Abstract
AbstractA smart grid is an electricity network that has been infused with information and digital communications technology to provide greater control, stability, reliability and flexibility of the power grid. Technology has been added from the consumer premise which includes appliances, thermostats, home energy managers and load control switches all the way back to the generation facilities. The combination of these technologies could potentially optimize demand management, save energy, reduce costs, increase reliability, connect alternative and home-generated energy sources to the grid (i.e. transmitting a bi-directional flow of energy), and evolve into a powerful platform for new business opportunities. In order for smart grids to achieve all objectives, cyber security and risks (e.g. cybercrime or cyber warfare) and privacy concerns must be overcome. The smart grid adds new entry points to the older technologies that are already vulnerable but were previously protected from exploit by physical isolation. Theoretical concerns have become practical realities as a number of vulnerabilities in the smart grid and power complexes have been exploited. After a general introduction to smart grids and smart grid security, this paper analyses security (control) and compliance (visibility) requirements for smart grids. In order to justify the need for security policy automation, the paper focuses on the hard-to-implement least privilege, information flow enforcement, and security incident monitoring/reporting/auditing requirements. The paper then presents “model-driven security policy automation” (control) and “model-driven security incident monitoring/analysis automation” (visibility) within the context of smart grids, and explains how alternative approaches such as identity and access management and authorization management are necessary but not sufficient on their own. The presented “model-driven security” (MDS) policy automation solution uniquely helps solve the challenge of capturing, managing, enforcing, and monitoring/analysing fine-grained, contextual technical authorization policies for small to large scale smart grids.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
