High Assurance Smart Grid

摘要

As electrical grids evolve through the introduction of additional 'smart' sensors and actuators, cyber security becomes an even more significant factor. Information Assurance controls must be implemented throughout the grid, from large scale power generating facilities, through transmission and distribution systems, to Building Management Systems (BMS) & Home Area Networks (HAN). A precursor to determining the appropriate controls for any particular device is to determine the trust model within which these devices exist. This paper sets out to define a multi-level framework for a trust model to be used throughout the electrical grid. The model is based on two core principles: categorize cyber security requirements based on a subsystem's potential impact on the overall grid; and implement controls based on an assumed compromise of adjacent subsystems. From a Smart Grid Cyber Security perspective, rather than attempting to create an all encompassing enclave of trust, this model suggests that systems should be designed in ways which expect compromise of adjacent systems. An expansive sphere of implied trust will inevitably lead an expansive sphere of vulnerability. Having an expectation of compromise, of a lack of trust, would be preferable as it will require subsystems to implement independent, rather than dependent, cyber security controls.