Assessment of potential security risks in advanced metering infrastructure using the OCTAVE Allegro approach

Ali Ismail Awad, Mostafa Shokry, Ashraf A.M. Khalaf, Mahmoud Khaled Abd-Ellah

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)

Abstract

One of the crucial components of a smart grid is the advanced metering infrastructure (AMI), which integrates information and communication technologies with a conventional electricity grid. Due to the importance of an AMI system and the vital data that it stores, an information security risk assessment (ISRA) process must be carried out to identify potential risks before applying any security measures. This study contributes to AMI security by assessing the potential security risks using the OCTAVE Allegro (OA) approach. OA is selected as an appropriate approach based on a comparative study of ISRA methods. The comparison process aligns the AMI requirements with the capabilities of the ISRA methods. To analyze any potential security risks, an AMI system is evaluated through the eight steps of the OA methodology. Through the OA implementation, eleven risk scenarios are identified that affect the confidentiality, integrity, or availability of an AMI system. For completeness, the study recommends risk mitigation approaches to limit the identified risks associated with an AMI system.

Original languageEnglish
Article number108667
JournalComputers and Electrical Engineering
Volume108
DOIs
Publication statusPublished - May 2023

Keywords

  • Advanced metering infrastructure
  • AMI security vulnerability
  • Critical infrastructure
  • Information container
  • OCTAVE Allegro
  • Security risk assessment
  • Smart meters

ASJC Scopus subject areas

  • Control and Systems Engineering
  • General Computer Science
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Assessment of potential security risks in advanced metering infrastructure using the OCTAVE Allegro approach'. Together they form a unique fingerprint.

Cite this