Upload File

metrics and tools for measuring cyber resiliency of ... · metrics for cyber-physical system...

  • Home
  • Documents
  • Metrics and Tools for Measuring Cyber Resiliency of ... · metrics for cyber-physical system resiliency . for planning and operation phases that are validated within a cyber physical
1
CYBER RESILIENT ENERGY DELIVERY CONSORTIUM | CRED-C.ORG FUNDING SUPPORT PROVIDED BY THE U.S. DEPARTMENT OF ENERGY AND THE U.S. DEPARTMENT OF HOMELAND SECURITY GOALS To develop metrics for cyber-physical system resiliency for planning and operation phases that are validated within a cyber physical testbed. To provide tools for resiliency assessment and decision support. To model transmission, distribution, controllers, cyber attacks and analyze impact of defensive mechanisms on system resiliency. To measure the resilience at component-level (e.g. PLCs) considering their control logic source code and at system level. Measuring resiliency is important to activate the best possible defense mechanism by the operator to maximize operational resiliency. Resiliency metrics are necessary to compare defense mechanisms during planning studies and to improve investment in resilient systems. Assessing resiliency of transmission systems is much more complex compared to radial microgrid or distribution systems. Validation of such a tool is challenging and requires testbeds to model and simulate transmission and distribution grids, control algorithms, and communication systems, emphasizing device level and system level aspects of resiliency. FUNDAMENTAL QUESTIONS/CHALLENGES RESEARCH RESULTS Resiliency metrics have been developed for a small microgrid with a radial topology, which will be extended for distribution systems and transmission systems Two metrics are developed – cyber asset impact potential (CAIP) for the planning phase, and cyber impact severity (CIS) for the operation phase in the real time Developed the CyPhyR tool to integrate topological aspects from the power system, constraints including power flow, and cyber system vulnerabilities Developed the PLC security assessment toolset to analyze device security using physical dynamics Our approach is based on the identification of cyber and physical factors affecting system resilience and applying a decision making process to integrate all the factors to result in a single resiliency metric. Identify resiliency metrics In developing the metrics we will extend and combine common impact metrics from both the cyber-domain (e.g., Common Vulnerability Scoring System (CVSS), Common Weakness Scoring System (CWSS)) and the power-domain (e.g., topological and system resiliency). We will also develop new metrics for devices (e.g., PLCs). Develop resiliency analysis tools Develop tools to quantify resiliency improvements through techniques such as reconfiguration, redundancy, partitioning, non-persistence, special protection schemes, PLC security defense, automated response, intentional islanding, and wide-area load shedding. Verification and validation Test and validate the developed metrics and tools utilizing the comprehensive cyber-physical test bed consisting of real time simulators, communication network simulators, Energy Management Systems (EMS), PLCs, PMUs, PDCs, and relays. RESEARCH PLAN BROADER IMPACT Developed tools and metrics that can be used to evaluate impact of cyber vulnerabilities and defense mechanisms for industry partners. The resiliency assessment tool will enable operators and security admins to obtain the resiliency of their systems in real time and make intelligent decisions to protect/improve the resiliency of their system. The cyber–physical testbed developed will be used to analyze the effects of cyber attacks and to analyze various defense mechanisms. INTERACTION WITH OTHER PROJECTS We’re interested in collaboration with industry and vendors to get feedback on our models, techniques, and tools to determine the real time resiliency of a system. We anticipate analyzing the impact of cyber attack defense model developed in other ongoing projects. FUTURE EFFORTS We are working on integrating component level metrics with system- level resilience metrics for microgrid systems. We will extend metrics developed from a radial system to a meshed transmission system. We will validate developed tools and metrics using cyber physical co-simulation. V. Venkataramanan, Tushar, V. Krishnan, A. Ding, A. Srivastava, A. Hahn, S. Zonouz, and C. Hauser Metrics and Tools for Measuring Cyber Resiliency of Electric Grids Attack Sophistication vs. Resiliency CyPhyR: Cyber-physical Resiliency Analysis Tool Test System for Microgrid Resiliency Framework for System-Level Resiliency Device-level Resilience using Physical Dynamics

Upload: others

Post on 22-May-2020

10 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Metrics and Tools for Measuring Cyber Resiliency of ... · metrics for cyber-physical system resiliency . for planning and operation phases that are validated within a cyber physical

CYBER RESILIENT ENERGY DELIVERY CONSORTIUM | CRED-C.ORGFUNDING SUPPORT PROVIDED BY THE U.S. DEPARTMENT OF ENERGY AND THE U.S. DEPARTMENT OF HOMELAND SECURITY

GOALS• To develop metrics for cyber-physical system resiliency for planning

and operation phases that are validated within a cyber physical testbed.

• To provide tools for resiliency assessment and decision support.• To model transmission, distribution, controllers, cyber attacks and

analyze impact of defensive mechanisms on system resiliency.• To measure the resilience at component-level (e.g. PLCs) considering

their control logic source code and at system level.

• Measuring resiliency is important to activate the best possible defense mechanism by the operator to maximize operational resiliency.

• Resiliency metrics are necessary to compare defense mechanisms during planning studies and to improve investment in resilient systems.

• Assessing resiliency of transmission systems is much more complex compared to radial microgrid or distribution systems.

• Validation of such a tool is challenging and requires testbeds to model and simulate transmission and distribution grids, control algorithms, and communication systems, emphasizing device level and system level aspects of resiliency.

FUNDAMENTAL QUESTIONS/CHALLENGES

RESEARCH RESULTS• Resiliency metrics have been developed for a small microgrid with a

radial topology, which will be extended for distribution systems and transmission systems

• Two metrics are developed – cyber asset impact potential (CAIP) for the planning phase, and cyber impact severity (CIS) for the operation phase in the real time

• Developed the CyPhyR tool to integrate topological aspects from the power system, constraints including power flow, and cyber system vulnerabilities

• Developed the PLC security assessment toolset to analyze device security using physical dynamics

Our approach is based on the identification of cyber and physical factors affecting system resilience and applying a decision making process to integrate all the factors to result in a single resiliency metric.Identify resiliency metrics• In developing the metrics we will extend and combine common impact

metrics from both the cyber-domain (e.g., Common Vulnerability Scoring System (CVSS), Common Weakness Scoring System (CWSS)) and the power-domain (e.g., topological and system resiliency). We will also develop new metrics for devices (e.g., PLCs).

Develop resiliency analysis tools• Develop tools to quantify resiliency improvements through techniques

such as reconfiguration, redundancy, partitioning, non-persistence, special protection schemes, PLC security defense, automated response, intentional islanding, and wide-area load shedding.

Verification and validation• Test and validate the developed metrics and tools utilizing the

comprehensive cyber-physical test bed consisting of real time simulators, communication network simulators, Energy Management Systems (EMS), PLCs, PMUs, PDCs, and relays.

RESEARCH PLAN

BROADER IMPACT• Developed tools and metrics that can be used to evaluate impact of

cyber vulnerabilities and defense mechanisms for industry partners.• The resiliency assessment tool will enable operators and security

admins to obtain the resiliency of their systems in real time and make intelligent decisions to protect/improve the resiliency of their system.

• The cyber–physical testbed developed will be used to analyze the effects of cyber attacks and to analyze various defense mechanisms.

INTERACTION WITH OTHER PROJECTS

• We’re interested in collaboration with industry and vendors to get feedback on our models, techniques, and tools to determine the real time resiliency of a system.

• We anticipate analyzing the impact of cyber attack defense model developed in other ongoing projects.

FUTURE EFFORTS• We are working on integrating component level metrics with system-

level resilience metrics for microgrid systems.• We will extend metrics developed from a radial system to a meshed

transmission system. • We will validate developed tools and metrics using cyber physical

co-simulation.

V. Venkataramanan, Tushar, V. Krishnan, A. Ding, A. Srivastava, A. Hahn, S. Zonouz, and C. Hauser

Metrics and Tools for Measuring Cyber Resiliency of Electric Grids

Attack Sophistication vs. Resiliency

CyPhyR: Cyber-physical Resiliency Analysis Tool

Test System for Microgrid Resiliency

Framework for System-Level Resiliency

Device-level Resilience using Physical Dynamics

Cyber Resiliency Metrics, Measures of Effectiveness, and Scoring · 2019-08-16 · and objectives are achieved by applying cyber resiliency design principles and techniques – may

Cyber Threat Metrics

Cyber Resiliency

Unclassified - AFCEA International · Unclassified Unclassified 4 Cyber Resilience Strategy Cyber resilience is the Navy’s long-term strategy CYBER RESILIENCY APPROACH Cyber situational

Accelerate with IBM Storage: IBM Storage Cyber-Resiliency … · cyber resiliency plan –critical assets & strategy Protect: Implementing Safeguards to ensure delivery of critical

Improving Metrics in Cyber Resiliency - Cloud Security Alliance · 2019-08-15 · Improving Metrics in Cyber Resiliency (IF/I) Copyrigt Cloud ecurity lliance ll rigts resered 12 No

Cyber Resiliency Engineering Framework · Cyber resiliency engineering is a part of mission assurance engineering, and is informed by a variety of disciplines, including information

Cyber Resiliency with Eyes Wide Opensites.nationalacademies.org/cs/groups/depssite/documents/... · 2020. 4. 8. · Cyber Resiliency with Eyes Wide Open . 2 PJM©2013 Dual Control

Implementing Cyber Security Metrics that Work

Metrics and Tools for Measuring Cyber Resiliency of ... · • Cyber Physical Security Assessment Metric • Security assessment and resiliency –system security with contingencies

The Shift Towards Cyber Resiliency - C4I Conf · The Shift Towards Cyber Resiliency Alanood A. Al-Shehry Saudi Aramco October 18th, 2017. 2 Are you cyber resilient? 3 Non-Business

HCL Cyber Resiliency with Dell Tech

Cyber threat intelligence: maturity and metrics

Improving Cyber Resiliency using Intelligence-led Attack ... · Improving Cyber Resiliency using Intelligence-led Attack Simulations Who are the threat actors? •Many Advanced Persistent

Cyber Security and Resiliency in the Financial Sector

Cyber Resiliency Metrics and Scoring in Practice--Use Case ... · CRM Use Case..... 13 3.1 Programmatic and System Use Concept ... In that context, ... The system use concept also

8_Bay - CSIAC Cyber Metrics

Evidencing a cyber resiliency strategy - Ernst & Young · 2017-09-14 · Cyber resiliency: evidencing a well-thought-out strategy | 3 • Internal audit: the third line (internal

Cyber Resiliency Engineering · Cyber resiliency techniques can be applied at different domains (layers in a notional layered architecture), as indi-cated in Table 2. Effective application

Cyber Resiliency Metrics Assessment - Mitre Corporation · PDF fileCyber Resiliency Metrics & Assessment ... – Start at engagement level, use that to drive ... – “We’ve completely

Structured Cyber Resiliency Analysis Methodology PR 16-0777 · The Structured Cyber Resiliency Analysis Methodology (SCRAM) provides a way to answer questions about cyber resiliency

MTR180450 MITRE TECHNICAL REPORT · 2019. 8. 16. · Cyber Resiliency Metrics Catalog Deborah J. Bodeau Richard D. Graubart Rosalie M. McQuaid John Woodill September 2018 MTR180450

Cyber Resiliency Metrics, V. 1 - Mitre Corporation1 set of technical and cost metrics for cyber resiliency; and Prototyping a tool that enables users to identify cyber resiliency metrics

Energy Industry Organizational Strategies to Increase Cyber Resiliency

Cyber Resiliency Engineering FrameworkThe framework presented in this paper provides a way to structure discussions and analyses of cyber resiliency goals, objectives, practices, and

Cyber Security and Resiliency in the Financial Sector August 2009

Federal Agencies Can Ensure Cyber-Resiliency Through

Don Daigler - IQPC Corporate · • Based on IBM’s Resiliency Tiers – IBM Resiliency Tiers: Platinum, Gold, Silver, and Bronze • Resiliency Tiers used for Metrics and Scorecard

2nd Annual Secure and Resilient Cyber Architectures Workshop · 2013-01-14 · can be taken to defining resiliency metrics – e.g., Goal-Question-Metric, defining metrics based on

Keynote: Cyber Resiliency - FINRA.org · cyber resiliency. • Management of cyber risk requires direction from business-operations leadership at a level that can commit and command

2011-10-19 Cyber Resiliency of Defense Systems...Cyber Resiliency of Defense Systems Ms Kristen BaldwinMs. Kristen Baldwin Principal Deputy, Systems Engineering Office of the Assistant

Measuring Cybersecurity and Cyber Resiliency€¦ · to Red in real time (cyber resiliency). Both of these dimensions of cyber metrics need to span nearly the entire scope of the

Cyber Resiliency of Energy Systems: while Taking Action Today

Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - Tony Chew

Cyber Resiliency Assessment: Enabling Architectural ... · A cyber resiliency assessment requires a structured representation of the problem domain and solution space, so that the