Microgrid cyber security reference architecture.
Abstract
This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus formore »
- Authors:
- Publication Date:
- Research Org.:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Org.:
- USDOE National Nuclear Security Administration (NNSA)
- OSTI Identifier:
- 1090210
- Report Number(s):
- SAND2013-5472
460305
- DOE Contract Number:
- AC04-94AL85000
- Resource Type:
- Technical Report
- Country of Publication:
- United States
- Language:
- English
Citation Formats
Veitch, Cynthia K., Henry, Jordan M., Richardson, Bryan T., and Hart, Derek H. Microgrid cyber security reference architecture.. United States: N. p., 2013.
Web. doi:10.2172/1090210.
Veitch, Cynthia K., Henry, Jordan M., Richardson, Bryan T., & Hart, Derek H. Microgrid cyber security reference architecture.. United States. https://doi.org/10.2172/1090210
Veitch, Cynthia K., Henry, Jordan M., Richardson, Bryan T., and Hart, Derek H. 2013.
"Microgrid cyber security reference architecture.". United States. https://doi.org/10.2172/1090210. https://www.osti.gov/servlets/purl/1090210.
@article{osti_1090210,
title = {Microgrid cyber security reference architecture.},
author = {Veitch, Cynthia K. and Henry, Jordan M. and Richardson, Bryan T. and Hart, Derek H.},
abstractNote = {This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.},
doi = {10.2172/1090210},
url = {https://www.osti.gov/biblio/1090210},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Mon Jul 01 00:00:00 EDT 2013},
month = {Mon Jul 01 00:00:00 EDT 2013}
}