15 Citations (Scopus)
2625 Downloads (Pure)

Abstract

Critical infrastructures and industrial control systems are complex Cyber-Physical Systems (CPS). To ensure reliable operations of such systems, comprehensive threat modeling during system design and validation is of paramount significance. Previous works in literature mostly focus on safety, risks and hazards in CPS but lack effective threat modeling necessary to eliminate cyber vulnerabilities. Further, impact of cyber attacks on physical processes is not fully understood. This paper presents a comprehensive threat modeling framework for CPS using STRIDE, a systematic approach for ensuring system security at the component level. This paper first devises a feasible and effective methodology for applying STRIDE and then demonstrates it against a real synchrophasor-based synchronous islanding testbed in the laboratory. It investigates (i) what threat types could emerge in each system component based on the security properties lacking, and (ii) how a vulnerability in a system component risks the entire system security. The paper identifies that STRIDE is a light-weight and effective threat modeling methodology for CPS that simplifies the task for security analysts to identify vulnerabilities and plan appropriate component level security measures at the system design stage.
Original languageEnglish
Title of host publication2017 IEEE PES: Innovative Smart Grid Technologies Conference Europe (ISGT-Europe): Proceedings
Publisher IEEE
Number of pages6
ISBN (Electronic)978-1-5386-1953-7
ISBN (Print)978-1-5386-1954-4
DOIs
Publication statusPublished - 18 Jan 2018
EventIEEE International Conference on Innovative Smart Grid Technologies - Turin, Italy
Duration: 26 Sep 201729 Sep 2017
http://sites.ieee.org/isgt-europe-2017/

Conference

ConferenceIEEE International Conference on Innovative Smart Grid Technologies
Abbreviated titleIEEE ISGT Europe 2017
CountryItaly
CityTurin
Period26/09/201729/09/2017
Internet address

Keywords

  • Smart Grid
  • Synchrophasor
  • cyber attacks
  • Cyber defence
  • STRIDE
  • Cyber Security
  • Threat Modeling
  • Microgrid
  • power system
  • Monitoring
  • PROTECTION

Fingerprint Dive into the research topics of 'STRIDE-based Threat Modeling for Cyber-Physical Systems'. Together they form a unique fingerprint.

  • Cite this

    Khan, R., McLaughlin, K., Laverty, D., & Sezer, S. (2018). STRIDE-based Threat Modeling for Cyber-Physical Systems. In 2017 IEEE PES: Innovative Smart Grid Technologies Conference Europe (ISGT-Europe): Proceedings IEEE . https://doi.org/10.1109/ISGTEurope.2017.8260283