The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

An information security model for an Internet of Things-enabled smart grid in the Saudi Energy Sector

An information security model for an Internet of Things-enabled smart grid in the Saudi Energy Sector
An information security model for an Internet of Things-enabled smart grid in the Saudi Energy Sector
The evolution of an Internet of Things-enabled Smart grid affords better automation, communication, monitoring, and control of electricity consumption. It is now essential to supply and transmit the data required, to achieve better sensing, more accurate control, wider information communication and sharing, and more rational decision-making. However, the rapid growth in connected entities, accompanied by an increased demand for electricity, has resulted in several challenges to be addressed. One of these is protecting energy information exchange proactively before an incident occurs. It is argued that Smart Grid systems were designed without any regard for security, which is considered a serious omission, especially for data security, energy information exchange, and the privacy of both consumers and utility companies.
This research is motivated by the gap identified in the requirements and controls for maintaining cybersecurity in the bi-directional data flow within the IoT-enabled Smart Grid. Through literature and industry standards, the initial stages of the research explore and identify the challenges and security requirements. Threat modelling analysis identified nine internet-based threats, proposing an initial information security model. This initial model is validated using expert reviews, resulting in a reference model that includes seven security requirements and 45 relevant security controls.
To demonstrate the usefulness of this reference model as a foundation for further research, a segment of the reference model is elaborated using Event-B formal modelling. This approach assists in incorporating additional details during refinements and confirming the consistency of those details. The formal modelling process begins by formulating the functional requirements in a consistent model and then augmenting it with security controls. The effectiveness of these security controls is validated and verified using formal modelling tools.
The contribution of this research, therefore, is the unique approach to developing a framework for an IoT-enabled Smart Grid (SG) by utilising threat analysis and expert reviews in combination with formal methods. As the field of security continues to evolve, this generic framework and formal template can be reused as a foundation for further analysis of other components or access points, and to implement new security controls. The resulting model enables field experts, security practitioners, and engineers to verify any changes made, ensuring they do not compromise the security of information flow within the IoT-enabled Smart Grid during the initial design stages of the system life cycle.
IoT-enabled Smart Grid, Cybersecurity, Internet of Things, System Information Security, Threats modelling, STRIDE.
University of Southampton
Akkad, Abeer Siraj A
60c9e7d8-55ae-4c78-b3ba-9b014d7c5bed
Akkad, Abeer Siraj A
60c9e7d8-55ae-4c78-b3ba-9b014d7c5bed
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0
Rezazadeh, Reza
ab1aeb76-9d41-4b46-820c-cc66b631cb99
Hoang, Son
dcc0431d-2847-4e1d-9a85-54e4d6bab43f

Akkad, Abeer Siraj A (2024) An information security model for an Internet of Things-enabled smart grid in the Saudi Energy Sector. University of Southampton, Doctoral Thesis, 282pp.

Record type: Thesis (Doctoral)

Abstract

The evolution of an Internet of Things-enabled Smart grid affords better automation, communication, monitoring, and control of electricity consumption. It is now essential to supply and transmit the data required, to achieve better sensing, more accurate control, wider information communication and sharing, and more rational decision-making. However, the rapid growth in connected entities, accompanied by an increased demand for electricity, has resulted in several challenges to be addressed. One of these is protecting energy information exchange proactively before an incident occurs. It is argued that Smart Grid systems were designed without any regard for security, which is considered a serious omission, especially for data security, energy information exchange, and the privacy of both consumers and utility companies.
This research is motivated by the gap identified in the requirements and controls for maintaining cybersecurity in the bi-directional data flow within the IoT-enabled Smart Grid. Through literature and industry standards, the initial stages of the research explore and identify the challenges and security requirements. Threat modelling analysis identified nine internet-based threats, proposing an initial information security model. This initial model is validated using expert reviews, resulting in a reference model that includes seven security requirements and 45 relevant security controls.
To demonstrate the usefulness of this reference model as a foundation for further research, a segment of the reference model is elaborated using Event-B formal modelling. This approach assists in incorporating additional details during refinements and confirming the consistency of those details. The formal modelling process begins by formulating the functional requirements in a consistent model and then augmenting it with security controls. The effectiveness of these security controls is validated and verified using formal modelling tools.
The contribution of this research, therefore, is the unique approach to developing a framework for an IoT-enabled Smart Grid (SG) by utilising threat analysis and expert reviews in combination with formal methods. As the field of security continues to evolve, this generic framework and formal template can be reused as a foundation for further analysis of other components or access points, and to implement new security controls. The resulting model enables field experts, security practitioners, and engineers to verify any changes made, ensuring they do not compromise the security of information flow within the IoT-enabled Smart Grid during the initial design stages of the system life cycle.

Text
AbeerAkkad_Thesis_FINAL_PDFA_FORMAT - Version of Record
Available under License University of Southampton Thesis Licence.
Download (7MB)
Text
Final-thesis-submission-Examination-Mrs-Abeer-Akkad
Restricted to Repository staff only

More information

Published date: 22 July 2024
Related URLs:
Keywords: IoT-enabled Smart Grid, Cybersecurity, Internet of Things, System Information Security, Threats modelling, STRIDE.
Learn more about Cyber Physical Systems research Learn more about School of Electronics and Computer Science research

Identifiers

Local EPrints ID: 492287
URI: http://eprints.soton.ac.uk/id/eprint/492287
PURE UUID: 29695b28-1c91-43c3-9f61-fc6bb9c606e0
ORCID for Abeer Siraj A Akkad: ORCID iD orcid.org/0000-0002-7710-6378
ORCID for Gary Wills: ORCID iD orcid.org/0000-0001-5771-4088
ORCID for Reza Rezazadeh: ORCID iD orcid.org/0000-0002-0029-469X
ORCID for Son Hoang: ORCID iD orcid.org/0000-0003-4095-0732

Catalogue record

Date deposited: 23 Jul 2024 17:04
Last modified: 27 Jul 2024 01:59

Export record

Contributors

Author: Abeer Siraj A Akkad ORCID iD
Thesis advisor: Gary Wills ORCID iD
Thesis advisor: Reza Rezazadeh ORCID iD
Thesis advisor: Son Hoang ORCID iD

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×