Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 15) Show all publications
Välja, M. (2018). Improving IT Architecture Modeling Through Automation: Cyber Security Analysis of Smart Grids. (Doctoral dissertation). Stockholm: KTH Royal Institute of Technology
Open this publication in new window or tab >>Improving IT Architecture Modeling Through Automation: Cyber Security Analysis of Smart Grids
2018 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Contemporary organizations depend on IT to reach their goals but the organizations are constantly adapting to changing market conditions and these changes need to be reflected in the IT architecture. Modeling is often used to manage complex architectures allowing to abstract details and focus on the most important aspects. Metamodels are central to modeling and used as a mechanism for modeling different phenomena and describing evolving designs such as IT architectures. However, it can be difficult to model IT architecture especially in large organizations due to the amount and diversity of systems, software, data, et cetera. Previous studies have found problems with metamodels and the support modeling tools provide to the users. The topics mentioned by numerous authors are lacking cyber security analysis capabilities and the support for automated model creation using enterprise data. These two topics are studied in this thesis with the focus on smart grids. 

The contribution of this thesis is to offer support for IT architecture modeling processes with the following propositions that are described in four papers. The contribution includes a metamodel extension for analyzing insider threats and reachability (Paper A), a framework for automatic modeling (Paper B), a framework for improving semantic accuracy and granularity matching in automatic modeling (Paper C) and a reference model for cyber security analysis of smart grid load balancing (Paper D).

Abstract [sv]

Idag är många verksamheter beroende av IT för att nå sina mål. Organisationer anpassar sig dock ständigt till förändrade marknadsförhållanden och dessa förändringar måste återspeglas i IT-arkitekturen. Modellering används ofta för att hantera komplexa system, då det möjliggör abstraktion av detaljer och fokus på de viktigaste delarna av systemet. Metamodeller är viktiga för modellering och används som ett verktyg för att modellera fenomen för olika IT-arkitekturer. Att modellera IT-arkitekturer kan dock vara svårt, särskilt i stora organisationer med många olika system, program, data osv. Tidigare forskning har funnit problem med metamodeller och verktygsstöd. Ämnen som nämns av många författare är problemen med hotanalyskapacitet och stöd för automatiserad modelluppbyggnad från företagsdata. Dessa två ämnen studeras i denna avhandling med fokus på smarta elnät.

Bidraget i denna avhandling är att erbjuda stöd för IT-arkitekturmodelleringsprocesser med följande förslag som beskrivs i fyra papper. Bidraget innefattar en utvidgad metamodell för att analysera interoperabilitet och tillgänglighet avseende cybersäkerhet (artikel A), ett ramverk för automatisk modellering (artikel B), ett ramverk för förbättring av semantisk noggrannhet och granularitetsmatchning i automatisk modellering (artikel C) och en referensmodell för analys av cybersäkerhet vid lastbalansering av smarta elnät (artikel D).

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2018. p. 44
Series
TRITA-EECS-AVL ; 2018:63
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-235347 (URN)978-91-7729-931-8 (ISBN)
Public defence
2018-10-15, F3, Lindstedtsvägen 26, Stockholm, 15:00 (English)
Opponent
Supervisors
Note

QC 20180924

Available from: 2018-09-24 Created: 2018-09-22 Last updated: 2018-10-10Bibliographically approved
Välja, M., Korman, M. & Lagerström, R. (2017). A study on software vulnerabilities and weaknesses of embedded systems in power networks. In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week): . Paper presented at 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017 (pp. 47-52). Association for Computing Machinery, Inc
Open this publication in new window or tab >>A study on software vulnerabilities and weaknesses of embedded systems in power networks
2017 (English)In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 47-52Conference paper (Refereed)
Abstract [en]

In this paper we conduct an empirical study with the purpose of identifying common software weaknesses of embedded devices used as part of industrial control systems in power grids. The data is gathered about the devices and software of 6 companies, ABB, General Electric, Schneider Electric, Schweitzer Engineering Laboratories, Siemens and Wind River. The study uses data from the manufacturersfi online databases, NVD, CWE and ICS CERT. We identified that the most common problems that were reported are related to the improper input validation, cryptographic issues, and programming errors.

Place, publisher, year, edition, pages
Association for Computing Machinery, Inc, 2017
Keywords
Cyber security, Power networks, Software vulnerability CVSS, Electric network analysis, Electric power transmission networks, Embedded systems, Intelligent control, Laboratories, Network security, Smart power grids, Cryptographic issues, Engineering laboratories, Industrial control systems, Programming errors, Schneider electrics, Software vulnerabilities, Electric power system control
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-216531 (URN)10.1145/3055386.3055397 (DOI)2-s2.0-85019013078 (Scopus ID)9781450349789 (ISBN)
Conference
2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017
Note

QC 20171128

Available from: 2017-11-28 Created: 2017-11-28 Last updated: 2017-11-28Bibliographically approved
Korman, M., Välja, M., Björkman, G., Ekstedt, M., Vernotte, A. & Lagerström, R. (2017). Analyzing the effectiveness of attack countermeasures in a SCADA system. In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week): . Paper presented at 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017 (pp. 73-78). Association for Computing Machinery, Inc
Open this publication in new window or tab >>Analyzing the effectiveness of attack countermeasures in a SCADA system
Show others...
2017 (English)In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 73-78Conference paper (Refereed)
Abstract [en]

The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.

Place, publisher, year, edition, pages
Association for Computing Machinery, Inc, 2017
Keywords
Cyber security, SCADA system, Security controls, Threat modeling, Vulnerability assessment, Electric power system security, Electric power transmission networks, Legacy systems, SCADA systems, Smart power grids, Multi-vendor environment, Network configuration, Network segmentation, Power grid operations, Vulnerability assessments, Network security
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-216532 (URN)10.1145/3055386.3055393 (DOI)2-s2.0-85019036296 (Scopus ID)9781450349789 (ISBN)
Conference
2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017, 21 April 2017
Note

QC 20171128

Available from: 2017-11-28 Created: 2017-11-28 Last updated: 2017-11-28Bibliographically approved
Välja, M., Korman, M., Lagerström, R., Franke, U. & Ekstedt, M. (2016). Automated Architecture Modeling for Enterprise Technology Management Using Principles from Data Fusion: A Security Analysis Case. In: Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G (Ed.), PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION. Paper presented at Portland International Conference on Management of Engineering and Technology (PICMET), SEP 04-08, 2016, Honolulu, HI (pp. 14-22). IEEE
Open this publication in new window or tab >>Automated Architecture Modeling for Enterprise Technology Management Using Principles from Data Fusion: A Security Analysis Case
Show others...
2016 (English)In: PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION / [ed] Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G, IEEE , 2016, p. 14-22Conference paper, Published paper (Refereed)
Abstract [en]

Architecture models arc used in enterprise management for decision support. These decisions range from designing processes to planning for the appropriate supporting technology. It is unreasonable for an existing enterprise to completely reinvent itself. Incremental changes are in most cases a more resource efficient tactic. Thus, for planning organizational changes, models of the current practices and systems need to be created. For mid-sized to large organizations this can be an enormous task when executed manually. Fortunately, there's a lot of data available from different sources within an enterprise that can be used for populating such models. The data are however almost always heterogeneous and usually only representing fragmented views of certain aspects. In order to merge such data and obtaining a unified view of the enterprise a suitable methodology is needed. In this paper we address this problem of creating enterprise architecture models from heterogeneous data. The paper proposes a novel approach that combines methods from the fields of data fusion and data warehousing. The approach is tested using a modeling language focusing on cyber security analysis in a study of a lab setup mirroring a small power utility's IT environment.

Place, publisher, year, edition, pages
IEEE, 2016
Series
Portland International Conference on Management of Engineering and Technology, ISSN 2159-5100
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-242720 (URN)10.1109/PICMET.2016.7806662 (DOI)000403104500002 ()2-s2.0-85016195766 (Scopus ID)
Conference
Portland International Conference on Management of Engineering and Technology (PICMET), SEP 04-08, 2016, Honolulu, HI
Note

QC 20190220

Available from: 2019-02-20 Created: 2019-02-20 Last updated: 2019-08-21Bibliographically approved
Korman, M., Lagerström, R., Välja, M., Ekstedt, M. & Blom, R. (2016). Technology Management through Architecture Reference Models: A Smart Metering Case. In: Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G (Ed.), PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION. Paper presented at Portland International Conference on Management of Engineering and Technology (PICMET), SEP 04-08, 2016, Honolulu, HI (pp. 2338-2350). IEEE
Open this publication in new window or tab >>Technology Management through Architecture Reference Models: A Smart Metering Case
Show others...
2016 (English)In: PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016): TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION / [ed] Kocaoglu, DF Anderson, TR Daim, TU Kozanoglu, DC Niwa, K Perman, G, IEEE , 2016, p. 2338-2350Conference paper, Published paper (Refereed)
Abstract [en]

Enterprise architecture (EA) has become an essential part of managing technology in large enterprises. These days, automated analysis of EA is gaining increased attention. That is, using models of business and technology combined in order to analyze aspects such as cyber security, complexity, cost, performance, and availability. However, gathering all information needed and creating models for such analysis is a demanding and costly task. To lower the efforts needed a number of approaches have been proposed, the most common are automatic data collection and reference models. However these approaches are all still very immature and not efficient enough for the discipline, especially when it comes to using the models for analysis and not only for documentation and communication purposes. In this paper we propose a format for representing reference models focusing on analysis. The format is tested with a case in a large European project focusing on security in advanced metering infrastructure. Thus we have, based on the format, created a reference model for smart metering architecture and cyber security analysis. On a theoretical level we discuss the potential impact such a reference model can have.

Place, publisher, year, edition, pages
IEEE, 2016
Series
Portland International Conference on Management of Engineering and Technology, ISSN 2159-5100
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-242722 (URN)10.1109/PICMET.2016.7806518 (DOI)000403104502019 ()
Conference
Portland International Conference on Management of Engineering and Technology (PICMET), SEP 04-08, 2016, Honolulu, HI
Note

QC 20190219

Available from: 2019-02-19 Created: 2019-02-19 Last updated: 2019-08-21Bibliographically approved
Välja, M., Lagerström, R., Ekstedt, M. & Korman, M. (2015). A Requirements Based Approach for Automating Enterprise IT Architecture Modeling Using Multiple Data Sources. In: 2015 IEEE 19th International Enterprise Distributed Object Computing Workshop (EDOCW): . Paper presented at Enterprise Distributed Object Computing (EDOC) International Conference 2015 (pp. 79-87). Adelaide, SA
Open this publication in new window or tab >>A Requirements Based Approach for Automating Enterprise IT Architecture Modeling Using Multiple Data Sources
2015 (English)In: 2015 IEEE 19th International Enterprise Distributed Object Computing Workshop (EDOCW), Adelaide, SA, 2015, p. 79-87Conference paper, Published paper (Refereed)
Abstract [en]

Enterprise Architecture (EA) is an approach where models of an enterprise are used for decision support. An important part of EA is enterprise IT architecture. Creating models of both types can be a complex task. EA can be difficult to model due to unavailable business data, while in the case of enterprise IT architecture, there can be too much IT data available. Furthermore, there is a trend of a growing availability of data possibly useful for modeling. We call the process of making use of available data, automatic modeling. There have been previous attempts to achieve automatic model creation using a single source of data. Often, a single source of data is not enough to create the models required. In this paper we address automatic modeling when data from multiple heterogeneous sources are needed. The paper looks at the potential data sources, requirements that the data must meet and proposes a four-part approach. The approach is tested in a study using the Cyber Security Modeling Language in order to model a lab setup at KTH Royal Institute of Technology. The lab aims at mirroring a small power utility's IT setup. The paper demonstrates that it is possible to create timely and scalable enterprise IT architecture models from multiple sources, and that manual modeling and data quality related problems can be resolved using known data processing methods.

Place, publisher, year, edition, pages
Adelaide, SA: , 2015
Series
Enterprise Distributed Object Computing Workshop (EDOCW), 2015 IEEE 19th International
Keywords
enterprise architecture, automatic data collection, model quality
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Information and Communication Technology
Identifiers
urn:nbn:se:kth:diva-181864 (URN)10.1109/EDOCW.2015.33 (DOI)000380478000011 ()2-s2.0-84964663592 (Scopus ID)
External cooperation:
Conference
Enterprise Distributed Object Computing (EDOC) International Conference 2015
Funder
EU, FP7, Seventh Framework Programme
Note

QC 20160226

Available from: 2016-02-05 Created: 2016-02-05 Last updated: 2016-08-30Bibliographically approved
Välja, M., Korman, M., Shahzad, K. & Johnson, P. (2015). Integrated metamodel for security analysis. In: 2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS): . Paper presented at 48th Annual Hawaii International Conference on System Sciences (HICSS), JAN 05-08, 2015, Kauai, HI (pp. 5192-5200). IEEE Computer Society
Open this publication in new window or tab >>Integrated metamodel for security analysis
2015 (English)In: 2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), IEEE Computer Society, 2015, p. 5192-5200Conference paper, Published paper (Refereed)
Abstract [en]

This paper proposes a metamodel for analyzing security aspects of enterprise architecture by combining analysis of cybersecurity with analysis of interoperability and availability. The metamodel extends an existing attack graph based metamodel for cybersecurity modeling and evaluation, (PCySeMoL)-Cy-2, and incorporates several new elements and evaluation rules. The approach improves security analysis by combining two ways of evaluating reachability: one which considers ordinary user activity and another, which considers technically advanced techniques for penetration and attack. It is thus permitting to evaluate security in interoperability terms by revealing attack possibilities of legitimate users. Combined with data import from various sources, like an enterprise architecture data repository, the instantiations of the proposed metamodel allow for a more holistic overview of the threats to the architecture than the previous version. Additional granularity is added to the analysis with the reachability need concept and by enabling the consideration of unavailable and unreliable systems.

Place, publisher, year, edition, pages
IEEE Computer Society, 2015
Series
Proceedings of the Annual Hawaii International Conference on System Sciences, ISSN 1060-3425
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-181009 (URN)10.1109/HICSS.2015.613 (DOI)000366264105039 ()2-s2.0-84944219720 (Scopus ID)978-1-4799-7367-5 (ISBN)
Conference
48th Annual Hawaii International Conference on System Sciences (HICSS), JAN 05-08, 2015, Kauai, HI
Note

QC 20160126

Available from: 2016-01-26 Created: 2016-01-26 Last updated: 2018-09-22Bibliographically approved
Välja, M. & Ladhe, T. (2015). Towards Smart City Marketplace at the example of Stockholm. In: 2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS): . Paper presented at 48th Annual Hawaii International Conference on System Sciences (HICSS), JAN 05-08, 2015, Kauai, HI (pp. 2375-2384). IEEE Computer Society
Open this publication in new window or tab >>Towards Smart City Marketplace at the example of Stockholm
2015 (English)In: 2015 48TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), IEEE Computer Society, 2015, p. 2375-2384Conference paper, Published paper (Refereed)
Abstract [en]

The authors in this paper argue that for cities to meet their smart city goals much more is needed than just top down solutions, or open city data. The authors suggest that a city aiming for future smartness should engage the citizens, the entrepreneurs and innovators of that city, in the creation of smart solutions via the platform that is, for the sake of argument in this paper, called "The Smart City Marketplace". The authors find that the platform fills a technological gap by allowing simplified business experimentation and mixing public data with private data, while providing support for the new type of knowledge based economy. For this platform, ideas have been drawn from interviews and workshops in Stockholm, and researchers in areas such as open innovation, platform strategy and smart cities.

Place, publisher, year, edition, pages
IEEE Computer Society, 2015
Series
Proceedings of the Annual Hawaii International Conference on System Sciences, ISSN 1060-3425
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-181006 (URN)10.1109/HICSS.2015.285 (DOI)000366264102062 ()2-s2.0-84944224210 (Scopus ID)978-1-4799-7367-5 (ISBN)
Conference
48th Annual Hawaii International Conference on System Sciences (HICSS), JAN 05-08, 2015, Kauai, HI
Note

QC 20160126

Available from: 2016-01-26 Created: 2016-01-26 Last updated: 2018-01-10Bibliographically approved
Johnson, P., Iacob, M. E., Välja, M., van Sinderen, M., Magnusson, C. & Ladhe, T. (2014). A method for predicting the probability of business network profitability. Information Systems and E-Business Management, 12(4), 567-593
Open this publication in new window or tab >>A method for predicting the probability of business network profitability
Show others...
2014 (English)In: Information Systems and E-Business Management, ISSN 1617-9846, E-ISSN 1617-9854, Vol. 12, no 4, p. 567-593Article in journal (Refereed) Published
Abstract [en]

In the design phase of business collaboration, it is desirable to be able to predict the profitability of the business-to-be. Therefore, techniques to assess qualities such as costs, revenues, risks, and profitability have been previously proposed. However, they do not allow the modeler to properly manage uncertainty with respect to the design of the considered business collaboration. In many real collaboration projects today, uncertainty regarding the business' present or future characteristics is so significant that ignoring it becomes problematic. In this paper, we propose an approach based on the predictive, probabilistic architecture modeling framework (P2AMF), capable of advanced and probabilistically sound reasoning about profitability risks. The P2AMF-based approach for profitability risk prediction is also based on the e3-value modeling language and on the object constraint language. The paper introduces the prediction and modeling approach, and a supporting software tool. The use of the approach is illustrated by means of a case study originated from the Stockholm Royal Seaport smart city project.

Keywords
Goal interoperability, Probabilistic inference, Profitability, Risk analysis, Value networks
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-149175 (URN)10.1007/s10257-014-0237-4 (DOI)000344741500005 ()2-s2.0-84912032840 (Scopus ID)
Note

QC 20141215

Available from: 2014-08-16 Created: 2014-08-16 Last updated: 2017-12-05Bibliographically approved
Välja, M., Honeth, N., Buschle, M., Lagerström, R., Sasi, K. K. & Somasundaran, N. (2014). An Archimate based analysis of Microgrid Control Systems Architectures. In: : . Paper presented at 2014 International Conference on Embedded Systems, ICES 2014, Coimbatore, India, 3-5 July 2014 (pp. 297-301).
Open this publication in new window or tab >>An Archimate based analysis of Microgrid Control Systems Architectures
Show others...
2014 (English)Conference paper, Published paper (Refereed)
Abstract [en]

The architectures containing embedded systems such as microgrid controllers are becoming more complex. While there are several known methodologies for embedded system modeling and design, they mostly cover development related performance issues. There exists a gap in the management of architectures implementing embedded systems for power systems applications. This paper proposes to use enterprise architecture analysis, based on earlier work, to fill that gap. Availability, interoperability and cost analysis are in focus. Enterprise architecture models are important in order to abstract the technical detail for planning and design in order to provide a basis for discussion of technical scalability and cost management amongst stakeholders and technical experts. A microgrid control architecture based example is given to illustrate the analysis possibilities.

National Category
Control Engineering
Identifiers
urn:nbn:se:kth:diva-157918 (URN)10.1109/EmbeddedSys.2014.6953179 (DOI)2-s2.0-84915749614 (Scopus ID)978-147995026-3 (ISBN)
Conference
2014 International Conference on Embedded Systems, ICES 2014, Coimbatore, India, 3-5 July 2014
Note

QC 20150113

Available from: 2014-12-17 Created: 2014-12-17 Last updated: 2015-01-13Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-1464-6163

Search in DiVA

Show all publications