ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems

Josephine Lamp; Carlos E. Rubio-Medrano; Ziming Zhao; Gail-Joon Ahn

doi:10.1109/MSCPES.2019.8738791

ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems

Josephine Lamp, Carlos E. Rubio-Medrano, Ziming Zhao, Gail-Joon Ahn

Engineering, Ira A. Fulton Schools of (IAFSE)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.

Original language	English (US)
Title of host publication	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9781728106373
DOIs	https://doi.org/10.1109/MSCPES.2019.8738791
State	Published - Apr 1 2019
Event	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Montreal, Canada Duration: Apr 15 2019 → …

Publication series

Name	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings

Conference

Conference	7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019
Country	Canada
City	Montreal
Period	4/15/19 → …

Fingerprint

Risk analysis

Risk assessment

Ontology

Erosion

Energy

Gases

Industry

Attack

Infrastructure

Interdependencies

Risk Analysis

Requirements

Risk Assessment

Confidence

Oils

Well-defined

Entire

Grid

Real-time

Scenarios

ASJC Scopus subject areas

Computer Networks and Communications
Energy Engineering and Power Technology
Modeling and Simulation

Cite this

Lamp, J., Rubio-Medrano, C. E., Zhao, Z., & Ahn, G-J. (2019). ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems. In 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings [8738791] (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/MSCPES.2019.8738791

ExSol : Collaboratively assessing cybersecurity risks for protecting energy delivery systems. / Lamp, Josephine; Rubio-Medrano, Carlos E.; Zhao, Ziming; Ahn, Gail-Joon.

7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings. Institute of Electrical and Electronics Engineers Inc., 2019. 8738791 (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lamp, J, Rubio-Medrano, CE, Zhao, Z & Ahn, G-J 2019, ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems. in 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings., 8738791, 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings, Institute of Electrical and Electronics Engineers Inc., 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019, Montreal, Canada, 4/15/19. https://doi.org/10.1109/MSCPES.2019.8738791

Lamp J, Rubio-Medrano CE, Zhao Z, Ahn G-J. ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems. In 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings. Institute of Electrical and Electronics Engineers Inc. 2019. 8738791. (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings). https://doi.org/10.1109/MSCPES.2019.8738791

Lamp, Josephine ; Rubio-Medrano, Carlos E. ; Zhao, Ziming ; Ahn, Gail-Joon. / ExSol : Collaboratively assessing cybersecurity risks for protecting energy delivery systems. 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings. Institute of Electrical and Electronics Engineers Inc., 2019. (7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings).

@inproceedings{b53f864afbb04294a426285f5d684425,

title = "ExSol: Collaboratively assessing cybersecurity risks for protecting energy delivery systems",

abstract = "No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.",

author = "Josephine Lamp and Rubio-Medrano, {Carlos E.} and Ziming Zhao and Gail-Joon Ahn",

year = "2019",

month = "4",

day = "1",

doi = "10.1109/MSCPES.2019.8738791",

language = "English (US)",

series = "7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings",

}

TY - GEN

T1 - ExSol

T2 - Collaboratively assessing cybersecurity risks for protecting energy delivery systems

AU - Lamp, Josephine

AU - Rubio-Medrano, Carlos E.

AU - Zhao, Ziming

AU - Ahn, Gail-Joon

PY - 2019/4/1

Y1 - 2019/4/1

N2 - No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.

AB - No longer just prophesized about, cyber-attacks to Energy Delivery Systems (EDS), e.g., the power grid, gas and oil industries, are now very real dangers, resulting in non-trivial economical losses and an erosion of the public's confidence in EDS infrastructures. In such a context, performing risk analysis for EDS is difficult due to their innate diversity and interdependencies, along with an always-increasing threatscape and attack vectors. With this in mind, this paper presents ExSol, a collaborative, real-time, requirements-based risk assessment framework that features an approach for modeling real-life EDS infrastructures, a technique that retrieves well-defined security requirements from an EDS ontology, and a methodology for calculating risk for a single asset and for an entire system. In addition, we also provide experimental evidence that includes several attack case scenarios, which showcase the effectiveness of our proposed approach for being fully deployed in practice.

UR - http://www.scopus.com/inward/record.url?scp=85068844592&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85068844592&partnerID=8YFLogxK

U2 - 10.1109/MSCPES.2019.8738791

DO - 10.1109/MSCPES.2019.8738791

M3 - Conference contribution

AN - SCOPUS:85068844592

T3 - 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings

BT - 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems, MSCPES 2019 - Held as part of CPS Week, Proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Access to Document

10.1109/MSCPES.2019.8738791