Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.2.425

A Proposal of Risk Management Framework for Design as a Secure Power Control System  

Park, Jun Yong (Dongguk University)
Shin, Sumin (Dongguk University)
Song, Kyoung-Young (Ulsan College)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.2, 2016 , pp. 425-433 More about this Journal
Abstract
In smart grid, enhancement of efficiency and interoperability of electric power system is achieved through the connection with outer network, and this induces that power grid system is threatened increasingly, becomes the main target of cyber terrorism, and is sincerely required to design the secure power system. Although SSDLC(Secure System Development Life Cycle) is used for risk management from the design phase, traditional development life cycle is somewhat limited for satisfaction of information security indicator of power control system. Despite that power control system should reflect control entities of information security considering its own characteristics, validation elements are insufficient to apply into real tasks based on existing compliance. To make design of diagnostic model and assessment process for power control system possible and to give a direction for information security and present related indicator, we propose the new risk management framework of power control system which is applied operational security controls and standard architecture presented by IEC 62351 TC 57 with enterprise risk management framework.
Keywords
Risk Management; SCADA Network; Secure Power Control; Smart Grid;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 NIST, "NIST framework and Roadmap for smart grid interoperability standards, Release 3.0," pp.29, May. 2014.
2 Gartner, "Gartner identifies the top 10 technologies for information security," http://www.gartner.com/us/symposium, pp. 1-2, Oct. 2014.
3 NIST, "NIST framework and roadmap for smart grid interoperability standards, Release 1.0," Jan. 2010.
4 NIST, "NIST framework and roadmap for smart grid interoperability standards, Release 2.0," Feb. 2012.
5 NIST, "NIST framework and roadmap for smart grid interoperability standards, Release 3.0," May 2014.
6 BIR, "The five leading industrial in the future - technology development and status of participating companies ," pp.311-313, Nov. 2011. from http://www.birbook.com
7 IEC TR 62351-10, "Power systems management and associated information exchange - data and communications security - Part 10 : security architecture guidelines," Oct. 2012.
8 NIST, "Special publication 800-82, Revision 1 : Guide to industrial control systems (ICS) security," pp.5, May. 2013.
9 Microsoft, M. Curphey, J. Scambray, and E. Olson, Improving web application security threat and countermeasures, pp.45-48, Jun. 2003.
10 W.V. Grembergen, Strategies for Information Technolies Governance, 1st Ed., Idea Group Publishing, Jul. 2003.
11 Microsoft MSDN, "Developer network," from http://social.msdn.microsoft.com
12 Homeland Security, "Cyber security assessments of industrial control systems," Nov. 2010.
13 Young-dai Ko, Sang-jin Lee, "A proposal of personal information DB encryption assurance framework," pp.406-407, Korea Institute of Information Security & Cryptology(KIISC), 24(2), pp. 397-409, Apr. 2014.   DOI