Event	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Montreal, Canada Duration: Apr 15 2019 → …

Publication series

Name	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings

Conference

Conference	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019
Country	Canada
City	Montreal
Period	4/15/19 → …

ASJC Scopus subject areas

Computer Networks and Communications
Energy Engineering and Power Technology
Modeling and Simulation

Access to Document

10.1109/MSCPES.2019.8738791

Fingerprint Dive into the research topics of 'ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems'. Together they form a unique fingerprint.

Cite this

Lamp, J., Rubio-Medrano, C. E., Zhao, Z., & Ahn, G. J. (2019). ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems. In 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings [8738791] (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/MSCPES.2019.8738791

ExSol : Collaboratively assessing cybersecurity risks for protecting energy delivery systems. / Lamp, Josephine; Rubio-Medrano, Carlos E.; Zhao, Ziming; Ahn, Gail Joon.

7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings. Institute of Electrical and Electronics Engineers Inc., 2019. 8738791 (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lamp, J, Rubio-Medrano, CE, Zhao, Z & Ahn, GJ 2019, ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems. in 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings., 8738791, 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings, Institute of Electrical and Electronics Engineers Inc., 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019, Montreal, Canada, 4/15/19. https://doi.org/10.1109/MSCPES.2019.8738791

Lamp J, Rubio-Medrano CE, Zhao Z, Ahn GJ. ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems. In 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings. Institute of Electrical and Electronics Engineers Inc. 2019. 8738791. (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings). https://doi.org/10.1109/MSCPES.2019.8738791

Lamp, Josephine ; Rubio-Medrano, Carlos E. ; Zhao, Ziming ; Ahn, Gail Joon. / ExSol : Collaboratively assessing cybersecurity risks for protecting energy delivery systems. 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings. Institute of Electrical and Electronics Engineers Inc., 2019. (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings).

@inproceedings{b53f864afbb04294a426285f5d684425,

title = "ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems",

abstract = "No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.",

author = "Josephine Lamp and Rubio-Medrano, {Carlos E.} and Ziming Zhao and Ahn, {Gail Joon}",

year = "2019",

month = apr,

doi = "10.1109/MSCPES.2019.8738791",

language = "English (US)",

series = "7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings",

note = "7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 ; Conference date: 15-04-2019",

}

TY - GEN

T1 - ExSol

T2 - 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019

AU - Lamp, Josephine

AU - Rubio-Medrano, Carlos E.

AU - Zhao, Ziming

AU - Ahn, Gail Joon

PY - 2019/4

Y1 - 2019/4

N2 - No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.

AB - No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.

UR - http://www.scopus.com/inward/record.url?scp=85068844592&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85068844592&partnerID=8YFLogxK

U2 - 10.1109/MSCPES.2019.8738791

DO - 10.1109/MSCPES.2019.8738791

M3 - Conference contribution

AN - SCOPUS:85068844592

T3 - 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings

BT - 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 15 April 2019

ER -