Title :
Power information systems security: modeling and quantitative evaluation
Author :
Hu, Yan ; Xie, Xiaorong ; Xin, Yaozhong
Author_Institution :
Dept. of Electr. Eng., Tsinghua Univ., Beijing, China
Abstract :
This paper presents a modeling language and a quantitative evaluation approach for the security of power information systems. We firstly design a security architecture design trace language to universally describe system structures, services, security policies, attack behaviors and countermeasures. Next an automated risk analysis algorithm is proposed to get attack traces of power information systems. Then, based on the concept of relative security degree, security architecture can be quantitatively evaluated. Finally, with a case study in a real power information system, the effectiveness of the presented approach is demonstrated. In practice, the approach can be employed for assessing various kinds of countermeasures, such as increasing a new security function, adjusting system self structure, and changing customer operation requirements. And it can greatly decrease the subjectivity of counter-measure selection.
Keywords :
information systems; power engineering computing; power system interconnection; power system security; risk analysis; security of data; automated risk analysis algorithm; customer operation requirements; interconnected systems; power information systems security; quantitative evaluation approach; Data security; Design methodology; Information security; Information systems; Interconnected systems; National security; Power system modeling; Power system security; Risk analysis; Specification languages;
Conference_Titel :
Power Engineering Society General Meeting, 2004. IEEE
Print_ISBN :
0-7803-8465-2
DOI :
10.1109/PES.2004.1372957
