Cyber Attack Exposure Evaluation Framework for the Smart Grid

The smart grid's heavy reliance on cyber resources introduces numerous security concerns. The substantial attack surface presented by the advanced metering infrastructure (AMI) along with the dissemination of sensitive data including privacy, billing, and control information will provide attackers with significant economic incentive. In addition, the scale and complexity of the architecture will stress the capabilities of many security controls such as public key encryption (PKI), authentication, and access control. The aforementioned concerns produce a requirement for increased risk management including security models that have the capability to scale to such a complex environment. A security model is introduced to represent various privilege states in a large architecture and evaluates viable paths that an attacker could exploit. The resulting model is used to produce a quantitative information-based exposure metric to evaluate the completeness of implemented security mechanisms. Various applications are proposed to show how the metric can enhance current risk management processes by identifying information dependencies of the deployed security mechanisms. Finally, the applicability of the proposed methodologies has been evaluated through a simulation study using realistic AMI infrastructure to demonstrate the utility of the proposed metric.