Abstract
The digitization of smart grid distributed generation and industrial control systems has prompted utilities to deploy tools with ubiquitous communications that potentially widen the attack surface. The utilities still continue to rely on the traditional cybersecurity technologies, such as firewalls, anti-malware tools, and passwords that do not ensure security across all dimensions of the information assurance model required for a strong cybersecurity business process. This paper proposes a multidimensional holistic framework that addresses this gap through advanced technologies, intelligent algorithms, and continued assessments. To show proof, the layered defense model, a solution dimension of the framework, is integrated into the National Renewable Energy Laboratory's Security and Resilience Testbed to replicate a utility's enterprise and substation networks. The model is used to evaluate the security and resilience of microgrid control systems, and, based on the insights gathered, recommend best practices for utility cybersecurity analysts for a strong business process. With this baseline, the paper conceptually introduces intelligence-driven solutions comprising contextual data analysis and machine learning to respond to advanced persistent threats sponsored by campaign efforts.
Original language | English |
---|---|
Article number | 8755282 |
Pages (from-to) | 17-27 |
Number of pages | 11 |
Journal | IEEE Systems Journal |
Volume | 14 |
Issue number | 1 |
DOIs | |
State | Published - Mar 2020 |
Externally published | Yes |
Funding
Manuscript received August 3, 2018; revised November 21, 2018 and March 4, 2019; accepted May 16, 2019. Date of publication July 3, 2019; date of current version March 2, 2020. This work was authored by the National Renewable Energy Laboratory (NREL) operated by Alliance for Sustainable Energy, LLC, for the U.S. Department of Energy (DOE) under Contract No. DE-AC36-08GO28308, and was funded by the Laboratory Directed Research and Development (LDRD) Program at NREL, in part by the NSF CAREER Grant No. 1553494. (Corresponding author: Danish Saleem.) D. Saleem, A. Sanghvi, J. Rivera, and B. Kroposki are with the National Renewable Energy Laboratory, Lakewood, CO 80401 USA (e-mail: [email protected]; [email protected]; [email protected]; [email protected]).
Funders | Funder number |
---|---|
National Science Foundation | 1553494 |
U.S. Department of Energy | DE-AC36-08GO28308 |
National Renewable Energy Laboratory | |
Laboratory Directed Research and Development |
Keywords
- Business process
- distributed generation
- industrial control systems (ICSs)
- layered defense
- penetration testing