Show simple item record

dc.contributor.authorErdogan, Gencer
dc.contributor.authorTøndel, Inger Anne
dc.contributor.authorTokas, Shukun
dc.contributor.authorGarau, Michele
dc.contributor.authorJaatun, Martin Gilje
dc.date.accessioned2022-10-14T13:20:32Z
dc.date.available2022-10-14T13:20:32Z
dc.date.created2022-08-26T18:46:22Z
dc.date.issued2022
dc.identifier.citationProceedings of the 17th International Conference on Software Technologies (ICSOFT 2022). 2022, 21-32.en_US
dc.identifier.isbn978-989-758-588-3
dc.identifier.urihttps://hdl.handle.net/11250/3026191
dc.description.abstractCyber-risk assessment methods are used by energy companies to manage security risks in smart grids. However, current standards, methods and tools do not adequately provide the support needed in practice and the industry is struggling to adopt and carry out cyber-risk assessments. The contribution of this paper is twofold. First, we interview six companies from the energy sector to better understand their needs and challenges. Based on the interviews, we identify seven success criteria cyber-risk assessment methods for the energy sector need to fulfill to provide adequate support. Second, we present the methods CORAS, VAF, TM-STRIDE, and DA-SAN and evaluate the extent to which they fulfill the identified success criteria. Based on the evaluation, we provide lessons learned in terms of gaps that need to be addressed in general to improve cyber-risk assessment in the context of smart grids. Our results indicate the need for the following improvements: 1) ease of use and comprehensible m ethods, 2) support to determine whether a method is a good match for a given context, 3) adequate preparation to conduct cyber-risk assessment, 4) manage complexity, 5) adequate support for risk estimation, 6) support for trustworthiness and uncertainty handling, and 7) support for maintaining risk assessments.en_US
dc.language.isoengen_US
dc.publisherSciTePressen_US
dc.relation.ispartofProceedings of the 17th International Conference on Software Technologies (ICSOFT 2022)
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 Internasjonal*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/deed.no*
dc.subjectCyber-risken_US
dc.subjectCybersecurityen_US
dc.subjectCyber-physicalen_US
dc.subjectSmart griden_US
dc.subjectIoTen_US
dc.subjectNeedsen_US
dc.subjectChallengesen_US
dc.subjectSuccess criteriaen_US
dc.titleNeeds and Challenges Concerning Cyber-Risk Assessment in the Cyber-Physical Smart Griden_US
dc.title.alternativeNeeds and Challenges Concerning Cyber-Risk Assessment in the Cyber-Physical Smart Griden_US
dc.typeChapteren_US
dc.description.versionacceptedVersionen_US
dc.source.pagenumber21-32en_US
dc.identifier.doi10.5220/0011137100003266
dc.identifier.cristin2046396
dc.relation.projectNorges forskningsråd: 257626en_US
cristin.ispublishedtrue
cristin.fulltextpostprint
cristin.qualitycode1


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivatives 4.0 Internasjonal