TMQ: Threat model quantification in Smart Grid critical infrastructures

For proper security risk management and effective deployment of security solutions in smart grid critical infrastructures, accurate identification and in-depth understanding of threats are crucial. Traditional descriptive threat models are often considered insufficient for accurate and mathematical numerical risk analyses of such critical infrastructures. In this paper, we propose TMQ, a novel and scalable threat model quantification method to create numerical models of various threat categories automatically. In particular, TMQ makes use of several sources of information to quantify the individual threat vectors. First, TMQ utilizes the smart grid network topology and global security access control policies to create a state-based security model for the smart grid using the Markov decision processes formalism. Then, TMQ utilizes traditional descriptive threat models, historical attack reports, intrusion detection logs as well as reports/interviews by/with hackers to quantify adversarial viewpoints of attackers from various threat categories against the smart grid. The result is an automatically generated model with specialized reward functions for each category of attackers. Our experimental results on a smart grid testbed network with several vulnerabilities show that TMQ can accurately quantify traditional descriptive threat models efficiently.