Abstract
A smart grid is envisioned to enable a more economic, environmental friendly, sustainable and reliable supply of energy. But significant security concerns have to be addressed for the smart grid, dangers range from threatened availability of energy, to threats of customer privacy. This paper presents a structured method for identifying security threats in the smart home scenario and in particular for analyzing their severity and relevance. The method is able to unveil also new threats, not discussed in the literature before. The smart home scenario is represented by a context-pattern, which is a specific kind of pattern for the elicitation of domain knowledge [1]. Hence, by exchanging the smart home pattern by a context-pattern for another domain, e.g., clouds, our method can be used for these other domains, as well. The proposal is based on Microsoft’s Security Development Lifecycle (SDL) [2], which uses Data Flow diagrams, but proposes new alternatives for scenario definition and asset identification based on context-patterns. These alleviate the lack of scalability of the SDL. In addition, we present Attack Path DFDs, that show how an attacker can compromise the system.
Part of this work is funded by the German Research Foundation (DFG) under grant number HE3322/4-2 and the EU project Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS, ICT-2009.1.4 Trustworthy ICT, Grant No. 256980).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
The termineter homepage: https://code.google.com/p/termineter/ (last visited on: 8-1-2014).
- 2.
A report from the darkreading security blog: http://www.darkreading.com/applications/scadasmart-grid-vendor-adopts-microsofts/240000526?itc=edit_in_body_cross (last visited on: 8-1-2014).
- 3.
Note the SDL is an evolving concept even at Microsoft, but for simplicity’s sake we consider only the SDL described in [2] for the remainder of this paper.
- 4.
The Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) homepage: http://www.nessos-project.eu.
- 5.
Technical report: http://www.uml4pf.org/publications/smarthome.pdf.
- 6.
http://ec.europa.eu/energy/gas_electricity/smartgrids/taskforce_en.htm (last visited on 15-12-2013).
- 7.
http://energy.gov/oe/technology-development/smart-grid (last visited on 15-12-2013).
- 8.
http://www.energy.ca.gov/2012publications/CEC-500-2012-047/CEC-500-2012-047.pdf (last visited on 15-12-2013).
- 9.
- 10.
Note that a Prosumer is an energy consumer, who also sells small amounts of energy to the energy provider.
- 11.
All organizations appearing in this work are fictitious. Any resemblance to real organizations, companies or persons is purely coincidental.
- 12.
The technical report can be found at: http://www.uml4pf.org/publications/smarthome.pdf.
- 13.
Note that we simplified the model for readability purposes. The interested reader can find the complete model in our technical report (see Footnote 5).
References
Beckers, K., Faßbender, S., Heisel, M.: A meta-model approach to the fundamentals for a pattern language for context elicitation. In: Proceedings of the 18th European Conference on Pattern Languages of Programs (Europlop), ACM (2013) (Accepted for Publication)
Howard, M., Lipner, S.: The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press, Cambridge (2006)
Aloula, F., Al-Alia, A.R., Al-Dalkya, R., Al-Mardinia, M., El-Hajj, W.: Smart grid security: threats, vulnerabilities and solutions. Int. J. Smart Grid Clean Energy 1(1), 1–6 (2012)
Lin, H., Fang, Y.: Privacy-aware profiling and statistical data extraction for smart sustainable energy systems. IEEE Trans. Smart Grid 4(1), 332–340 (2013)
NIST: Guidelines for smart grid cyber security (2010)
Geer, D.: Are companies actually using secure development life cycles? Computer 43(6), 12–16 (2010)
Win, B.D., Scandariato, R., Buyens, K., Grégoire, J., Joosen, W.: On the secure software development process: Clasp, \(\{\)SDL\(\}\) and touchpoints compared. Inf. Softw. Technol. 51(7), 1152–1171 (2009). Special Section: Software Engineering for Secure Systems Software Engineering for Secure Systems
SANS: Sans - a member of the microsoft security development lifecycle (sdl) pro network (2014). http://www.sans.org/security-resources/microsoft-sdl
OWASP: CLASP (Comprehensive, Lightweight Application Security Process). Technical report, The Open Web Application Security Project (OWASP) (2011). https://www.owasp.org/index.php/Category:OWASP_CLASP_Project
Commission of the European communities.: Communication from the commission to the european parliament, the council, the European economic and social committee and the committee of the regions (2011)
Lu, Z., Lu, X., Wang, W., Wang, C.: Review and evaluation of security threats on the communication networks in the smart grid. In: Military Communications Conference, 2010 - MILCOM 2010, pp. 1830–1835 (2010)
Wang, W., Lu, Z.: Survey cyber security in the smart grid: survey and challenges. Comput. Netw. 57(5), 1344–1371 (2013)
Yang, Y., Littler, T., Sezer, S., McLaughlin, K., Wang, H.: Impact of cyber-security issues on smart grid. In: 2011 2nd IEEE PES International Conference and Exhibition on Innovative Smart Grid Technologies (ISGT Europe), pp. 1–7 (2011)
McDaniel, P., McLaughlin, S.: Security and privacy challenges in the smart grid. IEEE Secur. Priv. 7(3), 75–77 (2009)
Tøndel, I.A., Jaatun, M.G., Line, M.B.: Security threats in demo steinkjer - report from the telenor-sintef collaboration project on smart grids. Technical report, SINTEF/NTNU (2012)
Dhillon, D.: Developer-driven threat modeling: lessons learned in the trenches. IEEE Secur. Priv. 9(4), 41–47 (2011)
ISO/IEC: Information technology - Security techniques - Information security management systems - Requirements. ISO/IEC 27001, International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC), Geneva, Switzerland (2005)
Swiderski, F., Snyder, W.: Threat Modeling. Microsoft Press, Redmond (2004)
Beckers, K., Côté, I., Hatebur, D., Faßbender, S., Heisel, M.: Common criteria compliAnt software development (CC-CASD). In: Proceedings 28th Symposium on Applied Computing, pp. 937–943. ACM (2013)
Beckers, K., Hatebur, D., Heisel, M.: A problem-based threat analysis in compliance with common criteria. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES), pp. 111–120. IEEE Computer Society (2013)
Beckers, K., Küster, J.C., Faßbender, S., Schmidt, H.: Pattern-based support for context establishment and asset identification of the ISO 27000 in the field of cloud computing. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES), pp. 327–333. IEEE Computer Society (2011)
Beckers, K., Faßbender, S.: Peer-to-peer driven software engineering considering security, reliability, and performance. In: Proceedings of the International Conference on Availability, Reliability and Security (ARES) - 2nd International Workshop on Resilience and IT-Risk in Social Infrastructures(RISI 2012), pp. 485–494. IEEE Computer Society (2012)
Beckers, K., Faßbender, S., Heisel, M., Meis, R.: Pattern-based context establishment for service-oriented architectures. In: Heisel, M. (ed.) Software Service and Application Engineering. LNCS, vol. 7365, pp. 81–101. Springer, Heidelberg (2012)
Beckers, K., Faßbender, S., Küster, J.-C., Schmidt, H.: A pattern-based method for identifying and analyzing laws. In: Regnell, B., Damian, D. (eds.) REFSQ 2011. LNCS, vol. 7195, pp. 256–262. Springer, Heidelberg (2012)
BSI: Protection Profile for the Gateway of a Smart Metering System (Gateway PP). Version 01.01.01(final draft), Bundesamt für Sicherheit in der Informationstechnik (BSI) - Federal Office for Information Security Germany, Bonn, Germany (2011). https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/SmartMeter/PP-SmartMeter.pdf?_blob=publicationFile
BSI: Protection Profile for the Security Module of a Smart Meter Gateway (Security Module PP). Version 1.0), Bundesamt für Sicherheit in der Informationstechnik (BSI) - Federal Office for Information Security Germany, Bonn, Germany (2013). https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/SmartMeter/PP_Security_%20Module.pdf?_blob=publicationFile
OPEN node project: Evaluation of general requirements according state of the art. Technical report, OPEN node project (2010)
OPEN node project: Functional Use cases. Technical report, OPEN node project (2011)
OPEN meter project: D1.1 Requirements of AMI. Technical report, OPEN meter project (2009)
Department of Energy and Climate Change: Smart metering implementation programme, response to prospectus consultation, overview document. Technical report, Office of Gas and Electricity Markets (2011)
Department of Energy and Climate Change: Smart metering implementation programme, response to prospectus consultation, design requirements. Technical report, Office of Gas and Electricity Markets (2011)
Mohsenian-Rad, A.H., Wong, V., Jatskevich, J., Schober, R., Leon-Garcia, A.: Autonomous demand-side management based on game-theoretic energy consumption scheduling for the future smart grid. IEEE Trans. Smart Grid 1(3), 320–331 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Beckers, K., Faßbender, S., Heisel, M., Suppan, S. (2014). A Threat Analysis Methodology for Smart Home Scenarios. In: Cuellar, J. (eds) Smart Grid Security. SmartGridSec 2014. Lecture Notes in Computer Science(), vol 8448. Springer, Cham. https://doi.org/10.1007/978-3-319-10329-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-10329-7_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10328-0
Online ISBN: 978-3-319-10329-7
eBook Packages: Computer ScienceComputer Science (R0)