Assessment of information security levels in power communication systems using evidential reasoning
2008 (English)In: IEEE Transactions on Power Delivery, ISSN 0885-8977, E-ISSN 0885-8877, Vol. 23, no 3, 1384-1391 p.Article in journal (Refereed) Published
The purpose of this paper is to present a framework for assessing information security in power communication systems. The framework consists of dividing the communication system to be analyzed into its subcomponents and linking these to relevant evaluation criteria. In this study, the information security standard ISO 17799 has been used as a point of reference to define such evaluation criteria. The framework involves collecting data to evaluate each individual criterion and aggregating these evaluations using a robust algorithm. To cater for the many uncertainties in evaluating information security, the evaluation of the individual subcomponents is aggregated using a Dempster-Shafer based algorithm for evidential reasoning. This algorithm incorporates the many insecure facts and incomplete data that are inherent in large scale systems. The overall result is a set of indicators which highlight the level of information security within a studied communication system. The paper is concluded with a description of a case study in which the framework was applied to a communication system used for automatic meter reading (AMR). Experiences from this application are described in the paper.
Place, publisher, year, edition, pages
2008. Vol. 23, no 3, 1384-1391 p.
communication system security, power system communication, supervisory, control and data-acquisition (SCADA) systems, wide-area networks
IdentifiersURN: urn:nbn:se:kth:diva-17678DOI: 10.1109/tpwrd.2008.919231ISI: 000257511000016ScopusID: 2-s2.0-47149106407OAI: oai:DiVA.org:kth-17678DiVA: diva2:335723
QC 201005252010-08-052010-08-05Bibliographically approved