A Trust Model in Control Systems to Enhance and Support Cybersecurity

Abstract

At present, evolving power systems are in want of mechanisms to collect information on current security state. The evolution of the ongoing energy transition reveals some critical limitations regarding cybersecurity standards in the energy sector. Implementing new and untested technology could harm the entire security but is often superseded in favor of its needed technology and functionality. This could lead to unforeseeable security issues. To manage these, innovations are required to orchestrate information while supporting the operator in keeping an overview of the security status. One way to condense security information is to use a trust model to correlate the relevant information and provide human interpretative information. A trust model can provide a feasible solution - it helps identify the root cause of potential vulnerabilities in the system to bridge the gap between vulnerabilities, countermeasures and new technology. This paper proposes a new approach for a trust model to strengthen and expand security in energy systems. The trust model will collect and interpret existing (security) information into so-called trust facets. It will facilitate the identification of vulnerabilities of the cyber physical energy system (CPES) through the concept of tracing. The objective is to create a security tool as a supportive and additional system to help operators interpret the security state in complex systems. This paper introduces an approach to enhance security of industrial control systems (ICS) in CPES in the context of trust and integrate tracing into the trust model.