Robust and Scalable Security Monitoring and Compliance Management for Dynamic EDS
November 18, 2016
Abstract: Recently, energy delivery systems (EDS) have undergone an intensive modernization process that includes the introduction of dedicated cyber-infrastructures for the purposes of monitoring, control, and optimization of resources. While extremely convenient, such a process has also opened the door for the exploitation of non-trivial security vulnerabilities, as demonstrated by recent sophisticated attacks that included a well-thought out combination of strategies at various levels of abstraction. As a proper countermeasure, the efficient, robust and practical monitoring of security-relevant information originated from EDS infrastructures is critical to ensure future risks and threats are properly mitigated. In this talk, I will describe our ongoing work towards such a goal by providing support for the automated verification, validation and attestation (VV&A) of EDS, in an effort to properly assess if particular designs and implementations comply with a well-defined set of security requirements.