Summary
This Webinar describes the security requirements for remote services to access intelligent electronic devices on an electric power utility’s operational network. A model-based system engineering methodology based on Zachman’s lifecycle framework is used to assess the risks and potential means to mitigate these risks. The Webinar stresses the need to combine role-based and attribute-based access control to protect the integrity and confidentiality of the sensitive data. If sensitive data is compromised, a trusted platform is needed to securely collect and safeguard the evidence needed for forensic analysis. Furthermore, several third-party security certificate trust issues are highlighted. Also, to safeguard electronic evidence, we focus on the high-priority requirements for a trusted electronic device. For example, the need to bind the remote user’s identity to the mobile device in use (personal devices) raises multiple challenges. In the event of a remote breach of the operational network, we focus on the need to protect the chain of evidence to develop an effective mitigation strategy.
Additional informations
Publication type | Webinars |
---|---|
Reference | WBN020 |
Publication year | |
Publisher | CIGRE |
Study committees |
|
Working groups | WG D2.46 |
File size | 1 MB |
Pages number | 23 |
Price for non member | 50 € |
Price for member | Free |
Video
Speakers
Cuni