As electric sector stakeholders make the decision to upgrade traditional power grid architectures by incorporating smart grid technologies and new intelligent components, the benefits of added connectivity must be weighed against the risk of increased exposure to cyber attacks. Therefore, decision makers must ask: how smart is smart enough? We present a probabilistic risk analysis approach to this problem. Central to this approach is a new network security model based on a reformulation of the classic “multi-armed bandits” problem, where instead of projects with uncertain probabilities of success, a network defender faces network nodes that can be attacked at uncertain Poisson-distributed rates. Probing these nodes provides additional information about their vulnerability, but at a cost. Using this new technique, which by similarity we call “multi-node bandits”, we compute the net marginal benefits of increased connectivity. We illustrate this model by the quantification of the overall cyber risk to the physical and informational networks of a smart grid in order to identify the optimal degree of “smartness” and the best risk management strategy.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com