Evaluation of open source SIEM for situation awareness platform in the smart grid environment

Author

Leszczyna, Rafal ; Wrobel, Michal R.

Author_Institution

Fac. of Manage. & Econ., Gdansk Univ. of Technol., Gdańsk, Poland

fYear

2015

fDate

27-29 May 2015

Firstpage

1

Lastpage

4

Abstract

The smart grid as a large-scale system of systems has an exceptionally large surface exposed to cyber-attacks, including highly evolved and sophisticated threats such as Advanced Persistent Threats (APT) or Botnets. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. The smart grid requires developing and deploying an extensive ICT infrastructure that supports significantly increased situational awareness and enables detailed and precise command and control. The paper presents one of the studies related to the development and deployment of the Situation Awareness Platform for the smart grid, namely the evaluation of open source Security Information and Event Management systems. These systems are the key components of the platform.

Keywords

Internet; computer network security; grid computing; public domain software; APT; ICT infrastructure; advanced persistent threats; botnets; command-and-control; cyber-attacks; open source SIEM evaluation; open source security information-and-event management systems; situation awareness platform; smart grid environment; Computer security; NIST; Sensor systems; Smart grids; Software; SIEM; evaluation; situation awareness; smart grid;

fLanguage

English

Publisher

ieee

Conference_Titel

Factory Communication Systems (WFCS), 2015 IEEE World Conference on

Conference_Location

Palma de Mallorca

Type

conf

DOI

10.1109/WFCS.2015.7160577

Filename

7160577