Security Vulnerability Assessment of Power IoT based on Business Security

Abstract

Power Internet of Things is the application of IoT in smart power grid. Once attacked, it will cause huge losses. Therefore, it is necessary to conduct a security assessment to take defensive measures. However, the traditional vulnerability assessment methods of the power Internet of things mostly focus on the security of the system itself, without considering the impact on business economy and efficiency. This paper proposes a security vulnerability assessment method of power Internet of Things integrating business security. This method first analyzes the security risks faced by the power Internet of Things, and establishes its attack tree model. Then, each leaf node is rated from the three safety features, which are weighted by evaluation and calculation, and the activation probability of each leaf node is calculated. After that, considering the blind attack factor, the activation probability of all nodes in the model is calculated. Finally, the vulnerability of the system and the vulnerability sensitivity of each leaf node are obtained. According to the vulnerability sensitivity, measures are taken to protect the weak links of the system. The effectiveness of the proposed method is verified by experiments on SCADA (supervisory control and data acquisition) system in the power Internet of things.