查看文章

The smart grid's heavy reliance on cyber resources introduces numerous security concerns. The substantial attack surface presented by the advanced metering infrastructure (AMI) along with the dissemination of sensitive data including privacy, billing, and control information will provide attackers with significant economic incentive. In addition, the scale and complexity of the architecture will stress the capabilities of many security controls such as public key encryption (PKI), authentication, and access control. The aforementioned concerns produce a requirement for increased risk management including security models that have the capability to scale to such a complex environment. A security model is introduced to represent various privilege states in a large architecture and evaluates viable paths that an attacker could exploit. The resulting model is used to produce a quantitative information-based exposure metric …