Abstract:
Supply chain attacks, which are attacks that exploit vulnerabilities injected into devices before their shipment or during firmware updates, represent an increasingly imp...Show MoreMetadata
Abstract:
Supply chain attacks, which are attacks that exploit vulnerabilities injected into devices before their shipment or during firmware updates, represent an increasingly important security threat to the smart grid. One obvious way to prevent supply chain attacks is to replace distrusted suppliers. However, this is not always feasible in practice due to operational constraints, such as one operator being bound to a limited number of suppliers. Although other hardening options, such as adding firewalls or relocating services, might be available, their effectiveness against supply chain vulnerabilities is unclear. Finally, relying on administrators’ experiences to manually fix supply chain vulnerabilities is prone to human errors. In this paper, we develop an automated hardening framework to improve the security posture of smart grid substations against supply chain attacks. The key idea is to unify a variety of hardening options (such as adding firewalls, patching known vulnerabilities, and diversifying components) under the same framework, such that it can improve the supply chain security even when suppliers cannot be easily replaced. Specifically, we first define models for supply chain attacks, hardening options, and the costs; we then instantiate the hardening framework through several use cases; finally, we evaluate our solution through simulations.
Date of Conference: 24-28 April 2022
Date Added to IEEE Xplore: 12 July 2022
ISBN Information: