Mission Impact Assessment in Power Grids

Mona Lange, Marina Krotofil, Ralf Möller

Abstract

A high number of low-level alerts are reported by information security systems . This justifies the interest in gathering and aggregating data from various sources. Subsequently, we propose an approach that correlates security events to detect upcoming cyber threats and determining the impact of these cyber threats. The proposed mission impact assessment (MIA) approach allow event correlation, the recognition of mission threatening events and computing the impact of this event. An offline component that develops a network dependency model by learning a state machine from network traffic captures. Additionally, a dependency model of the power grid is modeled to allow the analysis of cyber-physical impacts. This allows the analysis of how cyber events might impact the ongoing mission on an operational level.
Original languageEnglish
Number of pages12
Publication statusPublished - 01.06.2015
EventProceedings of the NATO IST-128 Workshop: Assessing Mission Impact of Cyberattacks - Istanbul, Turkey
Duration: 15.06.201517.06.2015

Conference

ConferenceProceedings of the NATO IST-128 Workshop: Assessing Mission Impact of Cyberattacks
Country/TerritoryTurkey
CityIstanbul
Period15.06.1517.06.15

Fingerprint

Dive into the research topics of 'Mission Impact Assessment in Power Grids'. Together they form a unique fingerprint.

Cite this