Deriving defensible belief statements about threat rankings for large and entangled systems, such as urban Smart Grids, is a formidable task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance how to rank more relevant and filter out the less relevant threats would be desirable. This requires a method able to distill the list of all possible threat events in a traceable and repeatable way, given a set of assumptions on the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are describes in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-to-Threat dependencies). The method is exercised on a sample urban Smart Grid. The obtained digest of ranked list of threat events is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies.
Threat navigator: grouping and ranking malicious external threats to current and future urban smart grids / Alexandr Vasenev; Lorena Montoya; Andrea Ceccarelli; Anhtuan Le; Dan Ionita. - ELETTRONICO. - 175:(2017), pp. 184-192. (Intervento presentato al convegno 1st International Conference on Smart Grid Inspired Future Technologies, SmartGIFT 2016 tenutosi a gbr nel 2016) [10.1007/978-3-319-47729-9_19].
Threat navigator: grouping and ranking malicious external threats to current and future urban smart grids
CECCARELLI, ANDREA;
2017
Abstract
Deriving defensible belief statements about threat rankings for large and entangled systems, such as urban Smart Grids, is a formidable task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance how to rank more relevant and filter out the less relevant threats would be desirable. This requires a method able to distill the list of all possible threat events in a traceable and repeatable way, given a set of assumptions on the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are describes in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-to-Threat dependencies). The method is exercised on a sample urban Smart Grid. The obtained digest of ranked list of threat events is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies.
| File | Dimensione | Formato | |
|---|---|---|---|
|
Threat_navigator_after_review.pdf
Accesso chiuso
Descrizione: versione finale
Tipologia:
Versione finale referata (Postprint, Accepted manuscript)
Licenza:
Tutti i diritti riservati
Dimensione
232.58 kB
Formato
Adobe PDF
|
232.58 kB | Adobe PDF | Richiedi una copia |
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
