Architecture-driven smart grid security management

Abstract

The introduction of smart grids goes along with an extensive use of ICT technologies in order to support the integration of renewable energy sources. However, the use of ICT technologies bears risks in terms of cyber security attacks which could negatively affect the electrical power grid. These risks need to be assessed, mitigated and managed in a proper way to ensure the security of both current and future energy networks. Existing approaches have been either restricted to very specific components of the smart grid (e.g., smart meters), or provide a high-level view only. We therefore propose an architecture-driven security management approach for smart grids which goes beyond a mere abstract view without focusing too much on technical details. Our approach covers architecture modeling, risk identification and assessment as well as risk mitigation and compliance checking. We have proven the practical usability of this process together with leading manufacturers and utilities.