A Fuzzy AHP Approach for Security Risk Assessment in SCADA Networks

MARKOVIC-PETROVIC, J. D.; STOJANOVIC, M. D.; BOSTJANCIC RAKAS, S. V.

doi:10.4316/AECE.2019.03008

Advances in Electrical and Computer Engineering (Aug 2019)

A Fuzzy AHP Approach for Security Risk Assessment in SCADA Networks

MARKOVIC-PETROVIC, J. D.,
STOJANOVIC, M. D.,
BOSTJANCIC RAKAS, S. V.

Affiliations

MARKOVIC-PETROVIC, J. D.
STOJANOVIC, M. D.
BOSTJANCIC RAKAS, S. V.

DOI: https://doi.org/10.4316/AECE.2019.03008
Journal volume & issue: Vol. 19, no. 3
pp. 69 – 74

Abstract

Read online

In this paper we propose a new method for security risk assessment in Supervisory Control and Data Acquisition (SCADA) networks. The method consists of the three phases, namely the objective phase, the subjective phase and the final assessment phase. The objective phase deals with the analysis of SCADA historical data. The subjective phase takes into account the experience of relevant experts. The final assessment phase takes into account outputs from both the objective and subjective phases. Fuzzy logic has been applied in all three phases, while analytic hierarchy process (AHP) has been used in subjective phase, due to its suitability to evaluate the experts' competency. The method is evaluated on a case study regarding the real run-off-river hydropower plant. Evaluation results have clearly indicated benefits of the proposed method in comparison with the purely objective approach, in terms of more precise risk assessment and higher return on security investment.

Published in Advances in Electrical and Computer Engineering

ISSN: 1582-7445 (Print); 1844-7600 (Online)
Publisher: Stefan cel Mare University of Suceava
Country of publisher: Romania
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Electronics: Computer engineering. Computer hardware
Website: http://www.aece.ro

About the journal

Abstract

Keywords