Summary
This Webinar describes the security requirements for remote services to access intelligent electronic devices on an electric power utility’s operational network. A model-based system engineering methodology based on Zachman’s lifecycle framework is used to assess the risks and potential means to mitigate these risks. The Webinar stresses the need to combine role-based and attribute-based access control to protect the integrity and confidentiality of the sensitive data. If sensitive data is compromised, a trusted platform is needed to securely collect and safeguard the evidence needed for forensic analysis. Furthermore, several third-party security certificate trust issues are highlighted. Also, to safeguard electronic evidence, we focus on the high-priority requirements for a trusted electronic device. For example, the need to bind the remote user’s identity to the mobile device in use (personal devices) raises multiple challenges. In the event of a remote breach of the operational network, we focus on the need to protect the chain of evidence to develop an effective mitigation strategy.
Additional informations
| Publication type | Webinars |
|---|---|
| Reference | WBN020 |
| Publication year | 2020 |
| Publisher | CIGRE |
| Study committees | Information Systems, Telecommunications and Cybersecurity (D2) |
| Working groups | WG D2.46 |
| File size | 1 MB |
| Pages number | 23 |
| Price for non member | 50 € |
| Price for member | Free |
Video
Speakers
Cuni
