SACM - United Kingdom

Permanent URI for this collectionhttps://drepo.sdl.edu.sa/handle/20.500.14154/9667

Browse

Search Results

Now showing 1 - 1 of 1
  • Thumbnail Image
    ItemRestricted
    An information security model for an Internet of Things-enabled smart grid in the Saudi Energy Sector
    (University of Southampton, 2024-07-22) Akkad, Abeer; Rezazadeh, Reza; Wills, Gary; Hoang, Son
    The evolution of an Internet of Things-enabled Smart grid affords better automation, communication, monitoring, and control of electricity consumption. It is now essential to supply and transmit the data required, to achieve better sensing, more accurate control, wider information communication and sharing, and more rational decision-making. However, the rapid growth in connected entities, accompanied by an increased demand for electricity, has resulted in several challenges to be addressed. One of these is protecting energy information exchange proactively before an incident occurs. It is argued that Smart Grid systems were designed without any regard for security, which is considered a serious omission, especially for data security, energy information exchange, and the privacy of both consumers and utility companies. This research is motivated by the gap identified in the requirements and controls for maintaining cybersecurity in the bi-directional data flow within the IoT-enabled Smart Grid. Through literature and industry standards, the initial stages of the research explore and identify the challenges and security requirements. Threat modelling analysis identified nine internet-based threats, proposing an initial information security model. This initial model is validated using expert reviews, resulting in a reference model that includes seven security requirements and 45 relevant security controls. To demonstrate the usefulness of this reference model as a foundation for further research, a segment of the reference model is elaborated using Event-B formal modelling. This approach assists in incorporating additional details during refinements and confirming the consistency of those details. The formal modelling process begins by formulating the functional requirements in a consistent model and then augmenting it with security controls. The effectiveness of these security controls is validated and verified using formal modelling tools. The contribution of this research, therefore, is the unique approach to developing a framework for an IoT-enabled Smart Grid (SG) by utilising threat analysis and expert reviews in combination with formal methods. As the field of security continues to evolve, this generic framework and formal template can be reused as a foundation for further analysis of other components or access points, and to implement new security controls. The resulting model enables field experts, security practitioners, and engineers to verify any changes made, ensuring they do not compromise the security of information flow within the IoT-enabled Smart Grid during the initial design stages of the system life cycle.
    34 0

Copyright owned by the Saudi Digital Library (SDL) © 2024