Thu, Oct 15, 2020 1:00 PM - 2:00 PM CEST (UCT+2)
This Webinar describes the security requirements for remote services to access intelligent electronic devices on an electric power utility’s operational network.
A model-based system engineering methodology based on Zachman’s lifecycle framework is used to assess the risks and potential means to mitigate these risks.
The Webinar stresses the need to combine role-based and attribute-based access control to protect the integrity and confidentiality of the sensitive data. If sensitive data is compromised, a trusted platform is needed to securely collect and safeguard the evidence needed for forensic analysis.
Furthermore, several third-party security certificate trust issues are highlighted. Also, to safeguard electronic evidence, we focus on the high-priority requirements for a trusted electronic device. For example, the need to bind the remote user’s identity to the mobile device in use (personal devices) raises multiple challenges. In the event of a remote breach of the operational network, we focus on the need to protect the chain of evidence to develop an effective mitigation strategy.