ExSol
| Autor: | Carlos E. Rubio-Medrano, Josephine Lamp, Gail-Joon Ahn, Ziming Zhao |
|---|---|
| Rok vydání: | 2021 |
| Předmět: |
Risk analysis
021110 strategic defence & security studies Computer Networks and Communications Computer science media_common.quotation_subject 0211 other engineering and technologies Energy delivery Context (language use) 02 engineering and technology Ontology (information science) Asset (computer security) Computer Science Applications Interdependence Tree traversal Risk analysis (engineering) Hardware and Architecture 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing Risk assessment Safety Research Software Information Systems media_common |
| Zdroj: | Digital Threats: Research and Practice. 2:1-23 |
| ISSN: | 2576-5337 2692-1626 |
| DOI: | 10.1145/3428156 |
| Popis: | No longer just prophesied about, cyber-attacks to Energy Delivery Systems (EDS) (e.g., the power grid, gas and oil industries) are now very real dangers that result in non-trivial economical losses and inconveniences to modern societies. In such a context, risk analysis has been proposed as a valuable way to identify, analyze, and mitigate potential vulnerabilities, threats, and attack vectors. However, performing risk analysis for EDS is difficult due to their innate structural diversity and interdependencies, along with an always-increasing threatscape. Therefore, there is a need for a methodology to evaluate the current system state, identify vulnerabilities, and qualify risk at multiple granularities in a collaborative manner among different actors in the context of EDS. With this in mind, this article presents ExSol , a collaborative, real-time, risk assessment ecosystem that features an approach for modeling real-life EDS infrastructures, an ontology traversal technique that retrieves well-defined security requirements from well-reputed documents on cyber-protection for EDS infrastructures, as well as a methodology for calculating risk for a single asset and for an entire system. Moreover, we also provide experimental evidence involving a series of attack scenarios in both simulated and real-world EDS environments, which ultimately encourage the adoption of ExSol in practice. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|