Some of the difficulties encountered in discussing security in an automation system are: the lack of security categories for operational data, the use of the same communication channels and network connections for multiple categories of data, and wide variety of equipment deployed having different subsets of capabilities between competing vendor’s equipment. The variations for both requirements and architecture that exist between companies within the same industry further aggravate these difficulties.
System requirements, data categories, and the system’s internal interdependences need to be identified to determine an effective strategy to secure the system’s operation. The model can also help identify certain single point of failure the system along with interdependencies that may not otherwise be obvious.
Object modeling summarizes system control element logically. This model captures the object role view of the automation and SCADA systems used in electric power systems, including the classes of objects that are present along with the ways in which they relate to each other (called roles). The roles may exist between one object to another directly, or they may be implied through the relationship of two objects to third (or others). The improved understanding provided by object modeling is essential to understanding security requirements for automatic systems.