Publications

Carlson, Rolf E.

Abstract not provided.

Carlson, Rolf E.; Bleakly, Denise R.

Abstract not provided.

Carlson, Rolf E.

Abstract not provided.

Carlson, Rolf E.

A model of malicious attacks against an infrastructure system is developed that uses a network representation of the system structure together with a Hidden Markov Model of an attack at a node of that system and a Markov Decision Process model of attacker strategy across the system as a whole. We use information systems as an illustration, but the analytic structure developed can also apply to attacks against physical facilities or other systems that provide services to customers. This structure provides an explicit mechanism to evaluate expected losses from malicious attacks, and to evaluate changes in those losses that would result from system hardening. Thus, we provide a basis for evaluating the benefits of system hardening. The model also allows investigation of the potential for the purchase of an insurance contract to cover the potential losses when safeguards are breached and the system fails.

Carlson, Rolf E.

Supervisory Control and Data Acquisition (SCADA) systems are a part of the nation's critical infrastructure that is especially vulnerable to attack or disruption. Sandia National Laboratories is developing a high-security SCADA specification to increase the national security posture of the U.S. Because SCADA security is an international problem and is shaped by foreign and multinational interests, Sandia is working to develop a standards-based solution through committees such as the IEC TC 57 WG 15, the IEEE Substation Committee, and the IEEE P1547-related activity on communications and controls. The accepted standards are anticipated to take the form of a Common Criteria Protection Profile. This report provides the status of work completed and discusses several challenges ahead.

Bentley, Anthony E.; Stamp, Jason E.; Carlson, Rolf E.; Carlson, Rolf E.

This report documents work supporting the Sandia National Laboratories initiative in Distributed Energy Resources (DERs) and Supervisory Control and Data Acquisition (SCADA) systems. One approach for real-time control of power generation assets using feedback control, Quantitative feedback theory (QFT), has recently been applied to voltage, frequency, and phase-control of power systems at Sandia. QFT provided a simple yet powerful philosophy for designing the control systems--allowing the designer to optimize the system by making design tradeoffs without getting lost in complex mathematics. The feedback systems were effective in reducing sensitivity to large and sudden changes in the power grid system. Voltage, frequency, and phase were accurately controlled, even with large disturbances to the power grid system.

Carlson, Rolf E.; Beaver, Cheryl L.

This document represents the development of a protection profile (PP) for the IEC (International Electrotechnical Commission) protocol TASE.2 (Tele-control Application Service Element.2). A protection profile states assumptions about the TOE (Target of Evaluation), identifies threats to the TOE based on the assumptions, gives security goals to counter the threats, and finally identifies security functions to satisfy the security goals. Developing protection profiles for each protocol is a significant step towards developing measurable security for electric power automation systems. As an extension of the PP, the authors offer a generalization to any protocol at the evaluation assurance level (EAL) 2.