成果報告書詳細
管理番号20130000000865
タイトル*平成22年度中間年報 米国ニューメキシコ州における日米スマートグリッド実証(19)
公開日2013/11/13
報告書年度2010 - 2010
委託先名株式会社サイバーディフェンス研究所
プロジェクト番号P09023
部署名スマートコミュニティ部
和文要約
英文要約Title: Research on Cyber Security and Information Communication Technology (FY2010-FY2011) FY 2010 Annual Report

We carried out the following research:1. Research on threats and vulnerabilities: CDI researched potential threats and vulnerabilities for this project through interviews with industrial network monitoring engineers of electric power companies. In addition, thoroughly researched Stuxnet, the first known cyber attack targeted to industrial control systems, and estimated its potential impact and effectiveness on industrial control systems. CRIEPI researched NISTIR 7628 and “Security Profile for Advanced Metering Infrastructure” as guidelines directly related to this project. The threats, vulnerabilities, and the steps for considering cyber security can be utilized for identifying security measures in this project. Other documents, such as NIST SP800-82, IEC/TR 62210, and GAO-11-117, were also researched. 2. Identification of security requirements (CRIEPI): currently the details of the demonstration system are undetermined, making it difficult to identify the specifics of the system. CRIEPI has proposed the concept “Secure Communication Network in Demand-Area”, and we used this as the basis of the system architecture for identifying security requirements. Using this system architecture, we identified the applications and the information flow in the system, and identified the security requirements of the devices. 3. Research on security technologies and their effectiveness (CDI): Identification of technical components of major security measures and technologies through research of the effects on information communication quality and processing ability when major security technologies are implemented into information communication and processing areas within the smart grid. 4. Identification of applicable security measures (CRIEPI): we selected the vulnerabilities relevant to the system, evaluated the impact to the security requirements, and selected applicable security measures for the devices. 5. Design of implementation of security measures on expected smart grid configuration (CDI): Referring to the network topologies provided by participating companies, identified areas to be deployed with security features and effective deployment schemes. 6. Research on security testing (CDI): Conducted research on methods, technology, required skills and resources necessary for “penetration testing” and “vulnerability checking.” A penetration test is conducted on a wide scale of services in comparison to a vulnerability check, which is a test for applications providing specific services. 7. Evaluation of device testing in Japan (CDI): In preparation for testing devices to be installed into the smart grid, designed evaluation items and requirement level setpoints. These were designed based on device specifications (some left to be determined) and information provided by other segments of the New Mexico Smart Grid Project regarding data configurations, data linkage and flow within cross-device interfaces.
ダウンロード成果報告書データベース(ユーザ登録必須)から、ダウンロードしてください。

▲トップに戻る