Phân Tích An Ninh Mạng Dựa Trên Mô Hình
Tóm tắt
Cơ sở hạ tầng thiết yếu (CIs) như lưới điện liên kết nhiều thành phần vật lý từ nhiều nhà cung cấp khác nhau với các hệ thống phần mềm điều khiển chúng. Những hệ thống này thường xuyên bị đe dọa bởi các cuộc tấn công mạng tinh vi. Nhu cầu cải thiện an ninh mạng cho các CIs như vậy, thông qua mô hình hóa hệ thống toàn diện và phân tích lỗ hổng, không thể được phóng đại. Điều này rất thách thức vì một CI bao gồm dữ liệu phức tạp từ nhiều hệ thống vật lý và tính toán liên kết với nhau. Trong khi đó, việc khai thác lỗ hổng trong các hệ thống công nghệ thông tin (IT) và công nghệ vận hành (OT) khác nhau dẫn đến nhiều hiệu ứng dây chuyền khác nhau do sự liên kết giữa các hệ thống. Bài báo điều tra việc sử dụng một phân loại toàn diện để mô hình hóa những liên kết như vậy và những phụ thuộc ngụ ý trong các CI phức tạp, cầu nối khoảng cách kiến thức giữa an ninh IT và an ninh OT. Độ phức tạp của phân tích phụ thuộc CI được khai thác bằng cách phân chia các phụ thuộc phức tạp thành các phụ thuộc chức năng mạng và mạng vật lý. Các phụ thuộc chức năng được xác định này hỗ trợ thêm cho mô hình hóa chuỗi phản ứng trong việc đánh giá mức độ nghiêm trọng của lỗ hổng và xác định các thành phần quan trọng trong một hệ thống phức tạp. Bên cạnh phân loại đề xuất, bài báo còn đề xuất các mô hình tham chiếu lưới điện giúp tăng cường khả năng tái lập và áp dụng của phương pháp đề xuất. Phương pháp được thực hiện là nghiên cứu khoa học thiết kế (DSR) để hỗ trợ việc thiết kế và xác nhận các đối tượng đề xuất. Cụ thể hơn, các đặc tính về cấu trúc, sự phù hợp chức năng, tính tương thích và độ bao phủ của các đối tượng đề xuất được đánh giá thông qua ba lần xác nhận (hai nghiên cứu trường hợp và phỏng vấn chuyên gia). Nghiên cứu đầu tiên sử dụng hai mô hình lưới điện được cài đặt lấy từ các kiến trúc và khung hiện có như chuỗi IEC 62351. Nghiên cứu thứ hai liên quan đến một lưới điện thành phố thực tế.
Từ khóa
Tài liệu tham khảo
ABB (2022) ABB energy manager. https://new.abb.com/industrial-software/sustainability/energy-manager/industrial-energy-load-planning-forecasting-scheduling, Accessed 23 April 2022
Abubakar I, Khalid S, Mustafa M, Shareef H, Mustapha M (2017) Application of load monitoring in appliances’ energy management-a review. Renew Sustain Energ Rev 67:235–245
Akbarzadeh A, Katsikas S (2021) Identifying and analyzing dependencies in and among complex cyber physical systems. Sens 21(5):1685
Alcaraz C (2019) Secure interconnection of IT-OT networks in industry 4.0. Critical infrastructure security and resilience. Springer, Heidelberg, pp 201–217
Bhamare D, Zolanvari M, Erbad A, Jain R, Khan K, Meskin N (2020) Cybersecurity for industrial control systems: a survey. Comput Secur 89(101):677
Blockley D, Agarwal J, Pinto J, Woodman N (2002) Structural vulnerability, reliability and risk. Prog Struct Eng Mater 4(2):203–212
Boyer SA (2009) SCADA: supervisory control and data acquisition. International Society of Automation, Pittsburgh
Boyes H, Hallaq B, Cunningham J, Watson T (2018) The industrial internet of things (IIoT): an analysis framework. Comput Ind 101:1–12
Brand K, Brunner C, Wimmer W (2011) Design of IEC 61850 based substation automation systems according to customer requirements. Indian J Power River Val Dev 61(5):87
Brand KP, Wimmer W, Lohmann V (2003) Substation automation handbook. Utility Automation Consulting Lohmann Bremgarten, Switzerland
Burkett JS (2012) Business security architecture: weaving information security into your organization’s enterprise architecture through sabsa®. Inf Secur J Glob Perspect 21(1):47–54. https://doi.org/10.1080/19393555.2011.629341
Bytschkow D, Campetelli A, Cengarle MV, Irlbeck M, Schorp K (2014) Reference framework for the engineering of cyber-physical systems: a first approach. TU München. https://mediatum.ub.tum.de/1197504
Cheminod M, Durante L, Valenzano A (2012) Review of security issues in industrial networks. IEEE Trans Ind Inform 9(1):277–293
Chen P, Desmet L, Huygens C (2014) A study on advanced persistent threats. In: IFIP international conference on communications and multimedia security. Springer, Heidelberg, pp 63–72
Cho KS, Shin JR, Hyun SH (2001) Optimal placement of phasor measurement units with GPS receiver. In: 2001 IEEE power engineering society winter meeting. Conference proceedings (cat. no. 01ch37194), IEEE, vol 1, pp 258–262
Chopade P, Bikdash M (2011) Critical infrastructure interdependency modeling: using graph models to assess the vulnerability of smart power grid and scada networks. In: 2011 8th international conference & expo on emerging technologies for a smarter world, IEEE, pp 1–6
CISA (2022) Cybersecurity & infrastructure security agency. https://www.cisa.gov/uscert/ics/Recommended-Practices, Accessed 23 April 2022
Cloutier R, Muller G, Verma D, Nilchiani R, Hole E, Bone M (2010) The concept of reference architectures. Syst Eng 13(1):14–27
Conklin WA (2016) IT vs. OT security: a time to consider a change in CIA to include resilienc. In: 2016 49th Hawaii international conference on system sciences (HICSS), IEEE, pp 2642–2647
Diefenbach T, Lucke C, Lechner U (2019) Towards an integration of information security management, risk management and enterprise architecture management – a literature review. In: 2019 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Sydney, Australia, December 11-13, 2019, IEEE, pp 326–333
Disterer G (2013) The concept of reference architectures. J Inf Secur. https://doi.org/10.4236/jis.2013.42011
Duque-Ramos A, Boeker M, Jansen L, Schulz S, Iniesta M, Fernández-Breis JT (2014) Evaluating the good ontology design guideline (GoodOD) with the ontology quality requirements and evaluation method and metrics (OQuaRE). PloS One 9(8):104463
Eckhart M, Ekelhart A (2018) Towards security-aware virtual environments for digital twins. In: Proceedings of the 4th ACM workshop on cyber-physical system security, pp 61–72
Ekstedt M, Sommestad T (2009) Enterprise architecture models for cyber security analysis. In: 2009 IEEE/PES power systems conference and exposition, pp 1–6, https://doi.org/10.1109/PSCE.2009.4840267
Ellerm A, Morales-Trujillo ME (2020) Modelling security aspects with archimate: a systematic mapping study. In: 46th euromicro conference on software engineering and advanced applications, SEAA 2020, Portoroz, Slovenia, Aug 26-28, IEEE, pp 577–584
Falliere N, Murchu LO, Chien E (2011) W32. Stuxnet dossier. White paper, Symantec Corp, Secur Response 5(6):29
Fang X, Misra S, Xue G, Yang D (2011) Smart grid - the new and improved power grid: a survey. IEEE Commun Surv Tutor 14(4):944–980
Feiler PH, Lewis B, Vestal S (2003) The SAE Avionics Architecture Description Language (AADL) standard: A basis for model-based architecture-driven embedded systems engineering. Tech. rep., Army Aviation and Missile Command Redstone Arsenal AL. https://apps.dtic.mil/sti/citations/ADA612735
FIRST (2022) Common vulnerability scoring system. https://www.first.org/cvss/, Accessed 23 April 2022
Fredriksen R, Kristiansen M, Gran BA, Stølen K, Opperud TA, Dimitrakos T (2002) The CORAS framework for a model-based risk management process. In: International conference on computer safety, reliability, and security. Springer, Heidelberg, pp 94–105
Gottschalk M, Uslar M, Delfs C (2017) The use case and smart grid architecture model approach: the IEC 62559–2 use case template and the SGAM applied in various domains. Springer, Heidelberg
Grandry E, Feltus C, Dubois E (2013) Conceptual integration of enterprise architecture management and security risk management. In: Bagheri E, Gasevic D, Hallé S, Hatala M, Nezhad HRM, Reichert M (eds) 17th IEEE international enterprise distributed object computing conference workshops, EDOC workshops, Vancouver, BC, Canada, Sept 9-13, 2013, IEEE Computer Society, pp 114–123
Guo H, Zheng C, Iu HHC, Fernando T (2017) A critical review of cascading failure analysis and modeling of power system. Renew Sustain Energy Rev 80:9–22
Hacks S, Hacks A, Katsikeas S, Klaer B, Lagerström R (2019) Creating meta attack language instances using archimate: applied to electric power and energy system cases. In: 2019 IEEE 23rd international enterprise distributed object computing conference (EDOC), IEEE, pp 88–97
Hacks S, Katsikeas S, Ling E, Lagerström R, Ekstedt M (2020) PowerLang: a probabilistic attack simulation language for the power domain. Energy Inf 3(1):1–17
He H, Yan J (2016) Cyber-physical attacks and defences in the smart grid: a survey. IET Cyber-Phys Syst Theory Appl 1(1):13–27
Humayed A, Lin J, Li F, Luo B (2017) Cyber-physical systems security - a survey. IEEE Internet Things J 4(6):1802–1831
IEEE (2011) IEEE guide for smart grid interoperability of energy technology and information technology operation with the electric power system (EPS), end-use applications, and loads. IEEE, New York
Irlbeck M, Bytschkow D, Hackenberg G, Koutsoumpas V (2013) Towards a bottom-up development of reference architectures for smart energy systems. In: 2013 2nd international workshop on software engineering challenges for the smart grid (SE4SG), IEEE, pp 9–16
Janulevičius J, Marozas L, Čenys A, Goranin N, Ramanauskaité S (2017) Enterprise architecture modeling based on cloud computing security ontology as a reference model. In: 2017 open conference of electrical, electronic and information sciences (eStream), pp 1–6, https://doi.org/10.1109/eStream.2017.7950320
Jarke M, Gallersdörfer R, Jeusfeld MA, Staudt M (1995) ConceptBase - a deductive object base for meta data management. J Intell Inf Syst 4(2):167–192
Jeusfeld M, Jarke M, Mylopoulos J (2009) Metamodeling for method engineering. MIT Press, Cambridge
Johnson P, Lagerström R, Ekstedt M (2018) A meta language for threat modeling and attack simulations. In: Proceedings of the 13th international conference on availability, reliability and security, pp 1–8
Kandias M, Mylonas A, Theoharidou M, Gritzalis D (2011) Exploitation of auctions for outsourcing security-critical projects. In: 2011 IEEE symposium on computers and communications (ISCC), IEEE, pp 646–651
Khan R, McLaughlin K, Laverty D, Sezer S (2017) Stride-based threat modeling for cyber-physical systems. In: 2017 IEEE PES innovative smart grid technologies conference Europe (ISGT-Europe), IEEE, pp 1–6
Knapp ED, Langill JT (2014) Industrial network security: securing critical infrastructure networks for smart grid, SCADA, and other industrial control systems. Syngress, Oxford
Knapp ED, Samani R (2013) Applied cyber security and the smart grid: implementing security controls into the modern power infrastructure. Elsevier, Amsterdam
Kong PY (2019) Optimal configuration of interdependence between communication network and power grid. IEEE Trans Ind Inf 15(7):4054–4065
König S, Rass S, Rainer B, Schauer S (2019) Hybrid dependencies between cyber and physical systems. In: Intelligent computing-proceedings of the computing conference, Springer, Heidelberg, pp 550–565
Korman M, Lagerström R, Välja M, Ekstedt M, Blom R (2016) Technology management through architecture reference models: a smart metering case. In: 2016 Portland international conference on management of engineering and technology (PICMET), IEEE, pp 2338–2350
Kure H, Islam S, Razzaque M (2018) An integrated cyber security risk management approach for a cyber-physical system. Appl Sci 8(6):898
Kwasinski A (2020) Modeling of cyber-physical intra-dependencies in electric power grids and their effect on resilience. In: 2020 8th workshop on modeling and simulation of cyber-physical energy systems, IEEE, pp 1–6
Lallie HS, Debattista K, Bal J (2018) An empirical evaluation of the effectiveness of attack graphs and fault trees in cyber-attack perception. IEEE Trans Inf Forensics Secur 13(5):1110–1122
Lankhorst MM, Proper HA, Jonkers H (2010) The anatomy of the ArchiMate language. Int J Inf Syst Model Des 1(1):1–32
Leune K, Kim S (2021) Supporting cyber threat analysis with service-oriented enterprise modeling. In: di Vimercati SDC, Samarati P (eds) Proceedings of the 18th international conference on security and cryptography ( SECRYPT), July 6-8, Scitepress, pp 385–394
Liu L, Eric S, Mylopoulos J (2009) Secure-i*: engineering secure software systems through social analysis. Int J Softw Inf 3(1):89–120
Marashi K, Sarvestani SS, Hurson AR (2017) Consideration of cyber-physical interdependencies in reliability modeling of smart grids. IEEE Trans Sustain Comput 3(2):73–83
McDaniel M, Storey VC (2019) Evaluating domain ontologies: clarification, classification, and challenges. ACM Comput Surv (CSUR) 52(4):1–44
MITRE (2021) Cve-2021-36745. https://nvd.nist.gov/vuln/detail/CVE-2021-36745, Accessed 23 April 2022
MITRE (2022a) Common attack pattern enumeration and classification. https://capec.mitre.org/index.html, Accessed 23 April 2022
MITRE (2022b) Common platform enumeration. https://cpe.mitre.org/, Accessed 23 April 2022
MITRE (2022c) Common vulnerability enumeration. https://cve.mitre.org/, Accessed 23 April 2022
MITRE (2022d) Common weakness enumeration. https://cwe.mitre.org/index.html, Accessed 23 April 2022
Mitsubishi Electric (2022) Melsec-q plc. https://www.mitsubishielectric.com/fa/products/cnt/plcq/items/index.html, Accessed 23 April 2022
Mo Y, Kim THJ, Brancik K, Dickinson D, Lee H, Perrig A, Sinopoli B (2011) Cyber-physical security of a smart grid infrastructure. Proc IEEE 100(1):195–209
Mohamed MA, Kardas G, Challenger M (2021) Model-driven engineering tools and languages for cyber-physical systems - a systematic literature review. IEEE Access 9:48605–48630
Mohurle S, Patil M (2017) A brief study of wannacry threat: ransomware attack 2017. Int J Adv Res Comput Sci 8(5):1938–1940
Mouratidis H, Giorgini P (2007) Secure tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng 17(02):285–309
Mozzaquatro BA, Melo R, Agostinho C, Jardim-Goncalves R (2016) An ontology-based security framework for decision-making in industrial systems. In: 2016 4th international conference on model-driven engineering and software development (MODELSWARD), IEEE, pp 779–788
Mozzaquatro BA, Agostinho C, Goncalves D, Martins J, Jardim-Goncalves R (2018) An ontology-based cybersecurity framework for the internet of things. Sens 18(9):3053
Murray G, Johnstone MN, Valli C (2017) The convergence of it and 2141 OT in critical infrastructure. In: Proceedings of 15th Australian Information Security Management Conference, pp 149–155
Myhre SF, Fosso OB, Heegaard PE, Gjerde O, Kjølle GH (2020) Modeling interdependencies with complex network theory in a combined electrical power and ICT system. In: 2020 international conference on probabilistic methods applied to power systems (PMAPS), IEEE, pp 1–6
Mylopoulos J, Borgida A, Jarke M, Koubarakis M (1990) Telos: representing knowledge about information systems. ACM Trans Inf Syst (TOIS) 8(4):325–362
NERC (2008) North american electric reliability corporation (NERC) critical infrastructure protection (CIP). https://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx, Accessed 23 April 2022
Nguyen PH, Ali S, Yue T (2017) Model-based security engineering for cyber-physical systems: a systematic mapping study. Inf Softw Technol 83:116–135
Nickerson RC, Varshney U, Muntermann J (2013) A method for taxonomy development and its application in information systems. Eur J Inf Syst 22(3):336–359
NIST (2014) Framework for improving critical infrastructure cybersecurity. https://doi.org/10.6028/NIST.CSWP.02122014, Accessed 23 April 2022
NIST (2022) National vulnerability database. https://nvd.nist.gov/vuln, Accessed 23 April 2022
Noel S, Harley E, Tam K, Limiero M, Share M (2016) Cygraph: graph-based analytics and visualization for cybersecurity. Handbook of statistics. vol 35. Elsevier, Amsterdam, pp 117–167
Oliva GA, Santana FW, Gerosa MA, De Souza CR (2011) Towards a classification of logical dependencies origins: a case study. In: Proceedings of the 12th international workshop on principles of software evolution and the 7th annual ERCIM workshop on software evolution, pp 31–40
Ouyang M (2014) Review on modeling and simulation of interdependent critical infrastructure systems. Reliab Eng Syst Saf 121:43–60
Palm J (2021) Exploring limited capacity in the grid: actors, problems, and solutions. Front Energy Res 9:199
Pavleska T, Aranha H, Masi M, Grandry E, Sellitto GP (2019) Cybersecurity evaluation of enterprise architectures: The e-sens case. In: Gordijn J, Guédria W, Proper HA (eds) The practice of enterprise modeling – 12th IFIP working conference, PoEM 2019, Luxembourg, Nov 27-29, 2019, proceedings, Springer, Lecture Notes in Business Information Processing, vol 369, pp 226–241
Peffers K, Tuunanen T, Rothenberger MA, Chatterjee S (2007) A design science research methodology for information systems research. J Manag Inf Syst 24(3):45–77
PES I (2008) IEEE standard for SCADA and automation systems. vol IEEE Std C 37
Ruland KC, Sassmannshausen J, Waedt K, Zivic N (2017) Smart grid security - an overview of standards and guidelines. e & i Elektrotech Inf 134(1):19–25
Scheer A, Nüttgens M (2000) ARIS architecture and reference models for business process management. In: van der Aalst WMP, Desel J, Oberweis A (eds) Business process management, models, techniques, and empirical studies, Springer, Heidelberg, Lecture Notes in Computer Science, vol 1806, pp 376–389
Schiffman M (2011) The common vulnerability reporting framework. An Internet Consortium for Advancement of Security on the Internet (ICASI), Whitepaper, Version 1
SEGRID Consortium (2017) Security for smart electricity grids, how to address the security challenges in smart grids. Tech. rep., Segrid.eu, https://segrid.eu/wp-content/uploads/2017/10/Whitepaper-Segrid-9-FV.pdf, Accessed 23 April 2022
Sharma S, Velgapudi NS, Pandey K (2017) Performance analysis of IEEE 9 bus system using TCSC. In: 2017 recent developments in control, automation & power engineering (RDCAPE), IEEE, pp 251–256
Shepard M (2015) Getting started with powershell. Packt Publishing Ltd, Birmingham
Sommestad T, Ekstedt M, Holm H (2013) The cyber security modeling language: a tool for assessing the vulnerability of enterprise system architectures. IEEE Syst J 7(3):363–373
Stouffer K, Falco J, Scarfone K et al (2011) Guide to industrial control systems (ICS) security. NIST Spec Publ 800(82):16–16
Suryn W, Abran A, April A (2003) ISO/IEC SQuaRE: the second generation of standards for software product quality. http://publicationslist.org/data/a.april/ref-182/Suryn,%20Abran,%20April.pdf
Uslar M, Rohjans S, Neureiter C, Pröstl Andrén F, Velasquez J, Steinbrink C, Efthymiou V, Migliavacca G, Horsmanheimo S, Brunner H et al (2019) Applying the smart grid architecture model for designing and validating system-of-systems in the power and energy domain: a European perspective. Energy 12(2):258
Vaiman M, Bell K, Chen Y, Chowdhury B, Dobson I, Hines P, Papic M, Miller S, Zhang P (2012) Risk assessment of cascading outages: methodologies and challenges. IEEE Trans Power Syst 27(2):631
Venkata RY, Kamongi P, Kavi K (2018) An ontology-driven framework for security and resiliency in cyber physical systems. ICSEA 2018:23
Vielberth M, Böhm F, Fichtinger I, Pernul G (2020) Security operations center: a systematic study and open challenges. IEEE Access 8:227756–227779
Wang C, Xing L, Levitin G (2012) Competing failure analysis in phased-mission systems with functional dependence in one of phases. Reliab Eng Syst Saf 108:90–99
Webster J, Watson RT (2002) Analyzing the past to prepare for the future: writing a literature review. MIS Q 26(2):xiii–xxiii
Whitehead DE, Owens K, Gammel D, Smith J (2017) Ukraine cyber-induced power outage: analysis and practical mitigation strategies. In: 2017 70th annual conference for protective relay engineers (CPRE), IEEE, pp 1–8
Xu LD, Xu EL, Li L (2018) Industry 4.0: state of the art and future trends. Int J Prod Res 56(8):2941–2962
Yin RK (2009) Case study research: design and methods, vol 5. Sage, Thousand Oaks
Ying Z, Yirong W, Ning W (2014) Study of network architecture and ip address allocation of wireless VPN for power grid. In: 2014 enterprise systems conference, IEEE, pp 305–309
Zeinali M, Thompson J (2021) Comprehensive practical evaluation of wired and wireless internet base smart grid communication. IET Smart Grid 4(5):522–535
Zhao G, Xing L (2019) Competing failure analysis considering cascading functional dependence and random failure propagation time. Qual Reliab Eng Int 35(7):2327–2342
Zhou Q, Natarajan S, Simmhan Y, Prasanna V (2012) Semantic information modeling for emerging applications in smart grid. In: Information technology: New generations (ITNG), 2012 ninth international conference on, IEEE, pp 775–782