Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language

Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems Pub Date : 2021-04-28 DOI:10.1145/3445969.3450421

E. Ling, M. Ekstedt

{"title":"Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language","authors":"E. Ling, M. Ekstedt","doi":"10.1145/3445969.3450421","DOIUrl":null,"url":null,"abstract":"Due to our dependency on electricity, it is vital to keep our power systems secure from cyber attacks. However, because power systems are being digitalized and the infrastructure is growing increasingly complicated, it is difficult to gain an overview and secure the entire system. An overview of the potential security vulnerabilities can be achieved with threat modeling. The Meta Attack Language (MAL) is a formalism that enables the development of threat modeling languages that can be used to automatically generate attack graphs and conduct simulations over them. In this article we present the MAL-based language SCL-Lang which has been created based on the System description Configuration Language (SCL) as defined in the IEC 61850 standard. With SCL-Lang one can create threat models of substations based on their SCL files and automatically find information regarding potential cyber attack paths in the substation automation system configuration. This enables structured cyber security analysis for evaluating various design scenarios before implementation.","PeriodicalId":103324,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3445969.3450421","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

Due to our dependency on electricity, it is vital to keep our power systems secure from cyber attacks. However, because power systems are being digitalized and the infrastructure is growing increasingly complicated, it is difficult to gain an overview and secure the entire system. An overview of the potential security vulnerabilities can be achieved with threat modeling. The Meta Attack Language (MAL) is a formalism that enables the development of threat modeling languages that can be used to automatically generate attack graphs and conduct simulations over them. In this article we present the MAL-based language SCL-Lang which has been created based on the System description Configuration Language (SCL) as defined in the IEC 61850 standard. With SCL-Lang one can create threat models of substations based on their SCL files and automatically find information regarding potential cyber attack paths in the substation automation system configuration. This enables structured cyber security analysis for evaluating various design scenarios before implementation.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于IEC 61850系统配置描述语言生成威胁模型和攻击图

由于我们对电力的依赖，确保我们的电力系统免受网络攻击至关重要。然而，由于电力系统的数字化和基础设施的日益复杂，很难获得整个系统的概况和安全。通过威胁建模可以对潜在的安全漏洞进行概述。元攻击语言(Meta Attack Language, MAL)是一种形式化的语言，可以用来开发自动生成攻击图并对其进行模拟的威胁建模语言。在本文中，我们介绍了基于mal的语言SCL- lang，它是根据IEC 61850标准中定义的系统描述配置语言(SCL)创建的。使用SCL- lang可以基于SCL文件创建变电站的威胁模型，并在变电站自动化系统配置中自动查找有关潜在网络攻击路径的信息。这使得结构化的网络安全分析能够在实施之前评估各种设计场景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems

自引率

0.00%

发文量