A Semantic Model for Cyber Security
Smart Grid security is challenging as experts in both IT Security and ICS (Industrial Control System) systems are few. Expertise in multiple domains is needed and tools that can be used to analyze smart grid systems during the design phase are non-existent. We have used Semantic Web Technology to create an ontology that is capable of reasoning about security attributes. We express our models in SADL (Semantic Application Design Language), which allows English-like statements to describe information about a smart grid system and which automatically translates the models to standards-based representations. Our SADL models capture domain knowledge such as network topology, device specifications, and site-specific information in a format understandable by subject matter experts without requiring them to have knowledge of Semantic Web technology. We examine components of the ontology that are capable of describing, measuring, and comparing both physical and network-specific threats. We also describe a GUI (Graphics User Interface) that displays the results of a Failure Mode Effects Analysis with threats prioritized by Likelihood, Detectability, and Severity.