OntoEDS: Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements

Josephine Lamp, Carlos E. Rubio-Medrano, Ziming Zhao, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Sophisticated attacks on Energy Delivery Systems (EDS) are no longer theoretical, and instead pose a serious threat to American economies. The EDS community has worked collaboratively to develop security requirements to protect EDS against such attacks, but the documents that contain these requirements are often dense, ambiguous and difficult for humans to understand, resulting in highly subjective security implementa-tions that reduce their effectiveness. Therefore, there is a need for a methodology that models and visualizes security requirements enabling quick retrieval, understanding and analysis, along with the evaluation and evolution of the implementations of such requirements within EDS. With this in mind, this paper presents a collaborative tool called OntoEDS that provides a well-defined representation of security requirements within ontological representations, and a set of ontology exploration techniques to analyze and evaluate the implementations of such requirements against the current attack surface. We also present a case study exemplifying the usefulness of our tool surrounding the series of EDS attacks that occurred in Ukraine in 2015 and 2016.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-10
Number of pages10
Volume2017-January
ISBN (Electronic)9781538625651
DOIs
StatePublished - Dec 9 2017
Event3rd IEEE International Conference on Collaboration and Internet Computing, CIC 2017 - San Jose, United States
Duration: Oct 15 2017Oct 17 2017

Other

Other3rd IEEE International Conference on Collaboration and Internet Computing, CIC 2017
CountryUnited States
CitySan Jose
Period10/15/1710/17/17

Fingerprint

energy
Ontology
Ukraine
ontology
Energy
threat
economy
Attack
methodology
evaluation
community

Keywords

  • Collaboration
  • EDS
  • Energy Delivery Systems
  • Ontologies
  • Ontology Protection
  • Requirement Analysis
  • Security Requirements

ASJC Scopus subject areas

  • Management of Technology and Innovation
  • Organizational Behavior and Human Resource Management
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems and Management
  • Communication

Cite this

Lamp, J., Rubio-Medrano, C. E., Zhao, Z., & Ahn, G-J. (2017). OntoEDS: Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements. In Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017 (Vol. 2017-January, pp. 1-10). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIC.2017.00012

OntoEDS : Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements. / Lamp, Josephine; Rubio-Medrano, Carlos E.; Zhao, Ziming; Ahn, Gail-Joon.

Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017. Vol. 2017-January Institute of Electrical and Electronics Engineers Inc., 2017. p. 1-10.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lamp, J, Rubio-Medrano, CE, Zhao, Z & Ahn, G-J 2017, OntoEDS: Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements. in Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017. vol. 2017-January, Institute of Electrical and Electronics Engineers Inc., pp. 1-10, 3rd IEEE International Conference on Collaboration and Internet Computing, CIC 2017, San Jose, United States, 10/15/17. https://doi.org/10.1109/CIC.2017.00012
Lamp J, Rubio-Medrano CE, Zhao Z, Ahn G-J. OntoEDS: Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements. In Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017. Vol. 2017-January. Institute of Electrical and Electronics Engineers Inc. 2017. p. 1-10 https://doi.org/10.1109/CIC.2017.00012
Lamp, Josephine ; Rubio-Medrano, Carlos E. ; Zhao, Ziming ; Ahn, Gail-Joon. / OntoEDS : Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements. Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017. Vol. 2017-January Institute of Electrical and Electronics Engineers Inc., 2017. pp. 1-10
@inproceedings{e6dffd3c4c954fafabc14c7392cf4f2c,
title = "OntoEDS: Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements",
abstract = "Sophisticated attacks on Energy Delivery Systems (EDS) are no longer theoretical, and instead pose a serious threat to American economies. The EDS community has worked collaboratively to develop security requirements to protect EDS against such attacks, but the documents that contain these requirements are often dense, ambiguous and difficult for humans to understand, resulting in highly subjective security implementa-tions that reduce their effectiveness. Therefore, there is a need for a methodology that models and visualizes security requirements enabling quick retrieval, understanding and analysis, along with the evaluation and evolution of the implementations of such requirements within EDS. With this in mind, this paper presents a collaborative tool called OntoEDS that provides a well-defined representation of security requirements within ontological representations, and a set of ontology exploration techniques to analyze and evaluate the implementations of such requirements against the current attack surface. We also present a case study exemplifying the usefulness of our tool surrounding the series of EDS attacks that occurred in Ukraine in 2015 and 2016.",
keywords = "Collaboration, EDS, Energy Delivery Systems, Ontologies, Ontology Protection, Requirement Analysis, Security Requirements",
author = "Josephine Lamp and Rubio-Medrano, {Carlos E.} and Ziming Zhao and Gail-Joon Ahn",
year = "2017",
month = "12",
day = "9",
doi = "10.1109/CIC.2017.00012",
language = "English (US)",
volume = "2017-January",
pages = "1--10",
booktitle = "Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - OntoEDS

T2 - Protecting Energy Delivery Systems by Collaboratively Analyzing Security Requirements

AU - Lamp, Josephine

AU - Rubio-Medrano, Carlos E.

AU - Zhao, Ziming

AU - Ahn, Gail-Joon

PY - 2017/12/9

Y1 - 2017/12/9

N2 - Sophisticated attacks on Energy Delivery Systems (EDS) are no longer theoretical, and instead pose a serious threat to American economies. The EDS community has worked collaboratively to develop security requirements to protect EDS against such attacks, but the documents that contain these requirements are often dense, ambiguous and difficult for humans to understand, resulting in highly subjective security implementa-tions that reduce their effectiveness. Therefore, there is a need for a methodology that models and visualizes security requirements enabling quick retrieval, understanding and analysis, along with the evaluation and evolution of the implementations of such requirements within EDS. With this in mind, this paper presents a collaborative tool called OntoEDS that provides a well-defined representation of security requirements within ontological representations, and a set of ontology exploration techniques to analyze and evaluate the implementations of such requirements against the current attack surface. We also present a case study exemplifying the usefulness of our tool surrounding the series of EDS attacks that occurred in Ukraine in 2015 and 2016.

AB - Sophisticated attacks on Energy Delivery Systems (EDS) are no longer theoretical, and instead pose a serious threat to American economies. The EDS community has worked collaboratively to develop security requirements to protect EDS against such attacks, but the documents that contain these requirements are often dense, ambiguous and difficult for humans to understand, resulting in highly subjective security implementa-tions that reduce their effectiveness. Therefore, there is a need for a methodology that models and visualizes security requirements enabling quick retrieval, understanding and analysis, along with the evaluation and evolution of the implementations of such requirements within EDS. With this in mind, this paper presents a collaborative tool called OntoEDS that provides a well-defined representation of security requirements within ontological representations, and a set of ontology exploration techniques to analyze and evaluate the implementations of such requirements against the current attack surface. We also present a case study exemplifying the usefulness of our tool surrounding the series of EDS attacks that occurred in Ukraine in 2015 and 2016.

KW - Collaboration

KW - EDS

KW - Energy Delivery Systems

KW - Ontologies

KW - Ontology Protection

KW - Requirement Analysis

KW - Security Requirements

UR - http://www.scopus.com/inward/record.url?scp=85046649265&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85046649265&partnerID=8YFLogxK

U2 - 10.1109/CIC.2017.00012

DO - 10.1109/CIC.2017.00012

M3 - Conference contribution

AN - SCOPUS:85046649265

VL - 2017-January

SP - 1

EP - 10

BT - Proceedings - 2017 IEEE 3rd International Conference on Collaboration and Internet Computing, CIC 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -