TY - GEN
T1 - OntoEDS
T2 - 3rd IEEE International Conference on Collaboration and Internet Computing, CIC 2017
AU - Lamp, Josephine
AU - Rubio-Medrano, Carlos E.
AU - Zhao, Ziming
AU - Ahn, Gail-Joon
N1 - Funding Information:
This material is based upon work supported by the Department of Energy under Award Number DE-OE0000780 and by a grant from the Center for Cybersecurity and Digital Forensics at Arizona State University.
Publisher Copyright:
© 2017 IEEE.
PY - 2017/12/9
Y1 - 2017/12/9
N2 - Sophisticated attacks on Energy Delivery Systems (EDS) are no longer theoretical, and instead pose a serious threat to American economies. The EDS community has worked collaboratively to develop security requirements to protect EDS against such attacks, but the documents that contain these requirements are often dense, ambiguous and difficult for humans to understand, resulting in highly subjective security implementa-tions that reduce their effectiveness. Therefore, there is a need for a methodology that models and visualizes security requirements enabling quick retrieval, understanding and analysis, along with the evaluation and evolution of the implementations of such requirements within EDS. With this in mind, this paper presents a collaborative tool called OntoEDS that provides a well-defined representation of security requirements within ontological representations, and a set of ontology exploration techniques to analyze and evaluate the implementations of such requirements against the current attack surface. We also present a case study exemplifying the usefulness of our tool surrounding the series of EDS attacks that occurred in Ukraine in 2015 and 2016.
AB - Sophisticated attacks on Energy Delivery Systems (EDS) are no longer theoretical, and instead pose a serious threat to American economies. The EDS community has worked collaboratively to develop security requirements to protect EDS against such attacks, but the documents that contain these requirements are often dense, ambiguous and difficult for humans to understand, resulting in highly subjective security implementa-tions that reduce their effectiveness. Therefore, there is a need for a methodology that models and visualizes security requirements enabling quick retrieval, understanding and analysis, along with the evaluation and evolution of the implementations of such requirements within EDS. With this in mind, this paper presents a collaborative tool called OntoEDS that provides a well-defined representation of security requirements within ontological representations, and a set of ontology exploration techniques to analyze and evaluate the implementations of such requirements against the current attack surface. We also present a case study exemplifying the usefulness of our tool surrounding the series of EDS attacks that occurred in Ukraine in 2015 and 2016.
KW - Collaboration
KW - EDS
KW - Energy Delivery Systems
KW - Ontologies
KW - Ontology Protection
KW - Requirement Analysis
KW - Security Requirements
UR - http://www.scopus.com/inward/record.url?scp=85046649265&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85046649265&partnerID=8YFLogxK
U2 - 10.1109/CIC.2017.00012
DO - 10.1109/CIC.2017.00012
M3 - Conference contribution
AN - SCOPUS:85046649265
T3 - Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017
SP - 1
EP - 10
BT - Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 15 October 2017 through 17 October 2017
ER -