The legal imperative to protect critical energy infrastructure

Energy Technology Data Exchange (ETDEWEB)

Shore, J.J.M.

2008-03-15

Canada's critical infrastructure is comprised of energy facilities, communications centres, finance, health care, food, government and transportation sectors. All sectors face a range of physical or cyber threats from terrorism and natural phenomenon. Failures or disruptions in the sectors can cascade through other systems and disrupt essential services. The power outage in 2003 demonstrated gaps in North America's emergency preparedness. In 2006, al-Qaida called for terrorist attacks on North American oil fields and pipelines, specifically targeting Canada. Studies have confirmed that Canada is vulnerable to attacks on energy infrastructure. Government agencies and the private sector must work ensure the safety of Canada's energy infrastructure, as the primary responsibility of government is the protection of its citizenry. The fulfilment of the government's commitment to national security cannot be achieved without protecting Canada's critical energy infrastructure. However, Canada has not yet provided a framework linking federal government with critical infrastructures, despite the fact that a draft strategy has been under development for several years. It was concluded that governments and the private sector should work together to reduce risks, protect the public, and secure the economy. National security litigation against the government and legal imperatives for energy facility owners and operators were also reviewed. 98 refs., 20 figs.

Critical Infrastructure Protection: Maintenance is National Security

Directory of Open Access Journals (Sweden)

Kris Hemme

2015-10-01

Full Text Available U.S. critical infrastructure protection (CIP necessitates both the provision of security from internal and external threats and the repair of physically damaged critical infrastructure which may disrupt services. For years, the U.S. infrastructure has been deteriorating, triggering enough damage and loss of life to give cause for major concern. CIP is typically only addressed after a major disaster or catastrophe due to the extreme scrutiny that follows these events. In fact, CIP has been addressed repeatedly since Presidential Decision Directive Sixty-Three (PDD Sixty-Three signed by President Bill Clinton on May Twenty-Second, 1998.[1] This directive highlighted critical infrastructure as “a growing potential vulnerability” and recognized that the United States has to view the U.S. national infrastructure from a security perspective due to its importance to national and economic security. CIP must be addressed in a preventive, rather than reactive, manner.[2] As such, there are sixteen critical infrastructure sectors, each with its own protection plan and unique natural and man-made threats, deteriorations, and risks. A disaster or attack on any one of these critical infrastructures could cause serious damage to national security and possibly lead to the collapse of the entire infrastructure. [1] The White House, Presidential Decision Directive/NSC–63 (Washington D.C.: The White House, May 22, 1998: 1–18, available at: http://www.epa.gov/watersecurity/tools/trainingcd/Guidance/pdd-63.pdf. [2] Ibid, 1.

Research Note on the Energy Infrastructure Attack Database (EIAD

Directory of Open Access Journals (Sweden)

Jennifer Giroux

2013-12-01

Full Text Available The January 2013 attack on the In Amenas natural gas facility drew international attention. However this attack is part of a portrait of energy infrastructure targeting by non-state actors that spans the globe. Data drawn from the Energy Infrastructure Attack Database (EIAD shows that in the last decade there were, on average, nearly 400 annual attacks carried out by armed non-state actors on energy infrastructure worldwide, a figure that was well under 200 prior to 1999. This data reveals a global picture whereby violent non-state actors target energy infrastructures to air grievances, communicate to governments, impact state economic interests, or capture revenue in the form of hijacking, kidnapping ransoms, theft. And, for politically motivated groups, such as those engaged in insurgencies, attacking industry assets garners media coverage serving as a facilitator for international attention. This research note will introduce EIAD and position its utility within various research areas where the targeting of energy infrastructure, or more broadly energy infrastructure vulnerability, has been addressed, either directly or indirectly. We also provide a snapshot of the initial analysis of the data between 1980-2011, noting specific temporal and spatial trends, and then conclude with a brief discussion on the contribution of EIAD, highlighting future research trajectories. 

Cyberspace and Critical Information Infrastructures

Directory of Open Access Journals (Sweden)

Dan COLESNIUC

2013-01-01

Full Text Available Every economy of an advanced nation relies on information systems and interconnected networks, thus in order to ensure the prosperity of a nation, making cyberspace a secure place becomes as crucial as securing society. Cyber security means ensuring the safety of this cyberspace from threats which can take different forms, such as stealing secret information from national companies and government institutions, attacking infrastructure vital for the functioning of the nation or attacking the privacy of the single citizen. The critical information infrastructure (CII represents the indispensable "nervous system", that allow modern societies to work and live. Besides, without it, there would be no distribution of energy, no services like banking or finance, no air traffic control and so on. But at the same time, in the development process of CII, security was never considered a top priority and for this reason they are subject to a high risk in relation to the organized crime.

A fault diagnosis system for interdependent critical infrastructures based on HMMs

International Nuclear Information System (INIS)

Ntalampiras, Stavros; Soupionis, Yannis; Giannopoulos, Georgios

2015-01-01

Modern society depends on the smooth functioning of critical infrastructures which provide services of fundamental importance, e.g. telecommunications and water supply. These infrastructures may suffer from faults/malfunctions coming e.g. from aging effects or they may even comprise targets of terrorist attacks. Prompt detection and accommodation of these situations is of paramount significance. This paper proposes a probabilistic modeling scheme for analyzing malicious events appearing in interdependent critical infrastructures. The proposed scheme is based on modeling the relationship between datastreams coming from two network nodes by means of a hidden Markov model (HMM) trained on the parameters of linear time-invariant dynamic systems which estimate the relationships existing among the specific nodes over consecutive time windows. Our study includes an energy network (IEEE 30 model bus) operated via a telecommunications infrastructure. The relationships among the elements of the network of infrastructures are represented by an HMM and the novel data is categorized according to its distance (computed in the probabilistic space) from the training ones. We considered two types of cyber-attacks (denial of service and integrity/replay) and report encouraging results in terms of false positive rate, false negative rate and detection delay. - Highlights: • An HMM-based scheme is proposed for analyzing malicious events in critical infrastructures. • We use the IEEE 30 model bus operated via an emulated ICT infrastructure. • Novel data is categorized based on its probabilistic distance from the training one. • We considered two types of cyber-attacks and report results of extensive experiments

Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA.

Science.gov (United States)

Harrop, Wayne; Matteson, Ashley

This paper presents cyber resilience as key strand of national security. It establishes the importance of critical national infrastructure protection and the growing vicarious nature of remote, well-planned, and well executed cyber attacks on critical infrastructures. Examples of well-known historical cyber attacks are presented, and the emergence of 'internet of things' as a cyber vulnerability issue yet to be tackled is explored. The paper identifies key steps being undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on critical national infrastructure in the United Kingdom and the USA.

Cyber Vulnerabilities Within Critical Infrastructure: The Flaws of Industrial Control Systems in the Oil and Gas Industry

Science.gov (United States)

Alpi, Danielle Marie

The 16 sectors of critical infrastructure in the US are susceptible to cyber-attacks. Potential attacks come from internal and external threats. These attacks target the industrial control systems (ICS) of companies within critical infrastructure. Weakness in the energy sector's ICS, specifically the oil and gas industry, can result in economic and ecological disaster. The purpose of this study was to establish means for oil companies to identify and stop cyber-attacks specifically APT threats. This research reviewed current cyber vulnerabilities and ways in which a cyber-attack may be deterred. This research found that there are insecure devices within ICS that are not regularly updated. Therefore, security issues have amassed. Safety procedures and training thereof are often neglected. Jurisdiction is unclear in regard to critical infrastructure. The recommendations this research offers are further examination of information sharing methods, development of analytic platforms, and better methods for the implementation of defense-in-depth security measures.

A reference model for model-based design of critical infrastructure protection systems

Science.gov (United States)

Shin, Young Don; Park, Cheol Young; Lee, Jae-Chon

2015-05-01

Today's war field environment is getting versatile as the activities of unconventional wars such as terrorist attacks and cyber-attacks have noticeably increased lately. The damage caused by such unconventional wars has also turned out to be serious particularly if targets are critical infrastructures that are constructed in support of banking and finance, transportation, power, information and communication, government, and so on. The critical infrastructures are usually interconnected to each other and thus are very vulnerable to attack. As such, to ensure the security of critical infrastructures is very important and thus the concept of critical infrastructure protection (CIP) has come. The program to realize the CIP at national level becomes the form of statute in each country. On the other hand, it is also needed to protect each individual critical infrastructure. The objective of this paper is to study on an effort to do so, which can be called the CIP system (CIPS). There could be a variety of ways to design CIPS's. Instead of considering the design of each individual CIPS, a reference model-based approach is taken in this paper. The reference model represents the design of all the CIPS's that have many design elements in common. In addition, the development of the reference model is also carried out using a variety of model diagrams. The modeling language used therein is the systems modeling language (SysML), which was developed and is managed by Object Management Group (OMG) and a de facto standard. Using SysML, the structure and operational concept of the reference model are designed to fulfil the goal of CIPS's, resulting in the block definition and activity diagrams. As a case study, the operational scenario of the nuclear power plant while being attacked by terrorists is studied using the reference model. The effectiveness of the results is also analyzed using multiple analysis models. It is thus expected that the approach taken here has some merits

Cyber security deterrence and it protection for critical infrastructures

CERN Document Server

Martellini, Maurizio

2013-01-01

The experts of the International Working Group-Landau Network Centro Volta (IWG-LNCV) discuss aspects of cyber security and present possible methods of deterrence, defense and resilience against cyber attacks. This SpringerBrief covers state-of-the-art documentation on the deterrence power of cyber attacks and argues that nations are entering a new cyber arms race. The brief also provides a technical analysis of possible cyber attacks towards critical infrastructures in the chemical industry and chemical safety industry. The authors also propose modern analyses and a holistic approach to resil

A threat analysis framework as applied to critical infrastructures in the Energy Sector.

Energy Technology Data Exchange (ETDEWEB)

Michalski, John T.; Duggan, David Patrick

2007-09-01

The need to protect national critical infrastructure has led to the development of a threat analysis framework. The threat analysis framework can be used to identify the elements required to quantify threats against critical infrastructure assets and provide a means of distributing actionable threat information to critical infrastructure entities for the protection of infrastructure assets. This document identifies and describes five key elements needed to perform a comprehensive analysis of threat: the identification of an adversary, the development of generic threat profiles, the identification of generic attack paths, the discovery of adversary intent, and the identification of mitigation strategies.

DNS as critical infrastructure, the energy system case study

NARCIS (Netherlands)

Casalicchio, E.; Gheorghe, A.V.; Caselli, M.; Coletta, A.; Nai Fovino, I.

2013-01-01

Modern critical infrastructures (e.g., power plants, energy grids, oil pipelines, etc.), make nowadays extensive use of information and communication technologies (ICT). As a direct consequence their exposure to cyber-attacks is becoming a matter of public security. In this paper, we analyse a

The European cooperative approach to securing critical information infrastructure.

Science.gov (United States)

Purser, Steve

2011-10-01

This paper provides an overview of the EU approach to securing critical information infrastructure, as defined in the Action Plan contained in the Commission Communication of March 2009, entitled 'Protecting Europe from large-scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' and further elaborated by the Communication of May 2011 on critical Information infrastructure protection 'Achievements and next steps: towards global cyber-security'. After explaining the need for pan-European cooperation in this area, the CIIP Action Plan is explained in detail. Finally, the current state of progress is summarised together with the proposed next steps.

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models.

Science.gov (United States)

Rao, Nageswara S V; Poole, Stephen W; Ma, Chris Y T; He, Fei; Zhuang, Jun; Yau, David K Y

2016-04-01

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities, expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical subinfrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein their components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures, are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. The analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures. © 2015 Society for Risk Analysis.

Defending Critical Infrastructure as Cyber Key Terrain

Science.gov (United States)

2016-08-01

to Secure Cyberspace (NSSC) is as it lists three strategic objectives:4 1) Prevent cyber attacks against America’s critical infrastructures; 2...House, “National Strategy to Secure Cyberspace,” (Washington, DC: The White House, 2003) Trey Herr, "PrEP: A framework for malware & cyber weapons...David Kuipers and Mark Fabro. “Control Systems Cyber Security : Defense in Depth Strategies,” [United States: Department of Energy, 2006]: 4

Critical infrastructure systems of systems assessment methodology.

Energy Technology Data Exchange (ETDEWEB)

Sholander, Peter E.; Darby, John L.; Phelan, James M.; Smith, Bryan; Wyss, Gregory Dane; Walter, Andrew; Varnado, G. Bruce; Depoy, Jennifer Mae

2006-10-01

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies that separately consider physical security and cyber security. This research has developed a risk assessment methodology that explicitly accounts for both physical and cyber security, while preserving the traditional security paradigm of detect, delay, and respond. This methodology also accounts for the condition that a facility may be able to recover from or mitigate the impact of a successful attack before serious consequences occur. The methodology uses evidence-based techniques (which are a generalization of probability theory) to evaluate the security posture of the cyber protection systems. Cyber threats are compared against cyber security posture using a category-based approach nested within a path-based analysis to determine the most vulnerable cyber attack path. The methodology summarizes the impact of a blended cyber/physical adversary attack in a conditional risk estimate where the consequence term is scaled by a ''willingness to pay'' avoidance approach.

Vulnerability analysis and critical areas identification of the power systems under terrorist attacks

Science.gov (United States)

Wang, Shuliang; Zhang, Jianhua; Zhao, Mingwei; Min, Xu

2017-05-01

This paper takes central China power grid (CCPG) as an example, and analyzes the vulnerability of the power systems under terrorist attacks. To simulate the intelligence of terrorist attacks, a method of critical attack area identification according to community structures is introduced. Meanwhile, three types of vulnerability models and the corresponding vulnerability metrics are given for comparative analysis. On this basis, influence of terrorist attacks on different critical areas is studied. Identifying the vulnerability of different critical areas will be conducted. At the same time, vulnerabilities of critical areas under different tolerance parameters and different vulnerability models are acquired and compared. Results show that only a few number of vertex disruptions may cause some critical areas collapse completely, they can generate great performance losses the whole systems. Further more, the variation of vulnerability values under different scenarios is very large. Critical areas which can cause greater damage under terrorist attacks should be given priority of protection to reduce vulnerability. The proposed method can be applied to analyze the vulnerability of other infrastructure systems, they can help decision makers search mitigation action and optimum protection strategy.

Threat Assessment of Potential Terrorist Attacks to the Transport Infrastructure

Directory of Open Access Journals (Sweden)

Gabriel Nowacki

2014-06-01

Full Text Available The paper presents threat assessment of potential terrorist attacks to the transport infrastructure. The range of transportation infrastructure has spread and includes railway, inland waterways, road, maritime, air, intermodal transport infrastructure and intelligent transport systems (ITS. ITS service is the provision of an ITS application through a well-defined organisational and operational framework with the aim of contributing to the user safety, efficiency, comfort and/or to facilitate or support transport and travel operations. Terrorism means acts of violence committed by groups that view themselves as victimized by some notable historical wrong. Although these groups have no formal connection with governments, they usually have the financial and moral backing of sympathetic governments. Typically, they stage unexpected attacks on civilian targets, including transport infrastructure, with the aim of sowing fear and confusion. Based on the analyses, transportation infrastructure is potentially threatened with terrorism attacks, especially road and rail infrastructure (about 23 %, and to a smaller degree the maritime and air transport infrastructure (about 2 %. There were 90,3% of incidents involve land transport (74,5% – vehicles, 9,5% – buses, 6,3% - rail covered the 41-year period 1967-2007 in the USA. Legal steps to fight terrorism have been taken on the international level, furthermore, some institutions have been established for this purpose.

Development of the efficient emergency preparedness system for the nuclear critical infrastructure

International Nuclear Information System (INIS)

Kostadinov, V.; Marn, J.; Petelin, S.

2007-01-01

The evaluation of the critical nuclear infrastructure vulnerability to threats like human occurrences, terrorist attacks and natural disasters and the preparation of emergency response plans with the estimation of optimized costs are of the vital importance for the assurance of a safe nuclear facilities operation and the national security. In the past national emergency systems did not include vulnerability assessments of the critical nuclear infrastructure as the important part of the comprehensive preparedness framework. The fundamental aims of the efficient emergency preparedness and response system are to provide a sustained emergency readiness and to prevent an emergency situation and accidents. But when an event happens the mission is to mitigate consequences and to protect the people and environment against the nuclear and radiological damage. The efficient emergency response system, which would be activated in the case of the nuclear and/or radiological emergency and release of the radioactivity to the environment, is an important element of a comprehensive system of the nuclear and radiation safety. In the article the new methodology for the critical nuclear infrastructure vulnerability assessment as a missing part of an efficient emergency preparedness system is presented. It can help the overall national energy sectors to identify and better understand the terrorist threats and vulnerabilities of their critical infrastructure. The presented methodology could also facilitate national agencies to develop and implement a vulnerability awareness and education programs for their critical assets to enhance the security, reliability and safe operation of the whole energy infrastructure. The vulnerability assessment methodology will also assist nuclear power plants to develop, validate, and disseminate the assessment and survey of new efficient countermeasures. The significant benefits of the new vulnerability assessment research are to increase nuclear power

Network Randomization and Dynamic Defense for Critical Infrastructure Systems

Energy Technology Data Exchange (ETDEWEB)

Chavez, Adrian R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Martin, Mitchell Tyler [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Hamlet, Jason [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Stout, William M.S. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Lee, Erik [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2015-04-01

Critical Infrastructure control systems continue to foster predictable communication paths, static configurations, and unpatched systems that allow easy access to our nation's most critical assets. This makes them attractive targets for cyber intrusion. We seek to address these attack vectors by automatically randomizing network settings, randomizing applications on the end devices themselves, and dynamically defending these systems against active attacks. Applying these protective measures will convert control systems into moving targets that proactively defend themselves against attack. Sandia National Laboratories has led this effort by gathering operational and technical requirements from Tennessee Valley Authority (TVA) and performing research and development to create a proof-of-concept solution. Our proof-of-concept has been tested in a laboratory environment with over 300 nodes. The vision of this project is to enhance control system security by converting existing control systems into moving targets and building these security measures into future systems while meeting the unique constraints that control systems face.

Neural Network Based Intrusion Detection System for Critical Infrastructures

Energy Technology Data Exchange (ETDEWEB)

Todd Vollmer; Ondrej Linda; Milos Manic

2009-07-01

Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recorded from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.

People at risk - nexus critical infrastructure and society

Science.gov (United States)

Heiser, Micha; Thaler, Thomas; Fuchs, Sven

2016-04-01

Strategic infrastructure networks include the highly complex and interconnected systems that are so vital to a city or state that any sudden disruption can result in debilitating impacts on human life, the economy and the society as a whole. Recently, various studies have applied complex network-based models to study the performance and vulnerability of infrastructure systems under various types of attacks and hazards - a major part of them is, particularly after the 9/11 incident, related to terrorism attacks. Here, vulnerability is generally defined as the performance drop of an infrastructure system under a given disruptive event. The performance can be measured by different metrics, which correspond to various levels of resilience. In this paper, we will address vulnerability and exposure of critical infrastructure in the Eastern Alps. The Federal State Tyrol is an international transport route and an essential component of the north-south transport connectivity in Europe. Any interruption of the transport flow leads to incommensurable consequences in terms of indirect losses, since the system does not feature redundant elements at comparable economic efficiency. Natural hazard processes such as floods, debris flows, rock falls and avalanches, endanger this infrastructure line, such as large flood events in 2005 or 2012, rock falls 2014, which had strong impacts to the critical infrastructure, such as disruption of the railway lines (in 2005 and 2012), highways and motorways (in 2014). The aim of this paper is to present how critical infrastructures as well as communities and societies are vulnerable and can be resilient against natural hazard risks and the relative cascading effects to different compartments (industrial, infrastructural, societal, institutional, cultural, etc.), which is the dominant by the type of hazard (avalanches, torrential flooding, debris flow, rock falls). Specific themes will be addressed in various case studies to allow cross

Identification and Ranking of Critical Assets within an Electrical Grid under Threat of Cyber Attack

Science.gov (United States)

Boyer, Blake R.

This paper examines the ranking of critical assets within an electrical grid under threat of cyber attack.1 Critical to this analysis is the assumption of zero hour exploits namely, the threat of an immediate attack as soon as a vulnerability is discovered. Modeling shows that over time load fluctuations as well as other system variations will change the importance of each asset in the delivery of bulk power. As opposed to classic stability studies where risk can be shown to be greatest during high load periods, the zero hour exploit-cyber-risk assumes that vulnerabilities will be attacked as soon as they are discovered. The probability of attacks is made uniform over time to include any and all possible attacks. Examining the impact of an attack and how the grid reacts immediately following an attack will identify and determine the criticality of each asset. This work endeavors to fulfill the NERC Critical Infrastructure Protection Requirements CIP-001-1 through CIP-009-2, cyber security requirements for the reliable supply of bulk power to customers throughout North America. 1Critical assets will here refer to facilities, systems, and equipment, which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System, NERC Glossary of Terms Used in Reliability Standards, 2009

Cyber and physical infrastructure interdependencies.

Energy Technology Data Exchange (ETDEWEB)

Phillips, Laurence R.; Kelic, Andjelka; Warren, Drake E.

2008-09-01

The goal of the work discussed in this document is to understand the risk to the nation of cyber attacks on critical infrastructures. The large body of research results on cyber attacks against physical infrastructure vulnerabilities has not resulted in clear understanding of the cascading effects a cyber-caused disruption can have on critical national infrastructures and the ability of these affected infrastructures to deliver services. This document discusses current research and methodologies aimed at assessing the translation of a cyber-based effect into a physical disruption of infrastructure and thence into quantification of the economic consequences of the resultant disruption and damage. The document discusses the deficiencies of the existing methods in correlating cyber attacks with physical consequences. The document then outlines a research plan to correct those deficiencies. When completed, the research plan will result in a fully supported methodology to quantify the economic consequences of events that begin with cyber effects, cascade into other physical infrastructure impacts, and result in degradation of the critical infrastructure's ability to deliver services and products. This methodology enables quantification of the risks to national critical infrastructure of cyber threats. The work addresses the electric power sector as an example of how the methodology can be applied.

Safeguarding information intensive critical infrastructures against novel types of emerging failures

International Nuclear Information System (INIS)

Balducelli, C.; Bologna, S.; Lavalle, L.; Vicoli, G.

2007-01-01

The complexity of information intensive critical infrastructures, like electricity networks, telecommunication networks and public transportation networks is today augmented much more than in the past: such complexity augments the number of possible failures and anomalous working conditions and consequently decreases the survivability of the infrastructures. In this paper, the possibility is investigated to detect early anomalies and failures inside information intensive critical infrastructures by the introduction of anomaly detectors being 'self-aware' about the normal working conditions of the infrastructure itself. This approach has the objective to improve the performance of the most popular signature-based algorithms for intrusion detection, and makes use of different classes of time-oriented algorithms based on artificial intelligence paradigm. It has the advantage to work also in presence of unknown and unexpected types of attacks or failures. The tests, to evaluate the performance of the utilised detectors, are executed inside an emulated supervisory control and data acquisition (SCADA) system of an electrical power transmission grid, and a proposal for the future integration inside real SCADA systems is also reported

Safeguarding information intensive critical infrastructures against novel types of emerging failures

Energy Technology Data Exchange (ETDEWEB)

Balducelli, C. [ENEA-Italian National Agency for new Technology, Energy and the Environment Via Anguillasere 301, 00060 Rome (Italy)]. E-mail: claudio.balducelli@casaccia.enea.it; Bologna, S. [ENEA-Italian National Agency for new Technology, Energy and the Environment Via Anguillasere 301, 00060 Rome (Italy); Lavalle, L. [ENEA-Italian National Agency for new Technology, Energy and the Environment Via Anguillasere 301, 00060 Rome (Italy); Vicoli, G. [ENEA-Italian National Agency for new Technology, Energy and the Environment Via Anguillasere 301, 00060 Rome (Italy)

2007-09-15

The complexity of information intensive critical infrastructures, like electricity networks, telecommunication networks and public transportation networks is today augmented much more than in the past: such complexity augments the number of possible failures and anomalous working conditions and consequently decreases the survivability of the infrastructures. In this paper, the possibility is investigated to detect early anomalies and failures inside information intensive critical infrastructures by the introduction of anomaly detectors being 'self-aware' about the normal working conditions of the infrastructure itself. This approach has the objective to improve the performance of the most popular signature-based algorithms for intrusion detection, and makes use of different classes of time-oriented algorithms based on artificial intelligence paradigm. It has the advantage to work also in presence of unknown and unexpected types of attacks or failures. The tests, to evaluate the performance of the utilised detectors, are executed inside an emulated supervisory control and data acquisition (SCADA) system of an electrical power transmission grid, and a proposal for the future integration inside real SCADA systems is also reported.

Geographic Hotspots of Critical National Infrastructure.

Science.gov (United States)

Thacker, Scott; Barr, Stuart; Pant, Raghav; Hall, Jim W; Alderson, David

2017-12-01

Failure of critical national infrastructures can result in major disruptions to society and the economy. Understanding the criticality of individual assets and the geographic areas in which they are located is essential for targeting investments to reduce risks and enhance system resilience. Within this study we provide new insights into the criticality of real-life critical infrastructure networks by integrating high-resolution data on infrastructure location, connectivity, interdependence, and usage. We propose a metric of infrastructure criticality in terms of the number of users who may be directly or indirectly disrupted by the failure of physically interdependent infrastructures. Kernel density estimation is used to integrate spatially discrete criticality values associated with individual infrastructure assets, producing a continuous surface from which statistically significant infrastructure criticality hotspots are identified. We develop a comprehensive and unique national-scale demonstration for England and Wales that utilizes previously unavailable data from the energy, transport, water, waste, and digital communications sectors. The testing of 200,000 failure scenarios identifies that hotspots are typically located around the periphery of urban areas where there are large facilities upon which many users depend or where several critical infrastructures are concentrated in one location. © 2017 Society for Risk Analysis.

Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures (Dagstuhl Seminar 14292)

NARCIS (Netherlands)

Dacer, Marc; Kargl, Frank; König, Hartmut; Valdes, Alfonso

2014-01-01

This report documents the program and the outcomes of Dagstuhl Seminar 14292 “Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures”. The main objective of the seminar was to discuss new approaches and ideas for securing industrial control systems. It

Critical Infrastructure Interdependency Modeling: A Survey of U.S. and International Research

Energy Technology Data Exchange (ETDEWEB)

2006-08-01

The Nation’s health, wealth, and security rely on the production and distribution of certain goods and services. The array of physical assets, processes, and organizations across which these goods and services move are called "critical infrastructures".1 This statement is as true in the U.S. as in any country in the world. Recent world events such as the 9-11 terrorist attacks, London bombings, and gulf coast hurricanes have highlighted the importance of stable electric, gas and oil, water, transportation, banking and finance, and control and communication infrastructure systems. Be it through direct connectivity, policies and procedures, or geospatial proximity, most critical infrastructure systems interact. These interactions often create complex relationships, dependencies, and interdependencies that cross infrastructure boundaries. The modeling and analysis of interdependencies between critical infrastructure elements is a relatively new and very important field of study. The U.S. Technical Support Working Group (TSWG) has sponsored this survey to identify and describe this current area of research including the current activities in this field being conducted both in the U.S. and internationally. The main objective of this study is to develop a single source reference of critical infrastructure interdependency modeling tools (CIIMT) that could be applied to allow users to objectively assess the capabilities of CIIMT. This information will provide guidance for directing research and development to address the gaps in development. The results will inform researchers of the TSWG Infrastructure Protection Subgroup of research and development efforts and allow a more focused approach to addressing the needs of CIIMT end-user needs. This report first presents the field of infrastructure interdependency analysis, describes the survey methodology, and presents the leading research efforts in both a cumulative table and through individual datasheets. Data was

ShadowNet: An Active Defense Infrastructure for Insider Cyber Attack Prevention

Energy Technology Data Exchange (ETDEWEB)

Cui, Xiaohui [ORNL; Beaver, Justin M [ORNL; Treadwell, Jim N [ORNL

2012-01-01

The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the point of view of both the attacker and normal users. Existing connections, such as SSH sessions, are not interrupted. Any malicious activity performed by the attacker on a quarantined server is not reflected on the production server. The attacker is provided services from the quarantined server, which creates the impression that the attacks performed are successful. The activities of the attacker on the quarantined system are able to be recorded much like a honeypot system for forensic analysis.

A Game Theoretic Approach to Cyber Attack Prediction

Energy Technology Data Exchange (ETDEWEB)

Peng Liu

2005-11-28

The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

TCIA Secure Cyber Critical Infrastructure Modernization.

Energy Technology Data Exchange (ETDEWEB)

Keliiaa, Curtis M. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-02-01

The Sandia National Laboratories (Sandia Labs) tribal cyber infrastructure assurance initiative was developed in response to growing national cybersecurity concerns in the the sixteen Department of Homeland Security (DHS) defined critical infrastructure sectors1. Technical assistance is provided for the secure modernization of critical infrastructure and key resources from a cyber-ecosystem perspective with an emphasis on enhanced security, resilience, and protection. Our purpose is to address national critical infrastructure challenges as a shared responsibility.

Protection of critical infrastructure using fiber optic sensors embedded in technical textiles

Science.gov (United States)

Krebber, Katerina; Lenke, Philipp; Liehr, Sascha; Noether, Nils; Wendt, Mario; Wosniok, Aleksander

2010-04-01

Terrorists and criminals more and more attack and destroy important infrastructures like routes, railways, bridges, tunnels, dikes and dams, important buildings. Therefore, reliable on-line and long-term monitoring systems are required to protect such critical infrastructures. Fiber optic sensors are well-suited for that. They can be installed over many kilometers and are able to measure continuously distributed strain, pressure, temperature and further mechanical and physical quantities. The very tiny optical fibers can be integrated into structures and materials and can provide information about any significant changes or damages of the structures. These so-called smart materials and smart structures are able to monitor itself or its environment. Particularly smart technical textiles with embedded fiber optic sensors have become very attractive because of their high importance for the structural health monitoring of geotechnical and masonry infrastructures. Such textiles are usually used for reinforcement of the structures; the embedded fiber optic sensors provide information about the condition of the structures and detect the presence of any damages and destructions in real time. Thus, critical infrastructures can be preventively protected. The paper will introduce this innovative field and will present the results achieved within several German and European projects.

Water infrastructure protection against intentional attacks:An experience in Italy

Institute of Scientific and Technical Information of China (English)

Cristiana Di Cristo; Angelo Leopardi; Giovanni de Marinis

2011-01-01

In the last years many interesting studies were devoted to the development of technologies and methodologies for the protection of water supply systems against intentional attacks.However the application to real systems is still limited for different economical and technical reasons.The Water Engineering Laboratory (L.I.A.) of University of Cassino (Italy) was involved in two research projects financed by the European Commission in the framework of the European Programme for Critical Infrastructure Protection (E.P.C.I.P.).Both projects,developed in partnership with a large Italian Water Company,have the common objective of providing guidelines for enhancing security in water supply systems respect to the intentional contamination risk.The fmal product is represented by the arrangement of a general procedure for protection systems design of water networks.In the paper the procedure is described through the application to two real water systems,characterized by different size and behavior.

Durability of critical infrastructures

OpenAIRE

Raluca Pascu; Ramiro Sofronie

2011-01-01

The paper deals with those infrastructures by which world society, under the pressure ofdemographic explosion, self-survives. The main threatening comes not from terrorist attacks, but fromthe great natural catastrophes and global climate change. It’s not for the first time in history when suchmeasures of self-protection are built up. First objective of this paper is to present the background fordurability analysis. Then, with the aid of these mathematical tools the absolute durability of thr...

Attacker-defender game from a network science perspective

Science.gov (United States)

Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun

2018-05-01

Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.

Complexity and Vulnerability Analysis of Critical Infrastructures: A Methodological Approach

Directory of Open Access Journals (Sweden)

Yongliang Deng

2017-01-01

Full Text Available Vulnerability analysis of network models has been widely adopted to explore the potential impacts of random disturbances, deliberate attacks, and natural disasters. However, almost all these models are based on a fixed topological structure, in which the physical properties of infrastructure components and their interrelationships are not well captured. In this paper, a new research framework is put forward to quantitatively explore and assess the complexity and vulnerability of critical infrastructure systems. Then, a case study is presented to prove the feasibility and validity of the proposed framework. After constructing metro physical network (MPN, Pajek is employed to analyze its corresponding topological properties, including degree, betweenness, average path length, network diameter, and clustering coefficient. With a comprehensive understanding of the complexity of MPN, it would be beneficial for metro system to restrain original near-miss or accidents and support decision-making in emergency situations. Moreover, through the analysis of two simulation protocols for system component failure, it is found that the MPN turned to be vulnerable under the condition that the high-degree nodes or high-betweenness edges are attacked. These findings will be conductive to offer recommendations and proposals for robust design, risk-based decision-making, and prioritization of risk reduction investment.

A Virtual Environment for Resilient Infrastructure Modeling and Design

Science.gov (United States)

2015-09-01

Security CI Critical Infrastructure CID Center for Infrastructure Defense CSV Comma Separated Value DAD Defender-Attacker-Defender DHS Department...responses to disruptive events (e.g., cascading failure behavior) in a context- rich , controlled environment for exercises, education, and training...The general attacker-defender (AD) and defender-attacker-defender ( DAD ) models for CI are defined in Brown et al. (2006). These models help

Anti-social networking: crowdsourcing and the cyber defence of national critical infrastructures.

Science.gov (United States)

Johnson, Chris W

2014-01-01

We identify four roles that social networking plays in the 'attribution problem', which obscures whether or not cyber-attacks were state-sponsored. First, social networks motivate individuals to participate in Distributed Denial of Service attacks by providing malware and identifying potential targets. Second, attackers use an individual's social network to focus attacks, through spear phishing. Recipients are more likely to open infected attachments when they come from a trusted source. Third, social networking infrastructures create disposable architectures to coordinate attacks through command and control servers. The ubiquitous nature of these architectures makes it difficult to determine who owns and operates the servers. Finally, governments recruit anti-social criminal networks to launch attacks on third-party infrastructures using botnets. The closing sections identify a roadmap to increase resilience against the 'dark side' of social networking.

The Framework for Simulation of Bioinspired Security Mechanisms against Network Infrastructure Attacks

Directory of Open Access Journals (Sweden)

Andrey Shorov

2014-01-01

Full Text Available The paper outlines a bioinspired approach named “network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed prosedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine nessesary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described.

The framework for simulation of bioinspired security mechanisms against network infrastructure attacks.

Science.gov (United States)

Shorov, Andrey; Kotenko, Igor

2014-01-01

The paper outlines a bioinspired approach named "network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed procedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine necessary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described.

Protecting National Critical Infrastructure against Radiological Threat

International Nuclear Information System (INIS)

Yaar, I.; Halevy, I.; Berenstein, Z.; Sharon, A.

2014-01-01

National Critical Infrastructure (NCI) such as transportation, water, energy etc., are essential elements in a developed country's economy. As learned after the 9/11 attackxx, a terror attack on these complex system may cause thousands of casualties and significant economic damage. The attack can be a conventional one; like the train bombing in Spainxxi or the bus bombing in Londonxxii, or a non-conventional one; like the Sarin attack on the underground train in Tokyo, Japanxxiii. A radiological attack on a NCI is also feasiblexxiv. This type of attack must be taken into consideration due to the vulnerability of ani infrastructure to such an attack, and the severe economic outcome of itxxv. The radioactive materials that might be used by terrorists were recently identified and categorized in one of the IAEA Nuclear Security Series publicationxxvi,xxvii. The most common and therefore reachable radio nuclides are the gamma emitters 60Co, 137Cs and 192Ir, the beta emitter 90Sr and the alpha emitters 241Pu, 238Pu and 241Am. A radiological event can be any of two principle scenarios. In the first scenario, a radiological dispersion device (RDD) or ôdirtyö bomb is used. This device consists of a radiation source which is detonated using conventional or improvised explosivesxxviii. Most of the casualties in this event will be from the explosion blast wave. However, some people might become contaminated with different levels of radiationxxix, some might need to go through some type of medical screening process and the costs of the total actions might be significantxxx. The second scenario involves a silent dispersion of radioactive material in a public site. In this event, there are no immediate known casualties, and the fact that people were exposed to radioactive material will be discovered only in the uncommon event when symptoms of radiation sickness will be identified due to exposure to high radiation dosexxxi, or if the radioactive material is discovered by a first

Critical infrastructure protection research results of the first critical infrastructure protection research project in Hungary

CERN Document Server

Padányi, József

2016-01-01

This book presents recent research in the recognition of vulnerabilities of national systems and assets which gained special attention for the Critical Infrastructures in the last two decades. The book concentrates on R&D activities in the relation of Critical Infrastructures focusing on enhancing the performance of services as well as the level of security. The objectives of the book are based on a project entitled "Critical Infrastructure Protection Researches" (TÁMOP-4.2.1.B-11/2/KMR-2011-0001) which concentrated on innovative UAV solutions, robotics, cybersecurity, surface engineering, and mechatrinics and technologies providing safe operations of essential assets. This report is summarizing the methodologies and efforts taken to fulfill the goals defined. The project has been performed by the consortium of the Óbuda University and the National University of Public Service.

Critical energy infrastructure protection in Canada

Energy Technology Data Exchange (ETDEWEB)

Gendron, Angela [Canadian Centre for Intelligence and Security Studies, Carleton University (Canada)

2010-12-15

In Canada government acknowledged the need to protect energy assets against attacks. However, so far no strategy has been developed. The aim of this report is to present the characteristics of the energy sector in Canada, the threats, and how the government is responding to those threats. The energy sector in Canada is concentrated and diverse and is under not only terrorism or cyber attacks threats but also environmental threats. This report shows that the Government of Canada is focusing on the protection and assurance of important energy infrastructures but that they are facing several challenges resulting in long delays in the adoption of a formal strategy.

An Analysis of IT Governance Practices in the Federal Government: Protecting U.S. Critical Infrastructure from Cyber Terrorist Attacks

Science.gov (United States)

Johnson, R. LeWayne

2012-01-01

Much of the governing process in the United States (U.S.) today depends on a reliable and well protected public information technology (IT) infrastructure. The Department of Homeland Security (DHS) is tasked with the responsibility of protecting the country's IT infrastructure. Critics contend that the DHS has failed to address planning and…

Intrusion-Tolerant Replication under Attack

Science.gov (United States)

Kirsch, Jonathan

2010-01-01

Much of our critical infrastructure is controlled by large software systems whose participants are distributed across the Internet. As our dependence on these critical systems continues to grow, it becomes increasingly important that they meet strict availability and performance requirements, even in the face of malicious attacks, including those…

Critical infrastructure system security and resiliency

CERN Document Server

Biringer, Betty; Warren, Drake

2013-01-01

Security protections for critical infrastructure nodes are intended to minimize the risks resulting from an initiating event, whether it is an intentional malevolent act or a natural hazard. With an emphasis on protecting an infrastructure's ability to perform its mission or function, Critical Infrastructure System Security and Resiliency presents a practical methodology for developing an effective protection system that can either prevent undesired events or mitigate the consequences of such events.Developed at Sandia National Labs, the authors' analytical approach and

Concepts to Analyze the Vulnerability of Critical Infrastructures - Taking into account Cybernetics

Directory of Open Access Journals (Sweden)

Frédéric Petit

2010-02-01

Full Text Available Critical Infrastructures (CIs are complex systems. For their operations, these infrastructures are increasingly using Supervisory Control And Data Acquisition (SCADA systems. Management practices are therefore highly dependent on the cyber tools, but also on the data needed to make these tools work. Therefore, CIs are greatly vulnerable to degradation of data. In this context, this paper aims at presenting the fundamentals of a method for analyzing the vulnerabilities of CIs towards the use of cyber data. By characterizing cyber vulnerability of CIs, it will be possible to improve the resilience of these networks and to foster a proactive approach to risk management not only by considering cybernetics from a cyber-attack point of view but also by considering the consequences of the use of corrupted data.

RISK ANALYSIS AND EVALUATION FOR CRITICAL LOGISTICAL INFRASTRUCTURE

Directory of Open Access Journals (Sweden)

Sascha Düerkop

2016-12-01

Full Text Available Logistical infrastructure builds the backbone of an economy. Without an effective logistical infrastructure in place, the supply for both enterprises and consumers might not be met. But even a high-quality logistical infrastructure can be threatened by risks. Thus, it is important to identify, analyse, and evaluate risks for logistical infrastructure that might threaten logistical processes. Only if those risks are known and their impact estimated, decision makers can implement counteractive measures to reduce risks. In this article, we develop a network-based approach that allows for the evaluation of risks and their consequences onto the logistical network. We will demonstrate the relevance of this approach by applying it to the logistics network of the central German state of Hesse. Even though transport data is extensively tracked and recorded nowadays, typical daily risks, like accidents on a motorway, and extraordinary risks, like a bridge at risk to collapse, terrorist attacks or climate-related catastrophes, are not systematically anticipated. Several studies unveiled recently that the overall impact for an economy of possible failures of single nodes and/or edges in a network are not calculated, and particularly critical edges are not identified in advance. We address this information gap by a method that helps to identify and quantify risks in a given network. To reach this objective, we define a mathematical optimization model that quantifies the current “risk-related costs” of the overall network and quantify the risk by investigating the change of the overall costs in the case a risk is realized.

Flood vulnerability of critical infrastructure in Cork, Ireland

Directory of Open Access Journals (Sweden)

de Bruijn Karin M.

2016-01-01

Full Text Available Recent flood events in Ireland and particularly in County Cork have caused significant disruption to health service provisions, interruption of water and power supplies, and damage to roads and other transportation infrastructure, affecting the lives of hundreds of thousands of people over a prolonged period of weeks. These events clearly reveal- the vulnerability of the critical infrastructure to flooding and the dependence of society on critical infrastructure. In order to reduce the flood vulnerability and increase the resilience of the critical infrastructure networks in the future, detailed evidence-based analysis and assessment is essential. To this end a case study has been carried out on Cork City which analyses this vulnerability as it was in 2009, and as it is currently, and identifies adaptation options to reduce the future vulnerability of critical infrastructure to flooding and to build a more resilient society. This paper describes the storyline approach and CIrcle tool and their application to Cork City which focused on the analysis of the flood vulnerability of critical infrastructure and the impacts of failure of the infrastructure for other critical functions and on society.

Security Economics and Critical National Infrastructure

Science.gov (United States)

Anderson, Ross; Fuloria, Shailendra

There has been considerable effort and expenditure since 9/11 on the protection of ‘Critical National Infrastructure' against online attack. This is commonly interpreted to mean preventing online sabotage against utilities such as electricity,oil and gas, water, and sewage - including pipelines, refineries, generators, storage depots and transport facilities such as tankers and terminals. A consensus is emerging that the protection of such assets is more a matter of business models and regulation - in short, of security economics - than of technology. We describe the problems, and the state of play, in this paper. Industrial control systems operate in a different world from systems previously studied by security economists; we find the same issues (lock-in, externalities, asymmetric information and so on) but in different forms. Lock-in is physical, rather than based on network effects, while the most serious externalities result from correlated failure, whether from cascade failures, common-mode failures or simultaneous attacks. There is also an interesting natural experiment happening, in that the USA is regulating cyber security in the electric power industry, but not in oil and gas, while the UK is not regulating at all but rather encouraging industry's own efforts. Some European governments are intervening, while others are leaving cybersecurity entirely to plant owners to worry about. We already note some perverse effects of the U.S. regulation regime as companies game the system, to the detriment of overall dependability.

Defending networks against denial-of-service attacks

Science.gov (United States)

Gelenbe, Erol; Gellman, Michael; Loukas, George

2004-11-01

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

DETERMINANTS OF RISK ASSESSMENT PROCESS IN CRITICAL ENERGY INFRASTRUCTURE

Directory of Open Access Journals (Sweden)

Przemysław Borkowski

2016-06-01

Full Text Available Article deals with the problem of risk assessment in critical energy infrastructure. Firstly the critical infrastructure in energy sector is discussed than risk identification methodology for application to critical infrastructure is proposed. Specific conditions resulting from features of critical infrastructure are addressed in the context of risk assessment procedure. The limits of such a procedure are outlined and critical factors influencing different stages of risk assessment process are researched in view of specificity of the sector.

Assessing Vulnerabilities, Risks, and Consequences of Damage to Critical Infrastructure

International Nuclear Information System (INIS)

Suski, N.; Wuest, C.

2011-01-01

Since the publication of 'Critical Foundations: Protecting America's Infrastructure,' there has been a keen understanding of the complexity, interdependencies, and shared responsibility required to protect the nation's most critical assets that are essential to our way of life. The original 5 sectors defined in 1997 have grown to 18 Critical Infrastructures and Key Resources (CIKR), which are discussed in the 2009 National Infrastructure Protection Plan (NIPP) and its supporting sector-specific plans. The NIPP provides the structure for a national program dedicated to enhanced protection and resiliency of the nation's infrastructure. Lawrence Livermore National Laboratory (LLNL) provides in-depth, multi-disciplinary assessments of threat, vulnerability, and consequence across all 18 sectors at scales ranging from specific facilities to infrastructures spanning multi-state regions, such as the Oil and Natural Gas (ONG) sector. Like many of the CIKR sectors, the ONG sector is comprised of production, processing, distribution, and storage of highly valuable and potentially dangerous commodities. Furthermore, there are significant interdependencies with other sectors, including transportation, communication, finance, and government. Understanding the potentially devastating consequences and collateral damage resulting from a terrorist attack or natural event is an important element of LLNL's infrastructure security programs. Our work began in the energy sector in the late 1990s and quickly expanded other critical infrastructure sectors. We have performed over 600 physical assessments with a particular emphasis on those sectors that utilize, store, or ship potentially hazardous materials and for whom cyber security is important. The success of our approach is based on building awareness of vulnerabilities and risks and working directly with industry partners to collectively advance infrastructure protection. This approach consists of three phases: The Pre

Cyber Attacks: Emerging Threats to the 21st Century Critical Information Infrastructures

Directory of Open Access Journals (Sweden)

Cezar Vasilescu

2012-06-01

Full Text Available The paper explores the notion of cyber attack as a concept for understanding modern conflicts. It starts by elaborating a conceptual theoretical framework, observing that when it comes to cyber attacks, cyber war and cyber defense there are no internationally accepted definitions on the subject, mostly because of the relative recency of the terms. The second part analyzes the cyber realities of recent years, emphasizing the most advertised cyber attacks in the international mass media: Estonia (2007 and Georgia (2008, with a focus on two main lessons learned: how complicated is to define a cyber war and how difficult to defend against it. Crucial implications for world’s countries and the role of NATO in assuring an effective collective cyber defense are analyzed in the third part. The need for the development of strategic cyber defense documents (e.g. NATO Cyber Defense Policy, NATO Strategic Concept is further examined. It is suggested that particular attention should be paid to the development of a procedure for clearly discriminating between events (cyber attacks, cyber war, cyber crime, or cyber terrorism, and to a procedure for the conduct of nation’s legitimate military/civil cyber response operations.

After the year 2000: Critical infrastructure protection

International Nuclear Information System (INIS)

Dreicer, M.

1999-01-01

Presentation defines the critical infrastructure which includes: telecommunication, banking, transportation, electric energy, oil and gas supply, water supply, emergency services and government operations. The problem of protecting the critical infrastructure is is exposed in detail concerning physical protection and protection of information systems against cyberthreats

6 CFR 29.8 - Disclosure of Protected Critical Infrastructure Information.

Science.gov (United States)

2010-01-01

... 6 Domestic Security 1 2010-01-01 2010-01-01 false Disclosure of Protected Critical Infrastructure... PROTECTED CRITICAL INFRASTRUCTURE INFORMATION § 29.8 Disclosure of Protected Critical Infrastructure... Infrastructure Protection, or either's designee may choose to provide or authorize access to PCII under one or...

Collaborative Access Control For Critical Infrastructures

Science.gov (United States)

Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

Critical Infrastructure Awareness Required by Civil Emergency Planning

NARCIS (Netherlands)

Luiijf, H.A.M.; Klaver, M.H.A.

2005-01-01

Modern societies are increasingly dependent on a set of critical products and services which comprise the Critical Infrastructure (CI). This makes Critical infrastructures increasingly important as a planning factor in case of emergencies. For that reason, we studied a number of emergencies and a

2008 Defense Industrial Base Critical Infrastructure Protection Conference (DIB-CBIP)

Science.gov (United States)

2008-04-09

a cloak -and- dagger thing. It’s about computer architecture and the soundness of electronic systems." Joel Brenner, ODNI Counterintelligence Office...to support advanced network exploitation and launch attacks on the informational and physical elements of our cyber infrastructure. In order to...entities and is vulnerable to attacks and manipulation. Operations in the cyber domain have the ability to impact operations in other war-fighting

CRITICAL INFRASTRUCTURE PROTECTION WITHIN THE EUROPEAN UNION

Directory of Open Access Journals (Sweden)

Vasile N. POPA

2013-01-01

Full Text Available The new dynamics and intensity of the risks and threats posed to societal functioning and citizens’ security have acquired new meanings. Consequently, an integrated approach to the concept of ”critical infrastructure” is necessary. The critical nature of some of the basic characteristics of the critical infrastructures has made them acquire new meanings within the national/transnational strategic planning. Moreover, the complexity and importance of critical infrastructure protection for social stability have generated the correlaton of the strategies developed by states and organizations.

PKI Layer Cake: New Collision Attacks against the Global X.509 Infrastructure

Science.gov (United States)

Kaminsky, Dan; Patterson, Meredith L.; Sassaman, Len

Research unveiled in December of 2008 [15] showed how MD5's long-known flaws could be actively exploited to attack the real-worldCertification Authority infrastructure. In this paper, we demonstrate two new classes of collision, which will be somewhat trickier to address than previous attacks against X.509: the applicability of MD2 preimage attacks against the primary root certificate for Verisign, and the difficulty of validating X.509 Names contained within PKCS#10 Certificate Requests.We also draw particular attention to two possibly unrecognized vectors for implementation flaws that have been problematic in the past: the ASN.1 BER decoder required to parsePKCS#10, and the potential for SQL injection fromtext contained within its requests. Finally, we explore why the implications of these attacks are broader than some have realized - first, because Client Authentication is sometimes tied to X.509, and second, because Extended Validation certificates were only intended to stop phishing attacks from names similar to trusted brands. As per the work of Adam Barth and Collin Jackson [4], EV does not prevent an attacker who can synthesize or acquire a "low assurance" certificate for a given name from acquiring the "green bar" EV experience.

76 FR 55693 - Critical Infrastructure Partnership Advisory Council

Science.gov (United States)

2011-09-08

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0055] Critical Infrastructure Partnership... Advisory Committee Meeting. SUMMARY: The Critical Infrastructure Partnership Advisory Council (CIPAC... meeting may adjourn early if the committee has completed its business. For additional information, please...

Review on modeling and simulation of interdependent critical infrastructure systems

International Nuclear Information System (INIS)

Ouyang, Min

2014-01-01

Modern societies are becoming increasingly dependent on critical infrastructure systems (CISs) to provide essential services that support economic prosperity, governance, and quality of life. These systems are not alone but interdependent at multiple levels to enhance their overall performance. However, recent worldwide events such as the 9/11 terrorist attack, Gulf Coast hurricanes, the Chile and Japanese earthquakes, and even heat waves have highlighted that interdependencies among CISs increase the potential for cascading failures and amplify the impact of both large and small scale initial failures into events of catastrophic proportions. To better understand CISs to support planning, maintenance and emergency decision making, modeling and simulation of interdependencies across CISs has recently become a key field of study. This paper reviews the studies in the field and broadly groups the existing modeling and simulation approaches into six types: empirical approaches, agent based approaches, system dynamics based approaches, economic theory based approaches, network based approaches, and others. Different studies for each type of the approaches are categorized and reviewed in terms of fundamental principles, such as research focus, modeling rationale, and the analysis method, while different types of approaches are further compared according to several criteria, such as the notion of resilience. Finally, this paper offers future research directions and identifies critical challenges in the field. - Highlights: • Modeling approaches on interdependent critical infrastructure systems are reviewed. • I mainly review empirical, agent-based, system-dynamics, economic, network approaches. • Studies by each approach are sorted out in terms of fundamental principles. • Different approaches are further compared with resilience as the main criterion

Extensible threat taxonomy for critical infrastructures

NARCIS (Netherlands)

Luiijf, H.A.M.; Nieuwenhuijs, A.H.

2008-01-01

The European Union-sponsored project Vital Infrastructure Threats and Assurance (VITA) has the objective of exploring and showing new paths in Critical Infrastructure Protection (CIP) R&D. This paper describes one of VITA’s results: the idea and the development of a novel extensible and generic

77 FR 59203 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Science.gov (United States)

2012-09-26

... Infrastructure Partnership Advisory Council. [FR Doc. 2012-23666 Filed 9-25-12; 8:45 am] BILLING CODE 9910-9P-P ... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0051] Critical Infrastructure Partnership... meeting. SUMMARY: The Critical Infrastructure Partnership Advisory Council (CIPAC) Plenary Meeting will be...

31 CFR 800.208 - Critical infrastructure.

Science.gov (United States)

2010-07-01

... 31 Money and Finance: Treasury 3 2010-07-01 2010-07-01 false Critical infrastructure. 800.208 Section 800.208 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) OFFICE... infrastructure means, in the context of a particular covered transaction, a system or asset, whether physical or...

Risk and Interdependencies in Critical Infrastructures A Guideline for Analysis

CERN Document Server

Utne, Ingrid; Vatn, Jørn

2012-01-01

Today’s society is completely dependent on critical networks such as  water supply, sewage, electricity, ICT and transportation. Risk and vulnerability analyses are needed to grasp the impact of threats and hazards. However, these become quite complex as there are strong interdependencies both within and between infrastructure systems. Risk and Interdependencies in Critical Infrastructures: A  guideline for analysis provides methods for analyzing risks and interdependencies of critical infrastructures.  A number of analysis approaches are described and are adapted to each of these infrastructures. Various approaches are also revised, and all are supported by several examples and illustrations. Particular emphasis is given to the analysis of various interdependencies that often exist between the infrastructures.  Risk and Interdependencies in Critical Infrastructures: A  guideline for analysis provides a good tool to identify the hazards that are threatening your infrastructures, and will enhance the un...

Integrating cyber attacks within fault trees

International Nuclear Information System (INIS)

Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

2009-01-01

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Integrating cyber attacks within fault trees

Energy Technology Data Exchange (ETDEWEB)

Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

2009-09-15

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Criticality analysis of the EU gas infrastructure: heightened security requirements for gas control and management centres; Kritikalitaetsanalyse der EU-Gasinfrastruktur: Erhoehte Sicherheitsanforderungen an Gasleit- und -kontrollzentren

Energy Technology Data Exchange (ETDEWEB)

Nerlich, Uwe; Umbach, Frank [Centre for European Security Strategies (CESS), Muenchen/Berlin (Germany)

2009-11-15

Since the terror attacks of 2001 critical infrastructure objects have gained substantially in strategic importance in the eyes of the German government and EU authorities as well as the European industry. This has not only been due to the worldwide increase in terrorist attacks on energy infrastructure objects but also to the attacks of Madrid on 11 March 2004 and London on 7 July 2005, which have shown that Europe is no longer being spared from terrorism. Strategies for the abatement of these hazards and their repercussions are therefore more urgently needed than ever before. This requires a differentiated assessment of the situation, as has been carried out, for example, in raising the security requirements and investigating the vulnerability of the gas management and control centres of the EU's Octavio project.

Critical Foundations: Protecting America's Infrastructures. The Report of the President's Commission on Critical Infrastructure Protection

National Research Council Canada - National Science Library

1997-01-01

There is no doubt that our critical infrastructures are the best in the world-largely the result of the tremendous efficiency and global reach made possible by incorporation of our rapidly advancing...

International Conference on Durability of Critical Infrastructure

CERN Document Server

Cherepetskaya, Elena; Pospichal, Vaclav

2017-01-01

This book presents the proceedings of the International Conference on Durability of Critical Infrastructure. Monitoring and Testing held in Satov, Czech Republic from 6 to 9 December 2016. It discusses the developments in the theoretical and practical aspects in the fields of Safety, Sustainability and Durability of the Critical Infrastructure. The contributions are dealing with monitoring and testing of structural and composite materials with a new methods for their using for protection and prevention of the selected objects.

Methodologies and applications for critical infrastructure protection: State-of-the-art

International Nuclear Information System (INIS)

Yusta, Jose M.; Correa, Gabriel J.; Lacal-Arantegui, Roberto

2011-01-01

This work provides an update of the state-of-the-art on energy security relating to critical infrastructure protection. For this purpose, this survey is based upon the conceptual view of OECD countries, and specifically in accordance with EU Directive 114/08/EC on the identification and designation of European critical infrastructures, and on the 2009 US National Infrastructure Protection Plan. The review discusses the different definitions of energy security, critical infrastructure and key resources, and shows some of the experie'nces in countries considered as international reference on the subject, including some information-sharing issues. In addition, the paper carries out a complete review of current methodologies, software applications and modelling techniques around critical infrastructure protection in accordance with their functionality in a risk management framework. The study of threats and vulnerabilities in critical infrastructure systems shows two important trends in methodologies and modelling. A first trend relates to the identification of methods, techniques, tools and diagrams to describe the current state of infrastructure. The other trend accomplishes a dynamic behaviour of the infrastructure systems by means of simulation techniques including systems dynamics, Monte Carlo simulation, multi-agent systems, etc. - Highlights: → We examine critical infrastructure protection experiences, systems and applications. → Some international experiences are reviewed, including EU EPCIP Plan and the US NIPP programme. → We discuss current methodologies and applications on critical infrastructure protection, with emphasis in electric networks.

Critical Infrastructure Protection- Los Alamos National Laboratory

Energy Technology Data Exchange (ETDEWEB)

Bofman, Ryan K. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2017-02-24

Los Alamos National Laboratory (LANL) has been a key facet of Critical National Infrastructure since the nuclear bombing of Hiroshima exposed the nature of the Laboratory’s work in 1945. Common knowledge of the nature of sensitive information contained here presents a necessity to protect this critical infrastructure as a matter of national security. This protection occurs in multiple forms beginning with physical security, followed by cybersecurity, safeguarding of classified information, and concluded by the missions of the National Nuclear Security Administration.

Design of a Mobile Agent-Based Adaptive Communication Middleware for Federations of Critical Infrastructure Simulations

Science.gov (United States)

Görbil, Gökçe; Gelenbe, Erol

The simulation of critical infrastructures (CI) can involve the use of diverse domain specific simulators that run on geographically distant sites. These diverse simulators must then be coordinated to run concurrently in order to evaluate the performance of critical infrastructures which influence each other, especially in emergency or resource-critical situations. We therefore describe the design of an adaptive communication middleware that provides reliable and real-time one-to-one and group communications for federations of CI simulators over a wide-area network (WAN). The proposed middleware is composed of mobile agent-based peer-to-peer (P2P) overlays, called virtual networks (VNets), to enable resilient, adaptive and real-time communications over unreliable and dynamic physical networks (PNets). The autonomous software agents comprising the communication middleware monitor their performance and the underlying PNet, and dynamically adapt the P2P overlay and migrate over the PNet in order to optimize communications according to the requirements of the federation and the current conditions of the PNet. Reliable communications is provided via redundancy within the communication middleware and intelligent migration of agents over the PNet. The proposed middleware integrates security methods in order to protect the communication infrastructure against attacks and provide privacy and anonymity to the participants of the federation. Experiments with an initial version of the communication middleware over a real-life networking testbed show that promising improvements can be obtained for unicast and group communications via the agent migration capability of our middleware.

Situational Management Of Critical Infrastructure Resources Under Threat

Directory of Open Access Journals (Sweden)

Krupa Tadeusz

2015-06-01

Full Text Available This article presents a synthesis of knowledge about safety management procedures for critical infrastructure in the context of risk management theory and the provisions of the Polish law on emergency management launched on of April 26, 2007. In this paper, the inadequacy of the accepted procedures at present is highlighted, as well as their continuous improvement and adaptation to prevailing political, legal, social, and economic conditions. This paper proposes using the concept of situational management and knowledge management to develop a new method of predicting, preventing, and responding to emerging crises within critical infrastructure. The considerations presented in this paper lead to a proposed concept system supporting critical infrastructure safety management through the implementation of knowledge management methods.

Homeland Security -- Reducing the Vulnerability of Public and Private Information Infrastructures to Terrorism: An Overview

National Research Council Canada - National Science Library

Seifert, Jeffrey W

2002-01-01

This report assesses the impact of the September 11, 2001 attacks on public and private information infrastructures in the context of critical infrastructure protection, continuity of operations (COOP...

Understanding How Components of Organisations Contribute to Attacks

DEFF Research Database (Denmark)

Gu, Min; Aslanyan, Zaruhi; Probst, Christian W.

2016-01-01

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is diffi......Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors...... is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However......, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model...

Computer Attack and Cyber Terrorism: Vulnerabilities and Policy Issues for Congress

National Research Council Canada - National Science Library

Wilson, Clay

2003-01-01

Persistent computer security vulnerabilities may expose U.S. critical infrastructure and government computer systems to possible cyber attack by terrorists, possibly affecting the economy or other areas of national security...

78 FR 11737 - Improving Critical Infrastructure Cybersecurity

Science.gov (United States)

2013-02-19

..., security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a... security measures or controls on business confidentiality, and to protect individual privacy and civil... critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical...

Building safeguards infrastructure

International Nuclear Information System (INIS)

McClelland-Kerr, J.; Stevens, J.

2010-01-01

Much has been written in recent years about the nuclear renaissance - the rebirth of nuclear power as a clean and safe source of electricity around the world. Those who question the nuclear renaissance often cite the risk of proliferation, accidents or an attack on a facility as concerns, all of which merit serious consideration. The integration of three areas - sometimes referred to as 3S, for safety, security and safeguards - is essential to supporting the clean and safe growth of nuclear power, and the infrastructure that supports these three areas should be robust. The focus of this paper will be on the development of the infrastructure necessary to support safeguards, and the integration of safeguards infrastructure with other elements critical to ensuring nuclear energy security

78 FR 57644 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Science.gov (United States)

2013-09-19

... committee has completed its business. To accommodate as many speakers as possible, oral presentations will... infrastructure resilience. Topics such as the Executive Order for Improving Critical Infrastructure Cybersecurity...

Intelligent monitoring, control, and security of critical infrastructure systems

CERN Document Server

Polycarpou, Marios

2015-01-01

This book describes the challenges that critical infrastructure systems face, and presents state of the art solutions to address them. How can we design intelligent systems or intelligent agents that can make appropriate real-time decisions in the management of such large-scale, complex systems? What are the primary challenges for critical infrastructure systems? The book also provides readers with the relevant information to recognize how important infrastructures are, and their role in connection with a society’s economy, security and prosperity. It goes on to describe state-of-the-art solutions to address these points, including new methodologies and instrumentation tools (e.g. embedded software and intelligent algorithms) for transforming and optimizing target infrastructures. The book is the most comprehensive resource to date for professionals in both the private and public sectors, while also offering an essential guide for students and researchers in the areas of modeling and analysis of critical in...

Proactive Routing Mutation Against Stealthy Distributed Denial of Service Attacks – Metrics, Modeling and Analysis

Energy Technology Data Exchange (ETDEWEB)

Duan, Qi; Al-Shaer, Ehab; Chatterjee, Samrat; Halappanavar, Mahantesh; Oehmen, Christopher S.

2018-04-01

The Infrastructure Distributed Denial of Service (IDDoS) attacks continue to be one of the most devastating challenges facing cyber systems. The new generation of IDDoS attacks exploit the inherent weakness of cyber infrastructure including deterministic nature of routes, skew distribution of flows, and Internet ossification to discover the network critical links and launch highly stealthy flooding attacks that are not observable at the victim end. In this paper, first, we propose a new metric to quantitatively measure the potential susceptibility of any arbitrary target server or domain to stealthy IDDoS attacks, and es- timate the impact of such susceptibility on enterprises. Second, we develop a proactive route mutation technique to minimize the susceptibility to these attacks by dynamically changing the flow paths periodically to invalidate the adversary knowledge about the network and avoid targeted critical links. Our proposed approach actively changes these network paths while satisfying security and qualify of service requirements. We present an integrated approach of proactive route mutation that combines both infrastructure-based mutation that is based on reconfiguration of switches and routers, and middle-box approach that uses an overlay of end-point proxies to construct a virtual network path free of critical links to reach a destination. We implemented the proactive path mutation technique on a Software Defined Network using the OpendDaylight controller to demonstrate a feasible deployment of this approach. Our evaluation validates the correctness, effectiveness, and scalability of the proposed approaches.

Using attack-defense trees to analyze threats and countermeasures in an ATM: A case study

NARCIS (Netherlands)

Fraile, Marlon; Ford, Margaret; Gadyatskaya, Olga; Kumar, Rajesh; Stoelinga, Mariëlle Ida Antoinette; Trujillo-Rasua, Rolando

2016-01-01

Securing automated teller machines (ATMs), as critical and complex infrastructure, requires a precise understanding of the associated threats. This paper reports on the application of attack-defense trees to model and analyze the security of ATMs.We capture the most dangerous multi-stage attack

A Comprehensive Assessment Model for Critical Infrastructure Protection

Directory of Open Access Journals (Sweden)

Häyhtiö Markus

2017-12-01

Full Text Available International business demands seamless service and IT-infrastructure throughout the entire supply chain. However, dependencies between different parts of this vulnerable ecosystem form a fragile web. Assessment of the financial effects of any abnormalities in any part of the network is demanded in order to protect this network in a financially viable way. Contractual environment between the actors in a supply chain, different business domains and functions requires a management model, which enables a network wide protection for critical infrastructure. In this paper authors introduce such a model. It can be used to assess financial differences between centralized and decentralized protection of critical infrastructure. As an end result of this assessment business resilience to unknown threats can be improved across the entire supply chain.

CHDS Sponsors Critical Infrastructure Protection Workshop

OpenAIRE

Center for Homeland Defense and Security

2008-01-01

Center for Homeland Defense and Security, PRESS RELEASES The NPS Center for Homeland Defense and Security in partnership with the U.S. Department of Homeland Security recently hosted its first Critical Infrastructure Protection Workshop. The workshop brought together practitioners and...

Critical infrastructure dependencies 1-0-1

NARCIS (Netherlands)

Luiijf, H.A.M.; Nieuwenhuijs, A.H.; Klaver, M.H.A.

2008-01-01

Most of our critical infrastructures consist of complex systems-of-systems that provide services or products. The coupling mechanism between the chained systems in such complex systems of systems is dependencies. Dependencies may propagate cascading failures. Most studies on dependencies in

What's My Lane? Identifying the State Government Role in Critical Infrastructure Protection

OpenAIRE

Donnelly, Timothy S.

2012-01-01

Approved for public release; distribution is unlimited What constitutes an effective Critical Infrastructure and Key Resources (CIKR) protection program for Massachusetts This study evaluates existing literature regarding CIKR to extrapolate an infrastructure protection role for Massachusetts. By reviewing historical events and government strategies regarding infrastructure protection, Chapters I and II will provide scope and context for issues surrounding critical infrastructure. Chapter ...

Risk Assessment Methodology for Protecting Our Critical Physical Infrastructures

Energy Technology Data Exchange (ETDEWEB)

BIRINGER,BETTY E.; DANNEELS,JEFFREY J.

2000-12-13

Critical infrastructures are central to our national defense and our economic well-being, but many are taken for granted. Presidential Decision Directive (PDD) 63 highlights the importance of eight of our critical infrastructures and outlines a plan for action. Greatly enhanced physical security systems will be required to protect these national assets from new and emerging threats. Sandia National Laboratories has been the lead laboratory for the Department of Energy (DOE) in developing and deploying physical security systems for the past twenty-five years. Many of the tools, processes, and systems employed in the protection of high consequence facilities can be adapted to the civilian infrastructure.

Cyber Threats to Nuclear Infrastructures

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

2010-07-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

Cyber Threats to Nuclear Infrastructures

International Nuclear Information System (INIS)

Anderson, Robert S.; Moskowitz, Paul; Schanfein, Mark; Bjornard, Trond; St. Michel, Curtis

2010-01-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

75 FR 60771 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Science.gov (United States)

2010-10-01

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0080] Critical Infrastructure Partnership... that the meeting may adjourn early if the committee has completed its business. For additional..., Section Chief Partnership Programs, Partnership and Outreach Division, Office of Infrastructure Protection...

Critical infrastructure – content, structure and problems of its protection

Directory of Open Access Journals (Sweden)

Ladislav Hofreiter

2014-06-01

Full Text Available Security, economic and social stability of the country, its functionality but also protecting the lives and property of citizens are dependent on the proper functioning of many infrastructure systems of state. Disruptions, lack or destruction of such systems, institutions, facilities and other services could cause disruption of social stability and national security, provoke a crisis situation or seriously affect the operation of state and local governments in crisis situations. This is known as critical infrastructure. It is in the interest of the State to the critical infrastructure effectively protected.

Systematic risk assessment methodology for critical infrastructure elements - Oil and Gas subsectors

Science.gov (United States)

Gheorghiu, A.-D.; Ozunu, A.

2012-04-01

The concern for the protection of critical infrastructure has been rapidly growing in the last few years in Europe. The level of knowledge and preparedness in this field is beginning to develop in a lawfully organized manner, for the identification and designation of critical infrastructure elements of national and European interest. Oil and gas production, refining, treatment, storage and transmission by pipelines facilities, are considered European critical infrastructure sectors, as per Annex I of the Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection. Besides identifying European and national critical infrastructure elements, member states also need to perform a risk analysis for these infrastructure items, as stated in Annex II of the above mentioned Directive. In the field of risk assessment, there are a series of acknowledged and successfully used methods in the world, but not all hazard identification and assessment methods and techniques are suitable for a given site, situation, or type of hazard. As Theoharidou, M. et al. noted (Theoharidou, M., P. Kotzanikolaou, and D. Gritzalis 2009. Risk-Based Criticality Analysis. In Critical Infrastructure Protection III. Proceedings. Third Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection. Hanover, New Hampshire, USA, March 23-25, 2009: revised selected papers, edited by C. Palmer and S. Shenoi, 35-49. Berlin: Springer.), despite the wealth of knowledge already created, there is a need for simple, feasible, and standardized criticality analyses. The proposed systematic risk assessment methodology includes three basic steps: the first step (preliminary analysis) includes the identification of hazards (including possible natural hazards) for each installation/section within a given site, followed by a criterial analysis and then a detailed analysis step

On localization attacks against cloud infrastructure

Science.gov (United States)

Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

2013-05-01

One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

Examining Cybersecurity of Cyberphysical Systems for Critical Infrastructures Through Work Domain Analysis.

Science.gov (United States)

Wang, Hao; Lau, Nathan; Gerdes, Ryan M

2018-04-01

The aim of this study was to apply work domain analysis for cybersecurity assessment and design of supervisory control and data acquisition (SCADA) systems. Adoption of information and communication technology in cyberphysical systems (CPSs) for critical infrastructures enables automated and distributed control but introduces cybersecurity risk. Many CPSs employ SCADA industrial control systems that have become the target of cyberattacks, which inflict physical damage without use of force. Given that absolute security is not feasible for complex systems, cyberintrusions that introduce unanticipated events will occur; a proper response will in turn require human adaptive ability. Therefore, analysis techniques that can support security assessment and human factors engineering are invaluable for defending CPSs. We conducted work domain analysis using the abstraction hierarchy (AH) to model a generic SCADA implementation to identify the functional structures and means-ends relations. We then adopted a case study approach examining the Stuxnet cyberattack by developing and integrating AHs for the uranium enrichment process, SCADA implementation, and malware to investigate the interactions between the three aspects of cybersecurity in CPSs. The AHs for modeling a generic SCADA implementation and studying the Stuxnet cyberattack are useful for mapping attack vectors, identifying deficiencies in security processes and features, and evaluating proposed security solutions with respect to system objectives. Work domain analysis is an effective analytical method for studying cybersecurity of CPSs for critical infrastructures in a psychologically relevant manner. Work domain analysis should be applied to assess cybersecurity risk and inform engineering and user interface design.

CRITICAL SUCCESS FACTORS FOR INFRASTRUCTURE EUROPEAN FUNDED PROJECTS

Directory of Open Access Journals (Sweden)

Sebastian-Ion Ceptureanu

2016-07-01

Full Text Available Absorption of European funds is on top of Romania’s public agenda for the last years although the first programming period has ended and the necessary lessons were learned so far. To have a high degree of absorption of funds provided by the EU must be of quality projects and their implementation to be successful. Through this work we aimed to investigate the success factors of infrastructure projects with European funding in Romania, Bulgaria, Moldova, Ukraine, Serbia and Kosovo, and identify critical success factors of these projects through a research surveying the teams of consultants and support personnel from the countries in an international consulting company. The research results are therefore constitute the empirical evidence of what constitutes critical success factors of infrastructure projects financed by the European Union and can be used as a starting point for scientific studies of the management of European projects or other actions that investigates measures that can be taken to improve the success rate of projects implemented in the area mentioned above.One of the contributions of this paper is to identify the critical success factors of success factors present in literature. With more so as they are critical success factors of infrastructure projects with European funding still required field studies and analysis performed in the present context. In addition, the critical factors were operationalized in a conceptual framework. Moreover, this framework includes leadership style of project manager as critical success factor has been identified in the research as the most important in the context in which it was conducted. As such, this paper demonstrates, with the necessary limitations, the importance of management style of project managers in the context of specific European funded infrastructure projects. And this is happening even though there are sophisticated project management tools availabe and relevant knowledge exists

Critical Infrastructure Information Disclosure and Homeland Security

National Research Council Canada - National Science Library

Moteff, John D; Stevens, Gina M

2003-01-01

Critical infrastructures have been defined as those systems and assets so vital to the United States that the incapacity of such systems and assets would have a debilitating impact on the United States...

The role of hosting providers in fighting command and control infrastructure of financial malware

NARCIS (Netherlands)

Tajalizadehkhoob, S.; Hernandez Ganan, C.; Noroozian, A.; van Eeten, M.J.G.

2017-01-01

A variety of botnets are used in attacks on financial services. Banks and security firms invest a lot of effort in detecting and combating malware-assisted takeover of customer accounts. A critical resource of these botnets is their command-and-control (C&C) infrastructure. Attackers rent or

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

Energy Technology Data Exchange (ETDEWEB)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills, and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between

The impact of natural hazard on critical infrastructure systems: definition of an ontology

Science.gov (United States)

Dimauro, Carmelo; Bouchon, Sara; Frattini, Paolo; Giusto, Claudia

2013-04-01

According to the Council of the European Union Directive (2008), 'critical infrastructure' means an asset, system or part thereof which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact as a result of the failure to maintain those functions. Critical infrastructure networks are exposed to natural events, such as floods, storms, landslides, earthquakes, etc. Recent natural disasters show that socio-economic consequences can be very much aggravated by the impact on these infrastructures. Though, there is still a lack of a recognized approach or methodology to assess the vulnerability of critical infrastructure assets against natural threats. The difficulty to define such an approach is increased by the need to consider a very high number of natural events, which differ in nature, magnitude and probability, as well as the need to assess the vulnerability of a high variety of infrastructure assets (e.g. bridges, roads, tunnels, pipelines, etc.) To meet this challenge, the objective of the THREVI2 EU-CIPS project is to create a database linking the relationships between natural hazards and critical infrastructure assets. The query of the database will allow the end-users (critical infrastructure protection authorities and operators) to identify the relevant scenarios according to the own priorities and criteria. The database builds on an ontology optimized for the assessment of the impact of threats on critical infrastructures. The ontology aims at capturing the existing knowledge on natural hazards, critical infrastructures assets and their related vulnerabilities. Natural phenomena that can threaten critical infrastructures are classified as "events", and organized in a genetic-oriented hierarchy. The main attributes associated to each event are the probability, the magnitude and the "modus". The modus refers to the

Resilience? Insights into the role of Critical Infrastructures Disaster Mitigation Strategies

Directory of Open Access Journals (Sweden)

Sara Bouchon

2012-11-01

Full Text Available Critical infrastructures (CI systems provide essential services “for the maintenance of critical societal functions, including the supply chain, health, safety, security and economic or social well-being of the people” (European Commission, 2008. These systems are exposed to a great number of hazards and threats, which may result in severe consequences for the population, the socio-economic system, and the environment. The issue is particularly relevant at urban level, where the disruption of one CI system can propagate to the other systems and paralyze the entire area. It is therefore necessary, not only to protect CIs through Critical Infrastructure Protection (CIP strategies, but also to enhance the resilience of these areas. This article aims thus at providing some insights related to the evolution of the critical infrastructures disaster mitigation strategies from the sole protection towards resilience: what kind of strategies based on resilience can be developed to address CIs disruption at local or regional level? To what extent do these strategies contribute to increase the resilience level of the entire urban or metropolitan area? The first section focuses on the urban critical infrastructures systems as well as on the way their disruption can impact urban areas. The second section provides with some examples of key measures to operationalize resilience in the field of critical infrastructure disaster mitigation strategies. The last section highlights how the key measures developed to enhance the resilience against CI disruptions can benefit also to broader urban resilience. 

Optimal recovery sequencing for critical infrastructure resilience assessment.

Energy Technology Data Exchange (ETDEWEB)

Vugrin, Eric D.; Brown, Nathanael J. K.; Turnquist, Mark Alan (Cornell University, Ithaca, NY)

2010-09-01

Critical infrastructure resilience has become a national priority for the U. S. Department of Homeland Security. System resilience has been studied for several decades in many different disciplines, but no standards or unifying methods exist for critical infrastructure resilience analysis. This report documents the results of a late-start Laboratory Directed Research and Development (LDRD) project that investigated the identification of optimal recovery strategies that maximize resilience. To this goal, we formulate a bi-level optimization problem for infrastructure network models. In the 'inner' problem, we solve for network flows, and we use the 'outer' problem to identify the optimal recovery modes and sequences. We draw from the literature of multi-mode project scheduling problems to create an effective solution strategy for the resilience optimization model. We demonstrate the application of this approach to a set of network models, including a national railroad model and a supply chain for Army munitions production.

Onsite and Electric Backup Capabilities at Critical Infrastructure Facilities in the United States

Energy Technology Data Exchange (ETDEWEB)

Phillips, Julia A. [Argonne National Lab. (ANL), Argonne, IL (United States); Wallace, Kelly E. [Argonne National Lab. (ANL), Argonne, IL (United States); Kudo, Terence Y. [Argonne National Lab. (ANL), Argonne, IL (United States); Eto, Joseph H. [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

2016-04-01

The following analysis, conducted by Argonne National Laboratory’s (Argonne’s) Risk and Infrastructure Science Center (RISC), details an analysis of electric power backup of national critical infrastructure as captured through the Department of Homeland Security’s (DHS’s) Enhanced Critical Infrastructure Program (ECIP) Initiative. Between January 1, 2011, and September 2014, 3,174 ECIP facility surveys have been conducted. This study focused first on backup capabilities by infrastructure type and then expanded to infrastructure type by census region.

A database of volcanic hazards and their physical impacts to critical infrastructure

Science.gov (United States)

Wilson, Grant; Wilson, Thomas; Deligne, Natalia

2013-04-01

Approximately 10% of the world's population lives within 100 km of historically active volcanoes. Consequently, considerable critical infrastructure is at risk of being affected by volcanic eruptions, where critical infrastructure includes: electricity and wastewater networks; water supply systems; transport routes; communications; and buildings. Appropriate risk management strategies are required to minimise the risk to infrastructure, which necessitates detailed understanding of both volcanic hazards and infrastructure parameters and vulnerabilities. To address this, we are developing a database of the physical impacts and vulnerability of critical infrastructure observed during/following historic eruptions, placed in the context of event-specific volcanic hazard and infrastructure parameters. Our database considers: volcanic hazard parameters for each case study eruption (tephra thickness, dynamic pressure of PDCs, etc.); inventory of infrastructure elements present within the study area (geographical extent, age, etc.); the type and number of impacts and disruption caused to particular infrastructure sectors; and the quantified assessment of the vulnerability of built environments. Data have been compiled from a wide range of literature, focussing in particular on impact assessment studies which document in detail the damage sustained by critical infrastructure during a given eruption. We are creating a new vulnerability ranking to quantify the vulnerability of built environments affected by volcanic eruptions. The ranking is based upon a range of physical impacts and service disruption criteria, and is assigned to each case study. This ranking will permit comparison of vulnerabilities between case studies as well as indicate expected vulnerability during future eruptions. We are also developing hazard intensity thresholds indicating when specific damage states are expected for different critical infrastructure sectors. Finally, we have developed a data quality

Vulnerability of water supply systems to cyber-physical attacks

Science.gov (United States)

Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

2016-04-01

The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

Dynamic Hazards In Critical Infrastructure Of State

Directory of Open Access Journals (Sweden)

Ostrowska Teresa

2015-06-01

Full Text Available The authors are interested in some aspects of a development project entitled “The methodology of risk assessment for the purposes of crisis management system RP (ID 193751”. The project funded by the National Research and Development Centre under the Competition 3/2012 (security and defense. As part of the project the following items were reviewed and analyzed: materials related to the Government Security Centre, already completed and available products of the project ID 193751, and literature relating to, among other things, crisis management, critical infrastructure, business continuity, security, and threats. The basic emphasis of the article is focused on the resource-critical infrastructure interpretation of the state, whereby the state is perceived as a complex administrative structure in which, on the basis of external and internal interactions of resources, the risk of threats measurement is done.

Risk analysis of critical infrastructures emphasizing electricity supply and interdependencies

International Nuclear Information System (INIS)

Kjølle, G.H.; Utne, I.B.; Gjerde, O.

2012-01-01

Failures in critical infrastructures can cause major damage to society. Wide-area interruptions (blackouts) in the electricity supply system have severe impacts on societal critical functions and other critical infrastructures, but there is no agreed-upon framework on how to analyze and predict the reliability of electricity supply. Thus, there is a need for an approach to cross-sector risk analyses, which facilitates risk analysis of outages in the electricity supply system and enables investigation of cascading failures and consequences in other infrastructures. This paper presents such an approach, which includes contingency analysis (power flow) and reliability analysis of power systems, as well as use of a cascade diagram for investigating interdependencies. A case study was carried out together with the Emergency Preparedness Group in the city of Oslo, Norway and the network company Hafslund Nett. The case study results highlight the need for cross-sector analyses by showing that the total estimated societal costs are substantially higher when cascading effects and consequences to other infrastructures are taken into account compared to only considering the costs of electricity interruptions as seen by the network company. The approach is a promising starting point for cross-sector risk analysis of electricity supply interruptions and consequences for dependent infrastructures.

Defense strategies for cloud computing multi-site server infrastructures

Energy Technology Data Exchange (ETDEWEB)

Rao, Nageswara S. [ORNL; Ma, Chris Y. T. [Hang Seng Management College, Hon Kong; He, Fei [Texas A& M University, Kingsville, TX, USA

2018-01-01

We consider cloud computing server infrastructures for big data applications, which consist of multiple server sites connected over a wide-area network. The sites house a number of servers, network elements and local-area connections, and the wide-area network plays a critical, asymmetric role of providing vital connectivity between them. We model this infrastructure as a system of systems, wherein the sites and wide-area network are represented by their cyber and physical components. These components can be disabled by cyber and physical attacks, and also can be protected against them using component reinforcements. The effects of attacks propagate within the systems, and also beyond them via the wide-area network.We characterize these effects using correlations at two levels using: (a) aggregate failure correlation function that specifies the infrastructure failure probability given the failure of an individual site or network, and (b) first-order differential conditions on system survival probabilities that characterize the component-level correlations within individual systems. We formulate a game between an attacker and a provider using utility functions composed of survival probability and cost terms. At Nash Equilibrium, we derive expressions for the expected capacity of the infrastructure given by the number of operational servers connected to the network for sum-form, product-form and composite utility functions.

Recovery from chemical, biological, and radiological incidents. Critical infrastructure and economic impact considerations

Energy Technology Data Exchange (ETDEWEB)

Franco, David Oliver [Sandia National Lab. (SNL-CA), Livermore, CA (United States); Yang, Lynn I. [Sandia National Lab. (SNL-CA), Livermore, CA (United States); Hammer, Ann E. [Sandia National Lab. (SNL-CA), Livermore, CA (United States)

2012-06-01

To restore regional lifeline services and economic activity as quickly as possible after a chemical, biological or radiological incident, emergency planners and managers will need to prioritize critical infrastructure across many sectors for restoration. In parallel, state and local governments will need to identify and implement measures to promote reoccupation and economy recovery in the region. This document provides guidance on predisaster planning for two of the National Disaster Recovery Framework Recovery Support Functions: Infrastructure Systems and Economic Recovery. It identifies key considerations for infrastructure restoration, outlines a process for prioritizing critical infrastructure for restoration, and identifies critical considerations for promoting regional economic recovery following a widearea disaster. Its goal is to equip members of the emergency preparedness community to systematically prioritize critical infrastructure for restoration, and to develop effective economic recovery plans in preparation for a widearea CBR disaster.

Critical infrastructure security assessment, prevention, detection, response

CERN Document Server

FLAMMINI, F

2012-01-01

The most comprehensive handbook on critical infrastructures (CI), addressing both logical and physical security from an engineering point of view. The book surveys state-of-the-art methodologies and tools for CI analysis as well as strategies and technologies for CI protection.

CORESAFE: A Formal Approach against Code Replacement Attacks on Cyber Physical Systems

Science.gov (United States)

2018-04-19

AFRL-AFOSR-JP-TR-2018-0035 CORESAFE:A Formal Approach against Code Replacement Attacks on Cyber Physical Systems Sandeep Shukla INDIAN INSTITUTE OF...Formal Approach against Code Replacement Attacks on Cyber Physical Systems 5a.  CONTRACT NUMBER 5b.  GRANT NUMBER FA2386-16-1-4099 5c.  PROGRAM ELEMENT...SUPPLEMENTARY NOTES 14.  ABSTRACT Industrial Control Systems (ICS) used in manufacturing, power generators and other critical infrastructure monitoring and

Cyber Security Insider Threats :: Government’s Role in Protecting India’s Critical Infrastructure Sectors

OpenAIRE

Vohra, Pulkit

2014-01-01

This research identifies the problem of insider threats in the critical infrastructure sectors of India. It is structured to answer the research question: "Why insider threats should be the primary concern for Indian government to protect its critical infrastructure sectors.” It defines the critical infrastructure sectors and portrays the cyber security scenario of India. Also, through the research study, it identifies the lack of awareness and non-seriousness of employees in the critical sec...

Attacks on computer systems

Directory of Open Access Journals (Sweden)

Dejan V. Vuletić

2012-01-01

Full Text Available Computer systems are a critical component of the human society in the 21st century. Economic sector, defense, security, energy, telecommunications, industrial production, finance and other vital infrastructure depend on computer systems that operate at local, national or global scales. A particular problem is that, due to the rapid development of ICT and the unstoppable growth of its application in all spheres of the human society, their vulnerability and exposure to very serious potential dangers increase. This paper analyzes some typical attacks on computer systems.

78 FR 76986 - Version 5 Critical Infrastructure Protection Reliability Standards

Science.gov (United States)

2013-12-20

...; Order No. 791] Version 5 Critical Infrastructure Protection Reliability Standards AGENCY: Federal Energy... 72755). The regulations approved certain reliability standards proposed by the North American Electric... Infrastructure Protection Reliability Standards, 145 FERC ] 61,160 (2013). This errata notice serves to correct P...

Guarding America: Security Guards and U.S. Critical Infrastructure Protection

National Research Council Canada - National Science Library

Parfomak, Paul W

2004-01-01

The Bush Administration's 2003 National Strategy for the Physical Protection of Critical Infrastructures and Key Assets indicates that security guards are an important source of protection for critical facilities...

Protecting infrastructure networks from cost-based attacks

International Nuclear Information System (INIS)

Wang Xingang; Guan Shuguang; Lai, Choy Heng

2009-01-01

It is well known that heterogeneous networks are vulnerable to the intentional removal of a small fraction of highly connected or loaded nodes, implying that to protect the network effectively, the important nodes should be allocated more defense resource than the others. However, if too much resource is allocated to the few important nodes, the numerous less-important nodes will be less protected, which if attacked together can still lead to devastating damage. A natural question is therefore how to efficiently distribute the limited defense resource among the network nodes such that the network damage is minimized against any attack strategy. In this paper, taking into account the factor of attack cost, the problem of network security is reconsidered in terms of efficient network defense against cost-based attacks. The results show that, for a general complex network, there exists an optimal distribution of the defense resource with which the network is best protected from cost-based attacks. Furthermore, it is found that the configuration of the optimal defense is dependent on the network parameters. Specifically, networks of larger size, sparser connection and more heterogeneous structure will more likely benefit from the defense optimization.

78 FR 27113 - Version 5 Critical Infrastructure Protection Reliability Standards

Science.gov (United States)

2013-05-09

... approve certain reliability standards proposed by the North American Electric Reliability Corporation... Infrastructure Protection Reliability Standards, 143 FERC ] 61,055 (2013). This errata notice serves to correct P... Commission 18 CFR Part 40 [Docket No. RM13-5-000] Version 5 Critical Infrastructure Protection Reliability...

Challenges in the vulnerability and risk analysis of critical infrastructures

International Nuclear Information System (INIS)

Zio, Enrico

2016-01-01

The objective of this paper is to provide a systematic view on the problem of vulnerability and risk analysis of critical infrastructures. Reflections are made on the inherent complexities of these systems, related challenges are identified and possible ways forward for their analysis and management are indicated. Specifically: the framework of vulnerability and risk analysis is examined in relation to its application for the protection and resilience of critical infrastructures; it is argued that the complexity of these systems is a challenging characteristic, which calls for the integration of different modeling perspectives and new approaches of analysis; examples of are given in relation to the Internet and, particularly, the electric power grid, as representative of critical infrastructures and the associated complexity; the integration of different types of analyses and methods of system modeling is put forward for capturing the inherent structural and dynamic complexities of critical infrastructures and eventually evaluating their vulnerability and risk characteristics, so that decisions on protections and resilience actions can be taken with the required confidence. - Highlights: • The problem of the protection and resilience of CIs is the focus of the work. • The vulnerability and risk analysis framework for this is critically examined. • The complexity of CIs is presented as a challenge for system modeling and analysis. • The integration of different modeling perspectives of analysis is put forward as a solution. • The extension of the analysis framework to new methods for dealing with surprises and black swans is advocated.

Ontario-U.S. power outages : impacts on critical infrastructure

International Nuclear Information System (INIS)

2006-01-01

This paper described the power outage and resulting blackout that occurred on August 14, 2003 and identified how critical infrastructure was directly and interdependently impacted in Canada. The aim of the paper was to assist critical infrastructure protection and emergency management professionals in assessing the potential impacts of large-scale critical infrastructure disruptions. Information for the study was acquired from Canadian and American media reports and cross-sectoral information sharing with provincial and federal governments and the private sector. The blackout impacted most of the sources and means of generating, transmitting and distributing power within the area, which in turn impacted all critical infrastructure sectors. Landline and cellular companies experienced operational difficulties, which meant that emergency responders were impacted. Newspapers and the electronic media struggled to release information to the public. The banking and finance industry experienced an immediate degradation of services. The power outage caused shipping and storage difficulties for commercial retailers and dairy producers. A number of incidents were reported where only partially treated waste water was released into neighbouring waterways. The timing of the blackout coincided with the closures of workplaces and created additional difficulties on transportation networks. Many gas station pumps were inoperable. Police, fire departments and ambulance services experienced a dramatic increase in the volume of calls received, and all branches of the emergency services sector encountered transportation delays and difficulties with communications equipment. Nuclear reactors were also impacted. An estimated 150,000 Government of Canada employees were unable to report to work. Estimates have indicated that the power outage cost Ontario's economy between $1 and $2 billion. The outage negatively impacted 82 per cent of small businesses in Ontario. 170 refs., 3 figs

Volcanic ash impacts on critical infrastructure

Science.gov (United States)

Wilson, Thomas M.; Stewart, Carol; Sword-Daniels, Victoria; Leonard, Graham S.; Johnston, David M.; Cole, Jim W.; Wardman, Johnny; Wilson, Grant; Barnard, Scott T.

2012-01-01

Volcanic eruptions can produce a wide range of hazards. Although phenomena such as pyroclastic flows and surges, sector collapses, lahars and ballistic blocks are the most destructive and dangerous, volcanic ash is by far the most widely distributed eruption product. Although ash falls rarely endanger human life directly, threats to public health and disruption to critical infrastructure services, aviation and primary production can lead to significant societal impacts. Even relatively small eruptions can cause widespread disruption, damage and economic loss. Volcanic eruptions are, in general, infrequent and somewhat exotic occurrences, and consequently in many parts of the world, the management of critical infrastructure during volcanic crises can be improved with greater knowledge of the likely impacts. This article presents an overview of volcanic ash impacts on critical infrastructure, other than aviation and fuel supply, illustrated by findings from impact assessment reconnaissance trips carried out to a wide range of locations worldwide by our international research group and local collaborators. ‘Critical infrastructure’ includes those assets, frequently taken for granted, which are essential for the functioning of a society and economy. Electricity networks are very vulnerable to disruption from volcanic ash falls. This is particularly the case when fine ash is erupted because it has a greater tendency to adhere to line and substation insulators, where it can cause flashover (unintended electrical discharge) which can in turn cause widespread and disruptive outages. Weather conditions are a major determinant of flashover risk. Dry ash is not conductive, and heavy rain will wash ash from insulators, but light rain/mist will mobilise readily-soluble salts on the surface of the ash grains and lower the ash layer’s resistivity. Wet ash is also heavier than dry ash, increasing the risk of line breakage or tower/pole collapse. Particular issues for water

Critical Infrastructure References: Documented Literature Search

Science.gov (United States)

2012-10-01

that the economy typically experiences following extreme events: (i) significant changes in consumption patterns due to lingering public fear and (ii...when making choices related to critical infrastructure and security. • The case studies are drawn from the Victorian Bushfires of 2009. o The first...case study covers the impact of the Victorian bushfires on environmental security, or more specifically, water supply. This case study highlights

Critical Energy Infrastructure Protection in Canada

Science.gov (United States)

2010-12-01

department for the Energy sector, has been pro- active and innovative in enhancing protection for national critical energy infrastructure (NCI). While...prospérité (PSP), mais des relations transfrontalières plus informelles entre les propriétaires/opérateurs et leurs associations industrielles ...create innovative solutions for CIP. 9. International Cooperation: participate in international CIP initiatives and to strengthen information-sharing

Critical success factors in infrastructure projects

Science.gov (United States)

Zakaria, Siti Fairus; Zin, Rosli Mohamad; Mohamad, Ismail; Balubaid, Saeed; Mydin, Shaik Hussein; Mohd Rahim, E. M. Roodienyanto

2017-11-01

Construction of infrastructure project is different from buildings. The main difference is term of project site where infrastructure project need to command a long stretch while building mostly confine to a limited area. As such factors that are critical to infrastructure project may not be that significant to building project and vice versa. Flood mitigation can be classified under infrastructure projects under which their developments are planned by the government with the specific objective to reduce or avoid the negative effects of flood to the environment and livelihood. One of the indicators in project success is delay. The impact of project delay in construction industry is significant that it decelerates the projects implementation, specifically the government projects. This study attempted to identify and compare the success factors between infrastructure and building projects, as such comparison rarely found in the current literature. A model of flood mitigation projects' success factors was developed by merging the experts' views and reports from the existing literature. The experts' views were obtained from the responses to open-ended questions on the required fundamentals to achieve successful completion of flood mitigation projects. An affinity analysis was applied to these responses to develop the model. The developed model was then compared to the established success factors found in building project, extracted from the previous studies to identify the similarities and differences between the two models. This study would assist the government and construction players to become more effective in constructing successful flood mitigation projects for the future practice in a flood-prone country like Malaysia.

the GFCE-Meridian Good Practice Guide on Critical Information Infrastructure Protection for governmental policy-makers

NARCIS (Netherlands)

Luiijf, H.A.M.; Schie, T.C.C. van; Ruijven, T.W.J. van; Huistra, A.W.W.

2016-01-01

Critical Information Infrastructure Protection (CIIP) is a complex but important topic for nations. Nations at large critically depend on Critical Infrastructure (CI) services such as energy supply, telecommunications, financial systems, drinking water, and governmental services. Critical

Increasing the resilience and security of the United States' power infrastructure

Energy Technology Data Exchange (ETDEWEB)

Happenny, Sean F. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2015-08-01

The United States' power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power infrastructure control and distribution paradigms by utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Understanding how these systems behave in real-world conditions will lead to new ways to make our power infrastructure more resilient and secure. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the aging networks protecting them are becoming easier to attack.

Government of Canada position paper on a national strategy for critical infrastructure protection

Energy Technology Data Exchange (ETDEWEB)

NONE

2004-11-01

The Government of Canada's position on the development of a comprehensive national approach to critical infrastructure protection (CIP) was presented along with a policy framework for developing a national cyber security strategy and a review of the Emergency Preparedness Act. Canada's national critical infrastructure (NCI) is defined as physical and information technology facilities, networks, services and assets, which if destroyed, would have a serious impact on health, safety, security and economics. The CIP strategy includes an NCI assurance program for various sectors of the economy, including the energy, transportation, finance, health care, food, communications, water, safety and manufacturing sectors. It also includes CIP for the government sector. This report described the key elements of an NCI protection strategy. These include guiding principles, risk management, information sharing, inventory of critical infrastructure assets, threats and warnings, critical infrastructure interdependencies, governance mechanisms, research and development, and international cooperation. refs., tabs., figs.

Assessing dependability and resilience in critical infrastructures: challenges and opportunities

NARCIS (Netherlands)

Avritzer, Alberto; Di Giandomenico, Felicita; Remke, Anne Katharina Ingrid; Riedl, Martin; Wolter, Katinka; Avritzer, Alberto; Vieira, Marco; van Moorsel, Aad

2012-01-01

Critical infrastructures (CI) are very complex and highly interdependent systems, networks and assets that provide essential services in our daily life. Most CI are either built upon or monitored and controlled by vulnerable information and communication technology (ICT) systems. Critical

Review of Cyber-Physical Attacks and Counter Defense Mechanisms for Advanced Metering Infrastructure in Smart Grid

OpenAIRE

Wei, Longfei; Rondon, Luis Puche; Moghadasi, Amir; Sarwat, Arif I.

2018-01-01

The Advanced Metering Infrastructure (AMI) is a vital element in the current development of the smart grid. AMI technologies provide electric utilities with an effective way of continuous monitoring and remote control of smart grid components. However, owing to its increasing scale and cyber-physical nature, the AMI has been faced with security threats in both cyber and physical domains. This paper provides a comprehensive review of the crucial cyber-physical attacks and counter defense mecha...

System for critical infrastructure security based on multispectral observation-detection module

Science.gov (United States)

Trzaskawka, Piotr; Kastek, Mariusz; Życzkowski, Marek; Dulski, Rafał; Szustakowski, Mieczysław; Ciurapiński, Wiesław; Bareła, Jarosław

2013-10-01

Recent terrorist attacks and possibilities of such actions in future have forced to develop security systems for critical infrastructures that embrace sensors technologies and technical organization of systems. The used till now perimeter protection of stationary objects, based on construction of a ring with two-zone fencing, visual cameras with illumination are efficiently displaced by the systems of the multisensor technology that consists of: visible technology - day/night cameras registering optical contrast of a scene, thermal technology - cheap bolometric cameras recording thermal contrast of a scene and active ground radars - microwave and millimetre wavelengths that record and detect reflected radiation. Merging of these three different technologies into one system requires methodology for selection of technical conditions of installation and parameters of sensors. This procedure enables us to construct a system with correlated range, resolution, field of view and object identification. Important technical problem connected with the multispectral system is its software, which helps couple the radar with the cameras. This software can be used for automatic focusing of cameras, automatic guiding cameras to an object detected by the radar, tracking of the object and localization of the object on the digital map as well as target identification and alerting. Based on "plug and play" architecture, this system provides unmatched flexibility and simplistic integration of sensors and devices in TCP/IP networks. Using a graphical user interface it is possible to control sensors and monitor streaming video and other data over the network, visualize the results of data fusion process and obtain detailed information about detected intruders over a digital map. System provide high-level applications and operator workload reduction with features such as sensor to sensor cueing from detection devices, automatic e-mail notification and alarm triggering. The paper presents

A Systems-Based Risk Assessment Framework for Intentional Electromagnetic Interference (IEMI) on Critical Infrastructures.

Science.gov (United States)

Oakes, Benjamin Donald; Mattsson, Lars-Göran; Näsman, Per; Glazunov, Andrés Alayón

2018-01-03

Modern infrastructures are becoming increasingly dependent on electronic systems, leaving them more vulnerable to electrical surges or electromagnetic interference. Electromagnetic disturbances appear in nature, e.g., lightning and solar wind; however, they may also be generated by man-made technology to maliciously damage or disturb electronic equipment. This article presents a systematic risk assessment framework for identifying possible, consequential, and plausible intentional electromagnetic interference (IEMI) attacks on an arbitrary distribution network infrastructure. In the absence of available data on IEMI occurrences, we find that a systems-based risk assessment is more useful than a probabilistic approach. We therefore modify the often applied definition of risk, i.e., a set of triplets containing scenario, probability, and consequence, to a set of quadruplets: scenario, resource requirements, plausibility, and consequence. Probability is "replaced" by resource requirements and plausibility, where the former is the minimum amount and type of equipment necessary to successfully carry out an attack scenario and the latter is a subjective assessment of the extent of the existence of attackers who possess the motivation, knowledge, and resources necessary to carry out the scenario. We apply the concept of intrusion areas and classify electromagnetic source technology according to key attributes. Worst-case scenarios are identified for different quantities of attacker resources. The most plausible and consequential of these are deemed the most important scenarios and should provide useful decision support in a countermeasures effort. Finally, an example of the proposed risk assessment framework, based on notional data, is provided on a hypothetical water distribution network. © 2017 Society for Risk Analysis.

Critical Infrastructure Protection and Information Assurance (CIPIA) Fellow Program

National Research Council Canada - National Science Library

Chen, Peter

2003-01-01

LSU was one of the universities chosen to participate in the project of training new researchers to work on the Critical Infrastructure Protection and Information Assurance (CIPIA) areas. Three Ph.D...

'System-of-systems' approach for interdependent critical infrastructures

International Nuclear Information System (INIS)

Eusgeld, Irene; Nan, Cen; Dietz, Sven

2011-01-01

The study of the interdependencies within critical infrastructures (CI) is a growing field of research as the importance of potential failure propagation among infrastructures may lead to cascades affecting all supply networks. New powerful methods are required to model and describe such 'systems-of-systems' (SoS) as a whole. An overall model is required to provide security and reliability assessment taking into account various kinds of threats and failures. A significant challenge associated with this model may be to create 'what-if' scenarios for the analysis of interdependencies. In this paper the interdependencies between industrial control systems (ICS), in particular SCADA (Supervisory Control and Data Acquisition), and the underlying critical infrastructures to address the vulnerabilities related to the coupling of these systems are analyzed. The modeling alternatives for system-of-systems, integrated versus coupled models, are discussed. An integrated model contains detailed low level models of (sub)systems as well as a high level model, covering all hierarchical levels. On the other hand, a coupled model aggregates different simulated outputs of the low level models as inputs at a higher level. Strengths and weaknesses of both approaches are analyzed and a model architecture for SCADA and the 'system under control' are proposed. Furthermore, the HLA simulation standard is introduced and discussed in this paper as a promising approach to represent interdependencies between infrastructures. To demonstrate the capabilities of the HLA standard for the interdependencies study, an exemplary application and some first results are also briefly presented in this paper.

Assessing the dynamic material criticality of infrastructure transitions: A case of low carbon electricity

International Nuclear Information System (INIS)

Roelich, Katy; Dawson, David A.; Purnell, Phil; Knoeri, Christof; Revell, Ruairi; Busch, Jonathan; Steinberger, Julia K.

2014-01-01

Highlights: • We present a method to analyse material criticality of infrastructure transitions. • Criticality is defined as the potential for, and exposure to, supply disruption. • Our method is dynamic reducing the probability of lock-in to at-risk technologies. • We show that supply disruption potential is reducing but exposure is increasing. - Abstract: Decarbonisation of existing infrastructure systems requires a dynamic roll-out of technology at an unprecedented scale. The potential disruption in supply of critical materials could endanger such a transition to low-carbon infrastructure and, by extension, compromise energy security more broadly because low carbon technologies are reliant on these materials in a way that fossil-fuelled energy infrastructure is not. Criticality is currently defined as the combination of the potential for supply disruption and the exposure of a system of interest to that disruption. We build on this definition and develop a dynamic approach to quantifying criticality, which monitors the change in criticality during the transition towards a low-carbon infrastructure goal. This allows us to assess the relative risk of different technology pathways to reach a particular goal and reduce the probability of being ‘locked in’ to currently attractive but potentially future-critical technologies. To demonstrate, we apply our method to criticality of the proposed UK electricity system transition, with a focus on neodymium. We anticipate that the supply disruption potential of neodymium will decrease by almost 30% by 2050; however, our results show the criticality of low carbon electricity production increases ninefold over this period, as a result of increasing exposure to neodymium-reliant technologies

relevance of information warfare models to critical infrastructure

African Journals Online (AJOL)

ismith

Critical infrastructure models, strategies and policies should take information ... gain an advantage over a competitor or adversary through the use of one's own .... digital communications system, where the vehicles are analogous to bits or packets, ..... performance degraded, causing an increase in traffic finding a new route.

Interdependency control : compensation strategies for the inherent vulnerability of critical infrastructure networks

International Nuclear Information System (INIS)

Mao, D.; Sotoodeh, M.; Monu, K.; Marti, J.R.; Srivastava, K.D.

2009-01-01

Today's increasingly interacting national critical infrastructures (NCIs) can tolerate most stochastic local disturbances. However, they are extremely fragile under global disturbances, as the latter may either push the whole system into a critical state or reveal many unexpected hidden interdependencies, inducing or triggering cascading failures among all possible layers. This robust yet fragile duality is an inherent vulnerability of modern infrastructures. It is therefore expected that weather-related disasters will be more frequent under a changing climate. This paper proposed an interdependency control strategy (ICS) that would maintain the survival of the most critical services, and compensate for this inherent vulnerability during emergency states. The paper also proposed a generalized adjacency matrix (GAM) to represent the physical interdependencies intra/inter of various infrastructure networks. The vulnerable section in the network can be identified, based on computed results of GAM, number of islands in the network, and influence domain(s) of each component. These features render ICS more effective and convincing. Last, the paper proposed a survivability index for isolated sub-networks and described relevant measures for improving this index during the four phases of emergency management. It was concluded that the proposed strategy is an effective means to reduce the inherent vulnerability and increase the resiliency of these critical infrastructures networks. 20 refs., 5 figs

Magnus effects at high angles of attack and critical Reynolds numbers

Science.gov (United States)

Seginer, A.; Ringel, M.

1983-01-01

The Magnus force and moment experienced by a yawed, spinning cylinder were studied experimentally in low speed and subsonic flows at high angles of attack and critical Reynolds numbers. Flow-field visualization aided in describing a flow model that divides the Magnus phenomenon into a subcritical region, where reverse Magnus loads are experienced, and a supercritical region where these loads are not encountered. The roles of the spin rate, angle of attack, and crossflow Reynolds number in determining the boundaries of the subcritical region and the variations of the Magnus loads were studied.

Safety impacts of bicycle infrastructure: A critical review.

Science.gov (United States)

DiGioia, Jonathan; Watkins, Kari Edison; Xu, Yanzhi; Rodgers, Michael; Guensler, Randall

2017-06-01

This paper takes a critical look at the present state of bicycle infrastructure treatment safety research, highlighting data needs. Safety literature relating to 22 bicycle treatments is examined, including findings, study methodologies, and data sources used in the studies. Some preliminary conclusions related to research efficacy are drawn from the available data and findings in the research. While the current body of bicycle safety literature points toward some defensible conclusions regarding the safety and effectiveness of certain bicycle treatments, such as bike lanes and removal of on-street parking, the vast majority treatments are still in need of rigorous research. Fundamental questions arise regarding appropriate exposure measures, crash measures, and crash data sources. This research will aid transportation departments with regard to decisions about bicycle infrastructure and guide future research efforts toward understanding safety impacts of bicycle infrastructure. Copyright © 2017 Elsevier Ltd and National Safety Council. All rights reserved.

Impact modeling and prediction of attacks on cyber targets

Science.gov (United States)

Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

2010-04-01

In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

Reliability issues related to the usage of Cloud Computing in Critical Infrastructures

OpenAIRE

Diez Gonzalez, Oscar Manuel; Silva Vazquez, Andrés

2011-01-01

The use of cloud computing is extending to all kind of systems, including the ones that are part of Critical Infrastructures, and measuring the reliability is becoming more difficult. Computing is becoming the 5th utility, in part thanks to the use of cloud services. Cloud computing is used now by all types of systems and organizations, including critical infrastructure, creating hidden inter-dependencies on both public and private cloud models. This paper investigates the use of cloud co...

False Positive and False Negative Effects on Network Attacks

Science.gov (United States)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

New concept of critical infrastructure strengthening

International Nuclear Information System (INIS)

Gazizov, Talgat R.; Orlov, Pavel E.; Zabolotsky, Alexander M.; Kuksenko, Sergey P.

2016-01-01

Strengthening of critical infrastructure is considered. Modal reservation of electronics is proposed as a new concept of the strengthening. The concept combines a widely used cold backup and a recently proposed modal filtration. It makes electronics reliable as well as protected against electromagnetic interference, especially the ultra-wide band pulses. New printed circuit board structure is suggested for implementation of the proposed concept. Results of simulation in time and frequency domains are presented for the suggested structures. Considerable attenuation of dangerous excitations shows that the new concept and structure are promising.

New concept of critical infrastructure strengthening

Energy Technology Data Exchange (ETDEWEB)

Gazizov, Talgat R.; Orlov, Pavel E.; Zabolotsky, Alexander M.; Kuksenko, Sergey P. [Tomsk State University of Control Systems and Radioelectronics, 634050, Lenin Ave., Tomsk (Russian Federation)

2016-06-08

Strengthening of critical infrastructure is considered. Modal reservation of electronics is proposed as a new concept of the strengthening. The concept combines a widely used cold backup and a recently proposed modal filtration. It makes electronics reliable as well as protected against electromagnetic interference, especially the ultra-wide band pulses. New printed circuit board structure is suggested for implementation of the proposed concept. Results of simulation in time and frequency domains are presented for the suggested structures. Considerable attenuation of dangerous excitations shows that the new concept and structure are promising.

Methodology for prioritizing cyber-vulnerable critical infrastructure equipment and mitigation strategies.

Energy Technology Data Exchange (ETDEWEB)

Dawson, Lon Andrew; Stinebaugh, Jennifer A.

2010-04-01

The Department of Homeland Security (DHS), National Cyber Security Division (NSCD), Control Systems Security Program (CSSP), contracted Sandia National Laboratories to develop a generic methodology for prioritizing cyber-vulnerable, critical infrastructure assets and the development of mitigation strategies for their loss or compromise. The initial project has been divided into three discrete deliverables: (1) A generic methodology report suitable to all Critical Infrastructure and Key Resource (CIKR) Sectors (this report); (2) a sector-specific report for Electrical Power Distribution; and (3) a sector-specific report for the water sector, including generation, water treatment, and wastewater systems. Specific reports for the water and electric sectors are available from Sandia National Laboratories.

The Effects of Denial-of-Service Attacks on Secure Time-Critical Communications in the Smart Grid

Energy Technology Data Exchange (ETDEWEB)

Zhang, Fengli [Univ. of Arkansas, Fayetteville, AR (United States); Li, QInghua [Univ. of Arkansas, Fayetteville, AR (United States); Mantooth, Homer Alan [Univ. of Arkansas, Fayetteville, AR (United States); Ross, Chase [Univ. of Arkansas, Fayetteville, AR (United States); Yang, Jing [Univ. of Arkansas, Fayetteville, AR (United States); Di, Jia [Univ. of Arkansas, Fayetteville, AR (United States); Balda, Juan Carlos [Univ. of Arkansas, Fayetteville, AR (United States)

2016-04-02

According to IEC 61850, many smart grid communications require messages to be delivered in a very short time. –Trip messages and sample values applied to the transmission level: 3 ms –Interlocking messages applied to the distribution level: 10 ms •Time-critical communications are vulnerable to denial-of-service (DoS) attacks –Flooding attack: Attacker floods many messages to the target network/machine. We conducted systematic, experimental study about how DoS attacks affect message delivery delays.

Advanced simulation for analysis of critical infrastructure : abstract cascades, the electric power grid, and Fedwire.

Energy Technology Data Exchange (ETDEWEB)

Glass, Robert John, Jr.; Stamber, Kevin Louis; Beyeler, Walter Eugene

2004-08-01

Critical Infrastructures are formed by a large number of components that interact within complex networks. As a rule, infrastructures contain strong feedbacks either explicitly through the action of hardware/software control, or implicitly through the action/reaction of people. Individual infrastructures influence others and grow, adapt, and thus evolve in response to their multifaceted physical, economic, cultural, and political environments. Simply put, critical infrastructures are complex adaptive systems. In the Advanced Modeling and Techniques Investigations (AMTI) subgroup of the National Infrastructure Simulation and Analysis Center (NISAC), we are studying infrastructures as complex adaptive systems. In one of AMTI's efforts, we are focusing on cascading failure as can occur with devastating results within and between infrastructures. Over the past year we have synthesized and extended the large variety of abstract cascade models developed in the field of complexity science and have started to apply them to specific infrastructures that might experience cascading failure. In this report we introduce our comprehensive model, Polynet, which simulates cascading failure over a wide range of network topologies, interaction rules, and adaptive responses as well as multiple interacting and growing networks. We first demonstrate Polynet for the classical Bac, Tang, and Wiesenfeld or BTW sand-pile in several network topologies. We then apply Polynet to two very different critical infrastructures: the high voltage electric power transmission system which relays electricity from generators to groups of distribution-level consumers, and Fedwire which is a Federal Reserve service for sending large-value payments between banks and other large financial institutions. For these two applications, we tailor interaction rules to represent appropriate unit behavior and consider the influence of random transactions within two stylized networks: a regular homogeneous array

Critical supply network protection against intentional attacks: A game-theoretical model

International Nuclear Information System (INIS)

Bricha, Naji; Nourelfath, Mustapha

2013-01-01

A crucial issue in today's critical supply chains is how to protect facilities against intentional attacks, since it has become unacceptable to ignore the high impact of low probability disruptions caused by these attacks. This article develops a game-theoretical model to deal with the protection of facilities, in the context of the uncapacitated fixed-charge location problem. Given a set of investment alternatives for protecting the facilities against identified threats, the objective is to select the optimal defence strategy. The attacker is considered as a player who tries to maximise the expected damage while weighing against the attacks expenditures. The conflict on facilities vulnerability is modelled using the concept of contest. The vulnerability of a facility is defined by its destruction probability. Contest success functions determine the vulnerability of each facility dependent on the relative investments of the defender and the attacker on each facility, and on the characteristics of the contest. A method is developed to evaluate the utilities of the players (i.e., the defender and the attacker). This method evaluates many expected costs, including the cost needed to restore disabled facilities, the backorder cost, and the cost incurred because of the increase in transportation costs after attacks. In fact, when one or several facilities are unavailable, transportation costs will increase since reassigned customers may receive shipments from facilities which are farther away. The model considers a non-cooperative two-period game between the players, and an algorithm is presented to determine the equilibrium solution and the optimal defence strategy. An illustrative example is presented. The approach is compared to other suggested strategies, and some managerial insights are provided in the context of facility location

78 FR 73202 - Review and Revision of the National Critical Infrastructure Security and Resilience (NCISR...

Science.gov (United States)

2013-12-05

... critical physical and cyber infrastructure. IV. NCISR R&D Plan Outline Below is the list of the topic areas... research and development topics are welcomed. V. Specific Questions Answers to the below specific questions... Critical Infrastructure Security and Resilience (NCISR) Research and Development (R&D) Plan Outline and...

The strategy for the development of information society in Serbia by 2020: Information security and critical infrastructure

Directory of Open Access Journals (Sweden)

Danijela D. Protić

2012-10-01

Full Text Available The development of technology has changed the world economy and induced new political trends. The European Union (EU and many non-EU member states apply the strategies of information society development that raise the level of information security (IS. The Serbian Government (Government has adopted the Strategy for Information Society in Serbia by 2020 (Strategy, and pointed to the challenges for the development of a modern Serbian information society. This paper presents an overview of the open-ended questions about IS, critical infrastructures and protection of critical infrastructures. Based on publicly available data, some critical national infrastructures are listed. As a possible solution to the problem of IS, the Public Key Infrastructure (PKI-based Information security integrated information system (ISIIS is presented. The ISIIS provides modularity and interoperability of critical infrastructures both in Serbia and neighboring countries.

The Influence of State Policies on Critical Infrastructure Resilience: An Approach for Analyzing Transportation and Capital Investment

Energy Technology Data Exchange (ETDEWEB)

Wall, Thomas [Argonne National Lab. (ANL), Argonne, IL (United States); Trail, Jessica [Argonne National Lab. (ANL), Argonne, IL (United States); Gevondyan, Erna [Argonne National Lab. (ANL), Argonne, IL (United States); Phillips, Julia [Argonne National Lab. (ANL), Argonne, IL (United States); Ford, Janet [Argonne National Lab. (ANL), Argonne, IL (United States); Marks, James [Argonne National Lab. (ANL), Argonne, IL (United States)

2017-09-01

During times of crisis, communities and regions rely heavily on critical infrastructure systems to support their emergency management response and recovery activities. Therefore, the resilience of critical infrastructure systems to crises is a pivotal factor to a community’s overall resilience. Critical infrastructure resilience can be influenced by many factors, including State policies – which are not always uniform in their structure or application across the United States – were identified by the U.S. Department of Homeland Security as an area of particular interest with respect to their the influence on the resilience of critical infrastructure systems. This study focuses on developing an analytical methodology to assess links between policy and resilience, and applies that methodology to critical infrastructure in the Transportation Systems Sector. Specifically, this study seeks to identify potentially influential linkages between State transportation capital funding policies and the resilience of bridges located on roadways that are under the management of public agencies. This study yielded notable methodological outcomes, including the general capability of the analytical methodology to yield – in the case of some States – significant results connecting State policies with critical infrastructure resilience, with the suggestion that further refinement of the methodology may be beneficial.

78 FR 6807 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Science.gov (United States)

2013-01-31

... coordinating and sponsoring an executive-led Critical Infrastructure Protection and Cyber Security mission to... on the cyber security, critical infrastructure protection, and emergency management, ports of entry... security, including border protection, civil defense capabilities, and coast guard and maritime...

A novel critical infrastructure resilience assessment approach using dynamic Bayesian networks

Science.gov (United States)

Cai, Baoping; Xie, Min; Liu, Yonghong; Liu, Yiliu; Ji, Renjie; Feng, Qiang

2017-10-01

The word resilience originally originates from the Latin word "resiliere", which means to "bounce back". The concept has been used in various fields, such as ecology, economics, psychology, and society, with different definitions. In the field of critical infrastructure, although some resilience metrics are proposed, they are totally different from each other, which are determined by the performances of the objects of evaluation. Here we bridge the gap by developing a universal critical infrastructure resilience metric from the perspective of reliability engineering. A dynamic Bayesian networks-based assessment approach is proposed to calculate the resilience value. A series, parallel and voting system is used to demonstrate the application of the developed resilience metric and assessment approach.

The role of minimum supply and social vulnerability assessment for governing critical infrastructure failure: current gaps and future agenda

Directory of Open Access Journals (Sweden)

M. Garschagen

2018-04-01

Full Text Available Increased attention has lately been given to the resilience of critical infrastructure in the context of natural hazards and disasters. The major focus therein is on the sensitivity of critical infrastructure technologies and their management contingencies. However, strikingly little attention has been given to assessing and mitigating social vulnerabilities towards the failure of critical infrastructure and to the development, design and implementation of minimum supply standards in situations of major infrastructure failure. Addressing this gap and contributing to a more integrative perspective on critical infrastructure resilience is the objective of this paper. It asks which role social vulnerability assessments and minimum supply considerations can, should and do – or do not – play for the management and governance of critical infrastructure failure. In its first part, the paper provides a structured review on achievements and remaining gaps in the management of critical infrastructure and the understanding of social vulnerabilities towards disaster-related infrastructure failures. Special attention is given to the current state of minimum supply concepts with a regional focus on policies in Germany and the EU. In its second part, the paper then responds to the identified gaps by developing a heuristic model on the linkages of critical infrastructure management, social vulnerability and minimum supply. This framework helps to inform a vision of a future research agenda, which is presented in the paper's third part. Overall, the analysis suggests that the assessment of socially differentiated vulnerabilities towards critical infrastructure failure needs to be undertaken more stringently to inform the scientifically and politically difficult debate about minimum supply standards and the shared responsibilities for securing them.

The role of minimum supply and social vulnerability assessment for governing critical infrastructure failure: current gaps and future agenda

Science.gov (United States)

Garschagen, Matthias; Sandholz, Simone

2018-04-01

Increased attention has lately been given to the resilience of critical infrastructure in the context of natural hazards and disasters. The major focus therein is on the sensitivity of critical infrastructure technologies and their management contingencies. However, strikingly little attention has been given to assessing and mitigating social vulnerabilities towards the failure of critical infrastructure and to the development, design and implementation of minimum supply standards in situations of major infrastructure failure. Addressing this gap and contributing to a more integrative perspective on critical infrastructure resilience is the objective of this paper. It asks which role social vulnerability assessments and minimum supply considerations can, should and do - or do not - play for the management and governance of critical infrastructure failure. In its first part, the paper provides a structured review on achievements and remaining gaps in the management of critical infrastructure and the understanding of social vulnerabilities towards disaster-related infrastructure failures. Special attention is given to the current state of minimum supply concepts with a regional focus on policies in Germany and the EU. In its second part, the paper then responds to the identified gaps by developing a heuristic model on the linkages of critical infrastructure management, social vulnerability and minimum supply. This framework helps to inform a vision of a future research agenda, which is presented in the paper's third part. Overall, the analysis suggests that the assessment of socially differentiated vulnerabilities towards critical infrastructure failure needs to be undertaken more stringently to inform the scientifically and politically difficult debate about minimum supply standards and the shared responsibilities for securing them.

76 FR 50487 - Protected Critical Infrastructure Information (PCII) Stakeholder Survey

Science.gov (United States)

2011-08-15

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0018] Protected Critical Infrastructure Information (PCII) Stakeholder Survey AGENCY: National Protection and Programs Directorate, DHS. ACTION: 30... Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Office of...

76 FR 17935 - Protected Critical Infrastructure Information (PCII) Stakeholder Survey

Science.gov (United States)

2011-03-31

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0018] Protected Critical Infrastructure Information (PCII) Stakeholder Survey AGENCY: National Protection and Programs Directorate, DHS. ACTION: 60... Department of Homeland Security (DHS), National Protection and Programs Directorate (NPPD), Office of...

Increasing impacts of climate extremes on critical infrastructures in Europe

Science.gov (United States)

Forzieri, Giovanni; Bianchi, Alessandra; Feyen, Luc; Silva, Filipe Batista e.; Marin, Mario; Lavalle, Carlo; Leblois, Antoine

2016-04-01

The projected increases in exposure to multiple climate hazards in many regions of Europe, emphasize the relevance of a multi-hazard risk assessment to comprehensively quantify potential impacts of climate change and develop suitable adaptation strategies. In this context, quantifying the future impacts of climatic extremes on critical infrastructures is crucial due to their key role for human wellbeing and their effects on the overall economy. Critical infrastructures describe the existing assets and systems that are essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact as a result of the failure to maintain those functions. We assess the direct damages of heat and cold waves, river and coastal flooding, droughts, wildfires and windstorms to energy, transport, industry and social infrastructures in Europe along the 21st century. The methodology integrates in a coherent framework climate hazard, exposure and vulnerability components. Overall damage is expected to rise up to 38 billion €/yr, ten time-folds the current climate damage, with drastic variations in risk scenarios. Exemplificative are drought and heat-related damages that could represent 70% of the overall climate damage in 2080s versus the current 12%. Many regions, prominently Southern Europe, will likely suffer multiple stresses and systematic infrastructure failures due to climate extremes if no suitable adaptation measures will be taken.

Protecting water and wastewater infrastructure from cyber attacks

Science.gov (United States)

Panguluri, Srinivas; Phillips, William; Cusimano, John

2011-12-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor's approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Protecting water and wastewater infrastructure from cyber attacks

Institute of Scientific and Technical Information of China (English)

Srinivas Panguluri; William Phillips; John Cusimano

2011-01-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion:cyber attacks are real and can cause significant damages.This paper presents some recent statistics on cyber attacks and resulting damages.Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks.Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are:1) the increasing interconnection of their business and control system networks,2) large variation of proprietary industrial control equipment utilized,3) multitude of cross-sector cyber-security standards,and 4) the differences in the equipment vendor's approaches to meet these security standards.The utilities can meet these challenges by voluntarily selecting and adopting security standards,conducting a gap analysis,performing vulnerability/risk analysis,and undertaking countermeasures that best meets their security and organizational requirements.Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years.Implementing cyber security does not necessarily have to be expensive,substantial improvements can be accomplished through policy,procedure,training and awareness.Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Fatal injection: a survey of modern code injection attack countermeasures

Directory of Open Access Journals (Sweden)

Dimitris Mitropoulos

2017-11-01

Full Text Available With a code injection attack (CIA an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. Currently, CIAs are considered one of the most damaging classes of application attacks since they can severely affect an organisation’s infrastructure and cause financial and reputational damage to it. In this paper we examine and categorize the countermeasures developed to detect the various attack forms. In particular, we identify two distinct categories. The first incorporates static program analysis tools used to eliminate flaws that can lead to such attacks during the development of the system. The second involves the use of dynamic detection safeguards that prevent code injection attacks while the system is in production mode. Our analysis is based on nonfunctional characteristics that are considered critical when creating security mechanisms. Such characteristics involve usability, overhead, implementation dependencies, false positives and false negatives. Our categorization and analysis can help both researchers and practitioners either to develop novel approaches, or use the appropriate mechanisms according to their needs.

Protecting and securing the energy infrastructure

Energy Technology Data Exchange (ETDEWEB)

Gillham, B. [Conoco Canada Ltd., Calgary, AB (Canada)

2002-07-01

Critical Infrastructure Protection (CIP) includes protection against physical and cyber attacks as well as potential interruptions and vulnerabilities such as natural disasters and human error. CIP makes it possible to deal with the consequences of infrastructure failures that can have regional, national and international impacts. The energy sector is challenged because there has been an irreversible move to automated control systems and electronic transactions. In addition, due to mergers and joint ventures, the line between traditional oil, natural gas companies and power companies is not perfectly clear. Energy industries can no longer be seen in isolation of each other because they depend on other critical infrastructures. Industry should lead CIP programs through risk management assessments, develop and implement global information technology standards, and enhance response and recovery planning. The National Petroleum Council (NPC) will continue to develop the capabilities of the newly formed Information Sharing and Assessment Centre (ISAC). The sector will also continue to develop common vulnerability assessment goals. It was noted that response and recovery plans must include the cyber dimension, because there has been an increasing number of scans and probes from the Internet since the events of September 11, 2001. It was noted that physical incidents can often turn into cyber incidents and vice versa.

Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks

International Nuclear Information System (INIS)

Hartman, Steven M.

2012-01-01

Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both of these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.

A Good Practice Guide on Critical Infor-mation Infrastructure Protection

NARCIS (Netherlands)

Luiijf, H.A.M.; Schie, T.C.C. van

2017-01-01

Early 2016, the Meridian Process and the GFCE tasked the Netherlands Organisation for Applied Scientific Research TNO to develop a Good Practice Guide on Critical Information Infrastructure Protection (CIIP) for governmental policy-makers [1]. The guide primarily aims at governmental policy-makers,

NEW ASPECTS REGARDING THE EVALUATION OF INVESTMENTS IN CRITICAL INFRASTRUCTURE

Directory of Open Access Journals (Sweden)

Lupan Mariana

2009-05-01

Full Text Available The additional risks associated to the actual global and contagious crisis put a severe pressure on the investments in critical infrastructure and there is a real need for new valuations especially those regarding the synergic financing strategies in crit

DIESIS : An Interoperable European Federated Simulation Network for Critical Infrastructures

NARCIS (Netherlands)

Rome, E.; Bologna, S.; Gelenbe, E.; Luiijf, H.A.M.; Masucci, V.

2009-01-01

Critical Infrastructures (CI) that are vital for a society and an economy, such as telecommunication systems, energy supply systems, transport systems and others, are getting more and more complex. Dependencies emerge in various ways, due to the use of information and communication technologies,

Trustworthy Critical Infrastructures via Physics-Aware Just-Ahead-Of-Time Verification

CERN Multimedia

CERN. Geneva

2017-01-01

Dr. Saman Zonouz, assistant professor at Rutgers University, NJ and the director of the 4N6 Cyber Security and Forensics Laboratory is visiting CERN for a collaboration meeting. His previous works and research interests include PLC program analysis, security of embedded systems, and malware analysis and reverse engineering. Before the collaboration meeting, Dr. Zonouz is giving a 30-minutes-long talk, titled 'Trustworthy Critical Infrastructures via Physics-Aware Just-Ahead-Of-Time Verification', followed by Q&A and discussions. You can find the abstract of the talk below. The presentation is open to anyone interested, but please register on Indico to know the size of the room needed. (Please note the new room: 31/3-004, IT Auditorium.) Abstract Critical cyber-physical infrastructures, such as the power grid, integrate networks of computational and physical processes to provide the people across the globe with essential functionalities and services. Protecting these critical infrastructu...

Defense Industrial Base: Critical Infrastructure and Key Resources Sector-Specific Plan as Input to the National Infrastructure Protection Plan

National Research Council Canada - National Science Library

2007-01-01

This Defense Industrial Base (DIB) Sector-Specific Plan (SSP), developed in collaboration with industry and government security partners, provides sector-level critical infrastructure and key resources (CI/KR...

Vulnerabilities of the security of nuclear material due to cyber attacks

International Nuclear Information System (INIS)

Daschil, F.

2002-01-01

Full text: The spread of new communication and computer technologies is now the potential for a dedicated, sophisticated adversary to conduct coordinated strikes against the computers, communications systems, and databases of nuclear material security systems. All weapons of cyber war, like viruses, Trojans, access to computer systems are potential risks for the security of nuclear material. New forms of destruction of electronic devices, e.g. Transient Electromagnetic Devices (TED), that could, in the hands of enemies, criminals, or terrorist pose a significant threat to nuclear safety infrastructure components that are based on micro-circuits and computer or micro-processor control. These examples shows the necessity to clearly identify possible risks as: information and communication based disorders and other disruptions and attacks; partial or complete failure of systems causing the risk of unexpected reaction or unmanageable situations; cracking of access codes and elimination of alarm equipment could give easy access to nuclear material; computer manipulation or complete computer and system takeover due to brute force attacks, viruses, Trojans and worms could lead to malfunctions, disruptions and nuclear disasters; computer spying and brute force attacks could give detailed information about technical, organizational and organizational data; combined actions of physical, electronic and computer attacks. The paper gives an overview of potential computer and communication safety gaps and points out strategic implications as the identification of the critical infrastructure, surveillance of computer systems, data access and communication paths. The basic necessity of the development of computer and communication breakdown backup systems as well as measures of precaution against cyber attacks is shown in the paper. (author)

Emergent Risks In Critical Infrastructures

Science.gov (United States)

Dynes, Scott

Firms cannot function successfully without managing a host of internal and external organizational and process interdependencies. Part of this involves business continuity planning, which directly aects how resilient arm and its business sector are in the face of disruptions. This paper presents the results of eld studies related to information risk management practices in the health care and retail sectors. The studies explore information risk management coordinating signals within and across rms in these sectors as well as the potential eects of cyber disruptions on the rms as stand-alone entities and as part of a critical infrastructure. The health care case study investigates the impact of the Zotob worm on the ability to deliver medical care and treatment. The retail study examines the resilience of certain elements of the food supply chain to cyber disruptions.

Planning virtual infrastructures for time critical applications with multiple deadline constraints

NARCIS (Netherlands)

Wang, J.; Taal, A.; Martin, P.; Hu, Y.; Zhou, H.; Pang, J.; de Laat, C.; Zhao, Z.

2017-01-01

Executing time critical applications within cloud environments while satisfying execution deadlines and response time requirements is challenging due to the difficulty of securing guaranteed performance from the underlying virtual infrastructure. Cost-effective solutions for hosting such

Supervisory Control and Data Acquisition (SCADA) Systems and Cyber-Security: Best Practices to Secure Critical Infrastructure

Science.gov (United States)

Morsey, Christopher

2017-01-01

In the critical infrastructure world, many critical infrastructure sectors use a Supervisory Control and Data Acquisition (SCADA) system. The sectors that use SCADA systems are the electric power, nuclear power and water. These systems are used to control, monitor and extract data from the systems that give us all the ability to light our homes…

The Vulnerability of Nuclear Facilities to Cyber Attack; Strategic Insights: Spring 2010

OpenAIRE

Kesler, Brent

2011-01-01

This article appeared in Strategic Insights, Spring 2011 In June 2010, U.S. Senators Susan Collins, Joseph Lieberman, and Tom Carper introduced the Protecting Cyberspace as a National Asset Act. One of its many aims is to protect critical infrastructures in the United States from cyber attack. In January 2011, Brandon Milhorn, staff director of the Senate Homeland Security and Governmental Affairs Committee, defended the bill, saying that it would prevent a hacker from opening ...

Visualizing common operating picture of critical infrastructure

Science.gov (United States)

Rummukainen, Lauri; Oksama, Lauri; Timonen, Jussi; Vankka, Jouko

2014-05-01

This paper presents a solution for visualizing the common operating picture (COP) of the critical infrastructure (CI). The purpose is to improve the situational awareness (SA) of the strategic-level actor and the source system operator in order to support decision making. The information is obtained through the Situational Awareness of Critical Infrastructure and Networks (SACIN) framework. The system consists of an agent-based solution for gathering, storing, and analyzing the information, and a user interface (UI) is presented in this paper. The UI consists of multiple views visualizing information from the CI in different ways. Different CI actors are categorized in 11 separate sectors, and events are used to present meaningful incidents. Past and current states, together with geographical distribution and logical dependencies, are presented to the user. The current states are visualized as segmented circles to represent event categories. Geographical distribution of assets is displayed with a well-known map tool. Logical dependencies are presented in a simple directed graph, and users also have a timeline to review past events. The objective of the UI is to provide an easily understandable overview of the CI status. Therefore, testing methods, such as a walkthrough, an informal walkthrough, and the Situation Awareness Global Assessment Technique (SAGAT), were used in the evaluation of the UI. Results showed that users were able to obtain an understanding of the current state of CI, and the usability of the UI was rated as good. In particular, the designated display for the CI overview and the timeline were found to be efficient.

Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses

Directory of Open Access Journals (Sweden)

Stephen Herzog

2011-01-01

Full Text Available In April 2007, the Estonian Government moved a memorial commemorating the Soviet liberation of the country from the Nazis to a less prominent and visible location in Tallinn. This decision triggered rioting among Russian-speaking minorities and cyber terrorism targeting Estonia's critical economic and political infrastructure. Drawing upon the Estonian cyber attacks, this article argues that globalization and the Internet have enabled transnational groups—such as the Russian diaspora—to avenge their grievances by threatening the sovereignty of nation-states in cyberspace. Sophisticated and virtually untraceable political "hacktivists" may now possess the ability to disrupt or destroy government operations, banking transactions, city power grids, and even military weapon systems. Fortunately, western countries banded together to effectively combat the Estonian cyber attacks and minimize their effects. However, this article concludes that in the age of globalization, interdependence, and digital interconnectedness, nation-states must engage in increased cooperative cyber-defense activities to counter and prevent devastating Internet attacks and their implications.

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

Directory of Open Access Journals (Sweden)

Faouzi Jaïdi

2018-01-01

Full Text Available Substantial advances in Information and Communication Technologies (ICT bring out novel concepts, solutions, trends, and challenges to integrate intelligent and autonomous systems in critical infrastructures. A new generation of ICT environments (such as smart cities, Internet of Things, edge-fog-social-cloud computing, and big data analytics is emerging; it has different applications to critical domains (such as transportation, communication, finance, commerce, and healthcare and different interconnections via multiple layers of public and private networks, forming a grid of critical cyberphysical infrastructures. Protecting sensitive and private data and services in critical infrastructures is, at the same time, a main objective and a great challenge for deploying secure systems. It essentially requires setting up trusted security policies. Unfortunately, security solutions should remain compliant and regularly updated to follow and track the evolution of security threats. To address this issue, we propose an advanced methodology for deploying and monitoring the compliance of trusted access control policies. Our proposal extends the traditional life cycle of access control policies with pertinent activities. It integrates formal and semiformal techniques allowing the specification, the verification, the implementation, the reverse-engineering, the validation, the risk assessment, and the optimization of access control policies. To automate and facilitate the practice of our methodology, we introduce our system SVIRVRO that allows managing the extended life cycle of access control policies. We refer to an illustrative example to highlight the relevance of our contributions.

Enabling software defined networking experiments in networked critical infrastructures

Directory of Open Access Journals (Sweden)

Béla Genge

2014-05-01

Full Text Available Nowadays, the fact that Networked Critical Infrastructures (NCI, e.g., power plants, water plants, oil and gas distribution infrastructures, and electricity grids, are targeted by significant cyber threats is well known. Nevertheless, recent research has shown that specific characteristics of NCI can be exploited in the enabling of more efficient mitigation techniques, while novel techniques from the field of IP networks can bring significant advantages. In this paper we explore the interconnection of NCI communication infrastructures with Software Defined Networking (SDN-enabled network topologies. SDN provides the means to create virtual networking services and to implement global networking decisions. It relies on OpenFlow to enable communication with remote devices and has been recently categorized as the “Next Big Technology”, which will revolutionize the way decisions are implemented in switches and routers. Therefore, the paper documents the first steps towards enabling an SDN-NCI and presents the impact of a Denial of Service experiment over traffic resulting from an XBee sensor network which is routed across an emulated SDN network.

Collaborative Attack Mitigation and Response: A survey

NARCIS (Netherlands)

Steinberger, Jessica; Sperotto, Anna; Baier, Harald; Pras, Aiko

2015-01-01

Over recent years, network-based attacks have become to one of the top causes of network infrastructure and service outages. To counteract a network-based attack, an approach is to move mitigation from the target network to the networks of Internet Service Providers (ISP). However, it remains

Cyber attacks against state estimation in power systems: Vulnerability analysis and protection strategies

Science.gov (United States)

Liu, Xuan

Power grid is one of the most critical infrastructures in a nation and could suffer a variety of cyber attacks. With the development of Smart Grid, false data injection attack has recently attracted wide research interest. This thesis proposes a false data attack model with incomplete network information and develops optimal attack strategies for attacking load measurements and the real-time topology of a power grid. The impacts of false data on the economic and reliable operations of power systems are quantitatively analyzed in this thesis. To mitigate the risk of cyber attacks, a distributed protection strategies are also developed. It has been shown that an attacker can design false data to avoid being detected by the control center if the network information of a power grid is known to the attacker. In practice, however, it is very hard or even impossible for an attacker to obtain all network information of a power grid. In this thesis, we propose a local load redistribution attacking model based on incomplete network information and show that an attacker only needs to obtain the network information of the local attacking region to inject false data into smart meters in the local region without being detected by the state estimator. A heuristic algorithm is developed to determine a feasible attacking region by obtaining reduced network information. This thesis investigates the impacts of false data on the operations of power systems. It has been shown that false data can be designed by an attacker to: 1) mask the real-time topology of a power grid; 2) overload a transmission line; 3) disturb the line outage detection based on PMU data. To mitigate the risk of cyber attacks, this thesis proposes a new protection strategy, which intends to mitigate the damage effects of false data injection attacks by protecting a small set of critical measurements. To further reduce the computation complexity, a mixed integer linear programming approach is also proposed to

Applying the Msharpp Method in Risk Assessment for the Water Supply Critical Infrastructure Sector

Directory of Open Access Journals (Sweden)

Badea Dorel

2015-06-01

Full Text Available The paper highlights a manner to assess risks for an important sector of critical infrastructure, that of water supply, frequently regulated in international legal systems. We took into consideration the fact that risk is a problem related to the processes of decision making under conditions of uncertainty in most cases, so that by this approach we bring to the attention of critical infrastructure managers, drawing on their experience, a simple method that can be considered in a preliminary stage of risk assessment specific to water supply.

System Dynamics Approach for Critical Infrastructure and Decision Support. A Model for a Potable Water System.

Science.gov (United States)

Pasqualini, D.; Witkowski, M.

2005-12-01

The Critical Infrastructure Protection / Decision Support System (CIP/DSS) project, supported by the Science and Technology Office, has been developing a risk-informed Decision Support System that provides insights for making critical infrastructure protection decisions. The system considers seventeen different Department of Homeland Security defined Critical Infrastructures (potable water system, telecommunications, public health, economics, etc.) and their primary interdependencies. These infrastructures have been modeling in one model called CIP/DSS Metropolitan Model. The modeling approach used is a system dynamics modeling approach. System dynamics modeling combines control theory and the nonlinear dynamics theory, which is defined by a set of coupled differential equations, which seeks to explain how the structure of a given system determines its behavior. In this poster we present a system dynamics model for one of the seventeen critical infrastructures, a generic metropolitan potable water system (MPWS). Three are the goals: 1) to gain a better understanding of the MPWS infrastructure; 2) to identify improvements that would help protect MPWS; and 3) to understand the consequences, interdependencies, and impacts, when perturbations occur to the system. The model represents raw water sources, the metropolitan water treatment process, storage of treated water, damage and repair to the MPWS, distribution of water, and end user demand, but does not explicitly represent the detailed network topology of an actual MPWS. The MPWS model is dependent upon inputs from the metropolitan population, energy, telecommunication, public health, and transportation models as well as the national water and transportation models. We present modeling results and sensitivity analysis indicating critical choke points, negative and positive feedback loops in the system. A general scenario is also analyzed where the potable water system responds to a generic disruption.

Modelling a critical infrastructure-driven spatial database for proactive disaster management: A developing country context

Directory of Open Access Journals (Sweden)

David O. Baloye

2016-04-01

Full Text Available The understanding and institutionalisation of the seamless link between urban critical infrastructure and disaster management has greatly helped the developed world to establish effective disaster management processes. However, this link is conspicuously missing in developing countries, where disaster management has been more reactive than proactive. The consequence of this is typified in poor response time and uncoordinated ways in which disasters and emergency situations are handled. As is the case with many Nigerian cities, the challenges of urban development in the city of Abeokuta have limited the effectiveness of disaster and emergency first responders and managers. Using geospatial techniques, the study attempted to design and deploy a spatial database running a web-based information system to track the characteristics and distribution of critical infrastructure for effective use during disaster and emergencies, with the purpose of proactively improving disaster and emergency management processes in Abeokuta. Keywords: Disaster Management; Emergency; Critical Infrastructure; Geospatial Database; Developing Countries; Nigeria

Counter terrorism functions to enhance critical infrastructure resilience against CBRNe terrorism

NARCIS (Netherlands)

Bonsen, I.M.; Gaasbeek, R.C.

2009-01-01

Current approaches in critical infrastructure protection use long lists of items that fail to give its user a structured answer to the state of protection of its object. The functionality approach uses different terrorist functions to structure the threat (which are to have intent, to scout, to

Cyberwarfare on the Electricity Infrastructure

Energy Technology Data Exchange (ETDEWEB)

Murarka, N.; Ramesh, V.C.

2000-03-20

The report analyzes the possibility of cyberwarfare on the electricity infrastructure. The ongoing deregulation of the electricity industry makes the power grid all the more vulnerable to cyber attacks. The report models the power system information system components, models potential threats and protective measures. It therefore offers a framework for infrastructure protection.

Managing the complexity of critical infrastructures a modelling and simulation approach

CERN Document Server

Rosato, Vittorio; Kyriakides, Elias; Rome, Erich

2016-01-01

This book is open access under a CC BY 4.0 license. This book summarizes work being pursued in the context of the CIPRNet (Critical Infrastructure Preparedness and Resilience Research Network) research project, co-funded by the European Union under the Seventh Framework Programme (FP7). The project is intended to provide concrete and on-going support to the Critical Infrastructure Protection (CIP) research communities, enhancing their preparedness for CI-related emergencies, while also providing expertise and technologies for other stakeholders to promote their understanding and mitigation of the consequences of CI disruptions, leading to enhanced resilience. The book collects the tutorial material developed by the authors for several courses on the modelling, simulation and analysis of CIs, representing extensive and integrated CIP expertise. It will help CI stakeholders, CI operators and civil protection authorities understand the complex system of CIs, and help them adapt to these changes and threats in or...

Securing the United States' power infrastructure

Energy Technology Data Exchange (ETDEWEB)

Happenny, Sean F. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2015-08-01

The United States’ power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power distribution networks utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the networks protecting them are becoming easier to breach. Providing a virtual power substation network to each student team at the National Collegiate Cyber Defense Competition, thereby supporting the education of future cyber security professionals, is another way PNNL is helping to strengthen the security of the nation’s power infrastructure.

Flood Risk Assessment on Selected Critical Infrastructure in Kota Marudu Town, Sabah, Malaysia

Directory of Open Access Journals (Sweden)

Ayog Janice Lynn

2017-01-01

Full Text Available This study investigates the risk of flood on selected critical infrastructure in a flood-prone catchment in Sabah, Malaysia. Kota Marudu, located in the Bandau floodplain, one of the Sabah’s northern water catchments, was selected as the study site due to its frequent flood occurrence and large floodplain coverage. Two of its largest rivers, namely Sungai Bongon and Sungai Bandau, tends to flood during rainy season and cause temporary displacements of thousands of people living in the floodplain. A total of 362 respondents participated in the questionnaire survey in order to gather information on historical flood occurrence. Three flood depth groups were determined, which are 1 less than 0.3 meter, 2 0.3 – 0.6 meter and 3 more than 0.6 meter, while three categories of critical infrastructure were defined, namely transportation system, communication system and buildings. It is found that the transportation system encounters the most severe impact as flood inundation increases, where 92% of the respondents believe that the transportation access should be abandoned when flood depth is more than 0.6m. The findings of this study will be used for detailed risk assessment, specifically on the vulnerability of the critical infrastructures to flood in this floodplain.

Organizational Strategies for Critical Transportation Infrastructure: Characteristics of Urban Resilience. The Case of Montreal.

Science.gov (United States)

Beauregard, Stéphane; Therrien, Marie-Christine; Normandin, Julie-Maude

2010-05-01

Organizational Strategies for Critical Transportation Infrastructure: Characteristics of Urban Resilience. The Case of Montreal. Stéphane Beauregard M.Sc. Candidate École nationale d'administration publique Julie-Maude Normandin Ph.D. Candidate École nationale d'administration publique Marie-Christine Therrien Professor École nationale d'administration publique The proposed paper presents preliminary results on the resilience of organizations managing critical infrastructure in the Metropolitan Montreal area (Canada). A resilient city is characterized by a network of infrastructures and individuals capable of maintaining their activities in spite of a disturbance (Godschalk, 2002). Critical infrastructures provide essential services for the functioning of society. In a crisis situation, the interruption or a decrease in performance of critical infrastructures could have important impacts on the population. They are also vulnerable to accidents and cascading effects because on their complexity and tight interdependence (Perrow, 1984). For these reasons, protection and security of the essential assets and networks are one of the objectives of organizations and governments. But prevention and recovery are two endpoints of a continuum which include also intermediate concerns: ensuring organizational robustness or failing with elegance rather than catastrophically. This continuum also includes organizational resilience (or system), or the ability to recover quickly after an interruption has occurred. Wildavsky (1988) proposes that anticipation strategies work better against known problems while resilience strategies focus on unknown problems. Anticipation policies can unnecessarily immobilize investments against risks, while resilience strategies include the potential for a certain sacrifice in the interests of a more long-term survival and adaptation to changing threats. In addition, a too large confidence in anticipation strategies can bring loss of capacity of an

Identification of critical locations across multiple infrastructures for terrorist actions

International Nuclear Information System (INIS)

Patterson, S.A.; Apostolakis, G.E.

2007-01-01

This paper presents a possible approach to ranking geographic regions that can influence multiple infrastructures. Once ranked, decision makers can determine whether these regions are critical locations based on their susceptibility to terrorist acts. We identify these locations by calculating a value for a geographic region that represents the combined values to the decision makers of all the infrastructures crossing through that region. These values, as well as the size of the geographic region, are conditional on an assumed destructive threat of a given size. In our case study, the threat is assumed to be minor, e.g., a bomb that can affect objects within 7 m of it. This approach first requires an assessment of the users of the system. During this assessment, each user is assigned a performance index (PI) based on the disutility of the loss of each infrastructure's resource via multi-attribute utility theory (MAUT). A Monte Carlo network analysis is then performed to develop importance measures (IM) for the elements of each infrastructure for their ability to service each user. We combine the IMs with the user PIs to a value that we call valued worth (VW) for each infrastructure's elements independently. Then we use spatial analysis techniques within a geographic information system (GIS) to combine the VWs of each infrastructure's elements in a geographic area, conditional on the threat, into a total value we call geographic valued worth (GVW). The GVW is displayed graphically in the GIS system in a color scheme that shows the numerical ranking of these geographic areas. The map and rankings are then submitted to the decision makers to better allocate anti-terrorism resources. A case study of this methodology is performed on the Massachusetts Institute of Technology (MIT) campus. The results of the study show how the methodology can bring attention to areas that are important when several infrastructures are considered, but may be ignored when infrastructures

Geovisualization applications to examine and explore high-density and hierarchical critical infrastructure data

Science.gov (United States)

Edsall, Robert; Hembree, Harvey

2018-05-01

The geospatial research and development team in the National and Homeland Security Division at Idaho National Laboratory was tasked with providing tools to derive insight from the substantial amount of data currently available - and continuously being produced - associated with the critical infrastructure of the US. This effort is in support of the Department of Homeland Security, whose mission includes the protection of this infrastructure and the enhancement of its resilience to hazards, both natural and human. We present geovisual-analytics-based approaches for analysis of vulnerabilities and resilience of critical infrastructure, designed so that decision makers, analysts, and infrastructure owners and managers can manage risk, prepare for hazards, and direct resources before and after an incident that might result in an interruption in service. Our designs are based on iterative discussions with DHS leadership and analysts, who in turn will use these tools to explore and communicate data in partnership with utility providers, law enforcement, and emergency response and recovery organizations, among others. In most cases these partners desire summaries of large amounts of data, but increasingly, our users seek the additional capability of focusing on, for example, a specific infrastructure sector, a particular geographic region, or time period, or of examining data in a variety of generalization or aggregation levels. These needs align well with tenets of in-formation-visualization design; in this paper, selected applications among those that we have designed are described and positioned within geovisualization, geovisual analytical, and information visualization frameworks.

Assessing the Vulnerability of Large Critical Infrastructure Using Fully-Coupled Blast Effects Modeling

Energy Technology Data Exchange (ETDEWEB)

McMichael, L D; Noble, C R; Margraf, J D; Glascoe, L G

2009-03-26

Structural failures, such as the MacArthur Maze I-880 overpass in Oakland, California and the I-35 bridge in Minneapolis, Minnesota, are recent examples of our national infrastructure's fragility and serve as an important reminder of such infrastructure in our everyday lives. These two failures, as well as the World Trade Center's collapse and the levee failures in New Orleans, highlight the national importance of protecting our infrastructure as much as possible against acts of terrorism and natural hazards. This paper describes a process for evaluating the vulnerability of critical infrastructure to large blast loads using a fully-coupled finite element approach. A description of the finite element software and modeling technique is discussed along with the experimental validation of the numerical tools. We discuss how such an approach can be used for specific problems such as modeling the progressive collapse of a building.

Integration of resilience capabilities for Critical Infrastructures into the Emergency Management set-up

DEFF Research Database (Denmark)

Kozine, Igor; Andersen, Henning Boje

2015-01-01

We suggest an approach for maintaining and enhancing resilience that integrates the resilience capabilities of Critical Infrastructures (CIs) into the emergency management cycle (prevention, preparedness, response, and recovery). This allows emergency services to explicitly address resilience...

Protective design of critical infrastructure with high performance concretes

International Nuclear Information System (INIS)

Riedel, W.; Nöldgen, M.; Stolz, A.; Roller, C.

2012-01-01

Conclusions: High performance concrete constructions will allow innovative design solutions for critical infrastructures. Validation of engineering methods can reside on large and model scale experiments conducted on conventional concrete structures. New consistent impact experiments show extreme protection potential for UHPC. Modern FEM with concrete models and explicit rebar can model HPC and UHPC penetration resistance. SDOF and TDOF approaches are valuable design tools on local and global level. Combination of at least 2 out of 3 design methods FEM – XDOF- EXP allow reliable prediction and efficient innovative designs

Testing Situation Awareness Network for the Electrical Power Infrastructure

Directory of Open Access Journals (Sweden)

Rafał Leszczyna

2016-09-01

Full Text Available The contemporary electrical power infrastructure is exposed to new types of threats. The cause of such threats is related to the large number of new vulnerabilities and architectural weaknesses introduced by the extensive use of Information and communication Technologies (ICT in such complex critical systems. The power grid interconnection with the Internet exposes the grid to new types of attacks, such as Advanced Persistent Threats (APT or Distributed-Denial-ofService (DDoS attacks. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. To counter evolved and highly sophisticated threats such as the APT or DDoS, state-of-the-art technologies including Security Incident and Event Management (SIEM systems, extended Intrusion Detection/Prevention Systems (IDS/IPS and Trusted Platform Modules (TPM are required. Developing and deploying extensive ICT infrastructure that supports wide situational awareness and allows precise command and control is also necessary. In this paper the results of testing the Situational Awareness Network (SAN designed for the energy sector are presented. The purpose of the tests was to validate the selection of SAN components and check their operational capability in a complex test environment. During the tests’ execution appropriate interaction between the components was verified.

What’s My Lane? Identifying the State Government Role in Critical Infrastructure Protection

Science.gov (United States)

2012-03-01

Marsh Commission. The GMU research program was developed with Congressional funding, the results of which have produced numerous research papers ...acknowledging that not all attacks or accidents can be prevented, turn to criticality as a crutch —pouring more and more resources into all

Protecting ICS Systems Within the Energy Sector from Cyber Attacks

Science.gov (United States)

Barnes, Shaquille

Advance persistent threat (APT) groups are continuing to attack the energy sector through cyberspace, which poses a risk to our society, national security, and economy. Industrial control systems (ICSs) are not designed to handle cyber-attacks, which is why asset owners need to implement the correct proactive and reactive measures to mitigate the risk to their ICS environments. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 290 incidents for fiscal year 2016, where 59 of those incidents came from the Energy Sector. APT groups know how vulnerable energy sector ICS systems are and the destruction they can cause when they go offline such as loss of production, loss of life, and economic impact. Defending against APT groups requires more than just passive controls such as firewalls and antivirus solutions. Asset owners should implement a combination of best practices and active defense in their environment to defend against APT groups. Cyber-attacks against critical infrastructure will become more complex and harder to detect and respond to with traditional security controls. The purpose of this paper was to provide asset owners with the correct security controls and methodologies to help defend against APT groups.

Security Analysis of Smart Grid Cyber Physical Infrastructures Using Modeling and Game Theoretic Simulation

Energy Technology Data Exchange (ETDEWEB)

Abercrombie, Robert K [ORNL; Sheldon, Frederick T. [University of Idaho

2015-01-01

Cyber physical computing infrastructures typically consist of a number of sites are interconnected. Its operation critically depends both on cyber components and physical components. Both types of components are subject to attacks of different kinds and frequencies, which must be accounted for the initial provisioning and subsequent operation of the infrastructure via information security analysis. Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our analysis on the electric sector failure scenarios and impact analyses by the NESCOR Working Group Study, From the Section 5 electric sector representative failure scenarios; we extracted the four generic failure scenarios and grouped them into three specific threat categories (confidentiality, integrity, and availability) to the system. These specific failure scenarios serve as a demonstration of our simulation. The analysis using our ABGT simulation demonstrates how to model the electric sector functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the cyber physical infrastructure network with respect to CIA.

Protecting America: Reorganizing the Nation's Security Forces to Ensure the Protection of Our Critical Infrastructure

National Research Council Canada - National Science Library

Williams

2004-01-01

.... This national strategy amplified the significant responsibilities of states, localities, the private sector, and private citizens to protect and defend our communities and our critical infrastructure...

PROTECTING CRITICAL DATABASES – TOWARDS A RISK-BASED ASSESSMENT OF CRITICAL INFORMATION INFRASTRUCTURES (CIIS IN SOUTH AFRICA

Directory of Open Access Journals (Sweden)

Mzukisi N Njotini

2013-04-01

Full Text Available South Africa has made great strides towards protecting critical information infrastructures (CIIs. For example, South Africa recognises the significance of safeguarding places or areas that are essential to the national security of South Africa or the economic and social well-being of South African citizens. For this reason South Africa has established mechanisms to assist in preserving the integrity and security of CIIs. The measures provide inter alia for the identification of CIIs; the registration of the full names, address and contact details of the CII administrators (the persons who manage CIIs; the identification of the location(s of CIIs or their component parts; and the outlining of the general descriptions of information or data stored in CIIs.It is argued that the measures to protect CIIs in South Africa are inadequate. In particular, the measures rely on a one-size-fits-all approach to identify and classify CIIs. For this reason the South African measures are likely to lead to the adoption of a paradigm that considers every infrastructure, data or database, regardless of its significance or importance, to be key or critical.

Attacks and their Defenses for Advanced Metering Infrastructure

DEFF Research Database (Denmark)

Lighari, Sheeraz Niaz; Hussain, Dil Muhammad Akbar; Bak-Jensen, Birgitte

2014-01-01

The smart grid is the digitized, modernized, updated version of archaic traditional electric grid. Advanced Metering Infrastructure (AMI) is an imperative part of the smart grid. It has replaced legacy metering, as it reports the energy consumption to the utility automatically through communicati...

Trust and Reputation Management for Critical Infrastructure Protection

Science.gov (United States)

Caldeira, Filipe; Monteiro, Edmundo; Simões, Paulo

Today's Critical Infrastructures (CI) depend of Information and Communication Technologies (ICT) to deliver their services with the required level of quality and availability. ICT security plays a major role in CI protection and risk prevention for single and also for interconnected CIs were cascading effects might occur because of the interdependencies that exist among different CIs. This paper addresses the problem of ICT security in interconnected CIs. Trust and reputation management using the Policy Based Management paradigm is the proposed solution to be applied at the CI interconnection points for information exchange. The proposed solution is being applied to the Security Mediation Gateway being developed in the European FP7 MICIE project, to allow for information exchange among interconnected CIs.

Setting Component Priorities in Protecting NPPs against Cyber-Attacks Using Reliability Analysis Techniques

International Nuclear Information System (INIS)

Choi, Moon Kyoung; Seong, Poong Hyun; Son, Han Seong

2017-01-01

The digitalization of infrastructure makes systems vulnerable to cyber threats and hybrid attacks. According to ICS-CERT report, as time goes by, the number of vulnerabilities in ICS industries increases rapidly. Digital I and C systems have been developed and installed in nuclear power plants, and due to installation of the digital I and C systems, cyber security concerns are increasing in nuclear industry. However, there are too many critical digital assets to be inspected in digitalized NPPs. In order to reduce the inefficiency of regulation in nuclear facilities, the critical components that are directly related to an accident are elicited by using the reliability analysis techniques. Target initial events are selected, and their headings are analyzed through event tree analysis about whether the headings can be affected by cyber-attacks or not. Among the headings, the headings that can be proceeded directly to the core damage by the cyber-attack when they are fail are finally selected as the target of deriving the minimum cut-sets. We analyze the fault trees and derive the minimum set-cuts. In terms of original PSA, the value of probability for the cut-sets is important but the probability is not important in terms of cyber security of NPPs. The important factors is the number of basic events consisting of the minimal cut-sets that is proportional to vulnerability.

ICS logging solution for network-based attacks using Gumistix technology

Science.gov (United States)

Otis, Jeremy R.; Berman, Dustin; Butts, Jonathan; Lopez, Juan

2013-05-01

Industrial Control Systems (ICS) monitor and control operations associated with the national critical infrastructure (e.g., electric power grid, oil and gas pipelines and water treatment facilities). These systems rely on technologies and architectures that were designed for system reliability and availability. Security associated with ICS was never an inherent concern, primarily due to the protections afforded by network isolation. However, a trend in ICS operations is to migrate to commercial networks via TCP/IP in order to leverage commodity benefits and cost savings. As a result, system vulnerabilities are now exposed to the online community. Indeed, recent research has demonstrated that many exposed ICS devices are being discovered using readily available applications (e.g., ShodanHQ search engine and Google-esque queries). Due to the lack of security and logging capabilities for ICS, most knowledge about attacks are derived from real world incidents after an attack has already been carried out and the damage has been done. This research provides a method for introducing sensors into the ICS environment that collect information about network-based attacks. The sensors are developed using an inexpensive Gumstix platform that can be deployed and incorporated with production systems. Data obtained from the sensors provide insight into attack tactics (e.g., port scans, Nessus scans, Metasploit modules, and zero-day exploits) and characteristics (e.g., attack origin, frequency, and level of persistence). Findings enable security professionals to draw an accurate, real-time awareness of the threats against ICS devices and help shift the security posture from reactionary to preventative.

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Directory of Open Access Journals (Sweden)

Apostolos P. Fournaris

2017-07-01

Full Text Available Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT and Operational Technology (OT systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory. Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS such systems are designed to provide.

Optimizing the Long-Term Capacity Expansion and Protection of Iraqi Oil Infrastructure

National Research Council Canada - National Science Library

Brown, Patrick S

2005-01-01

This thesis introduces a tri-level defender-attacker-defender optimization model that prescribes how Iraq's oil infrastructure can, over time, be expanded, protected, and operated, even in the face of insurgent attacks...

Islamic State and Its Attitude to the Terrorist Attacks on the Energy Sector

Directory of Open Access Journals (Sweden)

Lukáš Tichý

2016-06-01

Full Text Available The main aim of this article is both to analyze the importance of the terrorist attacks on energy infrastructure and industry for strategy of militant terrorist organization Islamic State against the background of the influence of Islam and to describe a specific example and manifestations of the terrorist activities focused on energy sector in the Middle East and North Africa. In the theoretical level, the article is based on the concept of terrorist attack on energy sector and relation between energy and Sunni Islam. In methodological level, the article is based on the case study method framing terrorist attacks of Islamic State on energy industry and infrastructure in Iraq, Syria and Libya.

The role of network theory and object-oriented modeling within a framework for the vulnerability analysis of critical infrastructures

International Nuclear Information System (INIS)

Eusgeld, Irene; Kroeger, Wolfgang; Sansavini, Giovanni; Schlaepfer, Markus; Zio, Enrico

2009-01-01

A framework for the analysis of the vulnerability of critical infrastructures has been proposed by some of the authors. The framework basically consists of two successive stages: (i) a screening analysis for identifying the parts of the critical infrastructure most relevant with respect to its vulnerability and (ii) a detailed modeling of the operational dynamics of the identified parts for gaining insights on the causes and mechanisms responsible for the vulnerability. In this paper, a critical presentation is offered of the results of a set of investigations aimed at evaluating the potentials of (i) using network analysis based on measures of topological interconnection and reliability efficiency, for the screening task; (ii) using object-oriented modeling as the simulation framework to capture the detailed dynamics of the operational scenarios involving the most vulnerable parts of the critical infrastructure as identified by the preceding network analysis. A case study based on the Swiss high-voltage transmission system is considered. The results are cross-compared and evaluated; the needs of further research are defined

76 FR 76021 - Critical Infrastructure Protection Month, 2011

Science.gov (United States)

2011-12-06

..., we must also address the growing threat cyber attacks present to our transportation networks... action against cyber threats. To ensure the safety of our most vital operations, we are working to give.... These efforts will bolster our ability to withstand any attack, whether virtual or physical. During...

Critical infrastructure monitoring using UAV imagery

Science.gov (United States)

Maltezos, Evangelos; Skitsas, Michael; Charalambous, Elisavet; Koutras, Nikolaos; Bliziotis, Dimitris; Themistocleous, Kyriacos

2016-08-01

The constant technological evolution in Computer Vision enabled the development of new techniques which in conjunction with the use of Unmanned Aerial Vehicles (UAVs) may extract high quality photogrammetric products for several applications. Dense Image Matching (DIM) is a Computer Vision technique that can generate a dense 3D point cloud of an area or object. The use of UAV systems and DIM techniques is not only a flexible and attractive solution to produce accurate and high qualitative photogrammetric results but also is a major contribution to cost effectiveness. In this context, this study aims to highlight the benefits of the use of the UAVs in critical infrastructure monitoring applying DIM. A Multi-View Stereo (MVS) approach using multiple images (RGB digital aerial and oblique images), to fully cover the area of interest, is implemented. The application area is an Olympic venue in Attica, Greece, at an area of 400 acres. The results of our study indicate that the UAV+DIM approach respond very well to the increasingly greater demands for accurate and cost effective applications when provided with, a 3D point cloud and orthomosaic.

Defense and attack of complex and dependent systems

International Nuclear Information System (INIS)

Hausken, Kjell

2010-01-01

A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

Defense and attack of complex and dependent systems

Energy Technology Data Exchange (ETDEWEB)

Hausken, Kjell, E-mail: kjell.hausken@uis.n [Faculty of Social Sciences, University of Stavanger, N-4036 Stavanger (Norway)

2010-01-15

A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

VoIP attacks detection engine based on neural network

Science.gov (United States)

Safarik, Jakub; Slachta, Jiri

2015-05-01

The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

Deconstructing the Assessment of Anomaly-based Intrusion Detectors for Critical Applications

Energy Technology Data Exchange (ETDEWEB)

Viswanathan, Arun; Tan, Kymie; Neuman, Clifford

2013-10-01

Anomaly detection is a key strategy for cyber intrusion detection because it is conceptually capable of detecting novel attacks. This makes it an appealing defensive technique for environments such as the nation's critical infrastructures that is currently facing increased cyber adversarial activity. When considering deployment within the purview of such critical infrastructures it is imperative that the technology is well understood and reliable, where its performance is benchmarked on the results of principled assessments. This paper works towards such an imperative by analyzing the current state of anomaly detector assessments with a view toward mission critical deployments. We compile a framework of key evaluation constructs that identify how and where current assessment methods may fall short in providing sufficient insight into detector performance characteristics. Within the context of three case studies from literature, we show how error factors that influence the performance of detectors interact with different phases of a canonical evaluation strategy to compromise the integrity of the final results.

Development of a structural health monitoring system for the life assessment of critical transportation infrastructure.

Energy Technology Data Exchange (ETDEWEB)

Roach, Dennis Patrick; Jauregui, David Villegas (New Mexico State University, Las Cruces, NM); Daumueller, Andrew Nicholas (New Mexico State University, Las Cruces, NM)

2012-02-01

Recent structural failures such as the I-35W Mississippi River Bridge in Minnesota have underscored the urgent need for improved methods and procedures for evaluating our aging transportation infrastructure. This research seeks to develop a basis for a Structural Health Monitoring (SHM) system to provide quantitative information related to the structural integrity of metallic structures to make appropriate management decisions and ensuring public safety. This research employs advanced structural analysis and nondestructive testing (NDT) methods for an accurate fatigue analysis. Metal railroad bridges in New Mexico will be the focus since many of these structures are over 100 years old and classified as fracture-critical. The term fracture-critical indicates that failure of a single component may result in complete collapse of the structure such as the one experienced by the I-35W Bridge. Failure may originate from sources such as loss of section due to corrosion or cracking caused by fatigue loading. Because standard inspection practice is primarily visual, these types of defects can go undetected due to oversight, lack of access to critical areas, or, in riveted members, hidden defects that are beneath fasteners or connection angles. Another issue is that it is difficult to determine the fatigue damage that a structure has experienced and the rate at which damage is accumulating due to uncertain history and load distribution in supporting members. A SHM system has several advantages that can overcome these limitations. SHM allows critical areas of the structure to be monitored more quantitatively under actual loading. The research needed to apply SHM to metallic structures was performed and a case study was carried out to show the potential of SHM-driven fatigue evaluation to assess the condition of critical transportation infrastructure and to guide inspectors to potential problem areas. This project combines the expertise in transportation infrastructure at New

78 FR 39712 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Science.gov (United States)

2013-07-02

... DEPARTMENT OF COMMERCE International Trade Administration Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait Clarification and Amendment AGENCY... cyber-security firms and trade organizations which have not already submitted an application are...

Cyber Attacks: A New Threat to the Energy Industry

International Nuclear Information System (INIS)

Desarnaud, Gabrielle

2016-01-01

The Network and Information Security (NIS) Directive has been adopted on July 6, 2016 by the European Parliament, three years after the initial proposal by the European Commission. It paves the way for a much needed common cyber security strategy within the EU. This Edito explains the reasons why the energy industry is particularly vulnerable to cyber- attacks, and what tools this new directive brings about to protect European critical infrastructures. In about two decades, the energy industry has been deeply transformed by the digital revolution, which penetrated companies' commercial, administrative and financial branches, but also their industrial systems. From the optimization of electric grids to the precision of oil drilling, information and communication technologies (ICT) are now essential to every stage of energy production, transport and distribution processes. Data mining and analysis are increasingly considered as the energy sector's new 'black gold', and generate new activities just like the platform Predix, designed by General Electric to help energy companies (among others) collect and analyze industrial data. This silent revolution offers countless economic opportunities and paves the way for a better resource distribution and use. But it also puts physical energy infrastructures at risk

Vulnerability to terrorist attacks in European electricity decarbonisation scenarios: Comparing renewable electricity imports to gas imports

International Nuclear Information System (INIS)

Lilliestam, Johan

2014-01-01

The decarbonised future European electricity system must remain secure: reliable electricity supply is a prerequisite for the functioning of modern society. Scenarios like Desertec, which partially rely on solar power imports from the Middle East and North Africa, may be attractive for decarbonisation, but raise concerns about terrorists interrupting supply by attacking the long, unprotected transmission lines in the Sahara. In this paper, I develop new methods and assess the European vulnerability to terrorist attacks in the Desertec scenario. I compare this to the vulnerability of today's system and a decarbonisation scenario in which Europe relies on gas imports for electricity generation. I show that the vulnerability of both gas and electricity imports is low, but electricity imports are more vulnerable than gas imports, due to their technical characteristics. Gas outages (and, potentially, resulting blackouts) are the very unlikely consequence even of very high-number attacks against the gas import system, whereas short blackouts are the potential consequence of a few attacks against the import electricity lines. As the impacts of all except extreme attacks are limited, terrorists cannot attack energy infrastructure and cause spectacular, fear-creating outages. Both gas and electricity import infrastructure are thus unattractive and unlikely terrorist targets. - Highlights: • A comparison of terrorism risks of importing solar power and gas for power generation. • Both scenarios show low vulnerability to terrorist attacks. • Within low vulnerabilities, gas imports are less vulnerable than electricity imports. • Causing spectacular, large and long outages is very difficult for attacker. • The attractiveness of gas and power import infrastructure as terrorist target is low

Tool-based Risk Assessment of Cloud Infrastructures as Socio-Technical Systems

DEFF Research Database (Denmark)

Nidd, Michael; Ivanova, Marieta Georgieva; Probst, Christian W.

2015-01-01

Assessing risk in cloud infrastructures is difficult. Typical cloud infrastructures contain potentially thousands of nodes that are highly interconnected and dynamic. Another important component is the set of human actors who get access to data and computing infrastructure. The cloud infrastructure...... exercise for cloud infrastructures using the socio-technical model developed in the TRESPASS project; after showing how to model typical components of a cloud infrastructure, we show how attacks are identified on this model and discuss their connection to risk assessment. The technical part of the model...... is extracted automatically from the configuration of the cloud infrastructure, which is especially important for systems so dynamic and complex....

Study of DSR and AODV under Sinkhole Attack and Its Proposed Prevention Technique

OpenAIRE

Winnie Main; Narendra M. Shekokar

2014-01-01

Mobile Ad-hoc Networks (MANET) are wireless mobile nodes that communicate without any predefined infrastructure. This allows MANETs to be easily setup in geographical and terrestrial constraints. To achieve this kind of communication MANET routing protocols play an important role. Two routing protocols, DSR and AODV are studied in detail. This basic trait of a MANET makes its routing protocols very vulnerable to security attacks. One such attack is the ‘Sinkhole’ attack which ...

Interconnectedness and interdependencies of critical infrastructures in the US economy: Implications for resilience

Science.gov (United States)

Chopra, Shauhrat S.; Khanna, Vikas

2015-10-01

Natural disasters in 2011 yielded close to 55 billion in economic damages alone in the United States (US), which highlights the need to reduce impacts of such disasters or other deliberate attacks. The US Department of Homeland Security (DHS) identifies a list of 16 Critical Infrastructure Sectors (CIS) whose incapacity due to disruptions would have a debilitating impact on the nation's economy. The goal of this work is to understand the implications of interdependencies among CIS on the resilience of the US economic system as a whole. We develop a framework that combines the empirical economic input-output (EIO) model with graph theory based techniques for understanding interdependencies, interconnectedness and resilience in the US economic system. By representing the US economy as a network, we are able to analyze its topology by separately looking at its unweighted and weighted forms. Topological analysis of the US EIO network suggests that it exhibits small world properties for the unweighted case, and in the weighted case, the throughput of industry sectors follows a power-law with an exponential cutoff. Implications of these topological properties are discussed in the paper. We also simulate hypothetical disruptions on CIS in order to identify industrial sectors that experience the largest economic impacts, and to quantify systemic vulnerability in economic terms. In addition, insights from community detection and hypothetical disruption scenarios help assess vulnerability of individual industrial communities to disruptions on individual CIS. These methodologies also provide insights regarding the extent of coupling between each CIS in the US EIO network. Based on our analysis, we observe that excessive interconnectedness and interdependencies of CIS results in high systemic vulnerability. This information can guide policymakers to design policies that improve resilience of economic networks, and evaluate policies that might indirectly increase coupling

Integrating Critical Disability Studies into the Historiography of Infrastructures

DEFF Research Database (Denmark)

Galis, Vasilis; Tympas, Aristotle; Tzokas, Spyros

Infrastructures are habitually associated with enabling, with facilitating mobility. Attention to accidents and related failures of infrastructures, due to accidental or endemic reasons, has substantially enriched the historiography of infrastructures while, at the same time, pointing to limits...... infrastructures became sites for regulating and controlling certain groups. Seen like this, transport technologies, at remote national borders and in the heart of a national metropolis, were a key field for sociotechnical battles that produced dis/abled-displaced bodies, that is, a new corporeal subject. Dis...... idea of the human being “(Shildrick, 2010)....

Terrorism and Security Issues Facing the Water Infrastructure Sector

National Research Council Canada - National Science Library

Copeland, Claudia; Cody, Betsy

2005-01-01

Damage to or destruction of the nation's water supply and water quality infrastructure by terrorist attack could disrupt the delivery of vital human services in this country, threatening public health...

A Chronology of Attacks on and Unlawful Interferences with, Offshore Oil and Gas Installations, 1975 – 2010

Directory of Open Access Journals (Sweden)

Mikhail Kashubsky

2011-12-01

Full Text Available Throughout its history, the oil and gas industry has been a subject of environmental protests, labour disputes, tensions with local communities, and it has also been a target of various violent activities ranging from vandalism to political violence, which have impinged on the security of oil industry workers and interfered with operational activities of oil companies on numerous occasions. Although a considerable number of attacks on oil and gas infrastructure occurred over the course of the industry’s existence, most of those attacks were directed against onshore petroleum targets. Compared to onshore petroleum infrastructure, attacks on offshore oil and gas installations are relatively rare. The following chronology provides details of attacks, unlawful interferences, and security incidents involving offshore oil and gas installations that happened between 1975 and 2010. 

Terrorism and Security Issues Facing the Water Infrastructure Sector

National Research Council Canada - National Science Library

Copeland, Claudia; Cody, Betsy A

2006-01-01

Damage to or destruction of the nation's water supply and water quality infrastructure by a terrorist attack could disrupt the delivery of vital human services in this country, threaten public health...

Resilience framework for critical infrastructures: An empirical study in a nuclear plant

International Nuclear Information System (INIS)

Labaka, Leire; Hernantes, Josune; Sarriegi, Jose M.

2015-01-01

The safety and proper functioning of Critical Infrastructures (CIs) are essential for ensuring the welfare of society, which puts the issue of improving their resilience level at the forefront of the field of crisis management. Most of the resilience-building principles defined in the literature do not cover all the dimensions that make up resilience and most of them only focus within the boundaries of the CI, neglecting the role of the external agents that also have an influence on enhancing resilience. Furthermore, most of the principles that are present in the literature are theoretical and difficult to implement in practice. In light of this situation, the aim of this research is to present a holistic resilience framework for critical infrastructures in order to improve their resilience level by taking into account internal and external agents and covering all the resilience dimensions. Furthermore, this framework has been defined in close collaboration with the general management of CIs to facilitate its implementation in practice. Finally, in order to illustrate the value added of this framework it was implemented in a nuclear plant. - Highlights: • Resilience protects against foreseen and unpredicted events. • There are two types of resilience: internal resilience and external resilience. • Sixteen policies and thirty sub-policies assist on building resilience. • Power nuclear plant focused on risk management approach rather than resilience. • The plant’s event driven risk management was enhanced with an all hazard approach

Economics in Criticality and Restoration of Energy Infrastructures.

Energy Technology Data Exchange (ETDEWEB)

Boyd, Gale A.; Flaim, Silvio J.; Folga, Stephen M.; Gotham, Douglas J.; McLamore, Michael R.; Novak, Mary H.; Roop, Joe M.; Rossmann, Charles G.; Shamsuddin, Shabbir A.; Zeichner, Lee M.; Stamber, Kevin L.

2005-03-01

Economists, systems analysts, engineers, regulatory specialists, and other experts were assembled from academia, the national laboratories, and the energy industry to discuss present restoration practices (many have already been defined to the level of operational protocols) in the sectors of the energy infrastructure as well as other infrastructures, to identify whether economics, a discipline concerned with the allocation of scarce resources, is explicitly or implicitly a part of restoration strategies, and if there are novel economic techniques and solution methods that could be used help encourage the restoration of energy services more quickly than present practices or to restore service more efficiently from an economic perspective. AcknowledgementsDevelopment of this work into a coherent product with a useful message has occurred thanks to the thoughtful support of several individuals:Kenneth Friedman, Department of Energy, Office of Energy Assurance, provided the impetus for the work, as well as several suggestions and reminders of direction along the way. Funding from DOE/OEA was critical to the completion of this effort.Arnold Baker, Chief Economist, Sandia National Laboratories, and James Peerenboom, Director, Infrastructure Assurance Center, Argonne National Laboratory, provided valuable contacts that helped to populate the authoring team with the proper mix of economists, engineers, and systems and regulatory specialists to meet the objectives of the work.Several individuals provided valuable review of the document at various stages of completion, and provided suggestions that were valuable to the editing process. This list of reviewers includes Jeffrey Roark, Economist, Tennessee Valley Authority; James R. Dalrymple, Manager of Transmission System Services and Transmission/Power Supply, Tennessee Valley Authority; William Mampre, Vice President, EN Engineering; Kevin Degenstein, EN Engineering; and Patrick Wilgang, Department of Energy, Office of

Cyber security in nuclear power plants and its portability to other industrial infrastructures

International Nuclear Information System (INIS)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl

2017-01-01

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Reliability and vulnerability analyses of critical infrastructures: Comparing two approaches in the context of power systems

International Nuclear Information System (INIS)

Johansson, Jonas; Hassel, Henrik; Zio, Enrico

2013-01-01

Society depends on services provided by critical infrastructures, and hence it is important that they are reliable and robust. Two main approaches for gaining knowledge required for designing and improving critical infrastructures are reliability analysis and vulnerability analysis. The former analyses the ability of the system to perform its intended function; the latter analyses its inability to withstand strains and the effects of the consequent failures. The two approaches have similarities but also some differences with respect to what type of information they generate about the system. In this view, the main purpose of this paper is to discuss and contrast these approaches. To strengthen the discussion and exemplify its findings, a Monte Carlo-based reliability analysis and a vulnerability analysis are considered in their application to a relatively simple, but representative, system the IEEE RTS96 electric power test system. The exemplification reveals that reliability analysis provides a good picture of the system likely behaviour, but fails to capture a large portion of the high consequence scenarios, which are instead captured in the vulnerability analysis. Although these scenarios might be estimated to have small probabilities of occurrence, they should be identified, considered and treated cautiously, as probabilistic analyses should not be the only input to decision-making for the design and protection of critical infrastructures. The general conclusion that can be drawn from the findings of the example is that vulnerability analysis should be used to complement reliability studies, as well as other forms of probabilistic risk analysis. Measures should be sought for reducing both the vulnerability, i.e. improving the system ability to withstand strains and stresses, and the reliability, i.e. improving the likely behaviour

Building safeguards infrastructure

International Nuclear Information System (INIS)

Stevens, Rebecca S.; McClelland-Kerr, John

2009-01-01

Much has been written in recent years about the nuclear renaissance - the rebirth of nuclear power as a clean and safe source of electricity around the world. Those who question the nuclear renaissance often cite the risk of proliferation, accidents or an attack on a facility as concerns, all of which merit serious consideration. The integration of these three areas - sometimes referred to as 3S, for safety, security and safeguards - is essential to supporting the growth of nuclear power, and the infrastructure that supports them should be strengthened. The focus of this paper will be on the role safeguards plays in the 3S concept and how to support the development of the infrastructure necessary to support safeguards. The objective of this paper has been to provide a working definition of safeguards infrastructure, and to discuss xamples of how building safeguards infrastructure is presented in several models. The guidelines outlined in the milestones document provide a clear path for establishing both the safeguards and the related infrastructures needed to support the development of nuclear power. The model employed by the INSEP program of engaging with partner states on safeguards-related topics that are of current interest to the level of nuclear development in that state provides another way of approaching the concept of building safeguards infrastructure. The Next Generation Safeguards Initiative is yet another approach that underscored five principal areas for growth, and the United States commitment to working with partners to promote this growth both at home and abroad.

Security solution against denial of service attacks in BESIP system

Science.gov (United States)

Rezac, Filip; Voznak, Miroslav; Safarik, Jakub; Partila, Pavol; Tomala, Karel

2013-05-01

This article deals about embedded SIP communication server with an easy integration into the computer network based on open source solutions and its effective defense against the most frequent attack in the present - Denial of Service. The article contains brief introduction into the Bright Embedded Solution for IP Telephony - BESIP and describes the most common types of DoS attacks, which are applied on SIP elements of the VoIP infrastructure including the results of defensive mechanism that has been designed.

Insurance and critical infrastructure protection : is there a connection in an environment of terrorism?

International Nuclear Information System (INIS)

Rowlands, D.; Devlin, R.A.

2006-01-01

This paper investigated the potential role of the insurance industry in enhancing the protection of critical energy infrastructure (CEI). This analysis was conducted in the context of increased concerns about deliberate acts of sabotage related to terrorist activities. A theoretical insurance market analysis was applied to a CEI scenario in order to examine the effects that insurance might have on the vulnerability of the system and subsequent remediation activities. Classical insurance market structures were examined, and problems associated with adverse selection, moral hazards and the role of government were identified. Issues concerning incentive effects induced by insurance were reviewed, as well as issues concerning the interdependence between different operators of the CEI system. An updated literature review was also provided. Results of the study suggested that corporate losses to CEI owners may be far less than the social cost of energy disruption, which in turn provides a reasonable rationale for government as opposed to private intervention. In terms of remediation, the immediate impact of a crippled CEI would overwhelm any private organization, and response would need to be coordinated through public structures. Terrorism insurance, while available, provides relatively large deductibles, as insurance companies are unwilling to accept the risks of moderate damage that may arise. There does not appear to be any evidence that private insurers will be able to provide significant relief from terrorist attacks, and it is unlikely that a private insurance market for terrorism will emerge. An absence of information regarding terrorist activities constrains both insurance purchasers from choosing the best mix of risk management tools, as well as insurance companies seeking to establish the appropriate pricing and conditions for different contracts. It was concluded that governments should support CEI firms in their own efforts to understand the threats; aid in

A Conceptual Framework for Vulnerability Assessment of Climate Change Impact on Critical Oil and Gas Infrastructure in the Niger Delta

Directory of Open Access Journals (Sweden)

Justin Udie

2018-02-01

Full Text Available The impact of climate change on the Niger Delta is severe, as extreme weather events have inflicted various degrees of stress on critical oil/gas infrastructure. Typically, assets managers and government agencies lack a clear framework for evaluating the vulnerability of these systems. This paper presents a participatory framework for the vulnerability assessment of critical oil/gas infrastructure to climate change impacts in the Niger Delta context. Through a critical review of relevant literature and triangulating observational and exploratory data from the field, this paper has developed a conceptual framework with three elements: (1 a preliminary scoping activity; (2 the vulnerability assessment; and (3 mainstreaming the results into institutional asset management codes. Scoping involves the definition of research aims and objectives, review of prevailing climate burdens and impacts, exploratory investigation, screening for new (planned assets and selection of relevant infrastructure. The emphasis on screening for planned infrastructure is to facilitate the incorporation of sustainable adaptive capacities into the original design of identified systems. A conceptual framework for vulnerability assessment is presented as a robust systematic iterative model for the evaluation of selected assets using an appropriate methodology. In this study, analytic hierarchy process (AHP is applied while mainstreaming as part of the research framework is emphasised to aid commercial implementation from an expert-based perspective. The study recommends the use of other suitable methodologies and systematic approaches to test the flexibility of the framework.

Scalable Multi-group Key Management for Advanced Metering Infrastructure

OpenAIRE

Benmalek , Mourad; Challal , Yacine; Bouabdallah , Abdelmadjid

2015-01-01

International audience; Advanced Metering Infrastructure (AMI) is composed of systems and networks to incorporate changes for modernizing the electricity grid, reduce peak loads, and meet energy efficiency targets. AMI is a privileged target for security attacks with potentially great damage against infrastructures and privacy. For this reason, Key Management has been identified as one of the most challenging topics in AMI development. In this paper, we propose a new Scalable multi-group key ...

Genetic Algorithms for Agent-Based Infrastructure Interdependency Modeling and Analysis

Energy Technology Data Exchange (ETDEWEB)

May Permann

2007-03-01

Today’s society relies greatly upon an array of complex national and international infrastructure networks such as transportation, electric power, telecommunication, and financial networks. This paper describes initial research combining agent-based infrastructure modeling software and genetic algorithms (GAs) to help optimize infrastructure protection and restoration decisions. This research proposes to apply GAs to the problem of infrastructure modeling and analysis in order to determine the optimum assets to restore or protect from attack or other disaster. This research is just commencing and therefore the focus of this paper is the integration of a GA optimization method with a simulation through the simulation’s agents.

Mass casualty response in the 2008 Mumbai terrorist attacks.

Science.gov (United States)

Roy, Nobhojit; Kapil, Vikas; Subbarao, Italo; Ashkenazi, Isaac

2011-12-01

The November 26-29, 2008, terrorist attacks on Mumbai were unique in its international media attention, multiple strategies of attack, and the disproportionate national fear they triggered. Everyone was a target: random members of the general population, iconic targets, and foreigners alike were under attack by the terrorists. A retrospective, descriptive study of the distribution of terror victims to various city hospitals, critical radius, surge capacity, and the nature of specialized medical interventions was gathered through police, legal reports, and interviews with key informants. Among the 172 killed and 304 injured people, about four-fifths were men (average age, 33 years) and 12% were foreign nationals. The case-fatality ratio for this event was 2.75:1, and the mortality rate among those who were critically injured was 12%. A total of 38.5% of patients arriving at the hospitals required major surgical intervention. Emergency surgical operations were mainly orthopedic (external fixation for compound fractures) and general surgical interventions (abdominal explorations for penetrating bullet/shrapnel injuries). The use of heavy-duty automatic weapons, explosives, hostages, and arson in these terrorist attacks alerts us to new challenges to medical counterterrorism response. The need for building central medical control for a coordinated response and for strengthening public hospital capacity are lessons learned for future attacks. These particular terrorist attacks had global consequences, in terms of increased security checks and alerts for and fears of further similar "Mumbai-style" attacks. The resilience of the citizens of Mumbai is a critical measure of the long-term effects of terror attacks.

Research About Attacks Over Cloud Environment

Directory of Open Access Journals (Sweden)

Li Jie

2017-01-01

Full Text Available Cloud computing is expected to continue expanding in the next few years and people will start to see some of the following benefits in their real lives. Security of cloud computing environments is the set of control-based technologies and policies absolute to adhere regulatory compliance rules and protect information data applications and infrastructure related with cloud use. In this paper we suggest a model to estimating the cloud computing security and test the services provided to users. The simulator NG-Cloud Next Generation Secure Cloud Storage is used and modified to administer the proposed model. This implementation achieved security functions potential attacks as defined in the proposed model. Finally we also solve some attacks over cloud computing to provide the security and safety of the cloud.

Cyber security in nuclear power plants and its portability to other industrial infrastructures

Energy Technology Data Exchange (ETDEWEB)

Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl [AREVA GmbH, Erlangen (Germany)

2017-06-15

Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

Effectively protecting cyber infrastructure and assessing security needs

Energy Technology Data Exchange (ETDEWEB)

Robbins, J.; Starman, R. [EWA Canada Ltd., Edmonton, AB (Canada)

2002-07-01

This presentation addressed some of the requirements for effectively protecting cyber infrastructure and assessing security needs. The paper discussed the hype regarding cyber attacks, and presented the Canadian reality (as viewed by CanCERT). An assessment of security concerns was also presented. Recent cyber attacks on computer networks have raised fears of unsafe energy networks. Some experts claim the attacks are linked to terrorism, others blame industrial spying and mischief. Others dismiss the notion that somebody could bring down a power grid with a laptop as being far-fetched. It was noted that the cyber security threat is real, and that attacks are becoming more sophisticated as we live in a target rich environment. The issue of assessing vulnerabilities was discussed along with the selection of safeguards such as improving SCADA systems and the latest encryption methods to prevent hackers from bringing down computer networks. 3 tabs., 23 figs.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers

Directory of Open Access Journals (Sweden)

Roberto Alonso

2016-08-01

Full Text Available The Domain Name System (DNS is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS. The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers.

Science.gov (United States)

Alonso, Roberto; Monroy, Raúl; Trejo, Luis A

2016-08-17

The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS). The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting) and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers.

Monitoring the DNS Infrastructure for Proactive Botnet Detection

NARCIS (Netherlands)

Dietz, Christian; Sperotto, Anna; Dreo, G.; Pras, Aiko

Botnets enable many cyber-criminal activities, such as DDoS attacks, banking fraud and cyberespionage. Botmasters use various techniques to create, maintain and hide their complex C&C infrastructures. First, they use P2P techniques and domain fast-flux to increase the resilience against take-down

The ISTIMES project: a new integrated system for monitoring critical transport infrastructures interested by natural hazards

Science.gov (United States)

Proto, Monica; Massimo, Bavusi; Francesco, Soldovieri

2010-05-01

The research project "Integrated System for Transport Infrastructure surveillance and Monitoring by Electromagnetic Sensing" (ISTIMES), was approved in the 7th Framework Programme, in the Joint Call ICT and Security and started on 1st July 2009. The purpose of ISTIMES project is to design, assess and promote an ICT-based system, exploiting distributed and local sensors, for non-destructive electromagnetic monitoring in order to achieve the critical transport infrastructures more reliable and safe. The transportation sector's components are susceptible to the consequences of natural disasters and can also be attractive as terrorist targets. The sector's size, its physically dispersed and decentralized nature, the many public and private entities involved in its operations, the critical importance of cost considerations, and the inherent requirement of convenient accessibility to its services by all users - make the transportation particularly vulnerable to security and safety threats. As well known, the surface transportation system consists of interconnected infrastructures including highways, transit systems, railroads, airports, waterways, pipelines and ports, and the vehicles, aircraft, and vessels that operate along these networks. Thus, interdependencies exist between transportation and nearly every other sector of the economy and the effective operation of this system is essential to the European economic productivity; therefore, transportation sector protection is of paramount importance since threats to it may impact other industries that rely on it. The system exploits an open network architecture that can accommodate a wide range of sensors, static and mobile, and can be easily scaled up to allow the integration of additional sensors and interfacing with other networks. It relies on heterogeneous state-of-the-art electromagnetic sensors, enabling a self-organizing, self-healing, ad-hoc networking of terrestrial sensors, supported by specific satellite

METHODS OF MANAGING TRAFFIC DISTRIBUTION IN INFORMATION AND COMMUNICATION NETWORKS OF CRITICAL INFRASTRUCTURE SYSTEMS

OpenAIRE

Kosenko, Viktor; Persiyanova, Elena; Belotskyy, Oleksiy; Malyeyeva, Olga

2017-01-01

The subject matter of the article is information and communication networks (ICN) of critical infrastructure systems (CIS). The goal of the work is to create methods for managing the data flows and resources of the ICN of CIS to improve the efficiency of information processing. The following tasks were solved in the article: the data flow model of multi-level ICN structure was developed, the method of adaptive distribution of data flows was developed, the method of network resource assignment...

ATTACK WARNING: Costs to Modernize NORAD's Computer System Significantly Understated

National Research Council Canada - National Science Library

Cross, F

1991-01-01

...) Integrated Tactical Warning and Attack Assessment (ITW/AA) system. These subsystems provide critical strategic surveillance and attack warning and assessment information to United States and Canadian leaders...

An Attack-Resilient Middleware Architecture for Grid Integration of Distributed Energy Resources

Energy Technology Data Exchange (ETDEWEB)

Wu, Yifu; Mendis, Gihan J.; He, Youbiao; Wei, Jin; Hodge, Bri-Mathias

2017-05-04

In recent years, the increasing penetration of Distributed Energy Resources (DERs) has made an impact on the operation of the electric power systems. In the grid integration of DERs, data acquisition systems and communications infrastructure are crucial technologies to maintain system economic efficiency and reliability. Since most of these generators are relatively small, dedicated communications investments for every generator are capital cost prohibitive. Combining real-time attack-resilient communications middleware with Internet of Things (IoTs) technologies allows for the use of existing infrastructure. In our paper, we propose an intelligent communication middleware that utilizes the Quality of Experience (QoE) metrics to complement the conventional Quality of Service (QoS) evaluation. Furthermore, our middleware employs deep learning techniques to detect and defend against congestion attacks. The simulation results illustrate the efficiency of our proposed communications middleware architecture.

Critical health infrastructure for refugee resettlement in rural Australia: case study of four rural towns.

Science.gov (United States)

Sypek, Scott; Clugston, Gregory; Phillips, Christine

2008-12-01

To explore the reported impact of regional resettlement of refugees on rural health services, and identify critical health infrastructure for refugee resettlement. Comparative case study, using interviews and situational analysis. Four rural communities in New South Wales, which had been the focus of regional resettlement of refugees since 1999. Refugees, general practitioners, practice managers and volunteer support workers in each town (n = 24). The capacity of health care workers to provide comprehensive care is threatened by low numbers of practitioners, and high levels of turnover of health care staff, which results in attrition of specialised knowledge among health care workers treating refugees. Critical health infrastructure includes general practices with interest and surge capacity, subsidised dental services, mental health support services; clinical support services for rural practitioners; care coordination in the early settlement period; and a supported volunteer network. The need for intensive medical support is greatest in the early resettlement period for 'catch-up' primary health care. The difficulties experienced by rural Australia in securing equitable access to health services are amplified for refugees. While there are economic arguments about resettlement of refugees in regional Australia, the fragility of health services in regional Australia should also be factored into considerations about which towns are best suited to regional resettlement.

Effect of clustering on attack vulnerability of interdependent scale-free networks

International Nuclear Information System (INIS)

Li, Rui-qi; Sun, Shi-wen; Ma, Yi-lin; Wang, Li; Xia, Cheng-yi

2015-01-01

In order to deeply understand the complex interdependent systems, it is of great concern to take clustering coefficient, which is an important feature of many real-world systems, into account. Previous study mainly focused on the impact of clustering on interdependent networks under random attacks, while we extend the study to the case of the more realistic attacking strategy, targeted attack. A system composed of two interdependent scale-free networks with tunable clustering is provided. The effects of coupling strength and coupling preference on attack vulnerability are explored. Numerical simulation results demonstrate that interdependent links between two networks make the entire system much more fragile to attacks. Also, it is found that clustering significantly increases the vulnerability of interdependent scale-free networks. Moreover, for fully coupled network, disassortative coupling is found to be most vulnerable to random attacks, while the random and assortative coupling have little difference. Additionally, enhancing coupling strength can greatly enhance the fragility of interdependent networks against targeted attacks. These results can not only improve the deep understanding of structural complexity of complex systems, but also provide insights into the guidance of designing resilient infrastructures.

Using exponentially weighted moving average algorithm to defend against DDoS attacks

CSIR Research Space (South Africa)

Machaka, P

2016-11-01

Full Text Available This paper seeks to investigate the performance of the Exponentially Weighted Moving Average (EWMA) for mining big data and detection of DDoS attacks in Internet of Things (IoT) infrastructure. The paper will investigate the tradeoff between...

A GIS Inventory of Critical Coastal Infrastructure Land Use in Caribbean Island Small Island Developing States: Classification and Criteria Methodology

Science.gov (United States)

D'aversa, N.; Becker, A.; Bove, G.

2017-12-01

Caribbean Small Island Developing States (SIDS) face significant natural hazard risks, as demonstrated by recent Hurricanes Jose, Irma, and Maria. Scientists project storms to become more intense and sea level rise to increase over the next century. As a result, the Inter-American Development Bank projections suggest that Caribbean nations could face climate-related losses in excess of $22 billion annually by 2050. Critical infrastructure that supports island economies, such as airports, seaports, cruise ports, and energy facilities, are typically located in the coastal zone with high exposure to natural hazards. Despite the increasing danger from climate driven natural hazards in coastal zones in the region, there is very little data available to identify how much land and associated infrastructure is at risk. This work focuses on the criteria and data standards developed for this new region-wide GIS database, which will then be used to formulate a risk assessment. Results will be integrated into a single, comprehensive source for data of lands identified as critical coastal infrastructure and used to address such questions as: How much of the Caribbean SIDS infrastructure lands are at risk from sea level rise? How might demand for such lands change in the future, based on historical trends? Answers to these questions will help decision makers understand how to prioritize resilience investment decisions in the coming decades.

The political attack ad

Directory of Open Access Journals (Sweden)

Palma Peña-Jiménez, Ph.D.

2011-01-01

Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

A Distributed Middleware Architecture for Attack-Resilient Communications in Smart Grids

Energy Technology Data Exchange (ETDEWEB)

Hodge, Brian S [National Renewable Energy Laboratory (NREL), Golden, CO (United States); Wu, Yifu [University of Akron; Wei, Jin [University of Akron

2017-07-31

Distributed Energy Resources (DERs) are being increasingly accepted as an excellent complement to traditional energy sources in smart grids. As most of these generators are geographically dispersed, dedicated communications investments for every generator are capital cost prohibitive. Real-time distributed communications middleware, which supervises, organizes and schedules tremendous amounts of data traffic in smart grids with high penetrations of DERs, allows for the use of existing network infrastructure. In this paper, we propose a distributed attack-resilient middleware architecture that detects and mitigates the congestion attacks by exploiting the Quality of Experience (QoE) measures to complement the conventional Quality of Service (QoS) information to detect and mitigate the congestion attacks effectively. The simulation results illustrate the efficiency of our proposed communications middleware architecture.

Critical infrastructures at risk: A need for a new conceptual approach and extended analytical tools

International Nuclear Information System (INIS)

Kroeger, Wolfgang

2008-01-01

Recent decades have witnessed on the one hand a much greater and tighter integration of goods or services supply systems and growing interconnectedness as well as changing organizational and operational factors, and on the other hand an increased social vulnerability in the face of accidental or intentional disruption. The work of the International Risk Governance Council (IRGC) in the field of critical infrastructures has focused on both the risks associated with five individual infrastructures and the issues associated with the increasing interdependence between them. This paper presents a selection of system weaknesses and a number of policy options that have been identified and highlights issues for further investigation and dialogue with stakeholders. Furthermore, the need to extend current modeling and simulation techniques in order to cope with the increasing system complexity is elaborated. An object-oriented, hybrid modeling approach promising to overcome some of the shortcomings of traditional methods is presented

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Securing ad hoc wireless sensor networks under Byzantine attacks by implementing non-cryptographic method

Directory of Open Access Journals (Sweden)

Shabir Ahmad Sofi

2017-05-01

Full Text Available Ad Hoc wireless sensor network (WSN is a collection of nodes that do not need to rely on predefined infrastructure to keep the network connected. The level of security and performance are always somehow related to each other, therefore due to limited resources in WSN, cryptographic methods for securing the network against attacks is not feasible. Byzantine attacks disrupt the communication between nodes in the network without regard to its own resource consumption. This paper discusses the performance of cluster based WSN comparing LEACH with Advanced node based clusters under byzantine attacks. This paper also proposes an algorithm for detection and isolation of the compromised nodes to mitigate the attacks by non-cryptographic means. The throughput increases after using the algorithm for isolation of the malicious nodes, 33% in case of Gray Hole attack and 62% in case of Black Hole attack.

Vulnerability assessment as a missing part of efficient regulatory emergency preparedness system for nuclear critical infrastructure

International Nuclear Information System (INIS)

Kostadinov, V.

2007-01-01

One introduces a new model to assess the vulnerability of the nuclear infrastructure critical facilities. The new procedure of the vulnerability assessment (the VA) aims to reevaluate the efficiency of the present-day safeguards. On the basis of deeper insight into the VA new strategy and of the elaborated procedure to analyze the hazards for the nuclear power facilities one recommends the key safeguards affecting the damage magnitude [ru

77 FR 35700 - Protected Critical Infrastructure Information (PCII) Program Survey

Science.gov (United States)

2012-06-14

... (NPPD), Office of Infrastructure Protection (IP), Infrastructure Information Collection Division (IICD... Information Collection Request should be forwarded to DHS/NPPD/IP/IICD, 245 Murray Lane, SW., Mailstop 0602, Arlington, VA 20598-0602. Email requests should go to Vickie Bovell, [email protected] . Written...

Modelling the impact of cyber attacks on the traffic control centre of an urban automobile transport system by means of enhanced cybersecurity

Directory of Open Access Journals (Sweden)

Ivanova Yoana

2017-01-01

Full Text Available This paper aims to show the major role means of protection play for strengthening the cybersecurity of critical transport infrastructure by using the advanced method of simulation modelling. The simulation model of a Traffic Control Centre (TTC of an urban Automobile Transport System (ATS is created by the author in the Riverbed Modeler Academic Edition 17.5 computer networks simulation system and is exposed to the impact of a Denial-of-Service attack. In addition, logical conclusions have been made on the basis of the experimental results obtained and evaluated by comparative analysis with results from analogous previous studies.

Use of Attack Graphs in Security Systems

Directory of Open Access Journals (Sweden)

Vivek Shandilya

2014-01-01

Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

Information Sharing: Practices That Can Benefit Critical Infrastructure Protection

National Research Council Canada - National Science Library

2001-01-01

.... Information sharing and coordination are key elements in developing comprehensive and practical approaches to defending against computer-based, or cyber, attacks, which could threaten the national welfare...

Development of an Automated Security Risk Assessment Methodology Tool for Critical Infrastructures.

Energy Technology Data Exchange (ETDEWEB)

Jaeger, Calvin Dell; Roehrig, Nathaniel S.; Torres, Teresa M.

2008-12-01

This document presents the security automated Risk Assessment Methodology (RAM) prototype tool developed by Sandia National Laboratories (SNL). This work leverages SNL's capabilities and skills in security risk analysis and the development of vulnerability assessment/risk assessment methodologies to develop an automated prototype security RAM tool for critical infrastructures (RAM-CITM). The prototype automated RAM tool provides a user-friendly, systematic, and comprehensive risk-based tool to assist CI sector and security professionals in assessing and managing security risk from malevolent threats. The current tool is structured on the basic RAM framework developed by SNL. It is envisioned that this prototype tool will be adapted to meet the requirements of different CI sectors and thereby provide additional capabilities.

Optimisation of Critical Infrastructure Protection: The SiVe Project on Airport Security

Science.gov (United States)

Breiing, Marcus; Cole, Mara; D'Avanzo, John; Geiger, Gebhard; Goldner, Sascha; Kuhlmann, Andreas; Lorenz, Claudia; Papproth, Alf; Petzel, Erhard; Schwetje, Oliver

This paper outlines the scientific goals, ongoing work and first results of the SiVe research project on critical infrastructure security. The methodology is generic while pilot studies are chosen from airport security. The outline proceeds in three major steps, (1) building a threat scenario, (2) development of simulation models as scenario refinements, and (3) assessment of alternatives. Advanced techniques of systems analysis and simulation are employed to model relevant airport structures and processes as well as offences. Computer experiments are carried out to compare and optimise alternative solutions. The optimality analyses draw on approaches to quantitative risk assessment recently developed in the operational sciences. To exploit the advantages of the various techniques, an integrated simulation workbench is build up in the project.

Critical Infrastructure: Control Systems and the Terrorist Threat

National Research Council Canada - National Science Library

Shea, Dana A

2003-01-01

.... Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority...

Critical Infrastructure: Control Systems and the Terrorist Threat

National Research Council Canada - National Science Library

Shea, Dana A

2004-01-01

.... Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority...

Infrastructure: A technology battlefield in the 21st century

Energy Technology Data Exchange (ETDEWEB)

Drucker, H.

1997-12-31

A major part of technological advancement has involved the development of complex infrastructure systems, including electric power generation, transmission, and distribution networks; oil and gas pipeline systems; highway and rail networks; and telecommunication networks. Dependence on these infrastructure systems renders them attractive targets for conflict in the twenty-first century. Hostile governments, domestic and international terrorists, criminals, and mentally distressed individuals will inevitably find some part of the infrastructure an easy target for theft, for making political statements, for disruption of strategic activities, or for making a nuisance. The current situation regarding the vulnerability of the infrastructure can be summarized in three major points: (1) our dependence on technology has made our infrastructure more important and vital to our everyday lives, this in turn, makes us much more vulnerable to disruption in any infrastructure system; (2) technologies available for attacking infrastructure systems have changed substantially and have become much easier to obtain and use, easy accessibility to information on how to disrupt or destroy various infrastructure components means that almost anyone can be involved in this destructive process; (3) technologies for defending infrastructure systems and preventing damage have not kept pace with the capability for destroying such systems. A brief review of these points will illustrate the significance of infrastructure and the growing dangers to its various elements.

A Distributed Middleware Architecture for Attack-Resilient Communications in Smart Grids: Preprint

Energy Technology Data Exchange (ETDEWEB)

Wu, Yifu; Wei, Jin; Hodge, Bri-Mathias

2017-05-24

Distributed energy resources (DERs) are being increasingly accepted as an excellent complement to traditional energy sources in smart grids. Because most of these generators are geographically dispersed, dedicated communications investments for every generator are capital-cost prohibitive. Real-time distributed communications middleware - which supervises, organizes, and schedules tremendous amounts of data traffic in smart grids with high penetrations of DERs - allows for the use of existing network infrastructure. In this paper, we propose a distributed attack-resilient middleware architecture that detects and mitigates the congestion attacks by exploiting the quality of experience measures to complement the conventional quality of service information to effectively detect and mitigate congestion attacks. The simulation results illustrate the efficiency of our proposed communications middleware architecture.

Critical Infrastructure for Ocean Research and Societal Needs in 2030

Energy Technology Data Exchange (ETDEWEB)

National Research Council

2011-04-22

The United States has jurisdiction over 3.4 million square miles of ocean expanse greater than the land area of all fifty states combined. This vast marine area offers researchers opportunities to investigate the ocean's role in an integrated Earth system, but also presents challenges to society, including damaging tsunamis and hurricanes, industrial accidents, and outbreaks of waterborne diseases. The 2010 Gulf of Mexico Deepwater Horizon oil spill and 2011 Japanese earthquake and tsunami are vivid reminders that a broad range of infrastructure is needed to advance our still-incomplete understanding of the ocean. The National Research Council (NRC)'s Ocean Studies Board was asked by the National Science and Technology Council's Subcommittee on Ocean Science and Technology, comprised of 25 U.S. government agencies, to examine infrastructure needs for ocean research in the year 2030. This request reflects concern, among a myriad of marine issues, over the present state of aging and obsolete infrastructure, insufficient capacity, growing technological gaps, and declining national leadership in marine technological development; issues brought to the nation's attention in 2004 by the U.S. Commission on Ocean Policy. A 15-member committee of experts identified four themes that encompass 32 future ocean research questions enabling stewardship of the environment, protecting life and property, promoting economic vitality, and increasing fundamental scientific understanding. Many of the questions in the report (e.g., sea level rise, sustainable fisheries, the global water cycle) reflect challenging, multidisciplinary science questions that are clearly relevant today, and are likely to take decades of effort to solve. As such, U.S. ocean research will require a growing suite of ocean infrastructure for a range of activities, such as high quality, sustained time series observations or autonomous monitoring at a broad range of spatial and temporal scales

REAL-TIME INTELLIGENT MULTILAYER ATTACK CLASSIFICATION SYSTEM

Directory of Open Access Journals (Sweden)

T. Subbhulakshmi

2014-01-01

Full Text Available Intrusion Detection Systems (IDS takes the lion’s share of the current security infrastructure. Detection of intrusions is vital for initiating the defensive procedures. Intrusion detection was done by statistical and distance based methods. A threshold value is used in these methods to indicate the level of normalcy. When the network traffic crosses the level of normalcy then above which it is flagged as anomalous. When there are occurrences of new intrusion events which are increasingly a key part of system security, the statistical techniques cannot detect them. To overcome this issue, learning techniques are used which helps in identifying new intrusion activities in a computer system. The objective of the proposed system designed in this paper is to classify the intrusions using an Intelligent Multi Layered Attack Classification System (IMLACS which helps in detecting and classifying the intrusions with improved classification accuracy. The intelligent multi layered approach contains three intelligent layers. The first layer involves Binary Support Vector Machine classification for detecting the normal and attack. The second layer involves neural network classification to classify the attacks into classes of attacks. The third layer involves fuzzy inference system to classify the attacks into various subclasses. The proposed IMLACS can be able to detect an intrusion behavior of the networks since the system contains a three intelligent layer classification and better set of rules. Feature selection is also used to improve the time of detection. The experimental results show that the IMLACS achieves the Classification Rate of 97.31%.

LA PROTECTION DES INFRASTRUCTURES CRITIQUES – DEFIS ACTUELS

Directory of Open Access Journals (Sweden)

Dan Fifoiu

2010-12-01

Full Text Available Considering that in the European Union's plan, it has not been identified a solution for surpassing the legal differences between states (derived from priorities and different interests, Romania continues the program of alignment towards increasing its own standards and interconnecting internal critical infrastructures with the European and regional ones. This process is a lasting one, fact revealed also by the distance, in terms of time, between the first approaches, at a European level, of the problems of critical infrastructures, at the implementation of Directive 114/2008 provisions. The steps taken by the authorities in Bucharest are intended to drive Romania towards a level of development compatible both with the integration in a single European space of critical infrastructures and the fulfillment of an important role in stating the future strategies of the European Union. Currently, Romania’s alignment to the European Union and international standards creates the optimum framework for developing and implementing some specific provisions which, at this time, are materialized as the steps of a single national plan for protecting critical infrastructures, on the way of being configured.

DURIP: Mitigating Attacks on Mobile Devices and Critical Cellular Infrastructure

Science.gov (United States)

2016-03-03

services. From mobile banking and location- based services to the real-time streaming of music and video, cellular networks now provide advanced voice...time streaming of music and video, cellular networks now provide advanced voice and data services to more than 4.5 billion subscribers around the world...will receive scholarships or fellowships for further studies in science , mathematics, engineering or technology fields: Student Metrics This section

Attacks and infections in percolation processes

International Nuclear Information System (INIS)

Janssen, Hans-Karl; Stenull, Olaf

2017-01-01

We discuss attacks and infections at propagating fronts of percolation processes based on the extended general epidemic process. The scaling behavior of the number of the attacked and infected sites in the long time limit at the ordinary and tricritical percolation transitions is governed by specific composite operators of the field-theoretic representation of this process. We calculate corresponding critical exponents for tricritical percolation in mean-field theory and for ordinary percolation to 1-loop order. Our results agree well with the available numerical data. (paper)

Center for Strategic Leadership. Issue Paper, August 2003, Volume 06-03. The National Infrastructure Simulation and Analysis Center (NISAC): A New Contributor to Strategic Leader Education and Formulation of Critical Infrastructure Policies and Decisions

National Research Council Canada - National Science Library

Wimbish, William

2003-01-01

...) community in educating future strategic leaders about the realities of the Nation's infrastructure system and in researching the effects that new government security policies and actions would have on the nation's critical assets and public and private sector services.

INFRASTRUCTURE

CERN Document Server

A.Gaddi

2011-01-01

Between the end of March to June 2011, there has been no detector downtime during proton fills due to CMS Infrastructures failures. This exceptional performance is a clear sign of the high quality work done by the CMS Infrastructures unit and its supporting teams. Powering infrastructure At the end of March, the EN/EL group observed a problem with the CMS 48 V system. The problem was a lack of isolation between the negative (return) terminal and earth. Although at that moment we were not seeing any loss of functionality, in the long term it would have led to severe disruption to the CMS power system. The 48 V system is critical to the operation of CMS: in addition to feeding the anti-panic lights, essential for the safety of the underground areas, it powers all the PLCs (Twidos) that control AC power to the racks and front-end electronics of CMS. A failure of the 48 V system would bring down the whole detector and lead to evacuation of the cavern. EN/EL technicians have made an accurate search of the fault, ...

Advanced methodology for risk and vulnerability assessment of interdependency of critical infrastructure in respect to urban floods

Directory of Open Access Journals (Sweden)

Serre Damien

2016-01-01

Full Text Available The behaviour of the urban network infrastructures, and their interactions during flood events, will have direct and indirect consequences on the flood risk level in the built environment. By urban network infrastructures we include all the urban technical networks like transportation, energy, water supply, waste water, telecommunication…able to spread the flood risk in cities, qualified as critical infrastructures due to their major roles for modern living standards. From history, most of cities in the world have been built close to coast lines or to river to beneficiate this means of communication and trade. Step by step, to avoid being flooded, defences like levees have been built. The capacity of the levees to retain the floods depends on their conditions, their performance level and the capacity of the authorities to well maintain these infrastructures. But recent history shows the limits of a flood risk management strategy focused on protection, leading to levee breaks these last decades. Then, in case of levee break, cities will be flooded. The urban technical networks, due to the way they have been designed, their conditions and their locations in the city, will play a major role in the diffusion of the flood extent. Also, the flood risk will have consequences in some not flooded neighbourhoods due to networks collapses and complex interdependencies. This article describes some methods to design spatial decision support systems in that context.

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version

Science.gov (United States)

Babu, M. Rajesh; Dian, S. Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things. PMID:26495430

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version.

Science.gov (United States)

Babu, M Rajesh; Dian, S Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things.

Situational awareness of a coordinated cyber attack

Science.gov (United States)

Sudit, Moises; Stotz, Adam; Holender, Michael

2005-03-01

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

MFC Communications Infrastructure Study

Energy Technology Data Exchange (ETDEWEB)

Michael Cannon; Terry Barney; Gary Cook; George Danklefsen, Jr.; Paul Fairbourn; Susan Gihring; Lisa Stearns

2012-01-01

Unprecedented growth of required telecommunications services and telecommunications applications change the way the INL does business today. High speed connectivity compiled with a high demand for telephony and network services requires a robust communications infrastructure.   The current state of the MFC communication infrastructure limits growth opportunities of current and future communication infrastructure services. This limitation is largely due to equipment capacity issues, aging cabling infrastructure (external/internal fiber and copper cable) and inadequate space for telecommunication equipment. While some communication infrastructure improvements have been implemented over time projects, it has been completed without a clear overall plan and technology standard.   This document identifies critical deficiencies with the current state of the communication infrastructure in operation at the MFC facilities and provides an analysis to identify needs and deficiencies to be addressed in order to achieve target architectural standards as defined in STD-170. The intent of STD-170 is to provide a robust, flexible, long-term solution to make communications capabilities align with the INL mission and fit the various programmatic growth and expansion needs.

Enhancing infrastructure resilience through business continuity planning.

Science.gov (United States)

Fisher, Ronald; Norman, Michael; Klett, Mary

2017-01-01

Critical infrastructure is crucial to the functionality and wellbeing of the world around us. It is a complex network that works together to create an efficient society. The core components of critical infrastructure are dependent on one another to function at their full potential. Organisations face unprecedented environmental risks such as increased reliance on information technology and telecommunications, increased infrastructure interdependencies and globalisation. Successful organisations should integrate the components of cyber-physical and infrastructure interdependencies into a holistic risk framework. Physical security plans, cyber security plans and business continuity plans can help mitigate environmental risks. Cyber security plans are becoming the most crucial to have, yet are the least commonly found in organisations. As the reliance on cyber continues to grow, it is imperative that organisations update their business continuity and emergency preparedness activities to include this.

On a simulation study of cyber attacks on vehicle-to-infrastructure communication (V2I) in Intelligent Transportation System (ITS)

Science.gov (United States)

Ekedebe, Nnanna; Yu, Wei; Song, Houbing; Lu, Chao

2015-05-01

An intelligent transportation system (ITS) is one typical cyber-physical system (CPS) that aims to provide efficient, effective, reliable, and safe driving experiences with minimal congestion and effective traffic flow management. In order to achieve these goals, various ITS technologies need to work synergistically. Nonetheless, ITS's reliance on wireless connectivity makes it vulnerable to cyber threats. Thus, it is critical to understand the impact of cyber threats on ITS. In this paper, using real-world transportation dataset, we evaluated the consequences of cyber threats - attacks against service availability by jamming the communication channel of ITS. In this way, we can have a better understanding of the importance of ensuring adequate security respecting safety and life-critical ITS applications before full and expensive real-world deployments. Our experimental data shows that cyber threats against service availability could adversely affect traffic efficiency and safety performances evidenced by exacerbated travel time, fuel consumed, and other evaluated performance metrics as the communication network is compromised. Finally, we discuss a framework to make ITS secure and more resilient against cyber threats.

SPECIAL AND MILITARY COMMUNICATIONS AND INFORMATION SYSTEMS AS VITAL PART OF THE CRITICAL INFRASTRUCTURES IN ROMANIA. SECURING THEIR PHYSICAL AND INFORMATIONAL PROTECTION

Directory of Open Access Journals (Sweden)

Constantin MINCU

2012-11-01

Full Text Available The article presents several arguments on the need to study the critical infrastructure in Romania including various systems (networks and special military communications. It emphasizes the role and place of such systems and networks to provide national defense and security and the risks and vulnerabilities faced by these infrastructures, and some necessary measures to be taken for the physical and informational protection in the case of hostile military actions, natural disasters or other negative phenomena. Finally some conclusions and proposals are formulated.

Freight railway transport: Critical variables to improve the transport applied to infrastructure costs and its associated traffic flow

Energy Technology Data Exchange (ETDEWEB)

Zakowska, L.; Pulawska-Obiedowska, S.

2016-07-01

The developed societies have as challenge, among others, to achieve a mobility development based on economic models of low carbon and energy efficient, making it accessible to the entire population. In this context, the sustainable mobility seems to meet the economic, social and environmental needs, minimizing their negative impact. There are three factors that are relevant: (1) infrastructures; (2) modes of transport more ecological and safe, and (3) operations and services for passengers and freights.The objective of this research is to provide guidance to investment in sustainable transport infrastructures that are truly useful and effective. In particular we have studied the case of the railway, using the following information: details of the infrastructure; cost of construction (per kilometre); maintenance cost, and life cycle. This information may be relevant to consider their possible business models.The methodology of this research was focused in the detailed analysis of the infrastructure use and maintenance criteria, the market opportunities for freight development and the available data to validate the obtained results from the software tool reached in this work. Our research includes the different following aspects:• Evaluation of the supported traffic by the rail line.• Relevant items to be considered in the rail infrastructure. Defining the track, we can group items in two sets: civil and rail installations.• Rolling stock available. Locomotives and wagons are modelled to introduce the data as convenience for the user.Besides our research includes the development of software, Decision System Tool (DST), for studying the construction and maintenance cost of railway infrastructure. It is developed in a common and open source program, providing the user the interaction with the critical variable of the line. It has been adjusted using the following references: MOM PlanCargorail; EcoTransIT, and Projects funded by Framework Program of EU (New

Securing energy assets and infrastructure 2007

Energy Technology Data Exchange (ETDEWEB)

NONE

2006-06-15

This report describes in detail the energy industry's challenges and solutions for protecting critical assets including oil and gas infrastructure, transmission grids, power plants, storage, pipelines, and all aspects of strategic industry assets. It includes a special section on cyber-terrorism and protecting control systems. Contents: Section I - Introduction; U.S Energy Trends; Vulnerabilities; Protection Measures. Section II - Sector-wise Vulnerabilities Assessments and Security Measures: Coal, Oil and Petroleum, Natural Gas, Electric Power, Cybersecurity and Control Systems, Key Recommendations; Section III - Critical Infrastructure Protection Efforts: Government Initiatives, Agencies, and Checklists.

Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized Infrastructures

NARCIS (Netherlands)

Bleikertz, Sören; Vogel, Carsten; Groß, Thomas

2014-01-01

Cloud infrastructures are designed to share physical resources among many different tenants while ensuring overall secu- rity and tenant isolation. The complexity of dynamically changing and growing cloud environments, as well as insider attacks, can lead to misconfigurations that ultimately result

Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.; Kirda, E.; Jha, S.; Balzarotti, D.

Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

Panacea : Automating attack classification for anomaly-based network intrusion detection systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, S.; Hartel, P.H.; Kirda, E.; Jha, S.; Balzarotti, D.

2009-01-01

Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attacks, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

Panacea : Automating attack classification for anomaly-based network intrusion detection systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, S.; Hartel, P.H.

2009-01-01

Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.

2009-01-01

Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

Representing nature : Late twentieth century green infrastructures in Paris

NARCIS (Netherlands)

Van der Velde, J.R.T.; De Wit, S.I.

2015-01-01

The appreciation of green infrastructures as ‘nature’ by urban communities presents a critical challenge for the green infrastructure concept. While many green infrastructures focus on functional considerations, their refinement as places where concepts of nature are represented and where nature can

An efficient algorithm for the detection of exposed and hidden wormhole attack

International Nuclear Information System (INIS)

Khan, Z.A.; Rehman, S.U.; Islam, M.H.

2016-01-01

MANETs (Mobile Ad Hoc Networks) are slowly integrating into our everyday lives, their most prominent uses are visible in the disaster and war struck areas where physical infrastructure is almost impossible or very hard to build. MANETs like other networks are facing the threat of malicious users and their activities. A number of attacks have been identified but the most severe of them is the wormhole attack which has the ability to succeed even in case of encrypted traffic and secure networks. Once wormhole is launched successfully, the severity increases by the fact that attackers can launch other attacks too. This paper presents a comprehensive algorithm for the detection of exposed as well as hidden wormhole attack while keeping the detection rate to maximum and at the same reducing false alarms. The algorithm does not require any extra hardware, time synchronization or any special type of nodes. The architecture consists of the combination of Routing Table, RTT (Round Trip Time) and RSSI (Received Signal Strength Indicator) for comprehensive detection of wormhole attack. The proposed technique is robust, light weight, has low resource requirements and provides real-time detection against the wormhole attack. Simulation results show that the algorithm is able to provide a higher detection rate, packet delivery ratio, negligible false alarms and is also better in terms of Ease of Implementation, Detection Accuracy/ Speed and processing overhead. (author)

A risk-based approach to setting priorities in protecting bridges against terrorist attacks.

Science.gov (United States)

Leung, Maria; Lambert, James H; Mosenthal, Alexander

2004-08-01

This article presents an approach to the problem of terrorism risk assessment and management by adapting the framework of the risk filtering, ranking, and management method. The assessment is conducted at two levels: (1) the system level, and (2) the asset-specific level. The system-level risk assessment attempts to identify and prioritize critical infrastructures from an inventory of system assets. The definition of critical infrastructures offered by Presidential Decision Directive 63 was used to determine the set of attributes to identify critical assets--categorized according to national, regional, and local impact. An example application is demonstrated using information from the Federal Highway Administration National Bridge Inventory for the State of Virginia. Conversely, the asset-specific risk assessment performs an in-depth analysis of the threats and vulnerabilities of a specific critical infrastructure. An illustration is presented to offer some insights in risk scenario identification and prioritization, multiobjective evaluation of management options, and extreme-event analysis for critical infrastructure protection.

Energy Theft in the Advanced Metering Infrastructure

Science.gov (United States)

McLaughlin, Stephen; Podkuiko, Dmitry; McDaniel, Patrick

Global energy generation and delivery systems are transitioning to a new computerized "smart grid". One of the principle components of the smart grid is an advanced metering infrastructure (AMI). AMI replaces the analog meters with computerized systems that report usage over digital communication interfaces, e.g., phone lines. However, with this infrastructure comes new risk. In this paper, we consider adversary means of defrauding the electrical grid by manipulating AMI systems. We document the methods adversaries will use to attempt to manipulate energy usage data, and validate the viability of these attacks by performing penetration testing on commodity devices. Through these activities, we demonstrate that not only is theft still possible in AMI systems, but that current AMI devices introduce a myriad of new vectors for achieving it.

Applying IPFIX Protocol for Detection of Distributed Denial of Service Attacks against Cloud Infrastructure

Directory of Open Access Journals (Sweden)

M. R. Mukhtarov

2011-12-01

Full Text Available The way of monitoring deviations in network traffic behavior inside “Cloud Infrastructure” using IPFIX protocol is suggested in the paper. The proposed algorithm is applied for registration of “Distributed Denial of Service” attacks against “Cloud Infrastructure”.

Kenya's Integrated Nuclear Infrastructure Review Experience

International Nuclear Information System (INIS)

Ayacko, Ochilo G.M.

2015-01-01

Lessons learnt for INIR preparation: → A detailed Self Evaluation report is critical to proper evaluation of each infrastructure; → Involvement of all relevant organizations in preparation of self evaluation report and the main mission; → Meetings on individual infrastructure issues to consolidate the country position; → Openness during interviews and provision of adequate information

An efficient collaborative approach for black hole attack discovery and mitigating its impact in manet

Science.gov (United States)

Devipriya, K.; Ivy, B. Persis Urbana; Prabha, D.

2018-04-01

A mobile ad hoc network (MANET) is an assemblage of nodes composed of mobile devices coupled in various ways wirelessly which do not have any central administration. Each node in MANET cooperates in forwarding packets in the network. This type of collaboration incurs high cost but there exits nodes that declines to cooperate leading to selfish conduct of nodes which effects overall network performance. To discover the attacks caused by such nodes, a renowned mechanism using watchdog can be deployed. In infrastructure less network attack detection and reaction and high false positives, false negatives initiating black hole attack becomes major issue in watchdog. This paper put forward a collaborative approach for identifying such attacks in MANET. Through abstract analysis and extensive simulation of this approach, the detection time of misbehaved nodes is reduced and substantial enhancement in overhead and throughput is witnessed.

Mining known attack patterns from security-related events

Directory of Open Access Journals (Sweden)

Nicandro Scarabeo

2015-10-01

Full Text Available Managed Security Services (MSS have become an essential asset for companies to have in order to protect their infrastructure from hacking attempts such as unauthorized behaviour, denial of service (DoS, malware propagation, and anomalies. A proliferation of attacks has determined the need for installing more network probes and collecting more security-related events in order to assure the best coverage, necessary for generating incident responses. The increase in volume of data to analyse has created a demand for specific tools that automatically correlate events and gather them in pre-defined scenarios of attacks. Motivated by Above Security, a specialized company in the sector, and by National Research Council Canada (NRC, we propose a new data mining system that employs text mining techniques to dynamically relate security-related events in order to reduce analysis time, increase the quality of the reports, and automatically build correlated scenarios.

Challenges in the Protection of US Critical Infrastructure in the Cyber Realm

Science.gov (United States)

2014-05-22

means.37 When nations begin to discuss cyber warfare they need to clarify what they mean. Examples of significant differences in meanings are Germany ...and the United States. Germany defines a cyber attack as an IT attack in the cyber realm directed against one or several other IT systems and aimed at...electrical power. However, the grids themselves suffer from the consequences of underinvestment and deregulation . Newer industrial control systems use

Engaging the Nation’s Critical Infrastructure Sector to Deter Cyber Threats

Science.gov (United States)

2013-03-01

is the component of CyberOps that extends cyber power beyond the defensive boundaries of the GIG to detect, deter, deny, and defeat adversaries... economy .16 DDOS attacks are based on multiple, malware infected personal computers, organized into networks called botnets, and are directed by...not condemn the actions of those involved. Of the two attacks on Estonia and Georgia, it was Estonia that had the greatest damage to its economy

Are the rules for the right to self-defense outdated to address current conflicts like attacks from non-state actors and cyber-attacks?

Directory of Open Access Journals (Sweden)

Gonzalo J. Arias

2017-06-01

Full Text Available The latest US-led coalition’s attacks against ISIS in Syria raised the question whether states can use defensive force against non-state actors. Two critical incidents had previously triggered the discussion on the importance and consequences of cyber-attacks as a new form armed attacks. The first one occurred in Estonia in 2007, when the country experienced extensive computer hacking attacks that lasted several weeks. The second incident happened in 2008, during the Georgia–Russia conflict over South Ossetia, when Georgia experienced cyber-attacks similar to those suffered by Estonia in the previous year. Furthermore, on June 21, 2016, the central banks of Indonesia and South Korea were hit by cyber-attacks on their public websites since activist hacking group Anonymous pledged last month to target banks across the world. The previous incidents have created, once again, public questioning if the rules on the use of force and the right of self-defense established in the United Nations Charter are sufficient and efficient to address these new forms of attacks.

Maritime Protection of Critical Infrastructure Assets in the Campeche Sound

National Research Council Canada - National Science Library

Tiburcio, Felix M

2005-01-01

Following the 9/11 terrorist events in the United States the Mexican Navy developed strategies designed to prevent similar attacks on the strategic facilities located in the Campeche Sound in the Gulf of Mexico...

A modeling framework for investment planning in interdependent infrastructures in multi-hazard environments.

Energy Technology Data Exchange (ETDEWEB)

Brown, Nathanael J. K.; Gearhart, Jared Lee; Jones, Dean A.; Nozick, Linda Karen; Prince, Michael

2013-09-01

Currently, much of protection planning is conducted separately for each infrastructure and hazard. Limited funding requires a balance of expenditures between terrorism and natural hazards based on potential impacts. This report documents the results of a Laboratory Directed Research & Development (LDRD) project that created a modeling framework for investment planning in interdependent infrastructures focused on multiple hazards, including terrorism. To develop this framework, three modeling elements were integrated: natural hazards, terrorism, and interdependent infrastructures. For natural hazards, a methodology was created for specifying events consistent with regional hazards. For terrorism, we modeled the terrorists actions based on assumptions regarding their knowledge, goals, and target identification strategy. For infrastructures, we focused on predicting post-event performance due to specific terrorist attacks and natural hazard events, tempered by appropriate infrastructure investments. We demonstrate the utility of this framework with various examples, including protection of electric power, roadway, and hospital networks.

AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid

Directory of Open Access Journals (Sweden)

Jongbin Ko

2014-01-01

Full Text Available A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification.

AVQS: attack route-based vulnerability quantification scheme for smart grid.

Science.gov (United States)

Ko, Jongbin; Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification.

LANL: Weapons Infrastructure Briefing to Naval Reactors, July 18, 2017

Energy Technology Data Exchange (ETDEWEB)

Chadwick, Frances [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2018-07-18

Presentation slides address: The Laboratory infrastructure supports hundreds of high hazard, complex operations daily; LANL’s unique science and engineering infrastructure is critical to delivering on our mission; LANL FY17 Budget & Workforce; Direct-Funded Infrastructure Accounts; LANL Org Chart; Weapons Infrastructure Program Office; The Laboratory’s infrastructure relies on both Direct and Indirect funding; NA-50’s Operating, Maintenance & Recapitalization funding is critical to the execution of the mission; Los Alamos is currently executing several concurrent Line Item projects; Maintenance @ LANL; NA-50 is helping us to address D&D needs; We are executing a CHAMP Pilot Project at LANL; G2 = Main Tool for Program Management; MDI: Future Investments are centered on facilities with a high Mission Dependency Index; Los Alamos hosted first “Deep Dive” in November 2016; Safety, Infrastructure & Operations is one of the most important programs at LANL, and is foundational for our mission success.

Development of Cyber-attack Risk Assessment Model for Nuclear Power Plants

International Nuclear Information System (INIS)

Park, Jong Woo; Lee, Seung Jun

2017-01-01

In this work, a risk evaluation method to identify significant cyber-attack scenarios and important components which should be defensed was proposed based on the probabilistic safety assessment (PSA) method which is widely used for evaluating risk of NPPs. NPPs adopting digital systems have been facing the risk of cyber-attacks. To develop efficient and reasonable defense strategy, it is required to identify significant cyber-attack scenarios and important components because there are huge number of critical digital assets in an NPP. By evaluating the risk of cyber-attack, the risk-informed defense strategies against cyber-attack could be suggested. In this work, the method to identify important cyber-attack scenarios and to evaluate the quantitative risk caused by cyber-attacks was proposed. For a future study, more feasible scenarios will be analyzed and additional modifications will be made in the model if necessary.

Railway infrastructure security

CERN Document Server

Sforza, Antonio; Vittorini, Valeria; Pragliola, Concetta

2015-01-01

This comprehensive monograph addresses crucial issues in the protection of railway systems, with the objective of enhancing the understanding of railway infrastructure security. Based on analyses by academics, technology providers, and railway operators, it explains how to assess terrorist and criminal threats, design countermeasures, and implement effective security strategies. In so doing, it draws upon a range of experiences from different countries in Europe and beyond. The book is the first to be devoted entirely to this subject. It will serve as a timely reminder of the attractiveness of the railway infrastructure system as a target for criminals and terrorists and, more importantly, as a valuable resource for stakeholders and professionals in the railway security field aiming to develop effective security based on a mix of methodological, technological, and organizational tools. Besides researchers and decision makers in the field, the book will appeal to students interested in critical infrastructur...

Infrastructure monitoring with spaceborne SAR sensors

CERN Document Server

ANGHEL, ANDREI; CACOVEANU, REMUS

2017-01-01

This book presents a novel non-intrusive infrastructure monitoring technique based on the detection and tracking of scattering centers in spaceborne SAR images. The methodology essentially consists of refocusing each available SAR image on an imposed 3D point cloud associated to the envisaged infrastructure element and identifying the reliable scatterers to be monitored by means of four dimensional (4D) tomography. The methodology described in this book provides a new perspective on infrastructure monitoring with spaceborne SAR images, is based on a standalone processing chain, and brings innovative technical aspects relative to conventional approaches. The book is intended primarily for professionals and researchers working in the area of critical infrastructure monitoring by radar remote sensing.

Wireless Sensor Network Based Smart Grid Communications: Cyber Attacks, Intrusion Detection System and Topology Control

Directory of Open Access Journals (Sweden)

Lipi Chhaya

2017-01-01

Full Text Available The existing power grid is going through a massive transformation. Smart grid technology is a radical approach for improvisation in prevailing power grid. Integration of electrical and communication infrastructure is inevitable for the deployment of Smart grid network. Smart grid technology is characterized by full duplex communication, automatic metering infrastructure, renewable energy integration, distribution automation and complete monitoring and control of entire power grid. Wireless sensor networks (WSNs are small micro electrical mechanical systems that are deployed to collect and communicate the data from surroundings. WSNs can be used for monitoring and control of smart grid assets. Security of wireless sensor based communication network is a major concern for researchers and developers. The limited processing capabilities of wireless sensor networks make them more vulnerable to cyber-attacks. The countermeasures against cyber-attacks must be less complex with an ability to offer confidentiality, data readiness and integrity. The address oriented design and development approach for usual communication network requires a paradigm shift to design data oriented WSN architecture. WSN security is an inevitable part of smart grid cyber security. This paper is expected to serve as a comprehensive assessment and analysis of communication standards, cyber security issues and solutions for WSN based smart grid infrastructure.

Spatial planning, infrastructure and implementation: Implications for ...

African Journals Online (AJOL)

Infrastructure plays key roles in shaping the spatial form of the city at a macro- and a more local scale, and it influences the sustainability, efficiency and inclusiveness of cities and local areas. Linking infrastructure and spatial planning is therefore critical. Wide-ranging sets of knowledge and skills are required to enable ...

Common Criteria for Information Technology Security Evaluation: Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness)

Science.gov (United States)

2002-03-22

may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure

Public private partnerships - risk management in engineering infrastructure projects

OpenAIRE

2012-01-01

M.Phil. Economic growth and the provision of adequate infrastructure are highly interrelated. Infrastructure- plays a critical role in promoting economic growth through enhancing productivity, improving competitiveness, reducing poverty, linking people and organisations together through telecommunications and contributing to environmental sustainability. Population growth and rapid urbanisation have placed enormous pressure on existing infrastructure, thus presenting a daunting challenge t...

Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

Science.gov (United States)

Kish, Laszlo B; Abbott, Derek; Granqvist, Claes G

2013-01-01

Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.

Vulnerability of complex networks under intentional attack with incomplete information

International Nuclear Information System (INIS)

Wu, J; Deng, H Z; Tan, Y J; Zhu, D Z

2007-01-01

We study the vulnerability of complex networks under intentional attack with incomplete information, which means that one can only preferentially attack the most important nodes among a local region of a network. The known random failure and the intentional attack are two extreme cases of our study. Using the generating function method, we derive the exact value of the critical removal fraction f c of nodes for the disintegration of networks and the size of the giant component. To validate our model and method, we perform simulations of intentional attack with incomplete information in scale-free networks. We show that the attack information has an important effect on the vulnerability of scale-free networks. We also demonstrate that hiding a fraction of the nodes information is a cost-efficient strategy for enhancing the robustness of complex networks

CDP - Adaptive Supervisory Control and Data Acquisition (SCADA) Technology for Infrastructure Protection

Energy Technology Data Exchange (ETDEWEB)

Marco Carvalho; Richard Ford

2012-05-14

Supervisory Control and Data Acquisition (SCADA) Systems are a type of Industrial Control System characterized by the centralized (or hierarchical) monitoring and control of geographically dispersed assets. SCADA systems combine acquisition and network components to provide data gathering, transmission, and visualization for centralized monitoring and control. However these integrated capabilities, especially when built over legacy systems and protocols, generally result in vulnerabilities that can be exploited by attackers, with potentially disastrous consequences. Our research project proposal was to investigate new approaches for secure and survivable SCADA systems. In particular, we were interested in the resilience and adaptability of large-scale mission-critical monitoring and control infrastructures. Our research proposal was divided in two main tasks. The first task was centered on the design and investigation of algorithms for survivable SCADA systems and a prototype framework demonstration. The second task was centered on the characterization and demonstration of the proposed approach in illustrative scenarios (simulated or emulated).

Information Operations - Demands of Increased Cooperation Within the Cabinet and Between the State and the Private Sector

National Research Council Canada - National Science Library

Hellquist, Ingvar

2003-01-01

This paper presents a comparison of Swedish and U.S. perspectives on actions to reduce vulnerabilities in critical infrastructure when that infrastructure is attacked via Information Operations. It compares the U.S...

KENYA’S OIL PIPELINE AND TERRORISM

Directory of Open Access Journals (Sweden)

E.O.S.ODHIAMBO

2014-04-01

Full Text Available The threat of Al-Shabaab and Al-Qaeda terrorist attacks on the critical infrastructure (oil pipeline in Kenya has brought to the attention the strategic issue of the energy sector security, highlighting the potential vulnerabilities of this sector. Critical Infrastructure Protection (CIP should be a key component of the national security especially after the Kenya Defence Forces’ (KDF incursion into Somalia. The merger of Al-Shabaab and Al-Qaeda terrorist groups and the accelerated grenades attack against Kenya in retaliation has become the centre of the debate on terrorism and internal security of the Kenya. The energy resources are strategic assets from the security, political and economic point of view. Kenya as an oil transit country is considered of primary strategic importance at international level. International terrorism has always looked with interest at the oil resource in order to meet its political and economic targets. We argue that Kenya’s oil pipelines are vulnerable to Al-Shabaab and Al-Qaeda terrorist attack. In summary, the article looks at the concept of terrorism within the framework of critical infrastructure protection, the dangers of attacks on oil pipelines, Kenya’s government preparedness and recommendations.

Classification of Device Behaviour in Internet of Things Infrastructures: Towards Distinguishing the Abnormal From Security Threats

OpenAIRE

Ferrando, Roman; Stacey, Paul

2017-01-01

Increasingly, Internet of Things (IoT) devices are being woven into the fabric of our physical world. With this rapidly expanding pervasive deployment of IoT devices, and supporting infrastructure, we are fast approaching the point where the problem of IoT based cyber-security attacks is a serious threat to industrial operations, business activity and social interactions that leverage IoT technologies. The number of threats and successful attacks against connected systems using IoT devices an...

Risk analysis tools for force protection and infrastructure/asset protection

International Nuclear Information System (INIS)

Jaeger, C.D.; Duggan, R.A.; Paulus, W.K.

1998-01-01

The Security Systems and Technology Center at Sandia National Laboratories has for many years been involved in the development and use of vulnerability assessment and risk analysis tools. In particular, two of these tools, ASSESS and JTS, have been used extensively for Department of Energy facilities. Increasingly, Sandia has been called upon to evaluate critical assets and infrastructures, support DoD force protection activities and assist in the protection of facilities from terrorist attacks using weapons of mass destruction. Sandia is involved in many different activities related to security and force protection and is expanding its capabilities by developing new risk analysis tools to support a variety of users. One tool, in the very early stages of development, is EnSURE, Engineered Surety Using the Risk Equation. EnSURE addresses all of the risk equation and integrates the many components into a single, tool-supported process to help determine the most cost-effective ways to reduce risk. This paper will briefly discuss some of these risk analysis tools within the EnSURE framework

Development of a public health nursing data infrastructure.

Science.gov (United States)

Monsen, Karen A; Bekemeier, Betty; P Newhouse, Robin; Scutchfield, F Douglas

2012-01-01

An invited group of national public health nursing (PHN) scholars, practitioners, policymakers, and other stakeholders met in October 2010 identifying a critical need for a national PHN data infrastructure to support PHN research. This article summarizes the strengths, limitations, and gaps specific to PHN data and proposes a research agenda for development of a PHN data infrastructure. Future implications are suggested, such as issues related to the development of the proposed PHN data infrastructure and future research possibilities enabled by the infrastructure. Such a data infrastructure has potential to improve accountability and measurement, to demonstrate the value of PHN services, and to improve population health. © 2012 Wiley Periodicals, Inc.

Unraveling Structural Infrasound: understanding the science for persistent remote monitoring of critical infrastructure (Invited)

Science.gov (United States)

McKenna, S. M.; Diaz-Alvarez, H.; McComas, S.; Costley, D.; Whitlow, R. D.; Jordan, A. M.; Taylor, O.

2013-12-01

In 2006, the Engineer Research and Development Center (ERDC) began a program designed to meet the capability gap associated with remote assessment of critical infrastructure. This program addresses issues arising from the use of geophysical techniques to solve engineering problems through persistent monitoring of critical infrastructure using infrasound. In the original 2006-2009 study of a railroad bridge in Ft. Leonard Wood, MO, the fundamental modes of motion of the structure were detected at up to 30 km away, with atmospheric excitation deemed to be the source driver. Follow-on research focused on the mechanically driven modes excited by traffic, with directional acoustic emanations. The success of the Ft. Wood ambient excitation study resulted in several subsequent programs to push the boundaries of this new technique for standoff assessment, discussed herein. Detection of scour and river system health monitoring are serious problems for monitoring civil infrastructure, from both civilian and military perspectives. Knowledge of overall system behavior over time is crucial for assessment of bridge foundations and barge navigation. This research focuses on the same steel-truss bridge from the Ft. Wood study, and analyzes 3D and 2D substructure models coupled with the superstructure reaction loads to assess the modal deformations within the infrasound bandwidth and the correlation to scour of embedment material. The Urban infrasound program is infrasound modeling, data analysis, and sensor research leading to the detection, classification and localization of threat activities in complex propagation environments. Three seismo-acoustic arrays were deployed on rooftops across the Southern Methodist University campus in Dallas, Texas, to characterize the urban infrasound environment. Structural sources within 15 km of the arrays have been identified through signal processing and confirmed through acoustical models. Infrasound is also being studied as a means of

Pandemic influenza-implications for critical care resources in Australia and New Zealand.

Science.gov (United States)

Anderson, Therese A; Hart, Graeme K; Kainer, Marion A

2003-09-01

To quantify resource requirements (additional beds and ventilator capacity), for critical care services in the event of pandemic influenza. Cross-sectional survey about existing and potential critical care resources. Participants comprised 156 of the 176 Australasian (Australia and New Zealand) critical care units on the database of the Australian and New Zealand Intensive Care Society (ANZICS) Research Centre for Critical Care Resources. The Meltzer, Cox and Fukuda model was adapted to map a range of influenza attack rate estimates for hospitalisation and episodes likely to require intensive care and to predict critical care admission rates and bed day requirements. Estimations of ventilation rates were based on those for community-acquired pneumonia. The estimated extra number of persons requiring hospitalisation ranged from 8,455 (10% attack rate) to 150,087 (45% attack rate). The estimated number of additional admissions to critical care units ranged from 423 (5% admission rate, 10% attack rate) to 37,522 (25% admission rate, 45% attack rate). The potential number of required intensive care bed days ranged from 846 bed days (2 day length of stay, 10% attack rate) to 375,220 bed days (10 day length of stay, 45% attack rate). The number of persons likely to require mechanical ventilation ranged from 106 (25% of projected critical care admissions, 10% attack rate) to 28,142 (75% of projected critical care admissions, 45% attack rate). An additional 1,195 emergency ventilator beds were identified in public sector and 248 in private sector hospitals. Cancellation of elective surgery could release a potential 76,402 intensive care bed days (per annum), but in the event of pandemic influenza, 31,150 bed days could be required over an 8- to 12-week period. Australasian critical care services would be overwhelmed in the event of pandemic influenza. More work is required in relation to modelling, contingency plans, and resource allocation.

Analysis Techniques for Information Security

CERN Document Server

Datta, Anupam; Li, Ninghui

2010-01-01

Increasingly our critical infrastructures are reliant on computers. We see examples of such infrastructures in several domains, including medical, power, telecommunications, and finance. Although automation has advantages, increased reliance on computers exposes our critical infrastructures to a wider variety and higher likelihood of accidental failures and malicious attacks. Disruption of services caused by such undesired events can have catastrophic effects, such as disruption of essential services and huge financial losses. The increased reliance of critical services on our cyberinfrastruct

Patrol Detection for Replica Attacks on Wireless Sensor Networks

OpenAIRE

Wang, Liang-Min; Shi, Yang

2011-01-01

Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by d...

Resilience of LTE networks against smart jamming attacks

KAUST Repository

Aziz, Farhan M.; Shamma, Jeff S.; Stuber, Gordon L.

2014-01-01

Commercial LTE networks are being studied for mission-critical applications, such as public safety and smart grid communications. In this paper, LTE networks are shown vulnerable to Denial-of-Service (DOS) and loss of service attacks from smart

A Model of Biological Attacks on a Realistic Population

Science.gov (United States)

Carley, Kathleen M.; Fridsma, Douglas; Casman, Elizabeth; Altman, Neal; Chen, Li-Chiou; Kaminsky, Boris; Nave, Demian; Yahja, Alex

The capability to assess the impacts of large-scale biological attacks and the efficacy of containment policies is critical and requires knowledge-intensive reasoning about social response and disease transmission within a complex social system. There is a close linkage among social networks, transportation networks, disease spread, and early detection. Spatial dimensions related to public gathering places such as hospitals, nursing homes, and restaurants, can play a major role in epidemics [Klovdahl et. al. 2001]. Like natural epidemics, bioterrorist attacks unfold within spatially defined, complex social systems, and the societal and networked response can have profound effects on their outcome. This paper focuses on bioterrorist attacks, but the model has been applied to emergent and familiar diseases as well.

Network overload due to massive attacks

Science.gov (United States)

Kornbluth, Yosef; Barach, Gilad; Tuchman, Yaakov; Kadish, Benjamin; Cwilich, Gabriel; Buldyrev, Sergey V.

2018-05-01

We study the cascading failure of networks due to overload, using the betweenness centrality of a node as the measure of its load following the Motter and Lai model. We study the fraction of survived nodes at the end of the cascade pf as a function of the strength of the initial attack, measured by the fraction of nodes p that survive the initial attack for different values of tolerance α in random regular and Erdös-Renyi graphs. We find the existence of a first-order phase-transition line pt(α ) on a p -α plane, such that if p pt , pf is large and the giant component of the network is still present. Exactly at pt, the function pf(p ) undergoes a first-order discontinuity. We find that the line pt(α ) ends at a critical point (pc,αc) , in which the cascading failures are replaced by a second-order percolation transition. We find analytically the average betweenness of nodes with different degrees before and after the initial attack, we investigate their roles in the cascading failures, and we find a lower bound for pt(α ) . We also study the difference between localized and random attacks.

Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

Directory of Open Access Journals (Sweden)

Laszlo B Kish

Full Text Available Recently, Bennett and Riedel (BR (http://arxiv.org/abs/1303.7435v1 argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional security of the KLJN method has not been successfully challenged.

Public key infrastructure building trusted applications and web services

CERN Document Server

Vacca, John R

2004-01-01

OVERVIEW OF PKI TECHNOLOGYPublic Key Infrastructures (PKIs): What Are They?Type of Certificate Authorities (CAS) ServicesPKI StandardsTypes of Vendor and Third-Party CA SystemsProtecting Private KeysCA System AttacksStolen Private Keys: What Can Be Done?Certificate Practice StatementsPKI ReadinessANALYZING AND DESIGNING PUBLIC KEY INFRASTRUCTURESPKI Design IssuesCost Justification and ConsiderationPKI Standards Design IssuesPKI Architectural Design ConsiderationsIMPLEMENTING PKIRequirementsImplementation ScheduleImplementation CostsPKI PerformanceMANAGING PKIRequesting a CertificateObtaining a

77 FR 21989 - Critical Infrastructure Private Sector Clearance Program Request

Science.gov (United States)

2012-04-12

... Advisors email the form to the individual who then emails back the completed form, minus their date and... official who nominated the applicant and by the Assistant Secretary for Infrastructure Protection. Upon...

Fragility: The Next Wave in Critical Infrastructure Protection

OpenAIRE

Allan McDougall

2009-01-01

In North America today, we are about to embark on a significant effort to repair, or even upgrade, many aspects of our infrastructure. Many of these efforts are linked to economic recovery packages. Others are based on sheer need. The challenge for decision makers and planners involves ensuring that scarce economic resources are put to their best use. Understanding the concept of fragility plays a pivotal part in reaching that understanding.Fragility, like many other systems—particularly Info...

ENEA infrastructures toward the LFR development

International Nuclear Information System (INIS)

Tarantino, M.; Agostini, P.; Del Nevo, A.; Di Piazza, I.; Rozzia, D.

2013-01-01

ENEA has one of the most relevant EU R&D infrastructures for HLM technological development, and it is strongly involved in the main research programs worldwide supporting the development of sub-critical (MYRRHA) and critical lead cooled reactors (ALFRED). In these frames a large experimental program ranging from HLM thermal-hydraulic to large scale experiment has been implemented

Methods of securing and controlling critical infrastructure assets allocated in information and communications technology sector companies in leading

Directory of Open Access Journals (Sweden)

Piotr Sieńko

2015-12-01

Full Text Available Critical Infrastructure (CI plays a significant role in maintaining public order and national security. The state may use many different methods to protect and control CI allocated to commercial companies. This article describes the three most important ones: legislation, ownership and government institutions and agencies. The data presented in this paper is the result of research done on the most developed countries in the EU (United Kingdom, France, Germany and Italy and their strategic enterprises in the ICT sector, one of the most important sectors in any national security system.

Metrics for Assessment of Smart Grid Data Integrity Attacks

Energy Technology Data Exchange (ETDEWEB)

Annarita Giani; Miles McQueen; Russell Bent; Kameshwar Poolla; Mark Hinrichs

2012-07-01

There is an emerging consensus that the nation’s electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by redispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focused on understanding the connections between grid operational procedures and cyber attacks. We first offer two examples to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data are consistent with the physics of power flow, and are therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under re-dispatch decisions using optimal power flow methods. These metrics can be use to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advance attack detection algorithms.

Constructing a resilience index for the Enhanced Critical Infrastructure Protection Program

Energy Technology Data Exchange (ETDEWEB)

Fisher, R. E.; Bassett, G. W.; Buehring, W. A.; Collins, M. J.; Dickinson, D. C.; Eaton, L. K.; Haffenden, R. A.; Hussar, N. E.; Klett, M. S.; Lawlor, M. A.; Millier, D. J.; Petit, F. D.; Peyton, S. M.; Wallace, K. E.; Whitfield, R. G.; Peerenboom, J P

2010-10-14

Following recommendations made in Homeland Security Presidential Directive 7, which established a national policy for the identification and increased protection of critical infrastructure and key resources (CIKR) by Federal departments and agencies, the U.S. Department of Homeland Security (DHS) in 2006 developed the Enhanced Critical Infrastructure Protection (ECIP) program. The ECIP program aimed to provide a closer partnership with state, regional, territorial, local, and tribal authorities in fulfilling the national objective to improve CIKR protection. The program was specifically designed to identify protective measures currently in place in CIKR and to inform facility owners/operators of the benefits of new protective measures. The ECIP program also sought to enhance existing relationships between DHS and owners/operators of CIKR and to build relationships where none existed (DHS 2008; DHS 2009). In 2009, DHS and its protective security advisors (PSAs) began assessing CIKR assets using the ECIP program and ultimately produced individual protective measure and vulnerability values through the protective measure and vulnerability indices (PMI/VI). The PMI/VI assess the protective measures posture of individual facilities at their 'weakest link,' allowing for a detailed analysis of the most vulnerable aspects of the facilities (Schneier 2003), while maintaining the ability to produce an overall protective measures picture. The PMI has six main components (physical security, security management, security force, information sharing, protective measures assessments, and dependencies) and focuses on actions taken by a facility to prevent or deter the occurrence of an incident (Argonne National Laboratory 2009). As CIKR continue to be assessed using the PMI/VI and owners/operators better understand how they can prevent or deter incidents, academic research, practitioner emphasis, and public policy formation have increasingly focused on resilience as a

802.11 Wireless Infrastructure To Enhance Medical Response to Disasters

Science.gov (United States)

Arisoylu, Mustafa; Mishra, Rajesh; Rao, Ramesh; Lenert, Leslie A.

2005-01-01

802.11 (WiFi) is a well established network communications protocol that has wide applicability in civil infrastructure. This paper describes research that explores the design of 802.11 networks enhanced to support data communications in disaster environments. The focus of these efforts is to create network infrastructure to support operations by Metropolitan Medical Response System (MMRS) units and Federally-sponsored regional teams that respond to mass casualty events caused by a terrorist attack with chemical, biological, nuclear or radiological weapons or by a hazardous materials spill. In this paper, we describe an advanced WiFi-based network architecture designed to meet the needs of MMRS operations. This architecture combines a Wireless Distribution Systems for peer-to-peer multihop connectivity between access points with flexible and shared access to multiple cellular backhauls for robust connectivity to the Internet. The architecture offers a high bandwidth data communications infrastructure that can penetrate into buildings and structures while also supporting commercial off-the-shelf end-user equipment such as PDAs. It is self-configuring and is self-healing in the event of a loss of a portion of the infrastructure. Testing of prototype units is ongoing. PMID:16778990

Monitoring and Control of Urban Critical Infrastructures: A Novel Approach to System Design and Data Fusion

Directory of Open Access Journals (Sweden)

Mario La Manna

2015-02-01

Full Text Available The monitoring and control of urban critical infrastructures consists of the protection of assets such as houses, offices, government and private buildings, with low cost, high quality and high dependability. In order to satisfy all these requirements at the same time, the control of a number of assets has to be performed by means of automated systems based on networks of heterogeneous sensors. This new concept idea is based on the use of unmanned operations at each of the many remote assets (each asset is monitored through a network of sensors and a man-in-the-loop automated control in a central site (Operational Center, which performs alarm detection and system management.

INFRASTRUCTURE

CERN Multimedia

A. Gaddi

2012-01-01

The CMS Infrastructures teams are constantly ensuring the smooth operation of the different services during this critical period when the detector is taking data at full speed. A single failure would spoil hours of high luminosity beam and everything is put in place to avoid such an eventuality. In the meantime however, the fast approaching LS1 requires that we take a look at the various activities to take place from the end of the year onwards. The list of infrastructures consolidation and upgrade tasks is already long and will touch all the services (cooling, gas, inertion, powering, etc.). The definitive list will be available just before the LS1 start. One activity performed by the CMS cooling team that is worth mentioning is the maintenance of the cooling circuits at the CMS Electronics Integration Centre (EIC) at building 904. The old chiller has been replaced by a three-units cooling plant that also serves the HVAC system for the new CSC and RPC factories. The commissioning of this new plant has tak...

Making green infrastructure healthier infrastructure.

Science.gov (United States)

Lõhmus, Mare; Balbus, John

2015-01-01

Increasing urban green and blue structure is often pointed out to be critical for sustainable development and climate change adaptation, which has led to the rapid expansion of greening activities in cities throughout the world. This process is likely to have a direct impact on the citizens' quality of life and public health. However, alongside numerous benefits, green and blue infrastructure also has the potential to create unexpected, undesirable, side-effects for health. This paper considers several potential harmful public health effects that might result from increased urban biodiversity, urban bodies of water, and urban tree cover projects. It does so with the intent of improving awareness and motivating preventive measures when designing and initiating such projects. Although biodiversity has been found to be associated with physiological benefits for humans in several studies, efforts to increase the biodiversity of urban environments may also promote the introduction and survival of vector or host organisms for infectious pathogens with resulting spread of a variety of diseases. In addition, more green connectivity in urban areas may potentiate the role of rats and ticks in the spread of infectious diseases. Bodies of water and wetlands play a crucial role in the urban climate adaptation and mitigation process. However, they also provide habitats for mosquitoes and toxic algal blooms. Finally, increasing urban green space may also adversely affect citizens allergic to pollen. Increased awareness of the potential hazards of urban green and blue infrastructure should not be a reason to stop or scale back projects. Instead, incorporating public health awareness and interventions into urban planning at the earliest stages can help insure that green and blue infrastructure achieves full potential for health promotion.

An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System

Directory of Open Access Journals (Sweden)

Halima Ibrahim Kure

2018-05-01

Full Text Available A cyber-physical system (CPS is a combination of physical system components with cyber capabilities that have a very tight interconnectivity. CPS is a widely used technology in many applications, including electric power systems, communications, and transportation, and healthcare systems. These are critical national infrastructures. Cybersecurity attack is one of the major threats for a CPS because of many reasons, including complexity and interdependencies among various system components, integration of communication, computing, and control technology. Cybersecurity attacks may lead to various risks affecting the critical infrastructure business continuity, including degradation of production and performance, unavailability of critical services, and violation of the regulation. Managing cybersecurity risks is very important to protect CPS. However, risk management is challenging due to the inherent complex and evolving nature of the CPS system and recent attack trends. This paper presents an integrated cybersecurity risk management framework to assess and manage the risks in a proactive manner. Our work follows the existing risk management practice and standard and considers risks from the stakeholder model, cyber, and physical system components along with their dependencies. The approach enables identification of critical CPS assets and assesses the impact of vulnerabilities that affect the assets. It also presents a cybersecurity attack scenario that incorporates a cascading effect of threats and vulnerabilities to the assets. The attack model helps to determine the appropriate risk levels and their corresponding mitigation process. We present a power grid system to illustrate the applicability of our work. The result suggests that risk in a CPS of a critical infrastructure depends mainly on cyber-physical attack scenarios and the context of the organization. The involved risks in the studied context are both from the technical and

Effects of a significant New Madrid Seismic Zone event on oil and natural gas pipelines and their cascading effects to critical infrastructures

Science.gov (United States)

Fields, Damon E.

Critical Infrastructure Protection (CIP) is a construct that relates preparedness and responsiveness to natural or man-made disasters that involve vulnerable assets deemed essential for the functioning of our economy and society. Infrastructure systems (power grids, bridges, airports, etc.) are vulnerable to disastrous types of events--natural or man-made. Failures of these systems can have devastating effects on communities and entire regions. CIP relates our willingness, ability, and capability to defend, mitigate, and re-constitute those assets that succumb to disasters affecting one or more infrastructure sectors. This qualitative research utilized ethnography and employed interviews with subject matter experts (SMEs) from various fields of study regarding CIP with respect to oil and natural gas pipelines in the New Madrid Seismic Zone. The study focused on the research question: What can be done to mitigate vulnerabilities in the oil and natural gas infrastructures, along with the potential cascading effects to interdependent systems, associated with a New Madrid fault event? The researcher also analyzed National Level Exercises (NLE) and real world events, and associated After Action Reports (AAR) and Lessons Learned (LL) in order to place a holistic lens across all infrastructures and their dependencies and interdependencies. Three main themes related to the research question emerged: (a) preparedness, (b) mitigation, and (c) impacts. These themes comprised several dimensions: (a) redundancy, (b) node hardening, (c) education, (d) infrastructure damage, (e) cascading effects, (f) interdependencies, (g) exercises, and (h) earthquake readiness. As themes and dimensions are analyzed, they are considered against findings in AARs and LL from previous real world events and large scale exercise events for validation or rejection.

Sustainable infrastructure system modeling under uncertainties and dynamics

Science.gov (United States)

Huang, Yongxi

Infrastructure systems support human activities in transportation, communication, water use, and energy supply. The dissertation research focuses on critical transportation infrastructure and renewable energy infrastructure systems. The goal of the research efforts is to improve the sustainability of the infrastructure systems, with an emphasis on economic viability, system reliability and robustness, and environmental impacts. The research efforts in critical transportation infrastructure concern the development of strategic robust resource allocation strategies in an uncertain decision-making environment, considering both uncertain service availability and accessibility. The study explores the performances of different modeling approaches (i.e., deterministic, stochastic programming, and robust optimization) to reflect various risk preferences. The models are evaluated in a case study of Singapore and results demonstrate that stochastic modeling methods in general offers more robust allocation strategies compared to deterministic approaches in achieving high coverage to critical infrastructures under risks. This general modeling framework can be applied to other emergency service applications, such as, locating medical emergency services. The development of renewable energy infrastructure system development aims to answer the following key research questions: (1) is the renewable energy an economically viable solution? (2) what are the energy distribution and infrastructure system requirements to support such energy supply systems in hedging against potential risks? (3) how does the energy system adapt the dynamics from evolving technology and societal needs in the transition into a renewable energy based society? The study of Renewable Energy System Planning with Risk Management incorporates risk management into its strategic planning of the supply chains. The physical design and operational management are integrated as a whole in seeking mitigations against the

Construction of a Cyber Attack Model for Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Varuttamaseni, Athi; Bari, Robert A.; Youngblood, Robert

2017-05-01

The consideration of how one compromised digital equipment can impact neighboring equipment is critical to understanding the progression of cyber attacks. The degree of influence that one component may have on another depends on a variety of factors, including the sharing of resources such as network bandwidth or processing power, the level of trust between components, and the inclusion of segmentation devices such as firewalls. The interactions among components via mechanisms that are unique to the digital world are not usually considered in traditional PRA. This means potential sequences of events that may occur during an attack may be missed if one were to only look at conventional accident sequences. This paper presents a method where, starting from the initial attack vector, the progression of a cyber attack can be modeled. The propagation of the attack is modeled by considering certain attributes of the digital components in the system. These attributes determine the potential vulnerability of a component to a class of attack and the capability gained by the attackers once they are in control of the equipment. The use of attributes allows similar components (components with the same set of attributes) to be modeled in the same way, thereby reducing the computing resources required for analysis of large systems.

Insecurity of Wireless Networks

Energy Technology Data Exchange (ETDEWEB)

Sheldon, Frederick T [ORNL; Weber, John Mark [Dynetics, Inc.; Yoo, Seong-Moo [University of Alabama, Huntsville; Pan, W. David [University of Alabama, Huntsville

2012-01-01

Wireless is a powerful core technology enabling our global digital infrastructure. Wi-Fi networks are susceptible to attacks on Wired Equivalency Privacy, Wi-Fi Protected Access (WPA), and WPA2. These attack signatures can be profiled into a system that defends against such attacks on the basis of their inherent characteristics. Wi-Fi is the standard protocol for wireless networks used extensively in US critical infrastructures. Since the Wired Equivalency Privacy (WEP) security protocol was broken, the Wi-Fi Protected Access (WPA) protocol has been considered the secure alternative compatible with hardware developed for WEP. However, in November 2008, researchers developed an attack on WPA, allowing forgery of Address Resolution Protocol (ARP) packets. Subsequent enhancements have enabled ARP poisoning, cryptosystem denial of service, and man-in-the-middle attacks. Open source systems and methods (OSSM) have long been used to secure networks against such attacks. This article reviews OSSMs and the results of experimental attacks on WPA. These experiments re-created current attacks in a laboratory setting, recording both wired and wireless traffic. The article discusses methods of intrusion detection and prevention in the context of cyber physical protection of critical Internet infrastructure. The basis for this research is a specialized (and undoubtedly incomplete) taxonomy of Wi-Fi attacks and their adaptations to existing countermeasures and protocol revisions. Ultimately, this article aims to provide a clearer picture of how and why wireless protection protocols and encryption must achieve a more scientific basis for detecting and preventing such attacks.

Constructing vulnerabilty and protective measures indices for the enhanced critical infrastructure protection program.

Energy Technology Data Exchange (ETDEWEB)

Fisher, R. E.; Buehring, W. A.; Whitfield, R. G.; Bassett, G. W.; Dickinson, D. C.; Haffenden, R. A.; Klett, M. S.; Lawlor, M. A.; Decision and Information Sciences; LANL

2009-10-14

The US Department of Homeland Security (DHS) has directed its Protective Security Advisors (PSAs) to form partnerships with the owners and operators of assets most essential to the Nation's well being - a subclass of critical infrastructure and key resources (CIKR) - and to conduct site visits for these and other high-risk assets as part of the Enhanced Critical Infrastructure Protection (ECIP) Program. During each such visit, the PSA documents information about the facility's current CIKR protection posture and overall security awareness. The primary goals for ECIP site visits (DHS 2009) are to: (1) inform facility owners and operators of the importance of their facilities as an identified high-priority CIKR and the need to be vigilant in light of the ever-present threat of terrorism; (2) identify protective measures currently in place at these facilities, provide comparisons of CIKR protection postures across like assets, and track the implementation of new protective measures; and (3) enhance existing relationships among facility owners and operators; DHS; and various Federal, State, local tribal, and territorial partners. PSAs conduct ECIP visits to assess overall site security; educate facility owners and operators about security; help owners and operators identify gaps and potential improvements; and promote communication and information sharing among facility owners and operators, DHS, State governments, and other security partners. Information collected during ECIP visits is used to develop metrics; conduct sector-by-sector and cross-sector vulnerability comparisons; identify security gaps and trends across CIKR sectors and subsectors; establish sector baseline security survey results; and track progress toward improving CIKR security through activities, programs, outreach, and training (Snyder 2009). The data being collected are used in a framework consistent with the National Infrastructure Protection Plan (NIPP) risk criteria (DHS 2009). The

Settlement characteristics of major infrastructures in Shanghai

Directory of Open Access Journals (Sweden)

X. Jiao

2015-11-01

Full Text Available Critical infrastructures in Shanghai have undergone uneven settlement since their operation, which plays an important role in affecting the security of Shanghai. This paper, taking rail transportation as example, investigates settlement characteristics and influencing factors of this linear engineering, based on long-term settlement monitoring data. Results show that rail settlement is related to geological conditions, regional ground subsidence, surrounding construction activities and structural differences in the rail systems. In order to effectively decrease the impact of regional ground subsidence, a monitoring and early-warning mechanism for critical infrastructure is established by the administrative department and engineering operators, including monitoring network construction, settlement monitoring, information sharing, settlement warning, and so on.

Patrol Detection for Replica Attacks on Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Yang Shi

2011-02-01

Full Text Available Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by discussing and comparing the communication cost and detection probability with some existing methods.

Attacks to Cryptography Protocols of Wireless Industrial Communication Systems

Directory of Open Access Journals (Sweden)

Tomas Ondrasina

2010-01-01

Full Text Available The paper deals with problems of safety and security principles within wireless industrial communication systems. First safety requirements to wireless industrial communication system, summarisation of attack methods and the available measures for risks elimination are described with orientation to safety critical applications. The mainly part is oriented to identification of risks and summarisation of defensive methods of wireless communication based on cryptographic techniques. Practical part the cryptoanalytic’s attacks to COTS (Commercial Off-The-Shelf wireless communications are mentioned based on the IEEE 802.11 standards.

Development of module for neural network identification of attacks on applications and services in multi-cloud platforms

Science.gov (United States)

Parfenov, D. I.; Bolodurina, I. P.

2018-05-01

The article presents the results of developing an approach to detecting and protecting against network attacks on the corporate infrastructure deployed on the multi-cloud platform. The proposed approach is based on the combination of two technologies: a softwareconfigurable network and virtualization of network functions. The approach for searching for anomalous traffic is to use a hybrid neural network consisting of a self-organizing Kohonen network and a multilayer perceptron. The study of the work of the prototype of the system for detecting attacks, the method of forming a learning sample, and the course of experiments are described. The study showed that using the proposed approach makes it possible to increase the effectiveness of the obfuscation of various types of attacks and at the same time does not reduce the performance of the network

ECONOMIC DENIAL OF SUSTAINABILITY (EDOS ATTACK ON CLOUD – A SURVEY

Directory of Open Access Journals (Sweden)

A. Somasundaram

2016-12-01

Full Text Available Cloud computing is a promising technology aims to provide reliable, customized and quality of service computation environments for cloud users in terms of Software as a Service-SaaS , Plat- form as a Service-PaaS and Infrastructure as Service-IaaS, which is provided on the pay per use basis. Cloud computing enables services to be deployed and accessed globally on demand with little maintenance by providing QoS as per service level agreement (SLA of customer. However, due to elasticity of resources, cloud systems are facing severe security problems. One of the most serious threats to cloud computing is EDoS (economic Distributed Denial of Service aims to consume the cloud resource by attacker and impose financial burden to the legitimate user, where integrity, availability and confidentiality of the cloud services are never compromised but affects the accountability which leads to inaccurate billing. Since the billing models of cloud services may not be mature enough to properly account for an EDoS attack. These paper surveys, the different techniques that generate, detect and mitigate the EDoS Attack on Cloud.

Communications and information infrastructure security

CERN Document Server

Voeller, John G

2014-01-01

Communication and Information Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering strategies for protecting the telecommunications sector, wireless security, advanced web based technology for emergency situations. Science and technology for critical infrastructure consequence mitigation are also discussed.

Towards a Risk Based Assessment of Critical Information ...

African Journals Online (AJOL)

For this reason the South African measures are likely to lead to the adoption of a paradigm that considers every infrastructure, data or database, regardless of its significance or importance, to be key or critical. KEYWORDS: Critical databases; critical information infrastructures; national security; social and economic well- ...

Defense Strategies for Asymmetric Networked Systems with Discrete Components

Directory of Open Access Journals (Sweden)

Nageswara S. V. Rao

2018-05-01

Full Text Available We consider infrastructures consisting of a network of systems, each composed of discrete components. The network provides the vital connectivity between the systems and hence plays a critical, asymmetric role in the infrastructure operations. The individual components of the systems can be attacked by cyber and physical means and can be appropriately reinforced to withstand these attacks. We formulate the problem of ensuring the infrastructure performance as a game between an attacker and a provider, who choose the numbers of the components of the systems and network to attack and reinforce, respectively. The costs and benefits of attacks and reinforcements are characterized using the sum-form, product-form and composite utility functions, each composed of a survival probability term and a component cost term. We present a two-level characterization of the correlations within the infrastructure: (i the aggregate failure correlation function specifies the infrastructure failure probability given the failure of an individual system or network, and (ii the survival probabilities of the systems and network satisfy first-order differential conditions that capture the component-level correlations using multiplier functions. We derive Nash equilibrium conditions that provide expressions for individual system survival probabilities and also the expected infrastructure capacity specified by the total number of operational components. We apply these results to derive and analyze defense strategies for distributed cloud computing infrastructures using cyber-physical models.

Defense Strategies for Asymmetric Networked Systems with Discrete Components.

Science.gov (United States)

Rao, Nageswara S V; Ma, Chris Y T; Hausken, Kjell; He, Fei; Yau, David K Y; Zhuang, Jun

2018-05-03

We consider infrastructures consisting of a network of systems, each composed of discrete components. The network provides the vital connectivity between the systems and hence plays a critical, asymmetric role in the infrastructure operations. The individual components of the systems can be attacked by cyber and physical means and can be appropriately reinforced to withstand these attacks. We formulate the problem of ensuring the infrastructure performance as a game between an attacker and a provider, who choose the numbers of the components of the systems and network to attack and reinforce, respectively. The costs and benefits of attacks and reinforcements are characterized using the sum-form, product-form and composite utility functions, each composed of a survival probability term and a component cost term. We present a two-level characterization of the correlations within the infrastructure: (i) the aggregate failure correlation function specifies the infrastructure failure probability given the failure of an individual system or network, and (ii) the survival probabilities of the systems and network satisfy first-order differential conditions that capture the component-level correlations using multiplier functions. We derive Nash equilibrium conditions that provide expressions for individual system survival probabilities and also the expected infrastructure capacity specified by the total number of operational components. We apply these results to derive and analyze defense strategies for distributed cloud computing infrastructures using cyber-physical models.

Investing in Natural and Nature-Based Infrastructure: Building Better Along Our Coasts

Directory of Open Access Journals (Sweden)

Ariana E. Sutton-Grier

2018-02-01

Full Text Available Much of the United States’ critical infrastructure is either aging or requires significant repair, leaving U.S. communities and the economy vulnerable. Outdated and dilapidated infrastructure places coastal communities, in particular, at risk from the increasingly frequent and intense coastal storm events and rising sea levels. Therefore, investments in coastal infrastructure are urgently needed to ensure community safety and prosperity; however, these investments should not jeopardize the ecosystems and natural resources that underlie economic wealth and human well-being. Over the past 50 years, efforts have been made to integrate built infrastructure with natural landscape features, often termed “green” infrastructure, in order to sustain and restore valuable ecosystem functions and services. For example, significant advances have been made in implementing green infrastructure approaches for stormwater management, wastewater treatment, and drinking water conservation and delivery. However, the implementation of natural and nature-based infrastructure (NNBI aimed at flood prevention and coastal erosion protection is lagging. There is an opportunity now, as the U.S. government reacts to the recent, unprecedented flooding and hurricane damage and considers greater infrastructure investments, to incorporate NNBI into coastal infrastructure projects. Doing so will increase resilience and provide critical services to local communities in a cost-effective manner and thereby help to sustain a growing economy.

6 CFR 29.7 - Safeguarding of Protected Critical Infrastructure Information.

Science.gov (United States)

2010-01-01

... Infrastructure Information. 29.7 Section 29.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE..., and consistent with the Act, for Automated Information Systems that contain PCII. Such security requirements will be in conformance with the information technology security requirements in the Federal...

Making green infrastructure healthier infrastructure

Directory of Open Access Journals (Sweden)

Mare Lõhmus

2015-11-01

Full Text Available Increasing urban green and blue structure is often pointed out to be critical for sustainable development and climate change adaptation, which has led to the rapid expansion of greening activities in cities throughout the world. This process is likely to have a direct impact on the citizens’ quality of life and public health. However, alongside numerous benefits, green and blue infrastructure also has the potential to create unexpected, undesirable, side-effects for health. This paper considers several potential harmful public health effects that might result from increased urban biodiversity, urban bodies of water, and urban tree cover projects. It does so with the intent of improving awareness and motivating preventive measures when designing and initiating such projects. Although biodiversity has been found to be associated with physiological benefits for humans in several studies, efforts to increase the biodiversity of urban environments may also promote the introduction and survival of vector or host organisms for infectious pathogens with resulting spread of a variety of diseases. In addition, more green connectivity in urban areas may potentiate the role of rats and ticks in the spread of infectious diseases. Bodies of water and wetlands play a crucial role in the urban climate adaptation and mitigation process. However, they also provide habitats for mosquitoes and toxic algal blooms. Finally, increasing urban green space may also adversely affect citizens allergic to pollen. Increased awareness of the potential hazards of urban green and blue infrastructure should not be a reason to stop or scale back projects. Instead, incorporating public health awareness and interventions into urban planning at the earliest stages can help insure that green and blue infrastructure achieves full potential for health promotion.

Hiding Critical Targets in Smart Grid Networks

Energy Technology Data Exchange (ETDEWEB)

Bao, Wei [Univ. of Arkansas, Fayetteville, AR (United States); Li, Qinghua

2017-10-23

With the integration of advanced communication technologies, the power grid is expected to greatly enhance efficiency and reliability of future power systems. However, since most electrical devices in power grid substations are connected via communication networks, cyber security of these communication networks becomes a critical issue. Real-World incidents such as Stuxnet have shown the feasibility of compromising a device in the power grid network to further launch more sophisticated attacks. To deal with security attacks of this spirit, this paper aims to hide critical targets from compromised internal nodes and hence protect them from further attacks launched by those compromised nodes. In particular, we consider substation networks and propose to add carefully-controlled dummy traffic to a substation network to make critical target nodes indistinguishable from other nodes in network traffic patterns. This paper describes the design and evaluation of such a scheme. Evaluations show that the scheme can effectively protect critical nodes with acceptable communication cost.

Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

Science.gov (United States)

Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

2015-01-01

Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

Design and Implementation of Decoy Enhanced Dynamic Virtualization Networks

Science.gov (United States)

2016-12-12

attacks against the critical server infrastructures within both government organizations and businesses, and the number of data breaches increases...luring techniques and engagement servers to entice an attacker away from the valuable servers. As the average time to identify and resolve a data breach for

Sequence-aware intrusion detection in industrial control systems

NARCIS (Netherlands)

Caselli, M.; Zambon, Emmanuele; Kargl, Frank; Zhou, Jianying; Jones, D.

Nowadays, several threats endanger cyber-physical systems. Among these systems, industrial control systems (ICS) operating on critical infrastructures have been proven to be an attractive target for attackers. The case of Stuxnet has not only showed that ICSs are vulnerable to cyber-attacks, but

Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

NARCIS (Netherlands)

Pieters, Wolter; Davarynejad, Mohsen

2015-01-01

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in

Simulating economic effects of disruptions in the telecommunications infrastructure.

Energy Technology Data Exchange (ETDEWEB)

Cox, Roger Gary; Barton, Dianne Catherine; Reinert, Rhonda K.; Eidson, Eric D.; Schoenwald, David Alan

2004-01-01

CommAspen is a new agent-based model for simulating the interdependent effects of market decisions and disruptions in the telecommunications infrastructure on other critical infrastructures in the U.S. economy such as banking and finance, and electric power. CommAspen extends and modifies the capabilities of Aspen-EE, an agent-based model previously developed by Sandia National Laboratories to analyze the interdependencies between the electric power system and other critical infrastructures. CommAspen has been tested on a series of scenarios in which the communications network has been disrupted, due to congestion and outages. Analysis of the scenario results indicates that communications networks simulated by the model behave as their counterparts do in the real world. Results also show that the model could be used to analyze the economic impact of communications congestion and outages.

A COMPREHENSIVE SURVEY ON DETECTING BLACK HOLE ATTACK IN MOBILE AD-HOC NETWORK (MANET

Directory of Open Access Journals (Sweden)

Pascal Maniriho

2018-01-01

Full Text Available The infrastructure-less nature and mobility of nodes in mobile ad-hoc network (MANET make it to be very susceptible to various attacks. Besides, owing to its flexibility and simplicity, there is no predefined time or permission set for nodes to leave or join the network and each node can act as a client or server.  Nevertheless, securing communication between nodes has become a challenging problem than in other types of network. Attacks in MANET range into different categories. Black hole attack is one of the attacks that has been addressed by many researchers in the recent years. It does occur when a harmful mobile node called black hole becomes a part of the network and tries to use its malicious behaviors by sending fake route reply packets (RREP for any received route request packets (RREQ. When these faked packets arrive to the source node, it does reply to them by sending data packet via the established route. Once the packets are received by the black hole, it drops them before reaching the destination.  Hence, preventing the source node from reaching the intended destination. In this paper, we present an overview of a wide range of techniques suggested in the literature for detecting and preventing black hole attacks in mobile ad hoc network. Additionally, the effect of each approach on the network performance is also presented.

Drought predisposes piñon-juniper woodlands to insect attacks and mortality.

Science.gov (United States)

Gaylord, Monica L; Kolb, Thomas E; Pockman, William T; Plaut, Jennifer A; Yepez, Enrico A; Macalady, Alison K; Pangle, Robert E; McDowell, Nate G

2013-04-01

To test the hypothesis that drought predisposes trees to insect attacks, we quantified the effects of water availability on insect attacks, tree resistance mechanisms, and mortality of mature piñon pine (Pinus edulis) and one-seed juniper (Juniperus monosperma) using an experimental drought study in New Mexico, USA. The study had four replicated treatments (40 × 40 m plot/replicate): removal of 45% of ambient annual precipitation (H2 O-); irrigation to produce 125% of ambient annual precipitation (H2 O+); a drought control (C) to quantify the impact of the drought infrastructure; and ambient precipitation (A). Piñon began dying 1 yr after drought initiation, with higher mortality in the H2 O- treatment relative to other treatments. Beetles (bark/twig) were present in 92% of dead trees. Resin duct density and area were more strongly affected by treatments and more strongly associated with piñon mortality than direct measurements of resin flow. For juniper, treatments had no effect on insect resistance or attacks, but needle browning was highest in the H2 O- treatment. Our results provide strong evidence that ≥ 1 yr of severe drought predisposes piñon to insect attacks and increases mortality, whereas 3 yr of the same drought causes partial canopy loss in juniper. © 2013 The Authors. New Phytologist © 2013 New Phytologist Trust.

Green Infrastructure, Groundwater and the Sustainable City

Science.gov (United States)

Band, L. E.

2014-12-01

The management of water is among the most important attributes of urbanization. Provision of sufficient quantities and quality of freshwater, treatment and disposal of wastewater and flood protection are critical for urban sustainability. Over the last century, two major shifts in water management paradigms have occurred, the first to improve public health with the provision of infrastructure for centralized sanitary effluent collection and treatment, and the rapid drainage and routing of stormwater. A current shift in paradigm is now occurring in response to the unintended consequences of sanitary and stormwater management, which have degraded downstream water bodies and shifted flood hazard downstream. Current infrastructure is being designed and implemented to retain, rather than rapidly drain, stormwater, with a focus on infiltration based methods. In urban areas, this amounts to a shift in hydrologic behavior to depression focused recharge. While stormwater is defined as surface flow resulting from developed areas, an integrated hydrologic systems approach to urban water management requires treatment of the full critical zone. In urban areas this extends from the top of the vegetation and building canopy, to a subsurface depth including natural soils, fill, saprolite and bedrock. In addition to matric and network flow in fracture systems, an urban "karst" includes multiple generations of current and past infrastructure, which has developed extensive subsurface pipe networks for supply and drainage, enhancing surface/groundwater flows and exchange. In this presentation, Band will discuss the need to focus on the urban critical zone, and the development and adaptation of new modeling and analytical approaches to understand and plan green infrastructure based on surface/groundwater/ecosystem interactions, and implications for the restoration and new design of cities.

Jamming Attack in Wireless Sensor Network: From Time to Space

Science.gov (United States)

Sun, Yanqiang; Wang, Xiaodong; Zhou, Xingming

Classical jamming attack models in the time domain have been proposed, such as constant jammer, random jammer, and reactive jammer. In this letter, we consider a new problem: given k jammers, how does the attacker minimize the pair-wise connectivity among the nodes in a Wireless Sensor Network (WSN)? We call this problem k-Jammer Deployment Problem (k-JDP). To the best of our knowledge, this is the first attempt at considering the position-critical jamming attack against wireless sensor network. We mainly make three contributions. First, we prove that the decision version of k-JDP is NP-complete even in the ideal situation where the attacker has full knowledge of the topology information of sensor network. Second, we propose a mathematical formulation based on Integer Programming (IP) model which yields an optimal solution. Third, we present a heuristic algorithm HAJDP, and compare it with the IP model. Numerical results show that our heuristic algorithm is computationally efficient.

Non-invasive ventilation in severe asthma attack, its possibilities and problems.

Science.gov (United States)

Murase, K; Tomii, K; Chin, K; Niimi, A; Ishihara, K; Mishima, M

2011-06-01

Asthma attack is characterized by episodic attacks of cough, dyspnea and wheeze occurring due to bronchoconstriction, airway hyperresponsiveness and mucous hypersecretion. Although nationwide clinical guidelines have been published to establish the standard care of asthma, choices in the treatment of fatal asthma attacks remain of clinical significance. Especially, in a severe asthma attack, despite the application of conventional medical treatment, respiratory management is critical. Even though non-invasive ventilation (NIV) has been shown to be effective in a wide variety of clinical settings, reports of NIV in asthmatic patients are scarce. According to a few prospective clinical trials reporting promising results in favour of the use of NIV in a severe asthma attack, a trial of NIV prior to invasive mechanical ventilation seems acceptable and may benefit patients by decreasing the need for intubation and by supporting pharmaceutical treatments. Although selecting the appropriate patients for NIV use is a key factor in successful NIV application, how to distinguish such patients is quite controversial. Larger high quality clinical trails are urgently required to confirm the benefits of NIV to patients with severe asthma attack. In this article, we focus on the body of evidence supporting the use of NIV in asthma attacks and discuss its advantages as well its problems.

Depletion-of-Battery Attack: Specificity, Modelling and Analysis.

Science.gov (United States)

Shakhov, Vladimir; Koo, Insoo

2018-06-06

The emerging Internet of Things (IoT) has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

Defense strategies for asymmetric networked systems under composite utilities

Energy Technology Data Exchange (ETDEWEB)

Rao, Nageswara S. [ORNL; Ma, Chris Y. T. [Hang Seng Management College, Hon Kong; Hausken, Kjell [University of Stavanger, Norway; He, Fei [Texas A& M University, Kingsville, TX, USA; Yau, David K. Y. [Singapore University of Technology and Design; Zhuang, Jun [University at Buffalo (SUNY)

2017-11-01

We consider an infrastructure of networked systems with discrete components that can be reinforced at certain costs to guard against attacks. The communications network plays a critical, asymmetric role of providing the vital connectivity between the systems. We characterize the correlations within this infrastructure at two levels using (a) aggregate failure correlation function that specifies the infrastructure failure probability giventhe failure of an individual system or network, and (b) first order differential conditions on system survival probabilities that characterize component-level correlations. We formulate an infrastructure survival game between an attacker and a provider, who attacks and reinforces individual components, respectively. They use the composite utility functions composed of a survival probability term and a cost term, and the previously studiedsum-form and product-form utility functions are their special cases. At Nash Equilibrium, we derive expressions for individual system survival probabilities and the expected total number of operational components. We apply and discuss these estimates for a simplified model of distributed cloud computing infrastructure

Cyber Threats for Organizations of Financial Market Infrastructures

Directory of Open Access Journals (Sweden)

Natalia Georgievna Miloslavskaya

2016-03-01

Full Text Available Abstract: In the global informatization era the reliable and efficient financial market infrastructure of the Russian Federation (RF FMI plays an important role in the financial system and economy of the country. New cyber risks have acquired the status of the FR FMI systemic risk’s components, the importance of which is constantly growing due to the increase in the possible consequences of their implementation. The article introduces the basic concepts of cyber security, cyber space and cyber threats for the RF FMI and analyzes the specific features of cyber attacks against the RF FMI organizations.

Analysis of Critical Infrastructure Dependencies and Interdependencies

Energy Technology Data Exchange (ETDEWEB)

Petit, Frederic [Argonne National Lab. (ANL), Argonne, IL (United States); Verner, Duane [Argonne National Lab. (ANL), Argonne, IL (United States); Brannegan, David [Argonne National Lab. (ANL), Argonne, IL (United States); Buehring, William [Argonne National Lab. (ANL), Argonne, IL (United States); Dickinson, David [Argonne National Lab. (ANL), Argonne, IL (United States); Guziel, Karen [Argonne National Lab. (ANL), Argonne, IL (United States); Haffenden, Rebecca [Argonne National Lab. (ANL), Argonne, IL (United States); Phillips, Julia [Argonne National Lab. (ANL), Argonne, IL (United States); Peerenboom, James [Argonne National Lab. (ANL), Argonne, IL (United States)

2015-06-01

The report begins by defining dependencies and interdependencies and exploring basic concepts of dependencies in order to facilitate a common understanding and consistent analytical approaches. Key concepts covered include; Characteristics of dependencies: upstream dependencies, internal dependencies, and downstream dependencies; Classes of dependencies: physical, cyber, geographic, and logical; and Dimensions of dependencies: operating environment, coupling and response behavior, type of failure, infrastructure characteristics, and state of operations From there, the report proposes a multi-phase roadmap to support dependency and interdependency assessment activities nationwide, identifying a range of data inputs, analysis activities, and potential products for each phase, as well as key steps needed to progress from one phase to the next. The report concludes by outlining a comprehensive, iterative, and scalable framework for analyzing dependencies and interdependencies that stakeholders can integrate into existing risk and resilience assessment efforts.

Effective Proactive and Reactive Defense Strategies against Malicious Attacks in a Virtualized Honeynet

Directory of Open Access Journals (Sweden)

Frank Yeong-Sung Lin

2013-01-01

Full Text Available Virtualization plays an important role in the recent trend of cloud computing. It allows the administrator to manage and allocate hardware resources flexibly. However, it also causes some security issues. This is a critical problem for service providers, who simultaneously strive to defend against malicious attackers while providing legitimate users with high quality service. In this paper, the attack-defense scenario is formulated as a mathematical model where the defender applies both proactive and reactive defense mechanisms against attackers with different attack strategies. In order to simulate real-world conditions, the attackers are assumed to have incomplete information and imperfect knowledge of the target network. This raises the difficulty of solving the model greatly, by turning the problem nondeterministic. After examining the experiment results, effective proactive and reactive defense strategies are proposed. This paper finds that a proactive defense strategy is suitable for dealing with aggressive attackers under “winner takes all” circumstances, while a reactive defense strategy works better in defending against less aggressive attackers under “fight to win or die” circumstances.

Bluetooth security attacks comparative analysis, attacks, and countermeasures

CERN Document Server

Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

2013-01-01

This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

The Department of Energy nuclear criticality safety program

International Nuclear Information System (INIS)

Felty, J.R.

2004-01-01

This paper broadly covers key events and activities from which the Department of Energy Nuclear Criticality Safety Program (NCSP) evolved. The NCSP maintains fundamental infrastructure that supports operational criticality safety programs. This infrastructure includes continued development and maintenance of key calculational tools, differential and integral data measurements, benchmark compilation, development of training resources, hands-on training, and web-based systems to enhance information preservation and dissemination. The NCSP was initiated in response to Defense Nuclear Facilities Safety Board Recommendation 97-2, Criticality Safety, and evolved from a predecessor program, the Nuclear Criticality Predictability Program, that was initiated in response to Defense Nuclear Facilities Safety Board Recommendation 93-2, The Need for Critical Experiment Capability. This paper also discusses the role Dr. Sol Pearlstein played in helping the Department of Energy lay the foundation for a robust and enduring criticality safety infrastructure.

Assessing the vulnerability of infrastructure to climate change on the Islands of Samoa

Science.gov (United States)

Fakhruddin, S. H. M.; Babel, M. S.; Kawasaki, A.

2015-06-01

Pacific Islanders have been exposed to risks associated with climate change. Samoa, as one of the Pacific Islands, is prone to climatic hazards that will likely increase in the coming decades, affecting coastal communities and infrastructure around the islands. Climate models do not predict a reduction of such disaster events in the future in Samoa; indeed, most predict an increase. This paper identifies key infrastructure and their functions and status in order to provide an overall picture of relative vulnerability to climate-related stresses of such infrastructure on the island. By reviewing existing reports as well as holding a series of consultation meetings, a list of critical infrastructure was developed and shared with stakeholders for their consideration. An indicator-based vulnerability model (SIVM) was developed in collaboration with stakeholders to assess the vulnerability of selected infrastructure systems on the Samoan Islands. Damage costs were extracted from the Cyclone Evan recovery needs document. Additionally, data on criticality and capacity to repair damage were collected from stakeholders. Having stakeholder perspectives on these two issues was important because (a) criticality of a given infrastructure could be viewed differently among different stakeholders, and (b) stakeholders were the best available source (in this study) to estimate the capacity to repair non-physical damage to such infrastructure. Analysis of the results suggested a ranking of sectors from the most vulnerable to least vulnerable are: the transportation sector, the power sector, the water supply sector and the sewerage system.

Understanding public confidence in government to prevent terrorist attacks.

Energy Technology Data Exchange (ETDEWEB)

Baldwin, T. E.; Ramaprasad, A,; Samsa, M. E.; Decision and Information Sciences; Univ. of Illinois at Chicago

2008-04-02

A primary goal of terrorism is to instill a sense of fear and vulnerability in a population and to erode its confidence in government and law enforcement agencies to protect citizens against future attacks. In recognition of its importance, the Department of Homeland Security includes public confidence as one of the principal metrics used to assess the consequences of terrorist attacks. Hence, a detailed understanding of the variations in public confidence among individuals, terrorist event types, and as a function of time is critical to developing this metric. In this exploratory study, a questionnaire was designed, tested, and administered to small groups of individuals to measure public confidence in the ability of federal, state, and local governments and their public safety agencies to prevent acts of terrorism. Data was collected from three groups before and after they watched mock television news broadcasts portraying a smallpox attack, a series of suicide bomber attacks, a refinery explosion attack, and cyber intrusions on financial institutions, resulting in identity theft. Our findings are: (a) although the aggregate confidence level is low, there are optimists and pessimists; (b) the subjects are discriminating in interpreting the nature of a terrorist attack, the time horizon, and its impact; (c) confidence recovery after a terrorist event has an incubation period; and (d) the patterns of recovery of confidence of the optimists and the pessimists are different. These findings can affect the strategy and policies to manage public confidence after a terrorist event.

Towards the cyber security paradigm of ehealth: Resilience and design aspects

Science.gov (United States)

Rajamäki, Jyri; Pirinen, Rauno

2017-06-01

Digital technologies have significantly changed the role of healthcare clients in seeking and receiving medical help, as well as brought up more cooperative policy issues in healthcare cross-border services. Citizens continue to take a more co-creative role in decisions about their own healthcare, and new technologies can enable and facilitate this emergent trend. In this study, healthcare services have been intended as a critical societal sector and therefore healthcare systems are focused on as critical infrastructures that ought to be protected from all types of fears, including cyber security threats and attacks. Despite continual progress in the systemic risk management of cyber domain, it is clear that anticipation and prevention of all possible types of attack and malfunction are not achievable for current or future cyber infrastructures. This study focuses on the investigation of a cyber security paradigm, adaptive systems and sense of resilience in a healthcare critical information infrastructure.

Identifying Vulnerable Nodes of Complex Networks in Cascading Failures Induced by Node-Based Attacks

Directory of Open Access Journals (Sweden)

Shudong Li

2013-01-01

Full Text Available In the research on network security, distinguishing the vulnerable components of networks is very important for protecting infrastructures systems. Here, we probe how to identify the vulnerable nodes of complex networks in cascading failures, which was ignored before. Concerned with random attack (RA and highest load attack (HL on nodes, we model cascading dynamics of complex networks. Then, we introduce four kinds of weighting methods to characterize the nodes of networks including Barabási-Albert scale-free networks (SF, Watts-Strogatz small-world networks (WS, Erdos-Renyi random networks (ER, and two real-world networks. The simulations show that, for SF networks under HL attack, the nodes with small value of the fourth kind of weight are the most vulnerable and the ones with small value of the third weight are also vulnerable. Also, the real-world autonomous system with power-law distribution verifies these findings. Moreover, for WS and ER networks under both RA and HL attack, when the nodes have low tolerant ability, the ones with small value of the fourth kind of weight are more vulnerable and also the ones with high degree are easier to break down. The results give us important theoretical basis for digging the potential safety loophole and making protection strategy.

A UNIFIED APPROACH FOR DETECTION AND PREVENTION OF DDOS ATTACKS USING ENHANCED SUPPORT VECTOR MACHINES AND FILTERING MECHANISMS

Directory of Open Access Journals (Sweden)

T. Subbulakshmi

2014-10-01

Full Text Available Distributed Denial of Service (DDoS attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP’s are detected in this approach. Non spoofed IP’s are detected using Enhanced Support Vector Machines (ESVM and spoofed IP’s are detected using Hop Count Filtering (HCF mechanism. The detected IP’s are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.

Informing Food Protection Education: A Project to Define and Classify Resources for a Cross-Disciplinary Expert Community

Science.gov (United States)

Schenck-Hamlin, Donna; Pierquet, Jennifer; McClellan, Chuck

2011-01-01

In the wake of the September 2001 attacks, the U.S. government founded the Department of Homeland Security (DHS) with responsibility to develop a National Infrastructure Protection Plan for securing critical infrastructures and key resources. DHS established interdisciplinary networks of academic expertise administered through Centers of…

Malware Detection

CERN Document Server

Christodorescu, Mihai; Maughan, Douglas

2007-01-01

Shared resources, such as the internet, have created a highly interconnected cyber-infrastructure. Many malicious attacks on critical infrastructures are achieved by malicious code or malware, such as viruses and worms. This book captures the research in the area of malicious code detection, prevention and mitigation.

Will climate change increase the risk for critical infrastructure failures in Europe due to extreme precipitation?

Science.gov (United States)

Nissen, Katrin; Ulbrich, Uwe

2016-04-01

An event based detection algorithm for extreme precipitation is applied to a multi-model ensemble of regional climate model simulations. The algorithm determines extent, location, duration and severity of extreme precipitation events. We assume that precipitation in excess of the local present-day 10-year return value will potentially exceed the capacity of the drainage systems that protect critical infrastructure elements. This assumption is based on legislation for the design of drainage systems which is in place in many European countries. Thus, events exceeding the local 10-year return value are detected. In this study we distinguish between sub-daily events (3 hourly) with high precipitation intensities and long-duration events (1-3 days) with high precipitation amounts. The climate change simulations investigated here were conducted within the EURO-CORDEX framework and exhibit a horizontal resolution of approximately 12.5 km. The period between 1971-2100 forced with observed and scenario (RCP 8.5 and RCP 4.5) greenhouse gas concentrations was analysed. Examined are changes in event frequency, event duration and size. The simulations show an increase in the number of extreme precipitation events for the future climate period over most of the area, which is strongest in Northern Europe. Strength and statistical significance of the signal increase with increasing greenhouse gas concentrations. This work has been conducted within the EU project RAIN (Risk Analysis of Infrastructure Networks in response to extreme weather).

Depletion-of-Battery Attack: Specificity, Modelling and Analysis

Directory of Open Access Journals (Sweden)

Vladimir Shakhov

2018-06-01

Full Text Available The emerging Internet of Things (IoT has great potential; however, the societal costs of the IoT can outweigh its benefits. To unlock IoT potential, there needs to be improvement in the security of IoT applications. There are several standardization initiatives for sensor networks, which eventually converge with the Internet of Things. As sensor-based applications are deployed, security emerges as an essential requirement. One of the critical issues of wireless sensor technology is limited sensor resources, including sensor batteries. This creates a vulnerability to battery-exhausting attacks. Rapid exhaustion of sensor battery power is not only explained by intrusions, but can also be due to random failure of embedded sensor protocols. Thus, most wireless sensor applications, without tools to defend against rash battery exhausting, would be unable to function during prescribed times. In this paper, we consider a special type of threat, in which the harm is malicious depletion of sensor battery power. In contrast to the traditional denial-of-service attack, quality of service under the considered attack is not necessarily degraded. Moreover, the quality of service can increase up to the moment of the sensor set crashes. We argue that this is a distinguishing type of attack. Hence, the application of a traditional defense mechanism against this threat is not always possible. Therefore, effective methods should be developed to counter the threat. We first discuss the feasibility of rash depletion of battery power. Next, we propose a model for evaluation of energy consumption when under attack. Finally, a technique to counter the attack is discussed.

Risk analysis of underground infrastructures in urban areas

International Nuclear Information System (INIS)

Cagno, Enrico; De Ambroggi, Massimiliano; Grande, Ottavio; Trucco, Paolo

2011-01-01

The paper presents an integrated approach for vulnerability and resilience analysis for underground infrastructures, i.e. a societal risk analysis of the failures of underground services for an urban area. The approach is based on the detailed study of (1) domino-effects for the components of a single infrastructure and for a given set of infrastructures interoperated and/or belonging to the same area; (2) risk and vulnerability analysis of a given area; (3) identification of a set of intervention guidelines, in order to improve the overall system resilience. The use of an integrated (interoperability and area) approach, breaking down the analysis area extent into sub-areas and assessing the dependencies among sub-areas both in terms of interoperability and damage propagation of critical infrastructures, demonstrates a useful advantage in terms of resilience analysis, more consistent with the 'zoned' nature of failures of the underground infrastructures. An applied case, describing the interoperability and damage propagation analysis with the evaluation of time-dependency for the infrastructures and targets and of different kinds of interventions of the underground infrastructures of a town, is presented for this purpose.

Mixed-Signal Hardware Security: Attacks and Countermeasures for ΔΣ ADC

Directory of Open Access Journals (Sweden)

Shayan Taheri

2017-08-01

Full Text Available Mixed-signal integrated circuits (ICs play an eminent and critical role in design and development of the embedded systems leveraged within smart weapons and military systems. These ICs can be a golden target for adversaries to compromise in order to function maliciously. In this work, we study the security aspects of a tunnel field effect transistor (TFET-based first-order one-bit delta-sigma ( Δ Σ analog to digital converter (ADC through proposing four attack and one defense models. The first attack manipulates the input signal to the Δ Σ modulator. The second attack manipulates the analog version of the modulator output bit and is triggered by the noise signal. The third attack manipulates the modulator output bit and has a controllable trigger mechanism. The fourth attack manipulates the analog version of the modulator output bit and is triggered by a victim capacitance within the chip. For the defense, a number of signal processing filters are used in order to purge the analog version of the modulator output bit for elimination of the malicious unwanted features, introduced by the attacks. According to the simulation results, the second threat model displays the strongest attack. Derived from the countermeasure evaluation, the best filter to confront the threat models is the robust regression using the least absolute residual computing method.

Low carbon technology performance vs infrastructure vulnerability: analysis through the local and global properties space.

Science.gov (United States)

Dawson, David A; Purnell, Phil; Roelich, Katy; Busch, Jonathan; Steinberger, Julia K

2014-11-04

Renewable energy technologies, necessary for low-carbon infrastructure networks, are being adopted to help reduce fossil fuel dependence and meet carbon mitigation targets. The evolution of these technologies has progressed based on the enhancement of technology-specific performance criteria, without explicitly considering the wider system (global) impacts. This paper presents a methodology for simultaneously assessing local (technology) and global (infrastructure) performance, allowing key technological interventions to be evaluated with respect to their effect on the vulnerability of wider infrastructure systems. We use exposure of low carbon infrastructure to critical material supply disruption (criticality) to demonstrate the methodology. A series of local performance changes are analyzed; and by extension of this approach, a method for assessing the combined criticality of multiple materials for one specific technology is proposed. Via a case study of wind turbines at both the material (magnets) and technology (turbine generators) levels, we demonstrate that analysis of a given intervention at different levels can lead to differing conclusions regarding the effect on vulnerability. Infrastructure design decisions should take a systemic approach; without these multilevel considerations, strategic goals aimed to help meet low-carbon targets, that is, through long-term infrastructure transitions, could be significantly jeopardized.

Intrusion Detection of DoS Attacks in WSNs Using Classification ...

African Journals Online (AJOL)

pc

2018-03-05

Mar 5, 2018 ... a large number of sensor nodes that are low in cost and smaller in size. ... automation, military and other commercial applications [l]. The sensor node .... are very critical and has sensitive data, DoS attacks form a real problem ...

Information Assurance (IA) Training and Certification

National Research Council Canada - National Science Library

Money, Arthur

1998-01-01

Recent attacks against the Department's information infrastructure have heightened awareness of the importance of training as a critical component of protecting the Department's information resources...

Funding models for financing water infrastructure in South Africa: framework and critical analysis of alternatives

CSIR Research Space (South Africa)

Ruiters, C

2013-04-01

Full Text Available by putting in place new institutional structures and funding models for effective strategies leading to prompt water infrastructure provision. The research identified several funding models for financing water infrastructure development projects. The existing...

Explorations Around "Graceful Failure" in Transportation Infrastructure: Lessons Learned By the Infrastructure and Climate Network (ICNet)

Science.gov (United States)

Jacobs, J. M.; Thomas, N.; Mo, W.; Kirshen, P. H.; Douglas, E. M.; Daniel, J.; Bell, E.; Friess, L.; Mallick, R.; Kartez, J.; Hayhoe, K.; Croope, S.

2014-12-01

Recent events have demonstrated that the United States' transportation infrastructure is highly vulnerable to extreme weather events which will likely increase in the future. In light of the 60% shortfall of the $900 billion investment needed over the next five years to maintain this aging infrastructure, hardening of all infrastructures is unlikely. Alternative strategies are needed to ensure that critical aspects of the transportation network are maintained during climate extremes. Preliminary concepts around multi-tier service expectations of bridges and roads with reference to network capacity will be presented. Drawing from recent flooding events across the U.S., specific examples for roads/pavement will be used to illustrate impacts, disruptions, and trade-offs between performance during events and subsequent damage. This talk will also address policy and cultural norms within the civil engineering practice that will likely challenge the application of graceful failure pathways during extreme events.

Distinguishing attack and second-preimage attack on encrypted message authentication codes (EMAC)

Science.gov (United States)

Ariwibowo, Sigit; Windarta, Susila

2016-02-01

In this paper we show that distinguisher on CBC-MAC can be applied to Encrypted Message Authentication Code (EMAC) scheme. EMAC scheme in general is vulnerable to distinguishing attack and second preimage attack. Distinguishing attack simulation on AES-EMAC using 225 message modifications, no collision have been found. According to second preimage attack simulation on AES-EMAC no collision found between EMAC value of S1 and S2, i.e. no second preimage found for messages that have been tested. Based on distinguishing attack simulation on truncated AES-EMAC we found collision in every message therefore we cannot distinguish truncated AES-EMAC with random function. Second-preimage attack is successfully performed on truncated AES-EMAC.

Effects of Motivation: Rewarding Hackers for Undetected Attacks Cause Analysts to Perform Poorly.

Science.gov (United States)

Maqbool, Zahid; Makhijani, Nidhi; Pammi, V S Chandrasekhar; Dutt, Varun

2017-05-01

The aim of this study was to determine how monetary motivations influence decision making of humans performing as security analysts and hackers in a cybersecurity game. Cyberattacks are increasing at an alarming rate. As cyberattacks often cause damage to existing cyber infrastructures, it is important to understand how monetary rewards may influence decision making of hackers and analysts in the cyber world. Currently, only limited attention has been given to this area. In an experiment, participants were randomly assigned to three between-subjects conditions ( n = 26 for each condition): equal payoff, where the magnitude of monetary rewards for hackers and defenders was the same; rewarding hacker, where the magnitude of monetary reward for hacker's successful attack was 10 times the reward for analyst's successful defense; and rewarding analyst, where the magnitude of monetary reward for analyst's successful defense was 10 times the reward for hacker's successful attack. In all conditions, half of the participants were human hackers playing against Nash analysts and half were human analysts playing against Nash hackers. Results revealed that monetary rewards for human hackers and analysts caused a decrease in attack and defend actions compared with the baseline. Furthermore, rewarding human hackers for undetected attacks made analysts deviate significantly from their optimal behavior. If hackers are rewarded for their undetected attack actions, then this causes analysts to deviate from optimal defend proportions. Thus, analysts need to be trained not become overenthusiastic in defending networks. Applications of our results are to networks where the influence of monetary rewards may cause information theft and system damage.

A Socio-Technical Approach to Preventing, Mitigating, and Recovering from Ransomware Attacks.

Science.gov (United States)

Sittig, Dean F; Singh, Hardeep

2016-01-01

Recently there have been several high-profile ransomware attacks involving hospitals around the world. Ransomware is intended to damage or disable a user's computer unless the user makes a payment. Once the attack has been launched, users have three options: 1) try to restore their data from backup; 2) pay the ransom; or 3) lose their data. In this manuscript, we discuss a socio-technical approach to address ransomware and outline four overarching steps that organizations can undertake to secure an electronic health record (EHR) system and the underlying computing infrastructure. First, health IT professionals need to ensure adequate system protection by correctly installing and configuring computers and networks that connect them. Next, the health care organizations need to ensure more reliable system defense by implementing user-focused strategies, including simulation and training on correct and complete use of computers and network applications. Concomitantly, the organization needs to monitor computer and application use continuously in an effort to detect suspicious activities and identify and address security problems before they cause harm. Finally, organizations need to respond adequately to and recover quickly from ransomware attacks and take actions to prevent them in future. We also elaborate on recommendations from other authoritative sources, including the National Institute of Standards and Technology (NIST). Similar to approaches to address other complex socio-technical health IT challenges, the responsibility of preventing, mitigating, and recovering from these attacks is shared between health IT professionals and end-users.

Statistical Property and Model for the Inter-Event Time of Terrorism Attacks

Science.gov (United States)

Zhu, Jun-Fang; Han, Xiao-Pu; Wang, Bing-Hong

2010-06-01

The inter-event time of terrorism attack events is investigated by empirical data and model analysis. Empirical evidence shows that it follows a scale-free property. In order to understand the dynamic mechanism of such a statistical feature, an opinion dynamic model with a memory effect is proposed on a two-dimensional lattice network. The model mainly highlights the role of individual social conformity and self-affirmation psychology. An attack event occurs when the order parameter indicating the strength of public opposition opinion is smaller than a critical value. Ultimately, the model can reproduce the same statistical property as the empirical data and gives a good understanding for the possible dynamic mechanism of terrorism attacks.

Vulnerability analysis of the wireless infrastructures to intentional electromagnetic interference

NARCIS (Netherlands)

van de Beek, G.S.

2016-01-01

Contemporary society is greatly dependent upon a set of critical infrastructures (CIs) providing security and quality of life. Electronic systems control the safety-critical functioning of most CIs, and these electronic systems are susceptible to electromagnetic interference (EMI). A threat to the

Can Sensors Solve the Deterioration Problems of Public Infrastructure?

Science.gov (United States)

Miki, Chitoshi

2014-11-01

Various deteriorations are detected in public infrastructures, such as bridges, viaducts, piers and tunnels and caused fatal accidents in some cases. The possibility of the applications of health monitoring by using sensors is the issues of this lecture. The inspection and diagnosis are essential in the maintenance works which include appropriate rehabilitations and replacements. The introduction of monitoring system may improve accuracy and efficiency of inspection and diagnosis. This seems to be innovation of maintenance, old structures may change smart structures by the installation of nerve network and brain, specifically. Cost- benefit viewpoint is also important point, because of public infrastructures. The modes of deterioration are fatigue, corrosion, and delayed fracture in steel, and carbonization and alkali aggregate reaction in concrete. These are like adult disease in human bodies. The developments of Infrastructures in Japan were concentrated in the 1960th and 1970th. These ages are approaching 50 and deterioration due to aging has been progress gradually. The attacks of earthquakes are also a major issue. Actually, these infrastructures have been supporting economic and social activities in Japan and the deterioration of public infrastructure has become social problems. How to secure the same level of safety and security for all public infrastructures is the challenge we face now. The targets of monitoring are external disturbances such as traffic loads, earthquakes, winds, temperature, responses against external disturbances, and the changes of performances. In the monitoring of infrastructures, 3W1H(WHAT, WHERE, WHEN and HOW) are essential, that is what kind of data are necessary, where sensors place, when data are collected, and how to collect and process data. The required performances of sensors are accuracy, stability for long time. In the case of long term monitoring, the durability of systems needs more than five years, because the interval

Can Sensors Solve the Deterioration Problems of Public Infrastructure?

International Nuclear Information System (INIS)

Miki, Chitoshi

2014-01-01

Various deteriorations are detected in public infrastructures, such as bridges, viaducts, piers and tunnels and caused fatal accidents in some cases. The possibility of the applications of health monitoring by using sensors is the issues of this lecture. The inspection and diagnosis are essential in the maintenance works which include appropriate rehabilitations and replacements. The introduction of monitoring system may improve accuracy and efficiency of inspection and diagnosis. This seems to be innovation of maintenance, old structures may change smart structures by the installation of nerve network and brain, specifically. Cost- benefit viewpoint is also important point, because of public infrastructures. The modes of deterioration are fatigue, corrosion, and delayed fracture in steel, and carbonization and alkali aggregate reaction in concrete. These are like adult disease in human bodies. The developments of Infrastructures in Japan were concentrated in the 1960th and 1970th. These ages are approaching 50 and deterioration due to aging has been progress gradually. The attacks of earthquakes are also a major issue. Actually, these infrastructures have been supporting economic and social activities in Japan and the deterioration of public infrastructure has become social problems. How to secure the same level of safety and security for all public infrastructures is the challenge we face now. The targets of monitoring are external disturbances such as traffic loads, earthquakes, winds, temperature, responses against external disturbances, and the changes of performances. In the monitoring of infrastructures, 3W1H(WHAT, WHERE, WHEN and HOW) are essential, that is what kind of data are necessary, where sensors place, when data are collected, and how to collect and process data. The required performances of sensors are accuracy, stability for long time. In the case of long term monitoring, the durability of systems needs more than five years, because the interval

Detecting security attacks with SIEM : SERCO project report

NARCIS (Netherlands)

Paassen R.J.G. van; Hut, D.H.; Boltjes, B.; Trichias, K.

2012-01-01

The ‘Critical ICT Infrastructures’ program managed by prof. dr. ir. Rob Kooij is a strategic research program that aims to improve the quality of ICT infrastructures. The red line for all projects within this program is quality and dependability for all information and communication technology.

Cooperating attackers in neural cryptography.

Science.gov (United States)

Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang

2004-06-01

A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.

A SURVEY ON DELAY AND NEIGHBOR NODE MONITORING BASED WORMHOLE ATTACK PREVENTION AND DETECTION

Directory of Open Access Journals (Sweden)

Sudhir T Bagade

2016-12-01

Full Text Available In Mobile Ad-hoc Networks (MANET, network layer attacks, for example wormhole attacks, disrupt the network routing operations and can be used for data theft. Wormhole attacks are of two types: hidden and exposed wormhole. There are various mechanisms in literature which are used to prevent and detect wormhole attacks. In this paper, we survey wormhole prevention and detection techniques and present our critical observations for each. These techniques are based on cryptographic mechanisms, monitoring of packet transmission delay and control packet forwarding behavior of neighbor nodes. We compare the techniques using the following criteria- extra resources needed applicability to different network topologies and routing protocols, prevention/detection capability, etc. We conclude the paper with potential research directions.

Crony Attack: Strategic Attack’s Silver Bullet

Science.gov (United States)

2006-11-01

physical assets or financial assets. The form of crony attack that most closely resembles classic strategic attack is to deny, degrade, or destroy a money...February 1951. Reprinted in Airpower Studies Coursebook , Air Command and Staff College, Maxwell AFB, AL, 2002, 152–58. Hirsch, Michael. “NATO’s Game of

Identifying Vulnerabilities and Hardening Attack Graphs for Networked Systems

Energy Technology Data Exchange (ETDEWEB)

Saha, Sudip; Vullinati, Anil K.; Halappanavar, Mahantesh; Chatterjee, Samrat

2016-09-15

We investigate efficient security control methods for protecting against vulnerabilities in networked systems. A large number of interdependent vulnerabilities typically exist in the computing nodes of a cyber-system; as vulnerabilities get exploited, starting from low level ones, they open up the doors to more critical vulnerabilities. These cannot be understood just by a topological analysis of the network, and we use the attack graph abstraction of Dewri et al. to study these problems. In contrast to earlier approaches based on heuristics and evolutionary algorithms, we study rigorous methods for quantifying the inherent vulnerability and hardening cost for the system. We develop algorithms with provable approximation guarantees, and evaluate them for real and synthetic attack graphs.

Infrastructure protection in the Dutch financial sector

NARCIS (Netherlands)

van Oers, M.H.M.; Strous, L.; Berndsen, R.J.; Butts, J.; Shenoi, S.

2012-01-01

This paper presents a case study of critical infrastructure protection in the Dutch financial sector. The organizational structures are examined to discern the roles and functions that facilitate public-private cooperation. An assessment of the organizational structures is provided along with a

Survivability of SCADA Control Loop

NARCIS (Netherlands)

Camacho, José; de Boer, Pieter-Tjerk; Remke, Anne Katharina Ingrid

2009-01-01

The endorsement of information technologies for critical infrastructures control introduces new threats in their security and surveillance. Along with certain level of protection against attacks, it is desirable for critical processes to survive even if they succeed. A stochastic Petri Nets-based

Private Sector Investment in Pakistani Agriculture: The Role of Infrastructural Investment

Science.gov (United States)

1999-01-01

private sector will be expected to play the major role in providing capital to the agricultural sector, with the government’s remaining involvement being largely one of furnishing basic infrastructure. The critical question of course is how willing is the private sector to commit capital to agricultural activities in this new policy environment? Has the private sector responded in the past to the increases in profitability provided by an expansion in infrastructure? If so, what types of infrastructure are most conducive in

Using Combined One-Time Password for Prevention of Phishing Attacks

Directory of Open Access Journals (Sweden)

S. Nasiri

2017-12-01

Full Text Available Αs technologies and communications develop, more sabotaging attacks occur including phishing attacks which jeopardize users' security and critical information like their passwords and credentials. Several solutions have been proposed for existing dangers. One of which is the use of one-time passwords. This issue has remained as a main challenge and requires more extensive research. In this research, we have focused on one-time password combinations and we also have proposed solutions based on behavioral patterns which lead to significant optimizations while tending the simplicity for users. Efficiency of the proposed method has been measured through defining scenarios, modeling and simulations based on a prevention rate index. In addition, complexity coefficient of the proposed method showing the probability of unpredictability of passwords for attackers has been calculated. Ultimately, a descriptive comparison has shown that the proposed method is superior to some of the existing methods.

Composite Dos Attack Model

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2012-04-01

Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

μShield : Configurable Code-Reuse Attacks Mitigation For Embedded Systems

NARCIS (Netherlands)

Abbasi, Ali; Wetzels, Jos; Bokslag, Wouter; Zambon, Emmanuele; Etalle, Sandro; Yan, Zheng; Molva, Refik; Mazurczyk, Wojciech; Kantola, Raimo

2017-01-01

Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present μShield, a memory

Eco-logical : an ecosystem approach to developing transportation infrastructure projects in a changing environment

Science.gov (United States)

2009-09-13

The development of infrastructure facilities can negatively impact critical habitat and essential ecosystems. There are a variety of techniques available to avoid, minimize, and mitigate negative impacts of existing infrastructure as well as future i...

Seismic Barrier Protection of Critical Infrastructure

Science.gov (United States)

2017-05-14

structures , earthquake mitigation I. Introduction Damage caused by earthquakes to critical structures such as nuclear power plants, regional hospitals...the seismic power drop in dB to magnitude drop using the seismic moment magnitude scale, Mw. In figures 5 and 6, the V-trench structure as modeled...representing geological media and V-shaped muffler borehole / trench component structures . Bottom: In this simple analysis, the power drop observed

Cloud Application Architectures Building Applications and Infrastructure in the Cloud

CERN Document Server

Reese, George

2009-01-01

If you're involved in planning IT infrastructure as a network or system architect, system administrator, or developer, this book will help you adapt your skills to work with these highly scalable, highly redundant infrastructure services. Cloud Application Architectures will help you determine whether and how to put your applications into these virtualized services, with critical guidance on issues of cost, availability, performance, scaling, privacy, and security.

Understanding the infrastructure of European Research Infrastructures

DEFF Research Database (Denmark)

Lindstrøm, Maria Duclos; Kropp, Kristoffer

2017-01-01

European Research Infrastructure Consortia (ERIC) are a new form of legal and financial framework for the establishment and operation of research infrastructures in Europe. Despite their scope, ambition, and novelty, the topic has received limited scholarly attention. This article analyses one ER....... It is also a promising theoretical framework for addressing the relationship between the ERIC construct and the large diversity of European Research Infrastructures.......European Research Infrastructure Consortia (ERIC) are a new form of legal and financial framework for the establishment and operation of research infrastructures in Europe. Despite their scope, ambition, and novelty, the topic has received limited scholarly attention. This article analyses one ERIC...... became an ERIC using the Bowker and Star’s sociology of infrastructures. We conclude that focusing on ERICs as a European standard for organising and funding research collaboration gives new insights into the problems of membership, durability, and standardisation faced by research infrastructures...

Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method.

Science.gov (United States)

Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

2015-01-01

Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method

Directory of Open Access Journals (Sweden)

Udaya Suriya Raj Kumar Dhamodharan

2015-01-01

Full Text Available Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method with MAP (message authentication and passing for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

Regulação de Riscos e Proteção de Infraestruturas Críticas: os novos ventos do fenômeno regulatório / Risk Regulation and Critical Infrastructure Protection: The New Winds of the Regulatory Phenomenon

Directory of Open Access Journals (Sweden)

Egon C. Guterres

2016-05-01

Full Text Available Purpose – This article analyzes the origins of the Risk Regulation Theory and Critical Infrastructure Protection Programs, and shows their contribution to the Brazilian regulatory experience. Methodology/approach/design – Through several examples, this study presents regulatory policies that emerged as responses to events that caused a significant impact on society. Findings – The unique way that the Critical Infrastructure Protection Programs evolved within the Brazilian regulatory experience is greatly attributable to demands of major international sporting events.

Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies.

Science.gov (United States)

Paté-Cornell, M-Elisabeth; Kuypers, Marshall; Smith, Matthew; Keller, Philip

2018-02-01

Managing cyber security in an organization involves allocating the protection budget across a spectrum of possible options. This requires assessing the benefits and the costs of these options. The risk analyses presented here are statistical when relevant data are available, and system-based for high-consequence events that have not happened yet. This article presents, first, a general probabilistic risk analysis framework for cyber security in an organization to be specified. It then describes three examples of forward-looking analyses motivated by recent cyber attacks. The first one is the statistical analysis of an actual database, extended at the upper end of the loss distribution by a Bayesian analysis of possible, high-consequence attack scenarios that may happen in the future. The second is a systems analysis of cyber risks for a smart, connected electric grid, showing that there is an optimal level of connectivity. The third is an analysis of sequential decisions to upgrade the software of an existing cyber security system or to adopt a new one to stay ahead of adversaries trying to find their way in. The results are distributions of losses to cyber attacks, with and without some considered countermeasures in support of risk management decisions based both on past data and anticipated incidents. © 2017 Society for Risk Analysis.

Heart Attack Recovery FAQs

Science.gov (United States)

... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

The Resource Hazards Model for the Critical Infrastructure of the State Emergency Management Process

Directory of Open Access Journals (Sweden)

Ostrowska Teresa

2014-08-01

Full Text Available This paper presents an investigation of the relevant factors related to the construction of a resource model which is designed to be useful in the management processes of the operation of critical infrastructure (CI for state emergencies. The genesis of the research lay in the perceived need for effective protection of multidimensional CI methodologies, and it was influenced by the nature of the physical characteristics of the available resources. It was necessary to establish a clear structure and well defined objectives and to assess the functional and structural resources required, as well as the potential relational susceptibilities deriving from a number of possible threats and the possible seriousness of a specific range of incidents and their possible consequences. The interdependence of CI stocks is shown by the use of tables of resource classes. The dynamics of the interaction of CI resources are modeled by examining how using clusters of potential risks can at any given time create a class of compounds related to susceptibilities and threats to the resources. As a result, the model can be used to conduct multi-dimensional risk calculations for crisis management CI resource configurations.