成果報告書詳細
管理番号20130000000823
タイトル*平成23年度中間年報 米国ニューメキシコ州における日米スマートグリッド実証(19)
公開日2014/4/1
報告書年度2011 - 2011
委託先名株式会社サイバーディフェンス研究所
プロジェクト番号P09023
部署名スマートコミュニティ部
和文要約
英文要約Title: Research on Cyber Security and Information Communication Technology (FY2010-FY2013) FY 2011 Annual Report

We carried out the following research:

(1) Investigation of threat and vulnerability
(CDI)
In FY2011, we researched technical methods used for cyber attack on control systems of actual cases. We especially collected a sample of and analyzed "Duqu", a malware very similar to the Stuxnet. In addition, we exchanged opinions with security researchers of control systems to collect threat information.

(CRIEPI)
We investigated European standard being developed under European Committee. At this moment, there are no standards describing threats and vulnerabilities in detail.

(2) Identification of security requirements (CRIEPI)
Security requirement determination criteria developed in our previous research is applied to Smart Grid demonstration system which is under construction in New Mexico State. Requirements are identified for each equipment and communication media that need to be introduced to the system. High integrity and availability is required for information related to distribution network operation and monitoring while relatively high confidentiality is required for information relating to customer equipment / appliances.

(3) Research on security countermeasure techniques and analysis of its effects (continuous research) (CDI)
We clarified the elements of the security countermeasure techniques by implementing major security techniques into corresponding information communication and information processing parts of the smart grid, and investigated the effects caused in communication quality and processing ability.

(4) Identification of applicable security countermeasures (CRIEPI)
Applicable security countermeasures for the demonstration system are extracted from general security counter measures. The measures are evaluated in the view point of ease of introduction.

(5) Planning the implementation of security measures on estimated smart grid configurations (CDI)
By referring to the specifications provided by the vendors and to the results of the unit testing, we identified the domains in which the security features are to be configured. Then we reviewed how security features should be implemented into in each domain for more effectiveness.

(6) Minimum and recommended countermeasures allocation policy (CRIEPI)
Evaluation items for determining countermeasures allocation are listed.

(7) Countermeasures for the demonstration system (CRIEPI)
Countermeasures with less impact to performance and reliability of the demonstration system were determined, taking into account the results from (2)-(4).

(8) Research on security testing (continuous research) (CDI)
We investigated on “penetration testing” and “vulnerability checking” for use in tests to find such threats and vulnerabilities like the ones researched in (1).

(9) Testing methods and procedure of the demonstration system (CRIEPI)
Testing methods are investigated and classified by equipment, stakeholders who will install the countermeasures, etc. With this result, a set of test methods appropriate for each lifecycle stage of the system can be obtained.

(10) Evaluation of unit testing in a testbed (CDI)
We prepared the tests by referring to the specifications provided by the vendors, then, we implemented security tests (test methods investigated in (8)), on devices workable in a domestic testing environment.

(11) Overall test evaluation (CDI)
Due to the schedule of the whole project being delayed, this will be done in FY2012.
ダウンロード成果報告書データベース(ユーザ登録必須)から、ダウンロードしてください。

▲トップに戻る