Phân Tích An Ninh Mạng Dựa Trên Mô Hình

Business & Information Systems Engineering - 2023
Yuning Jiang1,2, Manfred A. Jeusfeld1, Jianguo Ding3, Elin Sandahl4
1University of Skövde, Skövde, Sweden
2Nanyang Technological University, Singapore, Singapore
3Blekinge Institute of Technology, Karlskrona, Sweden
4Norgald AB, Göteborg, Sweden

Tóm tắt

Tóm tắtCơ sở hạ tầng thiết yếu (CIs) như lưới điện liên kết nhiều thành phần vật lý từ nhiều nhà cung cấp khác nhau với các hệ thống phần mềm điều khiển chúng. Những hệ thống này thường xuyên bị đe dọa bởi các cuộc tấn công mạng tinh vi. Nhu cầu cải thiện an ninh mạng cho các CIs như vậy, thông qua mô hình hóa hệ thống toàn diện và phân tích lỗ hổng, không thể được phóng đại. Điều này rất thách thức vì một CI bao gồm dữ liệu phức tạp từ nhiều hệ thống vật lý và tính toán liên kết với nhau. Trong khi đó, việc khai thác lỗ hổng trong các hệ thống công nghệ thông tin (IT) và công nghệ vận hành (OT) khác nhau dẫn đến nhiều hiệu ứng dây chuyền khác nhau do sự liên kết giữa các hệ thống. Bài báo điều tra việc sử dụng một phân loại toàn diện để mô hình hóa những liên kết như vậy và những phụ thuộc ngụ ý trong các CI phức tạp, cầu nối khoảng cách kiến thức giữa an ninh IT và an ninh OT. Độ phức tạp của phân tích phụ thuộc CI được khai thác bằng cách phân chia các phụ thuộc phức tạp thành các phụ thuộc chức năng mạng và mạng vật lý. Các phụ thuộc chức năng được xác định này hỗ trợ thêm cho mô hình hóa chuỗi phản ứng trong việc đánh giá mức độ nghiêm trọng của lỗ hổng và xác định các thành phần quan trọng trong một hệ thống phức tạp. Bên cạnh phân loại đề xuất, bài báo còn đề xuất các mô hình tham chiếu lưới điện giúp tăng cường khả năng tái lập và áp dụng của phương pháp đề xuất. Phương pháp được thực hiện là nghiên cứu khoa học thiết kế (DSR) để hỗ trợ việc thiết kế và xác nhận các đối tượng đề xuất. Cụ thể hơn, các đặc tính về cấu trúc, sự phù hợp chức năng, tính tương thích và độ bao phủ của các đối tượng đề xuất được đánh giá thông qua ba lần xác nhận (hai nghiên cứu trường hợp và phỏng vấn chuyên gia). Nghiên cứu đầu tiên sử dụng hai mô hình lưới điện được cài đặt lấy từ các kiến trúc và khung hiện có như chuỗi IEC 62351. Nghiên cứu thứ hai liên quan đến một lưới điện thành phố thực tế.

Từ khóa


Tài liệu tham khảo

ABB (2022) ABB energy manager. https://new.abb.com/industrial-software/sustainability/energy-manager/industrial-energy-load-planning-forecasting-scheduling, Accessed 23 April 2022

Abubakar I, Khalid S, Mustafa M, Shareef H, Mustapha M (2017) Application of load monitoring in appliances’ energy management-a review. Renew Sustain Energ Rev 67:235–245

Akbarzadeh A, Katsikas S (2021) Identifying and analyzing dependencies in and among complex cyber physical systems. Sens 21(5):1685

Alcaraz C (2019) Secure interconnection of IT-OT networks in industry 4.0. Critical infrastructure security and resilience. Springer, Heidelberg, pp 201–217

Bernstein PA, Haas LM (2008) Information integration in the enterprise. Commun ACM 51(9):72–79

Bhamare D, Zolanvari M, Erbad A, Jain R, Khan K, Meskin N (2020) Cybersecurity for industrial control systems: a survey. Comput Secur 89(101):677

Blockley D, Agarwal J, Pinto J, Woodman N (2002) Structural vulnerability, reliability and risk. Prog Struct Eng Mater 4(2):203–212

Boyer SA (2009) SCADA: supervisory control and data acquisition. International Society of Automation, Pittsburgh

Boyes H, Hallaq B, Cunningham J, Watson T (2018) The industrial internet of things (IIoT): an analysis framework. Comput Ind 101:1–12

Brand K, Brunner C, Wimmer W (2011) Design of IEC 61850 based substation automation systems according to customer requirements. Indian J Power River Val Dev 61(5):87

Brand KP, Wimmer W, Lohmann V (2003) Substation automation handbook. Utility Automation Consulting Lohmann Bremgarten, Switzerland

Burkett JS (2012) Business security architecture: weaving information security into your organization’s enterprise architecture through sabsa®. Inf Secur J Glob Perspect 21(1):47–54. https://doi.org/10.1080/19393555.2011.629341

Bytschkow D, Campetelli A, Cengarle MV, Irlbeck M, Schorp K (2014) Reference framework for the engineering of cyber-physical systems: a first approach. TU München. https://mediatum.ub.tum.de/1197504

Cheminod M, Durante L, Valenzano A (2012) Review of security issues in industrial networks. IEEE Trans Ind Inform 9(1):277–293

Chen P, Desmet L, Huygens C (2014) A study on advanced persistent threats. In: IFIP international conference on communications and multimedia security. Springer, Heidelberg, pp 63–72

Cho KS, Shin JR, Hyun SH (2001) Optimal placement of phasor measurement units with GPS receiver. In: 2001 IEEE power engineering society winter meeting. Conference proceedings (cat. no. 01ch37194), IEEE, vol 1, pp 258–262

Chopade P, Bikdash M (2011) Critical infrastructure interdependency modeling: using graph models to assess the vulnerability of smart power grid and scada networks. In: 2011 8th international conference & expo on emerging technologies for a smarter world, IEEE, pp 1–6

CISA (2022) Cybersecurity & infrastructure security agency. https://www.cisa.gov/uscert/ics/Recommended-Practices, Accessed 23 April 2022

Cloutier R, Muller G, Verma D, Nilchiani R, Hole E, Bone M (2010) The concept of reference architectures. Syst Eng 13(1):14–27

Conklin WA (2016) IT vs. OT security: a time to consider a change in CIA to include resilienc. In: 2016 49th Hawaii international conference on system sciences (HICSS), IEEE, pp 2642–2647

Diefenbach T, Lucke C, Lechner U (2019) Towards an integration of information security management, risk management and enterprise architecture management – a literature review. In: 2019 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Sydney, Australia, December 11-13, 2019, IEEE, pp 326–333

Disterer G (2013) The concept of reference architectures. J Inf Secur. https://doi.org/10.4236/jis.2013.42011

Duque-Ramos A, Boeker M, Jansen L, Schulz S, Iniesta M, Fernández-Breis JT (2014) Evaluating the good ontology design guideline (GoodOD) with the ontology quality requirements and evaluation method and metrics (OQuaRE). PloS One 9(8):104463

Eckhart M, Ekelhart A (2018) Towards security-aware virtual environments for digital twins. In: Proceedings of the 4th ACM workshop on cyber-physical system security, pp 61–72

Ekstedt M, Sommestad T (2009) Enterprise architecture models for cyber security analysis. In: 2009 IEEE/PES power systems conference and exposition, pp 1–6, https://doi.org/10.1109/PSCE.2009.4840267

Ellerm A, Morales-Trujillo ME (2020) Modelling security aspects with archimate: a systematic mapping study. In: 46th euromicro conference on software engineering and advanced applications, SEAA 2020, Portoroz, Slovenia, Aug 26-28, IEEE, pp 577–584

Falliere N, Murchu LO, Chien E (2011) W32. Stuxnet dossier. White paper, Symantec Corp, Secur Response 5(6):29

Fang X, Misra S, Xue G, Yang D (2011) Smart grid - the new and improved power grid: a survey. IEEE Commun Surv Tutor 14(4):944–980

Feiler PH, Lewis B, Vestal S (2003) The SAE Avionics Architecture Description Language (AADL) standard: A basis for model-based architecture-driven embedded systems engineering. Tech. rep., Army Aviation and Missile Command Redstone Arsenal AL. https://apps.dtic.mil/sti/citations/ADA612735

FIRST (2022) Common vulnerability scoring system. https://www.first.org/cvss/, Accessed 23 April 2022

Fredriksen R, Kristiansen M, Gran BA, Stølen K, Opperud TA, Dimitrakos T (2002) The CORAS framework for a model-based risk management process. In: International conference on computer safety, reliability, and security. Springer, Heidelberg, pp 94–105

Gottschalk M, Uslar M, Delfs C (2017) The use case and smart grid architecture model approach: the IEC 62559–2 use case template and the SGAM applied in various domains. Springer, Heidelberg

Grandry E, Feltus C, Dubois E (2013) Conceptual integration of enterprise architecture management and security risk management. In: Bagheri E, Gasevic D, Hallé S, Hatala M, Nezhad HRM, Reichert M (eds) 17th IEEE international enterprise distributed object computing conference workshops, EDOC workshops, Vancouver, BC, Canada, Sept 9-13, 2013, IEEE Computer Society, pp 114–123

Guo H, Zheng C, Iu HHC, Fernando T (2017) A critical review of cascading failure analysis and modeling of power system. Renew Sustain Energy Rev 80:9–22

Hacks S, Hacks A, Katsikeas S, Klaer B, Lagerström R (2019) Creating meta attack language instances using archimate: applied to electric power and energy system cases. In: 2019 IEEE 23rd international enterprise distributed object computing conference (EDOC), IEEE, pp 88–97

Hacks S, Katsikeas S, Ling E, Lagerström R, Ekstedt M (2020) PowerLang: a probabilistic attack simulation language for the power domain. Energy Inf 3(1):1–17

He H, Yan J (2016) Cyber-physical attacks and defences in the smart grid: a survey. IET Cyber-Phys Syst Theory Appl 1(1):13–27

Humayed A, Lin J, Li F, Luo B (2017) Cyber-physical systems security - a survey. IEEE Internet Things J 4(6):1802–1831

IEEE (2011) IEEE guide for smart grid interoperability of energy technology and information technology operation with the electric power system (EPS), end-use applications, and loads. IEEE, New York

Irlbeck M, Bytschkow D, Hackenberg G, Koutsoumpas V (2013) Towards a bottom-up development of reference architectures for smart energy systems. In: 2013 2nd international workshop on software engineering challenges for the smart grid (SE4SG), IEEE, pp 9–16

Janulevičius J, Marozas L, Čenys A, Goranin N, Ramanauskaité S (2017) Enterprise architecture modeling based on cloud computing security ontology as a reference model. In: 2017 open conference of electrical, electronic and information sciences (eStream), pp 1–6, https://doi.org/10.1109/eStream.2017.7950320

Jarke M, Gallersdörfer R, Jeusfeld MA, Staudt M (1995) ConceptBase - a deductive object base for meta data management. J Intell Inf Syst 4(2):167–192

Jeusfeld M, Jarke M, Mylopoulos J (2009) Metamodeling for method engineering. MIT Press, Cambridge

Johnson P, Lagerström R, Ekstedt M (2018) A meta language for threat modeling and attack simulations. In: Proceedings of the 13th international conference on availability, reliability and security, pp 1–8

Kandias M, Mylonas A, Theoharidou M, Gritzalis D (2011) Exploitation of auctions for outsourcing security-critical projects. In: 2011 IEEE symposium on computers and communications (ISCC), IEEE, pp 646–651

Khan R, McLaughlin K, Laverty D, Sezer S (2017) Stride-based threat modeling for cyber-physical systems. In: 2017 IEEE PES innovative smart grid technologies conference Europe (ISGT-Europe), IEEE, pp 1–6

Knapp ED, Langill JT (2014) Industrial network security: securing critical infrastructure networks for smart grid, SCADA, and other industrial control systems. Syngress, Oxford

Knapp ED, Samani R (2013) Applied cyber security and the smart grid: implementing security controls into the modern power infrastructure. Elsevier, Amsterdam

Kong PY (2019) Optimal configuration of interdependence between communication network and power grid. IEEE Trans Ind Inf 15(7):4054–4065

König S, Rass S, Rainer B, Schauer S (2019) Hybrid dependencies between cyber and physical systems. In: Intelligent computing-proceedings of the computing conference, Springer, Heidelberg, pp 550–565

Korman M, Lagerström R, Välja M, Ekstedt M, Blom R (2016) Technology management through architecture reference models: a smart metering case. In: 2016 Portland international conference on management of engineering and technology (PICMET), IEEE, pp 2338–2350

Kure H, Islam S, Razzaque M (2018) An integrated cyber security risk management approach for a cyber-physical system. Appl Sci 8(6):898

Kwasinski A (2020) Modeling of cyber-physical intra-dependencies in electric power grids and their effect on resilience. In: 2020 8th workshop on modeling and simulation of cyber-physical energy systems, IEEE, pp 1–6

Lallie HS, Debattista K, Bal J (2018) An empirical evaluation of the effectiveness of attack graphs and fault trees in cyber-attack perception. IEEE Trans Inf Forensics Secur 13(5):1110–1122

Lankhorst MM, Proper HA, Jonkers H (2010) The anatomy of the ArchiMate language. Int J Inf Syst Model Des 1(1):1–32

Leune K, Kim S (2021) Supporting cyber threat analysis with service-oriented enterprise modeling. In: di Vimercati SDC, Samarati P (eds) Proceedings of the 18th international conference on security and cryptography ( SECRYPT), July 6-8, Scitepress, pp 385–394

Liu L, Eric S, Mylopoulos J (2009) Secure-i*: engineering secure software systems through social analysis. Int J Softw Inf 3(1):89–120

Marashi K, Sarvestani SS, Hurson AR (2017) Consideration of cyber-physical interdependencies in reliability modeling of smart grids. IEEE Trans Sustain Comput 3(2):73–83

McDaniel M, Storey VC (2019) Evaluating domain ontologies: clarification, classification, and challenges. ACM Comput Surv (CSUR) 52(4):1–44

MITRE (2021) Cve-2021-36745. https://nvd.nist.gov/vuln/detail/CVE-2021-36745, Accessed 23 April 2022

MITRE (2022a) Common attack pattern enumeration and classification. https://capec.mitre.org/index.html, Accessed 23 April 2022

MITRE (2022b) Common platform enumeration. https://cpe.mitre.org/, Accessed 23 April 2022

MITRE (2022c) Common vulnerability enumeration. https://cve.mitre.org/, Accessed 23 April 2022

MITRE (2022d) Common weakness enumeration. https://cwe.mitre.org/index.html, Accessed 23 April 2022

Mitsubishi Electric (2022) Melsec-q plc. https://www.mitsubishielectric.com/fa/products/cnt/plcq/items/index.html, Accessed 23 April 2022

Mo Y, Kim THJ, Brancik K, Dickinson D, Lee H, Perrig A, Sinopoli B (2011) Cyber-physical security of a smart grid infrastructure. Proc IEEE 100(1):195–209

Mohamed MA, Kardas G, Challenger M (2021) Model-driven engineering tools and languages for cyber-physical systems - a systematic literature review. IEEE Access 9:48605–48630

Mohurle S, Patil M (2017) A brief study of wannacry threat: ransomware attack 2017. Int J Adv Res Comput Sci 8(5):1938–1940

Mouratidis H, Giorgini P (2007) Secure tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng 17(02):285–309

Mozzaquatro BA, Melo R, Agostinho C, Jardim-Goncalves R (2016) An ontology-based security framework for decision-making in industrial systems. In: 2016 4th international conference on model-driven engineering and software development (MODELSWARD), IEEE, pp 779–788

Mozzaquatro BA, Agostinho C, Goncalves D, Martins J, Jardim-Goncalves R (2018) An ontology-based cybersecurity framework for the internet of things. Sens 18(9):3053

Murray G, Johnstone MN, Valli C (2017) The convergence of it and 2141 OT in critical infrastructure. In: Proceedings of 15th Australian Information Security Management Conference, pp 149–155

Myhre SF, Fosso OB, Heegaard PE, Gjerde O, Kjølle GH (2020) Modeling interdependencies with complex network theory in a combined electrical power and ICT system. In: 2020 international conference on probabilistic methods applied to power systems (PMAPS), IEEE, pp 1–6

Mylopoulos J, Borgida A, Jarke M, Koubarakis M (1990) Telos: representing knowledge about information systems. ACM Trans Inf Syst (TOIS) 8(4):325–362

NERC (2008) North american electric reliability corporation (NERC) critical infrastructure protection (CIP). https://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx, Accessed 23 April 2022

Nguyen PH, Ali S, Yue T (2017) Model-based security engineering for cyber-physical systems: a systematic mapping study. Inf Softw Technol 83:116–135

Nickerson RC, Varshney U, Muntermann J (2013) A method for taxonomy development and its application in information systems. Eur J Inf Syst 22(3):336–359

NIST (2014) Framework for improving critical infrastructure cybersecurity. https://doi.org/10.6028/NIST.CSWP.02122014, Accessed 23 April 2022

NIST (2022) National vulnerability database. https://nvd.nist.gov/vuln, Accessed 23 April 2022

Noel S, Harley E, Tam K, Limiero M, Share M (2016) Cygraph: graph-based analytics and visualization for cybersecurity. Handbook of statistics. vol 35. Elsevier, Amsterdam, pp 117–167

Oliva GA, Santana FW, Gerosa MA, De Souza CR (2011) Towards a classification of logical dependencies origins: a case study. In: Proceedings of the 12th international workshop on principles of software evolution and the 7th annual ERCIM workshop on software evolution, pp 31–40

Ouyang M (2014) Review on modeling and simulation of interdependent critical infrastructure systems. Reliab Eng Syst Saf 121:43–60

Palm J (2021) Exploring limited capacity in the grid: actors, problems, and solutions. Front Energy Res 9:199

Pavleska T, Aranha H, Masi M, Grandry E, Sellitto GP (2019) Cybersecurity evaluation of enterprise architectures: The e-sens case. In: Gordijn J, Guédria W, Proper HA (eds) The practice of enterprise modeling – 12th IFIP working conference, PoEM 2019, Luxembourg, Nov 27-29, 2019, proceedings, Springer, Lecture Notes in Business Information Processing, vol 369, pp 226–241

Peffers K, Tuunanen T, Rothenberger MA, Chatterjee S (2007) A design science research methodology for information systems research. J Manag Inf Syst 24(3):45–77

PES I (2008) IEEE standard for SCADA and automation systems. vol IEEE Std C 37

Ruland KC, Sassmannshausen J, Waedt K, Zivic N (2017) Smart grid security - an overview of standards and guidelines. e & i Elektrotech Inf 134(1):19–25

Scheer A, Nüttgens M (2000) ARIS architecture and reference models for business process management. In: van der Aalst WMP, Desel J, Oberweis A (eds) Business process management, models, techniques, and empirical studies, Springer, Heidelberg, Lecture Notes in Computer Science, vol 1806, pp 376–389

Schiffman M (2011) The common vulnerability reporting framework. An Internet Consortium for Advancement of Security on the Internet (ICASI), Whitepaper, Version 1

SEGRID Consortium (2017) Security for smart electricity grids, how to address the security challenges in smart grids. Tech. rep., Segrid.eu, https://segrid.eu/wp-content/uploads/2017/10/Whitepaper-Segrid-9-FV.pdf, Accessed 23 April 2022

Sharma S, Velgapudi NS, Pandey K (2017) Performance analysis of IEEE 9 bus system using TCSC. In: 2017 recent developments in control, automation & power engineering (RDCAPE), IEEE, pp 251–256

Shepard M (2015) Getting started with powershell. Packt Publishing Ltd, Birmingham

Sommestad T, Ekstedt M, Holm H (2013) The cyber security modeling language: a tool for assessing the vulnerability of enterprise system architectures. IEEE Syst J 7(3):363–373

Stouffer K, Falco J, Scarfone K et al (2011) Guide to industrial control systems (ICS) security. NIST Spec Publ 800(82):16–16

Suryn W, Abran A, April A (2003) ISO/IEC SQuaRE: the second generation of standards for software product quality. http://publicationslist.org/data/a.april/ref-182/Suryn,%20Abran,%20April.pdf

Uslar M, Rohjans S, Neureiter C, Pröstl Andrén F, Velasquez J, Steinbrink C, Efthymiou V, Migliavacca G, Horsmanheimo S, Brunner H et al (2019) Applying the smart grid architecture model for designing and validating system-of-systems in the power and energy domain: a European perspective. Energy 12(2):258

Vaiman M, Bell K, Chen Y, Chowdhury B, Dobson I, Hines P, Papic M, Miller S, Zhang P (2012) Risk assessment of cascading outages: methodologies and challenges. IEEE Trans Power Syst 27(2):631

Venkata RY, Kamongi P, Kavi K (2018) An ontology-driven framework for security and resiliency in cyber physical systems. ICSEA 2018:23

Vielberth M, Böhm F, Fichtinger I, Pernul G (2020) Security operations center: a systematic study and open challenges. IEEE Access 8:227756–227779

Wang C, Xing L, Levitin G (2012) Competing failure analysis in phased-mission systems with functional dependence in one of phases. Reliab Eng Syst Saf 108:90–99

Webster J, Watson RT (2002) Analyzing the past to prepare for the future: writing a literature review. MIS Q 26(2):xiii–xxiii

Whitehead DE, Owens K, Gammel D, Smith J (2017) Ukraine cyber-induced power outage: analysis and practical mitigation strategies. In: 2017 70th annual conference for protective relay engineers (CPRE), IEEE, pp 1–8

Williams TJ (1994) The purdue enterprise reference architecture. Comput Ind 24(2–3):141–158

Xu LD, Xu EL, Li L (2018) Industry 4.0: state of the art and future trends. Int J Prod Res 56(8):2941–2962

Yin RK (2009) Case study research: design and methods, vol 5. Sage, Thousand Oaks

Ying Z, Yirong W, Ning W (2014) Study of network architecture and ip address allocation of wireless VPN for power grid. In: 2014 enterprise systems conference, IEEE, pp 305–309

Zeinali M, Thompson J (2021) Comprehensive practical evaluation of wired and wireless internet base smart grid communication. IET Smart Grid 4(5):522–535

Zhao G, Xing L (2019) Competing failure analysis considering cascading functional dependence and random failure propagation time. Qual Reliab Eng Int 35(7):2327–2342

Zhou Q, Natarajan S, Simmhan Y, Prasanna V (2012) Semantic information modeling for emerging applications in smart grid. In: Information technology: New generations (ITNG), 2012 ninth international conference on, IEEE, pp 775–782

Zhu W, Milanović JV (2017) Interdepedency modeling of cyber-physical systems using a weighted complex network approach. In: 2017 IEEE Manchester Powertech, IEEE, pp 1–6

Thông tin
Thông tin xuất bản

Business & Information Systems Engineering

Thông tin tác giả