Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA)

Robert K. Abercrombie; Frederick T. Sheldon; Katie R. Hauser; Margaret W. Lantz; Ali Mili

doi:10.1145/2459976.2459998

Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA)

Robert K. Abercrombie, Frederick T. Sheldon, Katie R. Hauser, Margaret W. Lantz, Ali Mili

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

6 Scopus citations

Abstract

In earlier work we presented a metric that quantifies system security in terms of the average loss per unit of time incurred by a stakeholder of the system as a result of security threats. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimate the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We apply this model to estimate the security of the Advanced Metering Infrastructure (AMI), by leveraging the recently established NISTIR 7628 guidelines for smart grid security and IEC 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigns to each stakeholder an estimate of their average loss in terms of dollars per day of system operation.

Original language	English (US)
Title of host publication	8th Annual Cyber Security and Information Intelligence Research Workshop
Subtitle of host publication	Federal Cyber Security R and D Program Thrusts, CSIIRW 2013
DOIs	https://doi.org/10.1145/2459976.2459998
State	Published - 2013
Event	8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013 - Oak Ridge, TN, United States Duration: Jan 8 2013 → Jan 10 2013

Publication series

Name	ACM International Conference Proceeding Series

Other

Other	8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013
Country/Territory	United States
City	Oak Ridge, TN
Period	1/8/13 → 1/10/13

All Science Journal Classification (ASJC) codes

Software
Human-Computer Interaction
Computer Vision and Pattern Recognition
Computer Networks and Communications

Keywords

Algorithms
Design
Economics
Experimentation
Measurement
Performance
Reliability
Security
Theory
Verification

Access to Document

10.1145/2459976.2459998

Cite this

Abercrombie, R. K., Sheldon, F. T., Hauser, K. R., Lantz, M. W., & Mili, A. (2013). Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA). In 8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013 Article 19 (ACM International Conference Proceeding Series). https://doi.org/10.1145/2459976.2459998

@inproceedings{011936b3a01445f9b2827579906d79b5,

title = "Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA)",

abstract = "In earlier work we presented a metric that quantifies system security in terms of the average loss per unit of time incurred by a stakeholder of the system as a result of security threats. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimate the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We apply this model to estimate the security of the Advanced Metering Infrastructure (AMI), by leveraging the recently established NISTIR 7628 guidelines for smart grid security and IEC 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigns to each stakeholder an estimate of their average loss in terms of dollars per day of system operation.",

keywords = "Algorithms, Design, Economics, Experimentation, Measurement, Performance, Reliability, Security, Theory, Verification",

author = "Abercrombie, {Robert K.} and Sheldon, {Frederick T.} and Hauser, {Katie R.} and Lantz, {Margaret W.} and Ali Mili",

year = "2013",

doi = "10.1145/2459976.2459998",

language = "English (US)",

isbn = "9781450316873",

series = "ACM International Conference Proceeding Series",

booktitle = "8th Annual Cyber Security and Information Intelligence Research Workshop",

note = "8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013 ; Conference date: 08-01-2013 Through 10-01-2013",

}

Abercrombie, RK, Sheldon, FT, Hauser, KR, Lantz, MW & Mili, A 2013, Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA). in 8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013., 19, ACM International Conference Proceeding Series, 8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013, Oak Ridge, TN, United States, 1/8/13. https://doi.org/10.1145/2459976.2459998

Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA). / Abercrombie, Robert K.; Sheldon, Frederick T.; Hauser, Katie R. et al.
8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013. 2013. 19 (ACM International Conference Proceeding Series).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA)

AU - Abercrombie, Robert K.

AU - Sheldon, Frederick T.

AU - Hauser, Katie R.

AU - Lantz, Margaret W.

AU - Mili, Ali

PY - 2013

Y1 - 2013

N2 - In earlier work we presented a metric that quantifies system security in terms of the average loss per unit of time incurred by a stakeholder of the system as a result of security threats. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimate the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We apply this model to estimate the security of the Advanced Metering Infrastructure (AMI), by leveraging the recently established NISTIR 7628 guidelines for smart grid security and IEC 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigns to each stakeholder an estimate of their average loss in terms of dollars per day of system operation.

AB - In earlier work we presented a metric that quantifies system security in terms of the average loss per unit of time incurred by a stakeholder of the system as a result of security threats. The computational infrastructure of this metric involves system stakeholders, security requirements, system components and security threats. To compute this metric, we estimate the stakes that each stakeholder associates with each security requirement, as well as stochastic matrices that represent the probability of a threat to cause a component failure and the probability of a component failure to cause a security requirement violation. We apply this model to estimate the security of the Advanced Metering Infrastructure (AMI), by leveraging the recently established NISTIR 7628 guidelines for smart grid security and IEC 63351, Part 9 to identify the life cycle for cryptographic key management, resulting in a vector that assigns to each stakeholder an estimate of their average loss in terms of dollars per day of system operation.

KW - Algorithms

KW - Design

KW - Economics

KW - Experimentation

KW - Measurement

KW - Performance

KW - Reliability

KW - Security

KW - Theory

KW - Verification

UR - http://www.scopus.com/inward/record.url?scp=84876003494&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84876003494&partnerID=8YFLogxK

U2 - 10.1145/2459976.2459998

DO - 10.1145/2459976.2459998

M3 - Conference contribution

AN - SCOPUS:84876003494

SN - 9781450316873

T3 - ACM International Conference Proceeding Series

BT - 8th Annual Cyber Security and Information Intelligence Research Workshop

T2 - 8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013

Y2 - 8 January 2013 through 10 January 2013

ER -

Abercrombie RK, Sheldon FT, Hauser KR, Lantz MW, Mili A. Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA). In 8th Annual Cyber Security and Information Intelligence Research Workshop: Federal Cyber Security R and D Program Thrusts, CSIIRW 2013. 2013. 19. (ACM International Conference Proceeding Series). doi: 10.1145/2459976.2459998

Failure impact analysis of key management in AMI using cybernomic situational assessment (CSA)

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Keywords

Access to Document

Other files and links

Fingerprint

Cite this