loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Gencer Erdogan 1 ; Inger Anne Tøndel 2 ; Shukun Tokas 1 ; Michele Garau 3 and Martin Gilje Jaatun 2

Affiliations: 1 Sustainable Communication Technologies, SINTEF Digital, Oslo, Norway ; 2 Software Engineering, Safety and Security, SINTEF Digital, Trondheim, Norway ; 3 Energy Systems, SINTEF Energy, Trondheim, Norway

Keyword(s): Cyber-risk, Cybersecurity, Cyber-physical, Smart Grid, IoT, Needs, Challenges, Success Criteria.

Abstract: Cyber-risk assessment methods are used by energy companies to manage security risks in smart grids. However, current standards, methods and tools do not adequately provide the support needed in practice and the industry is struggling to adopt and carry out cyber-risk assessments. The contribution of this paper is twofold. First, we interview six companies from the energy sector to better understand their needs and challenges. Based on the interviews, we identify seven success criteria cyber-risk assessment methods for the energy sector need to fulfill to provide adequate support. Second, we present the methods CORAS, VAF, TM-STRIDE, and DA-SAN and evaluate the extent to which they fulfill the identified success criteria. Based on the evaluation, we provide lessons learned in terms of gaps that need to be addressed in general to improve cyber-risk assessment in the context of smart grids. Our results indicate the need for the following improvements: 1) ease of use and comprehensible m ethods, 2) support to determine whether a method is a good match for a given context, 3) adequate preparation to conduct cyber-risk assessment, 4) manage complexity, 5) adequate support for risk estimation, 6) support for trustworthiness and uncertainty handling, and 7) support for maintaining risk assessments. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 44.200.94.150

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Erdogan, G.; Tøndel, I.; Tokas, S.; Garau, M. and Jaatun, M. (2022). Needs and Challenges Concerning Cyber-risk Assessment in the Cyber-physical Smart Grid. In Proceedings of the 17th International Conference on Software Technologies - ICSOFT; ISBN 978-989-758-588-3; ISSN 2184-2833, SciTePress, pages 21-32. DOI: 10.5220/0011137100003266

@conference{icsoft22,
author={Gencer Erdogan. and Inger Anne Tøndel. and Shukun Tokas. and Michele Garau. and Martin Gilje Jaatun.},
title={Needs and Challenges Concerning Cyber-risk Assessment in the Cyber-physical Smart Grid},
booktitle={Proceedings of the 17th International Conference on Software Technologies - ICSOFT},
year={2022},
pages={21-32},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011137100003266},
isbn={978-989-758-588-3},
issn={2184-2833},
}

TY - CONF

JO - Proceedings of the 17th International Conference on Software Technologies - ICSOFT
TI - Needs and Challenges Concerning Cyber-risk Assessment in the Cyber-physical Smart Grid
SN - 978-989-758-588-3
IS - 2184-2833
AU - Erdogan, G.
AU - Tøndel, I.
AU - Tokas, S.
AU - Garau, M.
AU - Jaatun, M.
PY - 2022
SP - 21
EP - 32
DO - 10.5220/0011137100003266
PB - SciTePress