Abstract
The digitization of smart grid distributed generation and industrial control systems has prompted utilities to deploy tools with ubiquitous communications that potentially widen the attack surface. The utilities still continue to rely on the traditional cybersecurity technologies, such as firewalls, anti-malware tools, and passwords that do not ensure security across all dimensions of the information assurance model required for a strong cybersecurity business process. This paper proposes a multidimensional holistic framework that addresses this gap through advanced technologies, intelligent algorithms, and continued assessments. To show proof, the layered defense model, a solution dimension of the framework, is integrated into the National Renewable Energy Laboratory's Security and Resilience Testbed to replicate a utility's enterprise and substation networks. The model is used to evaluate the security and resilience of microgrid control systems, and, based on the insights gathered, recommend best practices for utility cybersecurity analysts for a strong business process. With this baseline, the paper conceptually introduces intelligence-driven solutions comprising contextual data analysis and machine learning to respond to advanced persistent threats sponsored by campaign efforts.
Original language | American English |
---|---|
Article number | 8755282 |
Pages (from-to) | 17-27 |
Number of pages | 11 |
Journal | IEEE Systems Journal |
Volume | 14 |
Issue number | 1 |
DOIs | |
State | Published - Mar 2020 |
Bibliographical note
Publisher Copyright:© 2007-2012 IEEE.
NREL Publication Number
- NREL/JA-5R00-74033
Keywords
- Business process
- distributed generation
- industrial control systems (ICSs)
- layered defense
- penetration testing