Off-campus Michigan Tech users: To download campus access theses or dissertations, please use the following button to log in with your Michigan Tech ID and password: log in to proxy server
Non-Michigan Tech users: Please talk to your librarian about requesting this thesis or dissertation through interlibrary loan.
Date of Award
2020
Document Type
Campus Access Dissertation
Degree Name
Doctor of Philosophy in Mechanical Engineering-Engineering Mechanics (PhD)
Administrative Home Department
Department of Mechanical Engineering-Engineering Mechanics
Advisor 1
Steven Goldsmith
Committee Member 1
Gordon G. Parker
Committee Member 2
Laura E. Brown
Committee Member 3
Craig R. Friedrich
Abstract
Current industry standards for managing cyber security risk continue to evolve and adapt to the threat landscape in which cyber-physical systems operate. However, the cyber-physical system’s stakeholders are challenged by the adoption of new and adaptive frameworks that provide holistic cyber security risk management. Thus, these stakeholders managing the cyber-physical systems tend to have a myopic view of the risk exposure and cyber security posture at all levels of the cyber-physical system operations.
Applying a cyber security risk methodology to a Photovoltaic (PV) Power Plant requires a comprehensive and layered approach encompassing people, processes and technology correlation of known parameters. There are new and novel frameworks of both cyber security and risk management implemented. The advent of new integrated communication systems, smart field devices, and addition into the grid has increased the PV Power Plant’s risk and attack surface, particularly from cyber bound attacks. A methodology and framework for cyber resiliency exclusive for PV Power Plants are developed.
The proposed model for cyber resiliency is comprehensive leveraging of the NIST Cybersecurity Framework as a foundation for the methodology. The model is applied to a case study for a 20-megawatt PV Plant. The data collected is analyzed through
the resiliency methodology that yields an inherent state, a baseline state, and a future resiliency state, which will mark the desired security and resiliency posture. The model relies on quantitative methods for evaluating risks, vulnerabilities, and attack vectors. The model also illustrates the requirements and objectives based on risk tolerance and allowing the stakeholders to define strategic plans for cyber resiliency.
Recommended Citation
Miranda, Alexander W., "CYBER RISK MANAGEMENT AND MODELING FOR PHOTOVOLTAIC (PV) PLANTS", Campus Access Dissertation, Michigan Technological University, 2020.