Home // International Journal On Advances in Security, volume 10, numbers 3 and 4, 2017 // View article
Authors:
Steffen Fries
Rainer Falk
Chaitanya Bisale
Keywords: user and device authentication; role-based access control; substation automation; digital grid; cyber security; critical infrastructure; IEC 62351
Abstract:
Critical infrastructures are increasingly under investigation regarding the reliable operation and resilience to ensure their provisioning of essential services to the citizens. One example for such critical infrastructures is the digital energy grid. It targets the control of increasingly fluctuating demand and generation of energy. Besides generation also the path to the final consumer has to be taken into account, resulting in the need for securing the reliable transmission and distribution of centrally and decentrally generated energy. Control is accomplished by utilizing a communication infrastructure in parallel to the actual power system infrastructure. The connection between both worlds is provided by sensors and actuators. In the past, this control communication network was mostly isolated from other communication networks, but today it is getting connected increasingly with external systems to support innovative cross-system services. This surge in connectivity also exposes the digital grid to cyber attacks. Therefore, access to resources like accumulated measurement information or control data needs to be protected to ensure a reliable operation. Legislation and operational best practice guideline activities have taken this into account and meanwhile provide the necessary framework for defining specific communication security requirements. From the technical perspective, different security counter measures exist to cope with the given requirements. However, it has to be ensured that these technical means are not only provided technically, but are in fact applied correctly in operation. This paper reviews the requirements for role-based access control (RBAC), as well as currently targeted technical approaches to achieve RBAC in the digital grid. The goal is to provide more insight into the existing application of RBAC mechanisms and to identify gaps for future enhancements. Proposals to address the identified gaps are described, which are intended to be brought to the International Electrotechnical Commission (IEC) to enhance the security standard IEC 62351 for power system automation.
Pages: 223 to 232
Copyright: Copyright (c) to authors, 2017. Used with permission.
Publication date: December 31, 2017
Published in: journal
ISSN: 1942-2636