Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Failure Impact Analysis of Key Management in AMI Using Cybernomic Situational Assessment (CSA)

Conference ·
OSTI ID:1073662
 [1];  [1];  [1];  [1];  [2]
  1. ORNL
  2. New Jersey Insitute of Technology
+ Show Author Affiliations
In earlier work, we presented a computational framework for quantifying the security of a system in terms of the average loss a stakeholder stands to sustain as a result of threats to the system. We named this system, the Cyberspace Security Econometrics System (CSES). In this paper, we refine the framework and apply it to cryptographic key management within the Advanced Metering Infrastructure (AMI) as an example. The stakeholders, requirements, components, and threats are determined. We then populate the matrices with justified values by addressing the AMI at a higher level, rather than trying to consider every piece of hardware and software involved. We accomplish this task by leveraging the recently established NISTR 7628 guideline for smart grid security. This allowed us to choose the stakeholders, requirements, components, and threats realistically. We reviewed the literature and selected an industry technical working group to select three representative threats from a collection of 29 threats. From this subset, we populate the stakes, dependency, and impact matrices, and the threat vector with realistic numbers. Each Stakeholder s Mean Failure Cost is then computed.
Research Organization:
Oak Ridge National Laboratory (ORNL)
Sponsoring Organization:
ORNL work for others
DOE Contract Number:
AC05-00OR22725
OSTI ID:
1073662
Country of Publication:
United States
Language:
English

Similar Records

Cryptographic Key Management and Critical Risk Assessment
Technical Report · Thu May 01 00:00:00 EDT 2014 · OSTI ID:1131520
Centralized Cryptographic Key Management and Critical Risk Assessment - (CRADA Final Report)
Technical Report · Wed May 28 00:00:00 EDT 2014 · OSTI ID:1132557
Risk Assessment Methodology Based on the NISTIR 7628 Guidelines
Conference · Mon Dec 31 23:00:00 EST 2012 · OSTI ID:1072138

Related Subjects

Algorithms
Cyber Security Metrics
Design
Economics
Experimentation
Information Security
Measurement
Performance
Reliability
Risk Management
Security
Theory
Verification