High Assurance Control of Cyber-Physical Systems with Application to Unmanned Aircraft Systems

Science.gov (United States)

Kwon, Cheolhyeon

With recent progress in the networked embedded control technology, cyber attacks have become one of the major threats to Cyber-Physical Systems (CPSs) due to their close integration of physical processes, computational resources, and communication capabilities. While CPSs have various applications in both military and civilian uses, their on-board automation and communication afford significant advantages over a system without such abilities, but these benefits come at the cost of possible vulnerability to cyber attacks. Traditionally, most cyber security studies in CPSs are mainly based on the computer security perspective, focusing on issues such as the trustworthiness of data flow, without rigorously considering the system's physical processes such as real-time dynamic behaviors. While computer security components are key elements in the hardware/software layer, these methods alone are not sufficient for diagnosing the healthiness of the CPSs' physical behavior. In seeking to address this problem, this research work proposes a control theoretic perspective approach which can accurately represent the interactions between the physical behavior and the logical behavior (computing resources) of the CPS. Then a controls domain aspect is explored extending beyond just the logical process of the CPS to include the underlying physical behavior. This approach will allow the CPS whose physical operations are robust/resilient to the damage caused by cyber attacks, successfully complementing the existing CPS security architecture. It is important to note that traditional fault-tolerant/robust control methods could not be directly applicable to achieve resiliency against malicious cyber attacks which can be designed sophisticatedly to spoof the security/safety monitoring system (note this is different from common faults). Thus, security issues at this layer require different risk management to detect cyber attacks and mitigate their impact within the context of a unified

The process matters: cyber security in industrial control systems

NARCIS (Netherlands)

Hadziosmanovic, D.

2014-01-01

An industrial control system (ICS) is a computer system that controls industrial processes such as power plants, water and gas distribution, food production, etc. Since cyber-attacks on an ICS may have devastating consequences on human lives and safety in general, the security of ICS is important.

Computer Security of NPP Instrumentation and Control Systems: Cyber Threats

International Nuclear Information System (INIS)

Klevtsov, A.L.; Trubchaninov, S.A.

2015-01-01

The paper is devoted to cyber threats, as one of the aspects in computer security of instrumentation and control systems for nuclear power plants (NPP). The basic concepts, terms and definitions are shortly addressed. The paper presents a detailed analysis of potential cyber threats during the design and operation of NPP instrumentation and control systems. Eleven major types of threats are considered, including: the malicious software and hardware Trojans (in particular, in commercial-off-the-shelf software and hardware), computer attacks through data networks and intrusion of malicious software from an external storage media and portable devices. Particular attention is paid to the potential use of lower safety class software as a way of harmful effects (including the intrusion of malicious fragments of code) on higher safety class software. The examples of actual incidents at various nuclear facilities caused by intentional cyber attacks or unintentional computer errors during the operation of software of systems important to NPP safety.

Cyber-Threat Assessment for the Air Traffic Management System: A Network Controls Approach

Science.gov (United States)

Roy, Sandip; Sridhar, Banavar

2016-01-01

Air transportation networks are being disrupted with increasing frequency by failures in their cyber- (computing, communication, control) systems. Whether these cyber- failures arise due to deliberate attacks or incidental errors, they can have far-reaching impact on the performance of the air traffic control and management systems. For instance, a computer failure in the Washington DC Air Route Traffic Control Center (ZDC) on August 15, 2015, caused nearly complete closure of the Centers airspace for several hours. This closure had a propagative impact across the United States National Airspace System, causing changed congestion patterns and requiring placement of a suite of traffic management initiatives to address the capacity reduction and congestion. A snapshot of traffic on that day clearly shows the closure of the ZDC airspace and the resulting congestion at its boundary, which required augmented traffic management at multiple locations. Cyber- events also have important ramifications for private stakeholders, particularly the airlines. During the last few months, computer-system issues have caused several airlines fleets to be grounded for significant periods of time: these include United Airlines (twice), LOT Polish Airlines, and American Airlines. Delays and regional stoppages due to cyber- events are even more common, and may have myriad causes (e.g., failure of the Department of Homeland Security systems needed for security check of passengers, see [3]). The growing frequency of cyber- disruptions in the air transportation system reflects a much broader trend in the modern society: cyber- failures and threats are becoming increasingly pervasive, varied, and impactful. In consequence, an intense effort is underway to develop secure and resilient cyber- systems that can protect against, detect, and remove threats, see e.g. and its many citations. The outcomes of this wide effort on cyber- security are applicable to the air transportation infrastructure

An Ontology for Identifying Cyber Intrusion Induced Faults in Process Control Systems

Science.gov (United States)

Hieb, Jeffrey; Graham, James; Guan, Jian

This paper presents an ontological framework that permits formal representations of process control systems, including elements of the process being controlled and the control system itself. A fault diagnosis algorithm based on the ontological model is also presented. The algorithm can identify traditional process elements as well as control system elements (e.g., IP network and SCADA protocol) as fault sources. When these elements are identified as a likely fault source, the possibility exists that the process fault is induced by a cyber intrusion. A laboratory-scale distillation column is used to illustrate the model and the algorithm. Coupled with a well-defined statistical process model, this fault diagnosis approach provides cyber security enhanced fault diagnosis information to plant operators and can help identify that a cyber attack is underway before a major process failure is experienced.

Cyber Security and Resilient Systems

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson

2009-07-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Cyber Security and Resilient Systems

International Nuclear Information System (INIS)

Anderson, Robert S.

2009-01-01

The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

Attack tree based cyber security analysis of nuclear digital instrumentation and control systems

International Nuclear Information System (INIS)

Khand, P.A.

2009-01-01

To maintain the cyber security, nuclear digital Instrumentation and Control (I and C) systems must be analyzed for security risks because a single security breach due to a cyber attack can cause system failure, which can have catastrophic consequences on the environment and staff of a Nuclear Power Plant (NPP). Attack trees have been widely used to analyze the cyber security of digital systems due to their ability to capture system specific as well as attacker specific details. Therefore, a methodology based on attack trees has been proposed to analyze the cyber security of the systems. The methodology has been applied for the Cyber Security Analysis (CSA) of a Bistable Processor (BP) of a Reactor Protection System (RPS). Threats have been described according to their source. Attack scenarios have been generated using the attack tree and possible counter measures according to the Security Risk Level (SRL) of each scenario have been suggested. Moreover, cyber Security Requirements (SRs) have been elicited, and suitability of the requirements has been checked. (author)

Lecture 13: Control System Cyber Security

CERN Multimedia

CERN. Geneva

2013-01-01

Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

Cyber-physical-social System in Intelligent Transportation

Institute of Scientific and Technical Information of China (English)

Gang Xiong; Fenghua Zhu; Xiwei Liu; Xisong Dong; Wuling Huang; Songhang Chen; Kai Zhao

2015-01-01

A cyber-physical system(CPS) is composed of a physical system and its corresponding cyber systems that are tightly fused at all scales and levels.CPS is helpful to improve the controllability,efficiency and reliability of a physical system,such as vehicle collision avoidance and zero-net energy buildings systems.It has become a hot R&D and practical area from US to EU and other countries.In fact,most of physical systems and their cyber systems are designed,built and used by human beings in the social and natural environments.So,social systems must be of the same importance as their CPSs.The indivisible cyber,physical and social parts constitute the cyber-physical-social system(CPSS),a typical complex system and it’s a challengeable problem to control and manage it under traditional theories and methods.An artificial systems,computational experiments and parallel execution(ACP) methodology is introduced based on which data-driven models are applied to social system.Artificial systems,i.e.,cyber systems,are applied for the equivalent description of physical-social system(PSS).Computational experiments are applied for control plan validation.And parallel execution finally realizes the stepwise control and management of CPSS.Finally,a CPSS-based intelligent transportation system(ITS) is discussed as a case study,and its architecture,three parts,and application are described in detail.

Cyber and physical equipment digital control system in Industry 4.0 item designing company

Science.gov (United States)

Gurjanov, A. V.; Zakoldaev, D. A.; Shukalov, A. V.; Zharinov, I. O.

2018-05-01

The problem of organization of digital control of the item designing company equipped with cyber and physical systems is being studied. A scheme of cyber and physical systems and personnel interaction in the Industry 4.0 smart factory company is presented. A scheme of assembly units transportation in the Industry 4.0 smart factory company is provided. A scheme of digital control system in the Industry 4.0 smart factory company is given.

Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

Energy Technology Data Exchange (ETDEWEB)

Robert P. Evans

2005-09-01

Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

Fault-tolerant Control of a Cyber-physical System

Science.gov (United States)

Roxana, Rusu-Both; Eva-Henrietta, Dulf

2017-10-01

Cyber-physical systems represent a new emerging field in automatic control. The fault system is a key component, because modern, large scale processes must meet high standards of performance, reliability and safety. Fault propagation in large scale chemical processes can lead to loss of production, energy, raw materials and even environmental hazard. The present paper develops a multi-agent fault-tolerant control architecture using robust fractional order controllers for a (13C) cryogenic separation column cascade. The JADE (Java Agent DEvelopment Framework) platform was used to implement the multi-agent fault tolerant control system while the operational model of the process was implemented in Matlab/SIMULINK environment. MACSimJX (Multiagent Control Using Simulink with Jade Extension) toolbox was used to link the control system and the process model. In order to verify the performance and to prove the feasibility of the proposed control architecture several fault simulation scenarios were performed.

Control Systems Cyber Security:Defense in Depth Strategies

Energy Technology Data Exchange (ETDEWEB)

David Kuipers; Mark Fabro

2006-05-01

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

Main control computer security model of closed network systems protection against cyber attacks

Science.gov (United States)

Seymen, Bilal

2014-06-01

The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

A Study of Cyber Security Activities for Development of Safety-related Controller

Energy Technology Data Exchange (ETDEWEB)

Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa [Korea Univ., Seoul (Korea, Republic of)

2014-05-15

Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test.

A Study of Cyber Security Activities for Development of Safety-related Controller

International Nuclear Information System (INIS)

Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa

2014-01-01

Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test

Computer Security: Protect your plant: a "serious game" about control system cyber-security

CERN Multimedia

Stefan Lueders, Computer Security Team

2015-01-01

Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems

Directory of Open Access Journals (Sweden)

Wei Gao

2014-03-01

Full Text Available Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks.  Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services.  This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be used to detect cyber attacks and to store evidence of attacks for post incident analysis. All attacks described in this paper were validated in a laboratory environment. The detection rate of the intrusion detection system rules presented by attack class is also presented.

Recommendations on Future Operational Environments Command Control and Cyber Security

OpenAIRE

Goztepe, Kerim

2015-01-01

It is a well-known fact that today a nation's telecommunication networks, critical infrastructure, and information systems are vulnerable to growing number of attacks in cyberspace. Cyber space contains very different problems involving various sets of threats, targets and costs. Cyber security is not only problem of banking, communication or transportation. It also threatens core systems of army as command control. Some significant recommendations on command control (C2) and cyber security h...

Division of Cyber Safety and Security Responsibilities Between Control System Owners and Suppliers

OpenAIRE

Skotnes , Ruth

2016-01-01

Part 2: CONTROL SYSTEMS SECURITY; International audience; The chapter discusses the important issue of responsibility for information and communications technology (ICT) – or cyber – safety and security for industrial control systems and the challenges involved in dividing the responsibility between industrial control system owners and suppliers in the Norwegian electric power supply industry. Industrial control system owners are increasingly adopting information and communications technologi...

Resilient control of cyber-physical systems against intelligent attacker: a hierarchal stackelberg game approach

Science.gov (United States)

Yuan, Yuan; Sun, Fuchun; Liu, Huaping

2016-07-01

This paper is concerned with the resilient control under denial-of-service attack launched by the intelligent attacker. The resilient control system is modelled as a multi-stage hierarchical game with a corresponding hierarchy of decisions made at cyber and physical layer, respectively. Specifically, the interaction in the cyber layer between different security agents is modelled as a static infinite Stackelberg game, while in the underlying physical layer the full-information H∞ minimax control with package drops is modelled as a different Stackelberg game. Both games are solved sequentially, which is consistent with the actual situations. Finally, the proposed method is applied to the load frequency control of the power system, which demonstrates its effectiveness.

Improving Control System Cyber-State Awareness using Known Secure Sensor Measurements

Energy Technology Data Exchange (ETDEWEB)

Ondrej Linda; Milos Manic; Miles McQueen

2012-09-01

Abstract—This paper presents design and simulation of a low cost and low false alarm rate method for improved cyber-state awareness of critical control systems - the Known Secure Sensor Measurements (KSSM) method. The KSSM concept relies on physical measurements to detect malicious falsification of the control systems state. The KSSM method can be incrementally integrated with already installed control systems for enhanced resilience. This paper reviews the previously developed theoretical KSSM concept and then describes a simulation of the KSSM system. A simulated control system network is integrated with the KSSM components. The effectiveness of detection of various intrusion scenarios is demonstrated on several control system network topologies.

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Industrial Control System Cyber Security: Questions And Answers Relevant To Nuclear Facilities, Safeguards And Security

International Nuclear Information System (INIS)

Anderson, Robert S.; Schanfein, Mark; Bjornard, Trond; Moskowitz, Paul

2011-01-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Compound Tension Control of an Optical-Fiber Coil System: A Cyber-Physical System View

Directory of Open Access Journals (Sweden)

Zhang Peng

2014-03-01

Full Text Available The full-automatic optical-fiber coil winding equipment is a complex electromechanical system which contains signal acquisition, data processing, communications, and motor control. In the complex electromechanical system, the subsystems rely on wired or wireless network technology to complete the real-time perception, coordinate, accurate, and dynamitic control, and information exchange services. The paper points to the full-automatic optical-fiber coil winding equipment with the characteristics of cyber-physical system to research its numerical design. We present a novel compound tension control system based on the experimental platform dSPACE to achieve semiphysical simulation of compound tension control system and examine the functions of control system.

Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

Directory of Open Access Journals (Sweden)

Erdal IRMAK

2017-12-01

Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

Energy Technology Data Exchange (ETDEWEB)

Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

2016-10-15

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

International Nuclear Information System (INIS)

Lee, Chanyoung; Seong, Poong Hyun

2016-01-01

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

International Nuclear Information System (INIS)

Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K.

2012-01-01

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases

Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

Energy Technology Data Exchange (ETDEWEB)

Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K. [KAERI, Daejeon (Korea, Republic of)

2012-10-15

The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases.

Cyber Security on Nuclear Power Plant's Computer Systems

International Nuclear Information System (INIS)

Shin, Ick Hyun

2010-01-01

Computer systems are used in many different fields of industry. Most of us are taking great advantages from the computer systems. Because of the effectiveness and great performance of computer system, we are getting so dependable on the computer. But the more we are dependable on the computer system, the more the risk we will face when the computer system is unavailable or inaccessible or uncontrollable. There are SCADA, Supervisory Control And Data Acquisition, system which are broadly used for critical infrastructure such as transportation, electricity, water management. And if the SCADA system is vulnerable to the cyber attack, it is going to be nation's big disaster. Especially if nuclear power plant's main control systems are attacked by cyber terrorists, the results may be huge. Leaking of radioactive material will be the terrorist's main purpose without using physical forces. In this paper, different types of cyber attacks are described, and a possible structure of NPP's computer network system is presented. And the paper also provides possible ways of destruction of the NPP's computer system along with some suggestions for the protection against cyber attacks

Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong; Kim, Young Ki; Park, Jaek Wan

2012-01-01

Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security

Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Seoul (Korea, Republic of); Son, Han Seong [Joongbu Univ., Chungnam (Korea, Republic of); Kim, Young Ki; Park, Jaek Wan [KAERI, Daejeon (Korea, Republic of)

2012-10-15

Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security.

Improving Cyber-Security of Power System State Estimators

OpenAIRE

Giannini, Martina

2014-01-01

During the last century, technological advances have deeply renewed many critical infrastructures, such as transportation networks and power systems. In fact, the strong interconnection between physical process, communication channels, and control systems have led to the new concept of cyber-physical systems. Next to countless new advantages, these systems unfortunately have also new weaknesses. An example is cyber-attacks: malicious intrusions into the communication channel turned to manipul...

Introduction of regulatory guide on cyber security of L and C systems in nuclear facilities

International Nuclear Information System (INIS)

Kang, Y.; Jeong, C. H.; Kim, D. I.

2008-01-01

In the case of unauthorized individuals, systems and entities or process threatening the instrumentation and control systems of nuclear facilities using the intrinsic vulnerabilities of digital based technologies, those systems may lose their own required functions. The loss of required functions of the systems can seriously affect the safety of nuclear facilities. Consequently, digital instrumentation and control systems, which perform functions important to safety, should be designed and operated to respond to cyber threats capitalizing on the vulnerabilities of digital based technologies. To make it possible, the developers and licensees of nuclear facilities should perform appropriate cyber security activities throughout the whole life cycle of digital instrumentation and control systems. Under the goal of securing the safety of nuclear facilities, this paper presents the regulatory on cyber security activities to remove the cyber threats that exploit the vulnerabilities of digital instrumentation and control systems and to mitigate the effect of such threats. Presented regulatory guide includes establishing the cyber security policy and plan, analyzing and classifying the cyber threats and cyber security assessment of digital instrumentation and control systems. (authors)

Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

Directory of Open Access Journals (Sweden)

Rui Fan

2018-04-01

Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

International Nuclear Information System (INIS)

Song, S. H.; Lee, M. S.; Kim, T. H.; Park, C. H.; Park, S. P.; Kim, H. S.

2014-01-01

As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system

A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

Energy Technology Data Exchange (ETDEWEB)

Song, S. H. [Korea University, Seoul (Korea, Republic of); Lee, M. S.; Kim, T. H. [Formal Work Inc., Seoul (Korea, Republic of); Park, C. H. [LINE Corp., Tokyo (Japan); Park, S. P. [Ahnlab Inc., Seoul (Korea, Republic of); Kim, H. S. [Sejong University, Seoul (Korea, Republic of)

2014-08-15

As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system.

Ideal Based Cyber Security Technical Metrics for Control Systems

Energy Technology Data Exchange (ETDEWEB)

W. F. Boyer; M. A. McQueen

2007-10-01

Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks

International Nuclear Information System (INIS)

Hartman, Steven M.

2012-01-01

Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both of these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.

Establishing cyber security programs for I and C systems at nuclear facilities

International Nuclear Information System (INIS)

Waedt, Karl

2012-01-01

In recent years, across the international nuclear community, cyber security issues have quickly gained significant attention from safety authorities and plant designers alike. This increased attention was accelerated by news of the Stuxnet virus, which impaired control systems at Iranian nuclear facilities in 2010, but is also fueled by regular news about cyber security breaches of data systems at large business corporations. This paper discusses key aspects of establishing a cyber security program for Instrumentation and Control (I and C) systems at a nuclear facility, and identifies inherent aspects of nuclear power plant (NPP) design, that differentiate the needs of such a cyber security program from those of typical corporate data systems. (orig.)

Establishing cyber security programs for I and C systems at nuclear facilities

Energy Technology Data Exchange (ETDEWEB)

Waedt, Karl [AREVA NP GmbH (Germany)

2012-11-01

In recent years, across the international nuclear community, cyber security issues have quickly gained significant attention from safety authorities and plant designers alike. This increased attention was accelerated by news of the Stuxnet virus, which impaired control systems at Iranian nuclear facilities in 2010, but is also fueled by regular news about cyber security breaches of data systems at large business corporations. This paper discusses key aspects of establishing a cyber security program for Instrumentation and Control (I and C) systems at a nuclear facility, and identifies inherent aspects of nuclear power plant (NPP) design, that differentiate the needs of such a cyber security program from those of typical corporate data systems. (orig.)

Agent-based Cyber Control Strategy Design for Resilient Control Systems: Concepts, Architecture and Methodologies

Energy Technology Data Exchange (ETDEWEB)

Craig Rieger; Milos Manic; Miles McQueen

2012-08-01

The implementation of automated regulatory control has been around since the middle of the last century through analog means. It has allowed engineers to operate the plant more consistently by focusing on overall operations and settings instead of individual monitoring of local instruments (inside and outside of a control room). A similar approach is proposed for cyber security, where current border-protection designs have been inherited from information technology developments that lack consideration of the high-reliability, high consequence nature of industrial control systems. Instead of an independent development, however, an integrated approach is taken to develop a holistic understanding of performance. This performance takes shape inside a multiagent design, which provides a notional context to model highly decentralized and complex industrial process control systems, the nervous system of critical infrastructure. The resulting strategy will provide a framework for researching solutions to security and unrecognized interdependency concerns with industrial control systems.

Cyber Security Test Strategy for Non-safety Display System

International Nuclear Information System (INIS)

Son, Han Seong; Kim, Hee Eun

2016-01-01

Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures

Cyber Security Test Strategy for Non-safety Display System

Energy Technology Data Exchange (ETDEWEB)

Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of); Kim, Hee Eun [KAIST, Daejeon (Korea, Republic of)

2016-10-15

Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures.

Cyber Security on Nuclear Power Plant's Computer Systems

Energy Technology Data Exchange (ETDEWEB)

Shin, Ick Hyun [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2010-10-15

Computer systems are used in many different fields of industry. Most of us are taking great advantages from the computer systems. Because of the effectiveness and great performance of computer system, we are getting so dependable on the computer. But the more we are dependable on the computer system, the more the risk we will face when the computer system is unavailable or inaccessible or uncontrollable. There are SCADA, Supervisory Control And Data Acquisition, system which are broadly used for critical infrastructure such as transportation, electricity, water management. And if the SCADA system is vulnerable to the cyber attack, it is going to be nation's big disaster. Especially if nuclear power plant's main control systems are attacked by cyber terrorists, the results may be huge. Leaking of radioactive material will be the terrorist's main purpose without using physical forces. In this paper, different types of cyber attacks are described, and a possible structure of NPP's computer network system is presented. And the paper also provides possible ways of destruction of the NPP's computer system along with some suggestions for the protection against cyber attacks

Cyber Security Risk Assessment for the KNICS Safety Systems

International Nuclear Information System (INIS)

Lee, C. K.; Park, G. Y.; Lee, Y. J.; Choi, J. G.; Kim, D. H.; Lee, D. Y.; Kwon, K. C.

2008-01-01

In the Korea Nuclear I and C Systems Development (KNICS) project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and communication networks. In 2006 the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC and it describes the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore it is required that the new requirements are incorporated into the developed platforms to apply to NPP, and a cyber security risk assessment is performed. The results of the assessment were input for establishing the cyber security policies and planning the work breakdown to incorporate them

Wireless Sensor Network Based Smart Grid Communications: Cyber Attacks, Intrusion Detection System and Topology Control

Directory of Open Access Journals (Sweden)

Lipi Chhaya

2017-01-01

Full Text Available The existing power grid is going through a massive transformation. Smart grid technology is a radical approach for improvisation in prevailing power grid. Integration of electrical and communication infrastructure is inevitable for the deployment of Smart grid network. Smart grid technology is characterized by full duplex communication, automatic metering infrastructure, renewable energy integration, distribution automation and complete monitoring and control of entire power grid. Wireless sensor networks (WSNs are small micro electrical mechanical systems that are deployed to collect and communicate the data from surroundings. WSNs can be used for monitoring and control of smart grid assets. Security of wireless sensor based communication network is a major concern for researchers and developers. The limited processing capabilities of wireless sensor networks make them more vulnerable to cyber-attacks. The countermeasures against cyber-attacks must be less complex with an ability to offer confidentiality, data readiness and integrity. The address oriented design and development approach for usual communication network requires a paradigm shift to design data oriented WSN architecture. WSN security is an inevitable part of smart grid cyber security. This paper is expected to serve as a comprehensive assessment and analysis of communication standards, cyber security issues and solutions for WSN based smart grid infrastructure.

Behavioural Profiling in Cyber-Social Systems

DEFF Research Database (Denmark)

Perno, Jason; Probst, Christian W.

2017-01-01

Computer systems have evolved from standalone systems, over networked systems, to cyber-physical systems. In all stages, human operators have been essential for the functioning of the system and for understanding system messages. Recent trends make human actors an even more central part of computer...... systems, resulting in what we call "cyber-social systems". In cyber-social systems, human actors and their interaction with a system are essential for the state of the system and its functioning. Both the system's operation and the human's operating it are based on an assumption of each other's behaviour...

Cyber security consideration on I and C system development process

International Nuclear Information System (INIS)

Park, Jaek Wan; Park, Jeyun; Kim, Young Ki

2012-01-01

Instrumentation and control (I and C) systems in nuclear power plants collect sensor signals installed in plant fields, monitor plant performance and status, and generate signals to control instruments for plant operation and protection. Recently, digital systems of I and C are required to be protected from cyber threats. It has been reported that several plants have been attacked and malfunctioned by outside intruders. To cope with cyber attacks, various studies have been proposed in IT and plant industries. From 2006, regulatory guides and industry standards for cyber security have been published. Therefore, these guides should be strongly considered in the development process of a digital system. Our framework refers to the system development life cycle described in RG 1.152. The main activities of RG 5.71 are included in the framework appropriately. This approach supports the consistent application of system features for cyber security by incorporating the security requirements required in the operation and maintenance phases into the initial phase of development process. It is expected that the application of the framework to a new plant system design may comply with both RG 1.152 and 5.71

Cyber security consideration on I and C system development process

Energy Technology Data Exchange (ETDEWEB)

Park, Jaek Wan; Park, Jeyun; Kim, Young Ki [KAERI, Daejeon (Korea, Republic of)

2012-10-15

Instrumentation and control (I and C) systems in nuclear power plants collect sensor signals installed in plant fields, monitor plant performance and status, and generate signals to control instruments for plant operation and protection. Recently, digital systems of I and C are required to be protected from cyber threats. It has been reported that several plants have been attacked and malfunctioned by outside intruders. To cope with cyber attacks, various studies have been proposed in IT and plant industries. From 2006, regulatory guides and industry standards for cyber security have been published. Therefore, these guides should be strongly considered in the development process of a digital system. Our framework refers to the system development life cycle described in RG 1.152. The main activities of RG 5.71 are included in the framework appropriately. This approach supports the consistent application of system features for cyber security by incorporating the security requirements required in the operation and maintenance phases into the initial phase of development process. It is expected that the application of the framework to a new plant system design may comply with both RG 1.152 and 5.71.

Cyber physical systems role in manufacturing technologies

Science.gov (United States)

Al-Ali, A. R.; Gupta, Ragini; Nabulsi, Ahmad Al

2018-04-01

Empowered by the recent development in single System-on-Chip, Internet of Things, and cloud computing technologies, cyber physical systems are evolving as a major controller during and post the manufacturing products process. In additional to their real physical space, cyber products nowadays have a virtual space. A product virtual space is a digital twin that is attached to it to enable manufacturers and their clients to better manufacture, monitor, maintain and operate it throughout its life time cycles, i.e. from the product manufacturing date, through operation and to the end of its lifespan. Each product is equipped with a tiny microcontroller that has a unique identification number, access code and WiFi conductivity to access it anytime and anywhere during its life cycle. This paper presents the cyber physical systems architecture and its role in manufacturing. Also, it highlights the role of Internet of Things and cloud computing in industrial manufacturing and factory automation.

Vulnerability of water supply systems to cyber-physical attacks

Science.gov (United States)

Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

2016-04-01

The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System

Directory of Open Access Journals (Sweden)

Halima Ibrahim Kure

2018-05-01

Full Text Available A cyber-physical system (CPS is a combination of physical system components with cyber capabilities that have a very tight interconnectivity. CPS is a widely used technology in many applications, including electric power systems, communications, and transportation, and healthcare systems. These are critical national infrastructures. Cybersecurity attack is one of the major threats for a CPS because of many reasons, including complexity and interdependencies among various system components, integration of communication, computing, and control technology. Cybersecurity attacks may lead to various risks affecting the critical infrastructure business continuity, including degradation of production and performance, unavailability of critical services, and violation of the regulation. Managing cybersecurity risks is very important to protect CPS. However, risk management is challenging due to the inherent complex and evolving nature of the CPS system and recent attack trends. This paper presents an integrated cybersecurity risk management framework to assess and manage the risks in a proactive manner. Our work follows the existing risk management practice and standard and considers risks from the stakeholder model, cyber, and physical system components along with their dependencies. The approach enables identification of critical CPS assets and assesses the impact of vulnerabilities that affect the assets. It also presents a cybersecurity attack scenario that incorporates a cascading effect of threats and vulnerabilities to the assets. The attack model helps to determine the appropriate risk levels and their corresponding mitigation process. We present a power grid system to illustrate the applicability of our work. The result suggests that risk in a CPS of a critical infrastructure depends mainly on cyber-physical attack scenarios and the context of the organization. The involved risks in the studied context are both from the technical and

Multi-stage crypto ransomware attacks: A new emerging cyber threat to critical infrastructure and industrial control systems

Directory of Open Access Journals (Sweden)

Aaron Zimba

2018-03-01

Full Text Available The inevitable integration of critical infrastructure to public networks has exposed the underlying industrial control systems to various attack vectors. In this paper, we model multi-stage crypto ransomware attacks, which are today an emerging cyber threat to critical infrastructure. We evaluate our modeling approach using multi-stage attacks by the infamous WannaCry ransomware. The static malware analysis results uncover the techniques employed by the ransomware to discover vulnerable nodes in different SCADA and production subnets, and for the subsequent network propagation. Based on the uncovered artifacts, we recommend a cascaded network segmentation approach, which prioritizes the security of production network devices. Keywords: Critical infrastructure, Cyber-attack, Industrial control system, Crypto ransomware, Vulnerability

Cyber physical systems approach to smart electric power grid

CERN Document Server

Khaitan, Siddhartha Kumar; Liu, Chen Ching

2015-01-01

This book documents recent advances in the field of modeling, simulation, control, security and reliability of Cyber- Physical Systems (CPS) in power grids. The aim of this book is to help the reader gain insights into working of CPSs and understand their potential in transforming the power grids of tomorrow. This book will be useful for all those who are interested in design of cyber-physical systems, be they students or researchers in power systems, CPS modeling software developers, technical marketing professionals and business policy-makers.

Cyber Vulnerabilities Within Critical Infrastructure: The Flaws of Industrial Control Systems in the Oil and Gas Industry

Science.gov (United States)

Alpi, Danielle Marie

The 16 sectors of critical infrastructure in the US are susceptible to cyber-attacks. Potential attacks come from internal and external threats. These attacks target the industrial control systems (ICS) of companies within critical infrastructure. Weakness in the energy sector's ICS, specifically the oil and gas industry, can result in economic and ecological disaster. The purpose of this study was to establish means for oil companies to identify and stop cyber-attacks specifically APT threats. This research reviewed current cyber vulnerabilities and ways in which a cyber-attack may be deterred. This research found that there are insecure devices within ICS that are not regularly updated. Therefore, security issues have amassed. Safety procedures and training thereof are often neglected. Jurisdiction is unclear in regard to critical infrastructure. The recommendations this research offers are further examination of information sharing methods, development of analytic platforms, and better methods for the implementation of defense-in-depth security measures.

A cyber security risk assessment for the design of I and C system in nuclear power plants

International Nuclear Information System (INIS)

Song, Jae Gu; Lee, Jung Woon; Lee, Cheal Kwon; Kwon, Kee Choon; Lee, Dong Young

2012-01-01

The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the life cycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

A cyber security risk assessment for the design of I and C system in nuclear power plants

Energy Technology Data Exchange (ETDEWEB)

Song, Jae Gu; Lee, Jung Woon; Lee, Cheal Kwon; Kwon, Kee Choon; Lee, Dong Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2012-12-15

The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the life cycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

Science.gov (United States)

Taha, Ahmad Fayez

Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input

Model Based Cyber Security Analysis for Research Reactor Protection System

Energy Technology Data Exchange (ETDEWEB)

Sho, Jinsoo; Rahman, Khalil Ur; Heo, Gyunyoung [Kyung Hee Univ., Yongin (Korea, Republic of); Son, Hanseong [Joongbu Univ., Geumsan (Korea, Republic of)

2013-07-01

The study on the qualitative risk due to cyber-attacks into research reactors was performed using bayesian Network (BN). This was motivated to solve the issues of cyber security raised due to digitalization of instrumentation and control (I and C) system. As a demonstrative example, we chose the reactor protection system (RPS) of research reactors. Two scenarios of cyber-attacks on RPS were analyzed to develop mitigation measures against vulnerabilities. The one is the 'insertion of reactor trip' and the other is the 'scram halt'. The six mitigation measures are developed for five vulnerability for these scenarios by getting the risk information from BN.

Model Based Cyber Security Analysis for Research Reactor Protection System

International Nuclear Information System (INIS)

Sho, Jinsoo; Rahman, Khalil Ur; Heo, Gyunyoung; Son, Hanseong

2013-01-01

The study on the qualitative risk due to cyber-attacks into research reactors was performed using bayesian Network (BN). This was motivated to solve the issues of cyber security raised due to digitalization of instrumentation and control (I and C) system. As a demonstrative example, we chose the reactor protection system (RPS) of research reactors. Two scenarios of cyber-attacks on RPS were analyzed to develop mitigation measures against vulnerabilities. The one is the 'insertion of reactor trip' and the other is the 'scram halt'. The six mitigation measures are developed for five vulnerability for these scenarios by getting the risk information from BN

Protecting ICS Systems Within the Energy Sector from Cyber Attacks

Science.gov (United States)

Barnes, Shaquille

Advance persistent threat (APT) groups are continuing to attack the energy sector through cyberspace, which poses a risk to our society, national security, and economy. Industrial control systems (ICSs) are not designed to handle cyber-attacks, which is why asset owners need to implement the correct proactive and reactive measures to mitigate the risk to their ICS environments. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 290 incidents for fiscal year 2016, where 59 of those incidents came from the Energy Sector. APT groups know how vulnerable energy sector ICS systems are and the destruction they can cause when they go offline such as loss of production, loss of life, and economic impact. Defending against APT groups requires more than just passive controls such as firewalls and antivirus solutions. Asset owners should implement a combination of best practices and active defense in their environment to defend against APT groups. Cyber-attacks against critical infrastructure will become more complex and harder to detect and respond to with traditional security controls. The purpose of this paper was to provide asset owners with the correct security controls and methodologies to help defend against APT groups.

CyberWar, CyberTerror, CyberCrime

CERN Document Server

Mehan, Julie E

2008-01-01

CyberWar, CyberTerror, CyberCrime provides a stark and timely analysis of the increasingly hostile online landscape that today’s corporate systems inhabit, and gives a practical introduction to the defensive strategies that can be employed in response.

Towards a Cyber Defense Framework for SCADA Systems Based on Power Consumption Monitoring

Energy Technology Data Exchange (ETDEWEB)

Hernandez Jimenez, Jarilyn M [ORNL; Chen, Qian [Savannah State University; Nichols, Jeff A. {Cyber Sciences} [ORNL; Calhoun, Chelsea [Savannah State University; Sykes, Summer [Savannah State University

2017-01-01

Supervisory control and data acquisition (SCADA) is an industrial automation system that remotely monitor, and control critical infrastructures. SCADA systems are major targets for espionage and sabotage attackers. According to the 2015 Dell security annual threat report, the number of cyber-attacks against SCADA systems has doubled in the past year. Cyber-attacks (i.e., buffer overflow, rootkits and code injection) could cause serious financial losses and physical infrastructure damages. Moreover, some specific cyber-attacks against SCADA systems could become a threat to human life. Current commercial off-the-shelf security solutions are insufficient in protecting SCADA systems against sophisticated cyber-attacks. In 2014 a report by Mandiant stated that only 69% of organizations learned about their breaches from third entities, meaning that these companies lack of their own detection system. Furthermore, these breaches are not detected in real-time or fast enough to prevent further damages. The average time between compromise and detection (for those intrusions that were detected) was 205 days. To address this challenge, we propose an Intrusion Detection System (IDS) that detects SCADA-specific cyber-attacks by analyzing the power consumption of a SCADA device. Specifically, to validate the proposed approach, we chose to monitor in real-time the power usage of a a Programmable Logic Controller (PLC). To this end, we configured the hardware of the tetsbed by installing the required sensors to monitor and collect its power consumption. After that two SCADA-specific cyber-attacks were simulated and TracerDAQ Pro was used to collect the power consumption of the PLC under normal and anomalous scenarios. Results showed that is possible to distinguish between the regular power usage of the PLC and when the PLC was under specific cyber-attacks.

Development of a Quantitative Method for Evaluating the Efficacy of Cyber Security Controls in NPPs based on Intrusion Tolerant Concept

International Nuclear Information System (INIS)

Lee, Chanyoung; Seong, Poong Hyun

2017-01-01

Digital I and C systems have been developed and installed in nuclear power plants (NPPs). However, due to installation of digital I and C systems, cyber security concerns are increasing in the nuclear industry. In order to provide useful information about cyber security issues, many regulatory documents, guides and standards were already published in the nuclear industry. The documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. In order for useful information about cyber security issues, many regulatory documents, guides and standards have been already published in the nuclear industry. However, there are still difficulties when it comes to deciding which security controls are needed and to defining appropriate security control requirements. It is because practical examples for the application of security controls have not been available to system designers and there is a lack of means for estimating the effectiveness of security controls. In this regard, this paper suggested a framework to quantitatively evaluate how much cyber security is improved when specific cyber security controls are applied in NPPs.

Real time test bed development for power system operation, control and cyber security

Science.gov (United States)

Reddi, Ram Mohan

The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

Airborne Collision Avoidance System as a Cyber-Physical System

Directory of Open Access Journals (Sweden)

Andrei C. NAE

2015-12-01

Full Text Available In this paper the key concepts of ITS - Intelligent Transport Systems, CPS - Cyber-Physical Systems and SM - Smart Mobility are defined and correlated with the need for ACAS – Airborne Collision Avoidance System, as the last resort safety net and indispensable ingredient in civil aviation. Smart Mobility is addressed from a Cyber Physical-Systems perspective, detailing some of the elements that this entails. Here we consider the Air Transportations System of the future as a Cyber-Physical System and analyze the implications of doing so from different perspectives. The objective is to introduce a 4D collision avoidance shield technology which forms a last resort safety net technology for the next generation air transport (2050 and beyond. The new system will represent a step change over the performance of current technology. As conclusions, the benefits of implementing Transport Cyber-Physical Systems are discussed, as well as what this would require for future deployment.

Reliability analysis for the smart grid : from cyber control and communication to physical manifestations of failure.

Science.gov (United States)

2010-01-01

The Smart Grid is a cyber-physical system comprised of physical components, such as transmission lines and generators, and a : network of embedded systems deployed for their cyber control. Our objective is to qualitatively and quantitatively analyze ...

Development of cyber training system for nuclear fields

International Nuclear Information System (INIS)

Kim, Young Taek; Park, Jong Kyun; Lee, Eui Jin; Lee, Han Young; Choi, Nan Young

2002-02-01

This report describes on technical contents related cyber training system construct on KAERI Nuclear Training Center, and on using cases of cyber education in domestic and foreign countries. Also realtime training system through the internet and cyber training management system for atomic fields is developed. All users including trainee, course managers and lecturers can use new technical for create new paradigm

Cyber-bombing ISIS

DEFF Research Database (Denmark)

Ringsmose, Jens; Teglskov Jacobsen, Jeppe

2017-01-01

It has become a conventional wisdom in strategic studies that the development and use of cyber weapons should be kept secret, as the effectiveness of these tools is dependent on opponents being unaware of a particular cyber weapon’s characteristics. Why, then, has the US military repeatedly publi...... the enemy’s trust in his own IT-infrastructure, and command and control systems, (3) signal “cyber strength” to third parties, and (4) establish norms regarding how to use cyber weapons in accordance with International Humanitarian Law....

Cyber-Physical War Gaming

OpenAIRE

Colbert, E. J. M.; Sullivan, D. T.; Kott, A

2017-01-01

This paper presents general strategies for cyber war gaming of Cyber-Physical Systems (CPSs) that are used for cyber security research at the U.S. Army Research Laboratory (ARL). Since Supervisory Control and Data Acquisition (SCADA) and other CPSs are operational systems, it is difficult or impossible to perform security experiments on actual systems. The authors describe how table-top strategy sessions and realistic, live CPS war games are conducted at ARL. They also discuss how the recorde...

Cyber security

CERN Document Server

Voeller, John G

2014-01-01

Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

Nondeducibility-Based Analysis of Cyber-Physical Systems

Science.gov (United States)

Gamage, Thoshitha; McMillin, Bruce

Controlling information flow in a cyber-physical system (CPS) is challenging because cyber domain decisions and actions manifest themselves as visible changes in the physical domain. This paper presents a nondeducibility-based observability analysis for CPSs. In many CPSs, the capacity of a low-level (LL) observer to deduce high-level (HL) actions ranges from limited to none. However, a collaborative set of observers strategically located in a network may be able to deduce all the HL actions. This paper models a distributed power electronics control device network using a simple DC circuit in order to understand the effect of multiple observers in a CPS. The analysis reveals that the number of observers required to deduce all the HL actions in a system increases linearly with the number of configurable units. A simple definition of nondeducibility based on the uniqueness of low-level projections is also presented. This definition is used to show that a system with two security domain levels could be considered “nondeducibility secure” if no unique LL projections exist.

A Trusted Autonomic Architecture to Safeguard Cyber-Physical Control Leaf Nodes and Protect Process Integrity

OpenAIRE

Chiluvuri, Nayana Teja

2015-01-01

Cyber-physical systems are networked through IT infrastructure and susceptible to malware. Threats targeting process control are much more safety-critical than traditional computing systems since they jeopardize the integrity of physical infrastructure. Existing defence mechanisms address security at the network nodes but do not protect the physical infrastructure if network integrity is compromised. An interface guardian architecture is implemented on cyber-physical control leaf nodes to mai...

A Multi-Component Automated Laser-Origami System for Cyber-Manufacturing

Science.gov (United States)

Ko, Woo-Hyun; Srinivasa, Arun; Kumar, P. R.

2017-12-01

Cyber-manufacturing systems can be enhanced by an integrated network architecture that is easily configurable, reliable, and scalable. We consider a cyber-physical system for use in an origami-type laser-based custom manufacturing machine employing folding and cutting of sheet material to manufacture 3D objects. We have developed such a system for use in a laser-based autonomous custom manufacturing machine equipped with real-time sensing and control. The basic elements in the architecture are built around the laser processing machine. They include a sensing system to estimate the state of the workpiece, a control system determining control inputs for a laser system based on the estimated data and user’s job requests, a robotic arm manipulating the workpiece in the work space, and middleware, named Etherware, supporting the communication among the systems. We demonstrate automated 3D laser cutting and bending to fabricate a 3D product as an experimental result.

Cyber-Physical Systems Security: a Systematic Mapping Study

OpenAIRE

Lun, Yuriy Zacchia; D'Innocenzo, Alessandro; Malavolta, Ivano; Di Benedetto, Maria Domenica

2016-01-01

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds some light on how security is actually addressed when dealing with cyber-physical systems. The provided systematic map of 118 selected studies is based on, for instance, application fields, various system components, relate...

CORESAFE: A Formal Approach against Code Replacement Attacks on Cyber Physical Systems

Science.gov (United States)

2018-04-19

AFRL-AFOSR-JP-TR-2018-0035 CORESAFE:A Formal Approach against Code Replacement Attacks on Cyber Physical Systems Sandeep Shukla INDIAN INSTITUTE OF...Formal Approach against Code Replacement Attacks on Cyber Physical Systems 5a.  CONTRACT NUMBER 5b.  GRANT NUMBER FA2386-16-1-4099 5c.  PROGRAM ELEMENT...SUPPLEMENTARY NOTES 14.  ABSTRACT Industrial Control Systems (ICS) used in manufacturing, power generators and other critical infrastructure monitoring and

On Cyber Warfare Command and Control Systems

National Research Council Canada - National Science Library

Howes, Norman R; Mezzino, Michael; Sarkesain, John

2004-01-01

.... Cyber warfare then becomes a one-sided battle where the attacker makes all the strikes and the target of the attack responds so slowly that the attacker usually gets away without being identified...

Cyber-Physical Architecture Assisted by Programmable Networking

OpenAIRE

Rubio-Hernan, Jose; Sahay, Rishikesh; De Cicco, Luca; Garcia-Alfaro, Joaquin

2018-01-01

Cyber-physical technologies are prone to attacks, in addition to faults and failures. The issue of protecting cyber-physical systems should be tackled by jointly addressing security at both cyber and physical domains, in order to promptly detect and mitigate cyber-physical threats. Towards this end, this letter proposes a new architecture combining control-theoretic solutions together with programmable networking techniques to jointly handle crucial threats to cyber-physical systems. The arch...

Data-driven modeling, control and tools for cyber-physical energy systems

Science.gov (United States)

Behl, Madhur

Energy systems are experiencing a gradual but substantial change in moving away from being non-interactive and manually-controlled systems to utilizing tight integration of both cyber (computation, communications, and control) and physical representations guided by first principles based models, at all scales and levels. Furthermore, peak power reduction programs like demand response (DR) are becoming increasingly important as the volatility on the grid continues to increase due to regulation, integration of renewables and extreme weather conditions. In order to shield themselves from the risk of price volatility, end-user electricity consumers must monitor electricity prices and be flexible in the ways they choose to use electricity. This requires the use of control-oriented predictive models of an energy system's dynamics and energy consumption. Such models are needed for understanding and improving the overall energy efficiency and operating costs. However, learning dynamical models using grey/white box approaches is very cost and time prohibitive since it often requires significant financial investments in retrofitting the system with several sensors and hiring domain experts for building the model. We present the use of data-driven methods for making model capture easy and efficient for cyber-physical energy systems. We develop Model-IQ, a methodology for analysis of uncertainty propagation for building inverse modeling and controls. Given a grey-box model structure and real input data from a temporary set of sensors, Model-IQ evaluates the effect of the uncertainty propagation from sensor data to model accuracy and to closed-loop control performance. We also developed a statistical method to quantify the bias in the sensor measurement and to determine near optimal sensor placement and density for accurate data collection for model training and control. Using a real building test-bed, we show how performing an uncertainty analysis can reveal trends about

Cyber security for greater service reliability

Energy Technology Data Exchange (ETDEWEB)

Vickery, P. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

2008-05-15

Service reliability in the electricity transmission and distribution (T and D) industry is being challenged by increased equipment failures, harsher climatic conditions, and computer hackers who aim to disrupt services by gaining access to transmission and distribution resources. This article discussed methods of ensuring the cyber-security of T and D operators. Weak points in the T and D industry include remote terminal units; intelligent electronic devices; distributed control systems; programmable logic controllers; and various intelligent field devices. An increasing number of interconnection points exist between an operator's service control system and external systems. The North American Electric Reliability Council (NERC) standards specify that cyber security strategies should ensure that all cyber assets are protected, and that access points must be monitored to detect intrusion attempts. The introduction of new advanced metering initiatives must also be considered. Comprehensive monitoring systems should be available to support compliance with cyber security standards. It was concluded that senior management should commit to a periodic cyber security re-assessment program in order to keep up-to-date.

Cyber-security: industrials must stop denying the risk of cyber-attacks

International Nuclear Information System (INIS)

Hausermann, L.

2015-01-01

The risk of cyber-attacks of industrial sites is real. Recently the Anvers port and the Bakou-Tbilissi-Ceyhan pipeline have been attacked. In both cases hackers succeeded: they were able to track sea containers in which drug was concealed and recover it in the Anvers port and in the case of the pipeline the hackers took control of the control system and were able to trigger a huge explosion by shunning security systems and allowing damaging pressure surges. The massive use of digital systems and of automated systems in various industrial sectors has led to huge network of inter-connected smart devices whose purpose is not to process data but to monitor and control. All these devices and equipment are controlled by software whose weaknesses and fault lines multiply the risk of cyber-attacks even for 'closed' networks. While the total hacking of a nuclear power plant is highly unlikely, real threats exist and must be taken into account. Innovative solutions based on the mapping of the fluxes of the system and combined with an inventory of all its weaknesses may pave the way towards cyber-security. (A.C.)

Guideline of Cyber Security Policy for Digital I and C Systems in Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Kim, Zeen; Kim, Jang Seong; Kim, Kwang Jo [Information and Communications University, Daejeon (Korea, Republic of); Kang, Young Doo; Kim, Dai Il; Jeong, Choong Heui [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

2007-10-15

Recently computers and communication systems have been developed very fast and applied to various areas in many applications. This development has raised new vulnerabilities that may endanger the critical systems for nuclear safety and physical protection at the facilities. In order to protect the critical infrastructures from these new cyber attacks, we clearly need deep considerations on the risks and threats through the cyberspace. Based on these needs, many organizations which related to nuclear power plants suggested various cyber security protection methods based on regulation or technical safeguard. Even if security countermeasures against various cyber attacks are important, it is required to establish the best practices of cyber security policy by the vendor and licensee. Based on the policy they can evaluate their activities against various cyber attacks throughout the whole life cycle. In this paper, we discuss how to establish the cyber security policy for digital instrumentation and control (I and C) systems in nuclear power plants.

Guideline of Cyber Security Policy for Digital I and C Systems in Nuclear Power Plant

International Nuclear Information System (INIS)

Kim, Zeen; Kim, Jang Seong; Kim, Kwang Jo; Kang, Young Doo; Kim, Dai Il; Jeong, Choong Heui

2007-01-01

Recently computers and communication systems have been developed very fast and applied to various areas in many applications. This development has raised new vulnerabilities that may endanger the critical systems for nuclear safety and physical protection at the facilities. In order to protect the critical infrastructures from these new cyber attacks, we clearly need deep considerations on the risks and threats through the cyberspace. Based on these needs, many organizations which related to nuclear power plants suggested various cyber security protection methods based on regulation or technical safeguard. Even if security countermeasures against various cyber attacks are important, it is required to establish the best practices of cyber security policy by the vendor and licensee. Based on the policy they can evaluate their activities against various cyber attacks throughout the whole life cycle. In this paper, we discuss how to establish the cyber security policy for digital instrumentation and control (I and C) systems in nuclear power plants

International Cyber Incident Repository System: Information Sharing on a Global Scale

Energy Technology Data Exchange (ETDEWEB)

Joyce, Amanda L.; Evans, PhD, Nathaniel; Tanzman, Edward A.; Israeli, Daniel

2017-02-02

According to the 2016 Internet Security Threat Report, the largest number of cyber attacks were recorded last year (2015), reaching a total of 430 million incidents throughout the world. As the number of cyber incidents increases, the need for information and intelligence sharing increases, as well. This fairly large increase in cyber incidents is driving the need for an international cyber incident data reporting system. The goal of the cyber incident reporting system is to make available shared and collected information about cyber events among participating international parties. In its 2014 report, Insurance Industry Working Session Readout Report-Insurance for CyberRelated Critical Infrastructure Loss: Key Issues, on the outcomes of a working session on cyber insurance, the U.S. Department of Homeland Security observed that “many participants cited the need for a secure method through which organizations could pool and share cyber incident information” and noted that one underwriter emphasized the importance of internationally harmonized data taxonomies. This cyber incident data reporting system could benefit all nations that take part in reporting incidents to provide a more common operating picture. In addition, this reporting system could allow for trending and anticipated attacks and could potentially benefit participating members by enabling them to get in front of potential attacks. The purpose of this paper is to identify options for consideration for such a system in fostering cooperative cyber defense.

Finite Energy and Bounded Actuator Attacks on Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Djouadi, Seddik M [ORNL; Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Dong, Jin [ORNL; Drira, Anis [ORNL

2015-01-01

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signals are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.

Cyber Forensics Ontology for Cyber Criminal Investigation

Science.gov (United States)

Park, Heum; Cho, Sunho; Kwon, Hyuk-Chul

We developed Cyber Forensics Ontology for the criminal investigation in cyber space. Cyber crime is classified into cyber terror and general cyber crime, and those two classes are connected with each other. The investigation of cyber terror requires high technology, system environment and experts, and general cyber crime is connected with general crime by evidence from digital data and cyber space. Accordingly, it is difficult to determine relational crime types and collect evidence. Therefore, we considered the classifications of cyber crime, the collection of evidence in cyber space and the application of laws to cyber crime. In order to efficiently investigate cyber crime, it is necessary to integrate those concepts for each cyber crime-case. Thus, we constructed a cyber forensics domain ontology for criminal investigation in cyber space, according to the categories of cyber crime, laws, evidence and information of criminals. This ontology can be used in the process of investigating of cyber crime-cases, and for data mining of cyber crime; classification, clustering, association and detection of crime types, crime cases, evidences and criminals.

Quantitative Vulnerability Assessment of Cyber Security for Distribution Automation Systems

Directory of Open Access Journals (Sweden)

Xiaming Ye

2015-06-01

Full Text Available The distribution automation system (DAS is vulnerable to cyber-attacks due to the widespread use of terminal devices and standard communication protocols. On account of the cost of defense, it is impossible to ensure the security of every device in the DAS. Given this background, a novel quantitative vulnerability assessment model of cyber security for DAS is developed in this paper. In the assessment model, the potential physical consequences of cyber-attacks are analyzed from two levels: terminal device level and control center server level. Then, the attack process is modeled based on game theory and the relationships among different vulnerabilities are analyzed by introducing a vulnerability adjacency matrix. Finally, the application process of the proposed methodology is illustrated through a case study based on bus 2 of the Roy Billinton Test System (RBTS. The results demonstrate the reasonability and effectiveness of the proposed methodology.

Cyber Security Penetration Test for Digital Safety I and C Systems

International Nuclear Information System (INIS)

Lee, C. K.; Kim, D. H.; Kwon, K. C.; Joo, H. K.; Song, J. S.

2010-01-01

In the Korea Nuclear I and C Systems Development project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and few types of communication network. However the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC in 2006 and it recommended the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore to incorporate the new licensing requirement, a cyber security risk assessment is performed for the platforms. Then the vulnerabilities identified by the risk assessment are validated by penetration test. This paper summarizes test scenario, test results and their incorporation into system design

Cyber Security for the Spaceport Command and Control System: Vulnerability Management and Compliance Analysis

Science.gov (United States)

Gunawan, Ryan A.

2016-01-01

With the rapid development of the Internet, the number of malicious threats to organizations is continually increasing. In June of 2015, the United States Office of Personnel Management (OPM) had a data breach resulting in the compromise of millions of government employee records. The National Aeronautics and Space Administration (NASA) is not exempt from these attacks. Cyber security is becoming a critical facet to the discussion of moving forward with projects. The Spaceport Command and Control System (SCCS) project at the Kennedy Space Center (KSC) aims to develop the launch control system for the next generation launch vehicle in the coming decades. There are many ways to increase the security of the network it uses, from vulnerability management to ensuring operating system images are compliant with securely configured baselines recommended by the United States Government.

Cyber Security Analysis by Attack Trees for a Reactor Protection System

International Nuclear Information System (INIS)

Park, Gee-Yong; Lee, Cheol Kwon; Choi, Jong Gyun; Kim, Dong Hoon; Lee, Young Jun; Kwon, Kee-Choon

2008-01-01

As nuclear facilities are introducing digital systems, the cyber security becomes an emerging topic to be analyzed and resolved. The domestic and other nation's regulatory bodies notice this topic and are preparing an appropriate guidance. The nuclear industry where new construction or upgrade of I and C systems is planned is analyzing and establishing a cyber security. A risk-based analysis for the cyber security has been performed in the KNICS (Korea Nuclear I and C Systems) project where the cyber security analysis has been applied to a reactor protection system (RPS). In this paper, the cyber security analysis based on the attack trees is proposed for the KNICS RPS

Security Controls for NPP I and C Systems

International Nuclear Information System (INIS)

Kim, Y. M.; Jeong, C. H.; Kim, T. H.

2014-01-01

In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks

Security Controls for NPP I and C Systems

Energy Technology Data Exchange (ETDEWEB)

Kim, Y. M.; Jeong, C. H. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of); Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of)

2014-05-15

In Korea, regulatory body have required cyber security plan for nuclear I and C system. Also, all I and C systems and equipment must be classified according to cyber security level and technical, operational and managerial security controls must be provided based on each level. It is necessary to determine the best set of security controls for NPP I and C system. In our research, selection, implementation and verification process of security controls which can be used for I and C systems has developed. For establishing the cyber security of the nuclear I and C system, special cyber security system which consider the difference between general IT system and nuclear I and C system is needed. This research, we developed security improvement methodology for NPP I and C system through establishing security control, applying and verifying activity. Also, the cyber security activities which are needed during development are defined. It is expected that the methodology which has been developed by this research can be used for establish, implement, evaluate the security controls for protecting nuclear I and C system from cyber-attacks.

Hacking cyber-risks back in their tracks: to identify the right supply chain controls, look at the system

OpenAIRE

Sepúlveda, Daniel; Khan, Omera

2015-01-01

A more comprehensive way of looking at cyber-risks in supply chains is required, when considering the increasing complexity of the supply networks and the exposure to unexpected disruptions, caused by cyber-attacks. This article describes some of the reasons why current risk assessment methods are insufficient. The article provides an analogy for understanding the dynamic effects in a company. It describes in general terms what it means to understand cyber-risks from the control perspective, ...

Cyber Security Analysis by Attack Trees for a Reactor Protection System

Energy Technology Data Exchange (ETDEWEB)

Park, Gee-Yong; Lee, Cheol Kwon; Choi, Jong Gyun; Kim, Dong Hoon; Lee, Young Jun; Kwon, Kee-Choon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2008-10-15

As nuclear facilities are introducing digital systems, the cyber security becomes an emerging topic to be analyzed and resolved. The domestic and other nation's regulatory bodies notice this topic and are preparing an appropriate guidance. The nuclear industry where new construction or upgrade of I and C systems is planned is analyzing and establishing a cyber security. A risk-based analysis for the cyber security has been performed in the KNICS (Korea Nuclear I and C Systems) project where the cyber security analysis has been applied to a reactor protection system (RPS). In this paper, the cyber security analysis based on the attack trees is proposed for the KNICS RPS.

Designing Fuzzy Rule Based Expert System for Cyber Security

OpenAIRE

Goztepe, Kerim

2016-01-01

The state of cyber security has begun to attract more attention and interest outside the community of computer security experts. Cyber security is not a single problem, but rather a group of highly different problems involving different sets of threats. Fuzzy Rule based system for cyber security is a system consists of a rule depository and a mechanism for accessing and running the rules. The depository is usually constructed with a collection of related rule sets. The aim of this study is to...

Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system

OpenAIRE

Kokkonen, Tero

2016-01-01

Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation conc...

An Analysis of Cyber-Attack on NPP Considering Physical Impact

Energy Technology Data Exchange (ETDEWEB)

Lee, In Hyo; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of); Son, Han Seong [Joonbu University, Geumsan (Korea, Republic of)

2016-05-15

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

An Analysis of Cyber-Attack on NPP Considering Physical Impact

International Nuclear Information System (INIS)

Lee, In Hyo; Kang, Hyun Gook; Son, Han Seong

2016-01-01

Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

International Nuclear Information System (INIS)

Vollmer, Todd; Manic, Milos

2014-01-01

A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices

Secure and Resilient Functional Modeling for Navy Cyber-Physical Systems

Science.gov (United States)

2017-05-24

control systems, it was determined that this project will employ the model of a Ship Chilled Water Distribution System as a central use case. This model...Siemens Corporation Corporate Technology Unrestricted. Distribution Statement A. Approved for public...release; distribution is unlimited. Page 1 of 4 Secure & Resilient Functional Modeling for Navy Cyber-Physical Systems FY17 Quarter 1 Technical Progress

KYPO Cyber Range: Design and Use Cases

OpenAIRE

Vykopal Jan; Ošlejšek Radek; Čeleda Pavel; Vizváry Martin; Tovarňák Daniel

2017-01-01

The physical and cyber worlds are increasingly intertwined and exposed to cyber attacks. The KYPO cyber range provides complex cyber systems and networks in a virtualized, fully controlled and monitored environment. Time-efficient and cost-effective deployment is feasible using cloud resources instead of a dedicated hardware infrastructure. This paper describes the design decisions made during it’s development. We prepared a set of use cases to evaluate the proposed design decisions and to de...

Multi-stage crypto ransomware attacks: A new emerging cyber threat to critical infrastructure and industrial control systems

OpenAIRE

Aaron Zimba; Zhaoshun Wang; Hongsong Chen

2018-01-01

The inevitable integration of critical infrastructure to public networks has exposed the underlying industrial control systems to various attack vectors. In this paper, we model multi-stage crypto ransomware attacks, which are today an emerging cyber threat to critical infrastructure. We evaluate our modeling approach using multi-stage attacks by the infamous WannaCry ransomware. The static malware analysis results uncover the techniques employed by the ransomware to discover vulnerable nodes...

Final report : impacts analysis for cyber attack on electric power systems (National SCADA Test Bed FY08).

Energy Technology Data Exchange (ETDEWEB)

Phillips, Laurence R.; Richardson, Bryan T.; Stamp, Jason Edwin; LaViolette, Randall A.

2009-02-01

To analyze the risks due to cyber attack against control systems used in the United States electrical infrastructure, new algorithms are needed to determine the possible impacts. This research is studying the Reliability Impact of Cyber ttack (RICA) in a two-pronged approach. First, malevolent cyber actions are analyzed in terms of reduced grid reliability. Second, power system impacts are investigated using an abstraction of the grid's dynamic model. This second year of esearch extends the work done during the first year.

A Hierarchical Security Architecture for Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Quanyan Zhu; Tamer Basar

2011-08-01

Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

Decision support systems for cyber-risk supervision in banks

OpenAIRE

Košak, Matjaž

2016-01-01

Cyber risk has been increasing due to fast development of information technology, increased using of smart gadgets, advanced way of communication, changing habits of users, and inventiveness of cyber criminals. Nowadays, cyber criminals are highly motivated professionals who are frequently financed by wealthy criminal organizations, or even states, and have clear goals and strategies. False working of critical systems might have important consequences for the whole society, therefore the ...

Semantical Markov Logic Network for Distributed Reasoning in Cyber-Physical Systems

Directory of Open Access Journals (Sweden)

Abdul-Wahid Mohammed

2017-01-01

Full Text Available The challenges associated with developing accurate models for cyber-physical systems are attributable to the intrinsic concurrent and heterogeneous computations of these systems. Even though reasoning based on interconnected domain specific ontologies shows promise in enhancing modularity and joint functionality modelling, it has become necessary to build interoperable cyber-physical systems due to the growing pervasiveness of these systems. In this paper, we propose a semantically oriented distributed reasoning architecture for cyber-physical systems. This model accomplishes reasoning through a combination of heterogeneous models of computation. Using the flexibility of semantic agents as a formal representation for heterogeneous computational platforms, we define autonomous and intelligent agent-based reasoning procedure for distributed cyber-physical systems. Sensor networks underpin the semantic capabilities of this architecture, and semantic reasoning based on Markov logic networks is adopted to address uncertainty in modelling. To illustrate feasibility of this approach, we present a Markov logic based semantic event model for cyber-physical systems and discuss a case study of event handling and processing in a smart home.

Resilience of Cyber Systems with Over- and Underregulation.

Science.gov (United States)

Gisladottir, Viktoria; Ganin, Alexander A; Keisler, Jeffrey M; Kepner, Jeremy; Linkov, Igor

2017-09-01

Recent cyber attacks provide evidence of increased threats to our critical systems and infrastructure. A common reaction to a new threat is to harden the system by adding new rules and regulations. As federal and state governments request new procedures to follow, each of their organizations implements their own cyber defense strategies. This unintentionally increases time and effort that employees spend on training and policy implementation and decreases the time and latitude to perform critical job functions, thus raising overall levels of stress. People's performance under stress, coupled with an overabundance of information, results in even more vulnerabilities for adversaries to exploit. In this article, we embed a simple regulatory model that accounts for cybersecurity human factors and an organization's regulatory environment in a model of a corporate cyber network under attack. The resulting model demonstrates the effect of under- and overregulation on an organization's resilience with respect to insider threats. Currently, there is a tendency to use ad-hoc approaches to account for human factors rather than to incorporate them into cyber resilience modeling. It is clear that using a systematic approach utilizing behavioral science, which already exists in cyber resilience assessment, would provide a more holistic view for decisionmakers. © 2016 Society for Risk Analysis.

A Review of Cyber-Physical Energy System Security Assessment

DEFF Research Database (Denmark)

Rasmussen, Theis Bo; Yang, Guangya; Nielsen, Arne Hejde

2017-01-01

Increasing penetration of renewable energy resources (RES) and electrification of services by implementing distributed energy resources (DER) has caused a paradigm shift in the operation of the power system. The controllability of the power system is predicted to be shifted from the generation side...... to the consumption side. This transition entails that the future power system evolves into a complex cyber-physical energy system (CPES) with strong interactions between the power, communication and neighboring energy systems. Current power system security assessment methods are based on centralized computation...

Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

International Nuclear Information System (INIS)

Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon; Kang, Mingyun

2015-01-01

Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately

Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Kang, Mingyun [E-Gonggam Co. Ltd., Daejeon (Korea, Republic of)

2015-10-15

Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately.

Meta II: Multi-Model Language Suite for Cyber Physical Systems

Science.gov (United States)

2013-03-01

AVM META) projects have developed tools for designing cyber physical (or Mechatronic ) Systems . These systems are increasingly complex, take much...projects have developed tools for designing cyber physical (CPS) (or Mechatronic ) systems . Exemplified by modern amphibious and ground military...and parametric interface of Simulink models and defines associations with CyPhy components and component interfaces. 2. Embedded Systems Modeling

Cyber Physical System Modelling of Distribution Power Systems for Dynamic Demand Response

Science.gov (United States)

Chu, Xiaodong; Zhang, Rongxiang; Tang, Maosen; Huang, Haoyi; Zhang, Lei

2018-01-01

Dynamic demand response (DDR) is a package of control methods to enhance power system security. A CPS modelling and simulation platform for DDR in distribution power systems is presented in this paper. CPS modelling requirements of distribution power systems are analyzed. A coupled CPS modelling platform is built for assessing DDR in the distribution power system, which combines seamlessly modelling tools of physical power networks and cyber communication networks. Simulations results of IEEE 13-node test system demonstrate the effectiveness of the modelling and simulation platform.

Using Robots and Contract Learning to Teach Cyber-Physical Systems to Undergraduates

Science.gov (United States)

Crenshaw, T. L. A.

2013-01-01

Cyber-physical systems are a genre of networked real-time systems that monitor and control the physical world. Examples include unmanned aerial vehicles and industrial robotics. The experts who develop these complex systems are retiring much faster than universities are graduating engineering majors. As a result, it is important for undergraduates…

An Examination of the Relationship between Self-Control and Cyber Victimization in Adolescents

Science.gov (United States)

Peker, Adem

2017-01-01

Purpose: Cyber bullying is a new phenomenon which adversely affects young people. Exposure to the cyber bullying can negatively affect the mental health. The aim of this study is to examine the predictive effect of self-control on cyber victimization in adolescents. Research Methods: The study group was composed of 353 Turkish secondary school…

Incorporating Cyber Layer Failures in Composite Power System Reliability Evaluations

Directory of Open Access Journals (Sweden)

Yuqi Han

2015-08-01

Full Text Available This paper proposes a novel approach to analyze the impacts of cyber layer failures (i.e., protection failures and monitoring failures on the reliability evaluation of composite power systems. The reliability and availability of the cyber layer and its protection and monitoring functions with various topologies are derived based on a reliability block diagram method. The availability of the physical layer components are modified via a multi-state Markov chain model, in which the component protection and monitoring strategies, as well as the cyber layer topology, are simultaneously considered. Reliability indices of composite power systems are calculated through non-sequential Monte-Carlo simulation. Case studies demonstrate that operational reliability downgrades in cyber layer function failure situations. Moreover, protection function failures have more significant impact on the downgraded reliability than monitoring function failures do, and the reliability indices are especially sensitive to the change of the cyber layer function availability in the range from 0.95 to 1.

Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

International Nuclear Information System (INIS)

Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y.

2011-01-01

With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2011-05-15

With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

Modeling and Vulnerability Analysis of Cyber-Physical Power Systems Considering Network Topology and Power Flow Properties

Directory of Open Access Journals (Sweden)

Jia Guo

2017-01-01

Full Text Available Conventional power systems are developing into cyber-physical power systems (CPPS with wide applications of communication, computer and control technologies. However, multiple practical cases show that the failure of cyber layers is a major factor leading to blackouts. Therefore, it is necessary to discuss the cascading failure process considering cyber layer failures and analyze the vulnerability of CPPS. In this paper, a CPPS model, which consists of cyber layer, physical layer and cyber-physical interface, is presented using complex network theory. Considering power flow properties, the impacts of cyber node failures on the cascading failure propagation process are studied. Moreover, two vulnerability indices are established from the perspective of both network structure and power flow properties. A vulnerability analysis method is proposed, and the CPPS performance before and after cascading failures is analyzed by the proposed method to calculate vulnerability indices. In the case study, three typical scenarios are analyzed to illustrate the method, and vulnerabilities under different interface strategies and attack strategies are compared. Two thresholds are proposed to value the CPPS vulnerability roughly. The results show that CPPS is more vulnerable under malicious attacks and cyber nodes with high indices are vulnerable points which should be reinforced.

Cyber Threat Assessment of Uplink and Commanding System for Mission Operation

Science.gov (United States)

Ko, Adans Y.; Tan, Kymie M. C.; Cilloniz-Bicchi, Ferner; Faris, Grant

2014-01-01

Most of today's Mission Operations Systems (MOS) rely on Ground Data System (GDS) segment to mitigate cyber security risks. Unfortunately, IT security design is done separately from the design of GDS' mission operational capabilities. This incoherent practice leaves many security vulnerabilities in the system without any notice. This paper describes a new way to system engineering MOS, to include cyber threat risk assessments throughout the MOS development cycle, without this, it is impossible to design a dependable and reliable MOS to meet today's rapid changing cyber threat environment.

Medical cyber-physical systems: A survey.

Science.gov (United States)

Dey, Nilanjan; Ashour, Amira S; Shi, Fuqian; Fong, Simon James; Tavares, João Manuel R S

2018-03-10

Medical cyber-physical systems (MCPS) are healthcare critical integration of a network of medical devices. These systems are progressively used in hospitals to achieve a continuous high-quality healthcare. The MCPS design faces numerous challenges, including inoperability, security/privacy, and high assurance in the system software. In the current work, the infrastructure of the cyber-physical systems (CPS) are reviewed and discussed. This article enriched the researches of the networked Medical Device (MD) systems to increase the efficiency and safety of the healthcare. It also can assist the specialists of medical device to overcome crucial issues related to medical devices, and the challenges facing the design of the medical device's network. The concept of the social networking and its security along with the concept of the wireless sensor networks (WSNs) are addressed. Afterward, the CPS systems and platforms have been established, where more focus was directed toward CPS-based healthcare. The big data framework of CPSs is also included.

Key issues and technical route of cyber physical distribution system

Science.gov (United States)

Zheng, P. X.; Chen, B.; Zheng, L. J.; Zhang, G. L.; Fan, Y. L.; Pei, T.

2017-01-01

Relying on the National High Technology Research and Development Program, this paper introduced the key issues in Cyber Physical Distribution System (CPDS), mainly includes: composite modelling method and interaction mechanism, system planning method, security defence technology, distributed control theory. Then on this basis, the corresponding technical route is proposed, and a more detailed research framework along with main schemes to be adopted is also presented.

Cyber Threats to Nuclear Infrastructures

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

2010-07-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

Cyber Threats to Nuclear Infrastructures

International Nuclear Information System (INIS)

Anderson, Robert S.; Moskowitz, Paul; Schanfein, Mark; Bjornard, Trond; St. Michel, Curtis

2010-01-01

Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

Cyber-physical securi

Directory of Open Access Journals (Sweden)

Aditya Ashok

2014-07-01

Full Text Available Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

Directory of Open Access Journals (Sweden)

Karl H. Stingeder

2015-09-01

äventivmaßnahmen ist weder ausreichend noch nachhaltig. What roles does cyber crime play today? What differentiates cyber crime from cyber war? How must cyber security be organized in order to effectively ensure sustainable protection? Cyber crime activities are frequently characterized by the easy accessibility of fraudulent know-how and technical means. Due to the sluggish and inadequate implementation of coordinated countermeasures, cyber crimes are a low-risk and high-reward scenario for cyber criminals. The more organized and specialized a cyber crime network, the greater the potential for damage. In fact, cyber crime is the umbrella term for fraudulent activities via the World Wide Web. These rely on the model of "traditional" offline criminal behavior patterns, which are easy to access thanks to the technological spectrum of the Internet. Nonetheless, it is the technical execution of the crime that represents a crucial distinguishing characteristic between online and offline fraud. Furthermore, from the point of view of organized crime, governments and terror groups, a lower inhibition threshold for a military exploitation of the Internet is a focal point of cyber security. As soon as cyber crime activity is the means by which to achieve political goals, it is called cyber war. Sustainable measures directed against cyber crime and cyber war take place in a highly dynamic environment. Cyber criminals are usually well-equipped in terms of logistics and financial resources. Many are supported by governments. Cyber criminals have wide-ranging technical expertise, which enables them to develop customized malware to accomplish their goals. At present, many companies and public sector entities do not fully realize how imperative defense systems are. Cyber security focus on purely preventive measures is therefore neither sufficient nor sustainable.

Understanding human factors in cyber security as a dynamic system

NARCIS (Netherlands)

Young, H.J.; Vliet, A.J. van; Ven, J.G.S. van de; Jol, S.C.; Broekman, C.C.M.T.

2018-01-01

The perspective of human factors is largely missing from the wider cyber security dialogue and its scope is often limited. We propose a framework in which we consider cyber security as a state of a system. System change is brought on by an entity’s behavior. Interventions are ways of changing

Defending Critical Infrastructure as Cyber Key Terrain

Science.gov (United States)

2016-08-01

to Secure Cyberspace (NSSC) is as it lists three strategic objectives:4 1) Prevent cyber attacks against America’s critical infrastructures; 2...House, “National Strategy to Secure Cyberspace,” (Washington, DC: The White House, 2003) Trey Herr, "PrEP: A framework for malware & cyber weapons...David Kuipers and Mark Fabro. “Control Systems Cyber Security : Defense in Depth Strategies,” [United States: Department of Energy, 2006]: 4

Microgrid cyber security reference architecture.

Energy Technology Data Exchange (ETDEWEB)

Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

2013-07-01

This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

Cyber Security in Digital I and C Implementation

Energy Technology Data Exchange (ETDEWEB)

Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William [Doosan HF Controls, Texas (United States)

2011-08-15

During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described.

Cyber Security in Digital I and C Implementation

International Nuclear Information System (INIS)

Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William

2011-01-01

During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described

PeerShield: determining control and resilience criticality of collaborative cyber assets in networks

Science.gov (United States)

Cam, Hasan

2012-06-01

As attackers get more coordinated and advanced in cyber attacks, cyber assets are required to have much more resilience, control effectiveness, and collaboration in networks. Such a requirement makes it essential to take a comprehensive and objective approach for measuring the individual and relative performances of cyber security assets in network nodes. To this end, this paper presents four techniques as to how the relative importance of cyber assets can be measured more comprehensively and objectively by considering together the main variables of risk assessment (e.g., threats, vulnerabilities), multiple attributes (e.g., resilience, control, and influence), network connectivity and controllability among collaborative cyber assets in networks. In the first technique, a Bayesian network is used to include the random variables for control, recovery, and resilience attributes of nodes, in addition to the random variables of threats, vulnerabilities, and risk. The second technique shows how graph matching and coloring can be utilized to form collaborative pairs of nodes to shield together against threats and vulnerabilities. The third technique ranks the security assets of nodes by incorporating multiple weights and thresholds of attributes into a decision-making algorithm. In the fourth technique, the hierarchically well-separated tree is enhanced to first identify critical nodes of a network with respect to their attributes and network connectivity, and then selecting some nodes as driver nodes for network controllability.

Modeling and simulation for cyber-physical system security research, development and applications.

Energy Technology Data Exchange (ETDEWEB)

Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

2010-02-01

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

Control Structures in supply chains as a way to manage unpredictable cyber-risks

DEFF Research Database (Denmark)

Sepúlveda Estay, Daniel Alberto; Khan, Omera

the application of a systemic risk analysis methodology to understand cyber risks in the supply chain. A generic supply chain is analyzed, and information flows, dynamic structures and the influence of cyber-attack on these are identified. This paper argues that a systemic approach is more efficient in detecting......Supply chain growth, and their dependence on Information Technology (IT), is making cyber risks an increasingly unmanageable threat through traditional risk assessment methods. Systemic analysis methods have been identified as alternatives to trad itional methods. This paper analyzes...

Cyber security issues imposed on nuclear power plants

International Nuclear Information System (INIS)

Kim, Do-Yeon

2014-01-01

Highlights: • Provide history of cyber attacks targeting at nuclear facilities. • Provide cyber security issues imposed on nuclear power plants. • Provide possible countermeasures for protecting nuclear power plants. - Abstract: With the introduction of new technology based on the increasing digitalization of control systems, the potential of cyber attacks has escalated into a serious threat for nuclear facilities, resulting in the advent of the Stuxnet. In this regard, the nuclear industry needs to consider several cyber security issues imposed on nuclear power plants, including regulatory guidelines and standards for cyber security, the possibility of Stuxnet-inherited malware attacks in the future, and countermeasures for protecting nuclear power plants against possible cyber attacks

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

Science.gov (United States)

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2014-07-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

Science.gov (United States)

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2013-01-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

Safe Cooperating Cyber-Physical Systems using Wireless Communication

DEFF Research Database (Denmark)

Pop, Paul; Scholle, Detlef; Sljivo, Irfan

2017-01-01

This paper presents an overview of the ECSEL project entitled ―Safe Cooperating Cyber-Physical Systems using Wireless Communication‖ (SafeCOP), which runs during the period 2016–2019. SafeCOP targets safety-related Cooperating Cyber-Physical Systems (CO-CPS) characterised by use of wireless...... detection of abnormal behaviour, triggering if needed a safe degraded mode. SafeCOP will also develop methods and tools, which will be used to produce safety assurance evidence needed to certify cooperative functions. SafeCOP will extend current wireless technologies to ensure safe and secure cooperation...

Information fusion for cyber-security analytics

CERN Document Server

Karabatis, George; Aleroud, Ahmed

2017-01-01

This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

Critical infrastructure cyber-security risk management

OpenAIRE

Spyridopoulos, T.; Maraslis, K.; Tryfonas, T.; Oikonomou, G.

2017-01-01

Traditional IT cyber-security risk management methods are based on the evaluation of risks calculated as the likelihood of cyber-security incidents occurring. However, these probabilities are usually estimations or guesses based on past experience and incomplete data. Incorrect estimations can lead to errors in the evaluation of risks that can ultimately affect the protection of the system. This issue is also transferred to methods used in Industrial Control Systems (ICSs), as they are mainly...

Optimal Mobile Sensing and Actuation Policies in Cyber-physical Systems

CERN Document Server

Tricaud, Christophe

2012-01-01

A successful cyber-physical system, a complex interweaving of hardware and software in direct interaction with some parts of the physical environment, relies heavily on proper identification of the, often pre-existing, physical elements. Based on information from that process, a bespoke “cyber” part of the system may then be designed for a specific purpose. Optimal Mobile Sensing and Actuation Strategies in Cyber-physical Systems focuses on distributed-parameter systems the dynamics of which can be modelled with partial differential equations. Such systems are very challenging to measure, their states being distributed throughout a spatial domain. Consequently, optimal strategies are needed and systematic approaches to the optimization of sensor locations have to be devised for parameter estimation. The text begins by reviewing the newer field of cyber-physical systems and introducing background notions of distributed parameter systems and optimal observation theory. New research opportunities are then de...

An Integrated Research Infrastructure for Validating Cyber-Physical Energy Systems

DEFF Research Database (Denmark)

Strasser, T. I.; Moyo, C.; Bründlinger, R.

2017-01-01

quality and ensure security of supply. At the same time, the increased availability of advanced automation and communication technologies provides new opportunities for the derivation of intelligent solutions to tackle the challenges. Previous work has shown various new methods of operating highly...... interconnected power grids, and their corresponding components, in a more effective way. As a consequence of these developments, the traditional power system is being transformed into a cyber-physical energy system, a smart grid. Previous and ongoing research have tended to mainly focus on how specific aspects...... of smart grids can be validated, but until there exists no integrated approach for the analysis and evaluation of complex cyber-physical systems configurations. This paper introduces integrated research infrastructure that provides methods and tools for validating smart grid systems in a holistic, cyber...

Evaluation of a Cyber Security System for Hospital Network.

Science.gov (United States)

Faysel, Mohammad A

2015-01-01

Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

Cyber-Informed Engineering

Energy Technology Data Exchange (ETDEWEB)

Anderson, Robert S. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Benjamin, Jacob [Idaho National Lab. (INL), Idaho Falls, ID (United States); Wright, Virginia L. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Quinones, Luis [Idaho National Lab. (INL), Idaho Falls, ID (United States); Paz, Jonathan [Idaho National Lab. (INL), Idaho Falls, ID (United States)

2017-03-01

A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

Cyber-Informed Engineering

International Nuclear Information System (INIS)

Anderson, Robert S.; Benjamin, Jacob; Wright, Virginia L.; Quinones, Luis; Paz, Jonathan

2017-01-01

A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

Review on Cyber Security Programs for NPP Application

Energy Technology Data Exchange (ETDEWEB)

Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

2010-10-15

Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

Review on Cyber Security Programs for NPP Application

International Nuclear Information System (INIS)

Oh, Eung Se

2010-01-01

Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

Security-aware design for cyber-physical systems a platform-based approach

CERN Document Server

Lin, Chung-Wei

2017-01-01

Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

Preparing South Africa for Cyber Crime and Cyber Defense

Directory of Open Access Journals (Sweden)

Marthie Grobler

2013-10-01

Full Text Available The international scope of the Internet, the fast technological advances, the wide reach of technological usage and the increase in cyber-attacks require the South African administrative and legislative system to both intersect largely with the application and implementation of international legislation, take timeous precautionary measures and stay updated on trends and developments. One of the problems associated with the technological revolution is that the cyberspace is full of complex and dynamic technological innovations that are not well suited to any lagging administrative and legal system. A further complication is the lack of comprehensive and enforceable treaties facilitating international cooperation with regard to cyber defense. The result is that many developing countries in particular, are either not properly aware, not well prepared, or adequately protected by both knowledge and legislation, in the event of a cyber-attack on a national level. Even if these countries realize the threats, the time to react is of such a long nature due to consultation and legislative processes, that the legal systems provide little support to ensure timeous and necessary counter-measures. This article will address this problem by looking at the impact of technological revolution on cybercrime and cyber defense in a developing country and will evaluate the relevant South African legislation. It will also look at the influence of cyber defense on the international position of the South African Government. South Africa at present does not have a coordinated approach in dealing with Cybercrime and does not have a comprehensive Cyber defense strategy in place. The structures that have been established to deal with Cyber security issues are inadequate to holistically deal with these issues. The development of interventions to address cybercrime requires a partnership between business, government and civil society. This article will provide an approach to

Emerging and Future Cyber Threats to Critical Systems

OpenAIRE

Djambazova , Edita; Almgren , Magnus; Dimitrov , Kiril; Jonsson , Erland

2010-01-01

Part 2: Adversaries; International audience; This paper discusses the emerging and future cyber threats to critical systems identified during the EU/FP7 project ICT-FORWARD. Threats were identified after extensive discussions with both domain experts and IT security professionals from academia, industry, and government organizations. The ultimate goal of the work was to identify the areas in which cyber threats could occur and cause serious and undesirable consequences, based on the character...

Cyber Warfare/Cyber Terrorism

National Research Council Canada - National Science Library

O'Hara, Timothy

2004-01-01

.... Section 1 concludes with a review of offensive and defensive cyber warfare concepts. Section 2 presents a general overview of cyber terrorism, including definitions of cyber terrorism and cyber terrorism support...

Cyber Deterrence and Stability

Energy Technology Data Exchange (ETDEWEB)

Goychayev, Rustam [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Carr, Geoffrey A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Weise, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Donnelly, David A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Clements, Samuel L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Benz, Jacob M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Rodda, Kabrena E. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bartholomew, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); McKinnon, Archibald D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Andres, Richard B. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

2017-09-30

Throughout the 20th and early 21st centuries, deterrence and arms control have been cornerstones of strategic stability between the superpowers. However, the weaponization of the cyber realm by State actors and the multipolar nature of cyber conflict now undermines that stability. Strategic stability is the state in which nations believe that if they act aggressively to undermine U.S. national interests and the post-World War II liberal democratic order, the consequences will outweigh the benefits. The sense of lawlessness and lack of consequences in the cyber realm embolden States to be more aggressive in taking actions that undermine stability. Accordingly, this paper examines 1) the role of deterrence and arms control in securing cyber stability, and 2) the limitations and challenges associated with these traditional national security paradigms as applied to this emerging threat domain. This paper demonstrates that many 20th-century deterrence and arms control concepts are not particularly applicable in the cyber realm. However, they are not entirely irrelevant. The United States can distill lessons learned from this rich deterrence and arms control experience to develop and deploy a strategy to advance cyber stability.

Security analysis of cyber-physical system

Science.gov (United States)

Li, Bo; Zhang, Lichen

2017-05-01

In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

An Integrated Simulation Module for Cyber-Physical Automation Systems

Directory of Open Access Journals (Sweden)

Francesco Ferracuti

2016-05-01

Full Text Available The integration of Wireless Sensors Networks (WSNs into Cyber Physical Systems (CPSs is an important research problem to solve in order to increase the performances, safety, reliability and usability of wireless automation systems. Due to the complexity of real CPSs, emulators and simulators are often used to replace the real control devices and physical connections during the development stage. The most widespread simulators are free, open source, expandable, flexible and fully integrated into mathematical modeling tools; however, the connection at a physical level and the direct interaction with the real process via the WSN are only marginally tackled; moreover, the simulated wireless sensor motes are not able to generate the analogue output typically required for control purposes. A new simulation module for the control of a wireless cyber-physical system is proposed in this paper. The module integrates the COntiki OS JAva Simulator (COOJA, a cross-level wireless sensor network simulator, and the LabVIEW system design software from National Instruments. The proposed software module has been called “GILOO” (Graphical Integration of Labview and cOOja. It allows one to develop and to debug control strategies over the WSN both using virtual or real hardware modules, such as the National Instruments Real-Time Module platform, the CompactRio, the Supervisory Control And Data Acquisition (SCADA, etc. To test the proposed solution, we decided to integrate it with one of the most popular simulators, i.e., the Contiki OS, and wireless motes, i.e., the Sky mote. As a further contribution, the Contiki Sky DAC driver and a new “Advanced Sky GUI” have been proposed and tested in the COOJA Simulator in order to provide the possibility to develop control over the WSN. To test the performances of the proposed GILOO software module, several experimental tests have been made, and interesting preliminary results are reported. The GILOO module has been

An Integrated Simulation Module for Cyber-Physical Automation Systems.

Science.gov (United States)

Ferracuti, Francesco; Freddi, Alessandro; Monteriù, Andrea; Prist, Mariorosario

2016-05-05

The integration of Wireless Sensors Networks (WSNs) into Cyber Physical Systems (CPSs) is an important research problem to solve in order to increase the performances, safety, reliability and usability of wireless automation systems. Due to the complexity of real CPSs, emulators and simulators are often used to replace the real control devices and physical connections during the development stage. The most widespread simulators are free, open source, expandable, flexible and fully integrated into mathematical modeling tools; however, the connection at a physical level and the direct interaction with the real process via the WSN are only marginally tackled; moreover, the simulated wireless sensor motes are not able to generate the analogue output typically required for control purposes. A new simulation module for the control of a wireless cyber-physical system is proposed in this paper. The module integrates the COntiki OS JAva Simulator (COOJA), a cross-level wireless sensor network simulator, and the LabVIEW system design software from National Instruments. The proposed software module has been called "GILOO" (Graphical Integration of Labview and cOOja). It allows one to develop and to debug control strategies over the WSN both using virtual or real hardware modules, such as the National Instruments Real-Time Module platform, the CompactRio, the Supervisory Control And Data Acquisition (SCADA), etc. To test the proposed solution, we decided to integrate it with one of the most popular simulators, i.e., the Contiki OS, and wireless motes, i.e., the Sky mote. As a further contribution, the Contiki Sky DAC driver and a new "Advanced Sky GUI" have been proposed and tested in the COOJA Simulator in order to provide the possibility to develop control over the WSN. To test the performances of the proposed GILOO software module, several experimental tests have been made, and interesting preliminary results are reported. The GILOO module has been applied to a smart home

Towards False Alarm Reduction using Fuzzy If-Then Rules for Medical Cyber Physical Systems

DEFF Research Database (Denmark)

Li, Wenjuan; Meng, Weizhi; Su, Chunhua

2018-01-01

Cyber-Physical Systems (CPS) are integrations of computation, networking and physical processes. Its process control is often referred to as embedded systems. Generally, CPS and Internet of Things (IoT) have the same basic architecture, whereas the former shows a higher combination and coordination...

Cyber terrorism and cyber-crime – threats for cyber security

OpenAIRE

Ackoski, Jugoslav; Dojcinovski, Metodija

2012-01-01

This paper has aim to give contribution in supporting efforts against cyber threats recognized as a cyber terrorism and cyber crime. Also, it has aim to show future challenges related to cyber security and their emerging threats – cyber war, cyber terrorism and cyber crime. Accelerate weapon development called ICT (Information Communication Technology) which is developed every day faster and faster, and development of human conscious on higher level about consequences of ICT enormous pene...

Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems

Directory of Open Access Journals (Sweden)

Yao Pan

2017-03-01

Full Text Available The Internet of Things (IoT has transformed many aspects of modern manufacturing, from design to production to quality control. In particular, IoT and digital manufacturing technologies have substantially accelerated product development- cycles and manufacturers can now create products of a complexity and precision not heretofore possible. New threats to supply chain security have arisen from connecting machines to the Internet and introducing complex IoT-based systems controlling manufacturing processes. By attacking these IoT-based manufacturing systems and tampering with digital files, attackers can manipulate physical characteristics of parts and change the dimensions, shapes, or mechanical properties of the parts, which can result in parts that fail in the field. These defects increase manufacturing costs and allow silent problems to occur only under certain loads that can threaten safety and/or lives. To understand potential dangers and protect manufacturing system safety, this paper presents two taxonomies: one for classifying cyber-physical attacks against manufacturing processes and another for quality control measures for counteracting these attacks. We systematically identify and classify possible cyber-physical attacks and connect the attacks with variations in manufacturing processes and quality control measures. Our taxonomies also provide a scheme for linking emerging IoT-based manufacturing system vulnerabilities to possible attacks and quality control measures.

Nuclear Instrumentation and Control Cyber Testbed Considerations - Lessons Learned

International Nuclear Information System (INIS)

Jonathan, Peter Grey; Robert, S Anderson; Julio, G Rodriguez; Lee, Cheol Kwon

2014-01-01

Identifying and understanding digital instrumentation and control (I and C) cyber vulnerabilities within nuclear power plants and other nuclear facilities is critical if nation states desire to operate nuclear facilities safely, reliably, and securely. To demonstrate objective evidence that cyber vulnerabilities have been adequately identified and mitigated, a test bed representing a facility's critical nuclear equipment must be replicated. Idaho National Laboratory (INL) has built and operated similar test beds for common critical infrastructure I and C for over 10 years. This experience developing, operating, and maintaining an I and C test bed in support of research identifying cyber vulnerabilities has led the Korean Atomic Energy Research Institute of the Republic of Korea to solicit the experiences of INL to help mitigate problems early in the design, development, operation, and maintenance of a similar test bed. The following information will discuss I and C test bed lessons learned and the impact of these experiences to KAERI

Implementation experiences of NASTRAN on CDC CYBER 74 SCOPE 3.4 operating system

Science.gov (United States)

Go, J. C.; Hill, R. G.

1973-01-01

The implementation of the NASTRAN system on the CDC CYBER 74 SCOPE 3.4 Operating System is described. The flexibility of the NASTRAN system made it possible to accomplish the change with no major problems. Various sizes of benchmark and test problems, ranging from two hours to less than one minute CP time were run on the CDC CYBER SCOPE 3.3, Univac EXEC-8, and CDC CYBER SCOPE 3.4. The NASTRAN installation deck is provided.

LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS

Energy Technology Data Exchange (ETDEWEB)

Ray Fink

2006-10-01

The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

Three tenets for secure cyber-physical system design and assessment

Science.gov (United States)

Hughes, Jeff; Cybenko, George

2014-06-01

This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

SCADA system vulnerabilities to cyber attack

Energy Technology Data Exchange (ETDEWEB)

Shaw, W. T. [Cyber Security Consulting (Canada)

2004-10-01

The susceptibility to terrorist attacks of computer-based supervisory control (SCADA) systems that are used to monitor and control water distribution systems, oil and gas pipelines and the electrical grid, is discussed. The discussion includes ways in which SCADA systems may be attacked and remedial actions that may be taken to reduce or eliminate the possibility of such attacks. Attacks may take the form of causing the system to generate false data to divert attention from impending system disasters, or commandeer the system to seriously disable it, or cause damage to the process or equipment being controlled by sending improper control commands. SCADA systems are also vulnerable to internal threats, either from an accidental action that results in damage, or an intentional action, as for example by a disgruntled employee, or ex-employee, usually by way of reprogramming an RTU or PLC by accessing the polling/communications circuit. Recent SCADA systems are much more susceptible to concerted cyber attacks because of the adoption of IT technologies and standards into the design of such systems. (Older systems are more likely to be unique designs, hence less susceptible to attack). As far as protection of SCADA systems is concerned, there are no technologies that would prevent a technologically sophisticated terrorist or disgruntled employee from doing major damage to the system, however, the IT world has developed a range of technologies for the protection of IT assets, and many of these same technologies can also be used to safeguard modern SCADA systems.

Introducing cyber.

Science.gov (United States)

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

Cyber threats to health information systems: A systematic review.

Science.gov (United States)

Luna, Raul; Rhine, Emily; Myhra, Matthew; Sullivan, Ross; Kruse, Clemens Scott

2016-01-01

Recent legislation empowering providers to embrace the electronic exchange of health information leaves the healthcare industry increasingly vulnerable to cybercrime. The objective of this systematic review is to identify the biggest threats to healthcare via cybercrime. The rationale behind this systematic review is to provide a framework for future research by identifying themes and trends of cybercrime in the healthcare industry. The authors conducted a systematic search through the CINAHL, Academic Search Complete, PubMed, and ScienceDirect databases to gather literature relative to cyber threats in healthcare. All authors reviewed the articles collected and excluded literature that did not focus on the objective. Researchers selected and examined 19 articles for common themes. The most prevalent cyber-criminal activity in healthcare is identity theft through data breach. Other concepts identified are internal threats, external threats, cyber-squatting, and cyberterrorism. The industry has now come to rely heavily on digital technologies, which increase risks such as denial of service and data breaches. Current healthcare cyber-security systems do not rival the capabilities of cyber criminals. Security of information is a costly resource and therefore many HCOs may hesitate to invest what is required to protect sensitive information.

Policing cyber hate, cyber threat and cyber terrorism

OpenAIRE

Chambers-Jones, C.

2013-01-01

In late August 2012 the Government Forum of Incident Response and Cyber security Teams (GFIRST) gathered in Atlanta to discuss cyber threats and how new realities are emerging and how new forms of regulation are needed. At the same time Policing cyber hate, cyber threat and cyber terrorism was published. This comprehensive book brings together a divergent problem and tackles each with a candid exploration. The book has ten chapters and covers aspects such as extortion via the internet, the ps...

Selection of the Best Security Controls for Rapid Development of Enterprise-Level Cyber Security

Science.gov (United States)

2017-03-01

investment (ROI) assessment. This ROI assessment entailed consideration of both the likely/expected security benefits of each candidate security control...the top 10–20 cyber security controls, where ranking was based upon a return on investment (ROI) assessment. This ROI assessment entailed...11  II.  CYBER SECURITY: UNDERLYING PRINCIPLES, FUNDAMENTALS AND BEST PRACTICES .................................................13  A

Suggestion of a Framework to Analyze Failure Modes and Effect of Cyber Attacks in NPP

Energy Technology Data Exchange (ETDEWEB)

Lee, Chan Young; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

2016-05-15

The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

Suggestion of a Framework to Analyze Failure Modes and Effect of Cyber Attacks in NPP

International Nuclear Information System (INIS)

Lee, Chan Young; Seong, Poong Hyun

2016-01-01

The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

Software Engineering Issues for Cyber-Physical Systems

DEFF Research Database (Denmark)

Al-Jaroodi, Jameela; Mohamed, Nader; Jawhar, Imad

2016-01-01

step; however, designing and implementing the right software to integrate and use them effectively is essential. The software facilitates better interfaces, more control and adds smart services, high flexibility and many other added values and features to the CPS. However, software development for CPS......Cyber-Physical Systems (CPS) provide many smart features for enhancing physical processes. These systems are designed with a set of distributed hardware, software, and network components that are embedded in physical systems and environments or attached to humans. Together they function seamlessly...... to offer specific functionalities or features that help enhance human lives, operations or environments. While different CPS components play important roles in a successful CPS development, the software plays the most important role among them. Acquiring and using high quality CPS components is the first...

Sequence-aware intrusion detection in industrial control systems

NARCIS (Netherlands)

Caselli, M.; Zambon, Emmanuele; Kargl, Frank; Zhou, Jianying; Jones, D.

Nowadays, several threats endanger cyber-physical systems. Among these systems, industrial control systems (ICS) operating on critical infrastructures have been proven to be an attractive target for attackers. The case of Stuxnet has not only showed that ICSs are vulnerable to cyber-attacks, but

Future Research on Cyber-Physical Emergency Management Systems

Directory of Open Access Journals (Sweden)

Fang-Jing Wu

2013-06-01

Full Text Available Cyber-physical systems that include human beings and vehicles in a built environment, such as a building or a city, together with sensor networks and decision support systems have attracted much attention. In emergencies, which also include mobile searchers and rescuers, the interactions among civilians and the environment become much more diverse, and the complexity of the emergency response also becomes much greater. This paper surveys current research on sensor-assisted evacuation and rescue systems and discusses the related research issues concerning communication protocols for sensor networks, as well as several other important issues, such as the integrated asynchronous control of large-scale emergency response systems, knowledge discovery for rescue and prototyping platforms. Then, we suggest directions for further research.

Cyber-intrusion Auto-response and Policy Management System (CAPMS)

Energy Technology Data Exchange (ETDEWEB)

Lusk, Steve [ViaSat Inc., Boston, MA (United States); Lawrence, David [Duke Energy, Charlotte, NC (United States); Suvana, Prakash [Southern California Edison, Rosemead, CA (United States)

2015-11-11

The Cyber-intrusion Auto-response and Policy Management System (CAPMS) project was funded by a grant from the US Department of Energy (DOE) Cybersecurity for Energy Delivery Systems (CEDS) program with contributions from two partner electric utilities: Southern California Edison (SCE) and Duke Energy. The goal of the project was to demonstrate protecting smart grid assets from a cyber attack in a way that “does not impede critical energy delivery functions.” This report summarizes project goals and activities for the CAPMS project and explores what did and did not work as expected. It concludes with an assessment of possible benefits and value of the system for the future.

Mapping the coverage of security controls in cyber insurance proposal forms

OpenAIRE

Woods, D; Agrafiotis, I; Nurse, JRC; Creese, S

2017-01-01

Policy discussions often assume that wider adoption of cyber insurance will promote information security best practice. However, this depends on the process that applicants need to go through to apply for cyber insurance. A typical process would require an applicant to fill out a proposal form, which is a self-assessed questionnaire. In this paper, we examine 24 proposal forms, offered by insurers based in the UK and the US, to determine which security controls are present in the ...

Carboy Security Testing and Training Programs for Industrial Control Systems

International Nuclear Information System (INIS)

Noyes, Daniel

2012-01-01

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors

Carboy Security Testing and Training Programs for Industrial Control Systems

Energy Technology Data Exchange (ETDEWEB)

Noyes, Daniel [Idaho National Laboratory, Idaho (United States)

2012-03-15

Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

Nuclear Power Plant Cyber Security Discrete Dynamic Event Tree Analysis (LDRD 17-0958) FY17 Report

Energy Technology Data Exchange (ETDEWEB)

Wheeler, Timothy A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Denman, Matthew R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Williams, R. A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Martin, Nevin [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jankovsky, Zachary Kyle [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-09-01

Instrumentation and control of nuclear power is transforming from analog to modern digital assets. These control systems perform key safety and security functions. This transformation is occurring in new plant designs as well as in the existing fleet of plants as the operation of those plants is extended to 60 years. This transformation introduces new and unknown issues involving both digital asset induced safety issues and security issues. Traditional nuclear power risk assessment tools and cyber security assessment methods have not been modified or developed to address the unique nature of cyber failure modes and of cyber security threat vulnerabilities. iii This Lab-Directed Research and Development project has developed a dynamic cyber-risk in- formed tool to facilitate the analysis of unique cyber failure modes and the time sequencing of cyber faults, both malicious and non-malicious, and impose those cyber exploits and cyber faults onto a nuclear power plant accident sequence simulator code to assess how cyber exploits and cyber faults could interact with a plants digital instrumentation and control (DI&C) system and defeat or circumvent a plants cyber security controls. This was achieved by coupling an existing Sandia National Laboratories nuclear accident dynamic simulator code with a cyber emulytics code to demonstrate real-time simulation of cyber exploits and their impact on automatic DI&C responses. Studying such potential time-sequenced cyber-attacks and their risks (i.e., the associated impact and the associated degree of difficulty to achieve the attack vector) on accident management establishes a technical risk informed framework for developing effective cyber security controls for nuclear power.

A practical introduction to human-in-the-loop cyber-physical systems

CERN Document Server

Nunes, David; Boavida, Fernando

2018-01-01

Studies estimate that by 2020 we will have a vast Internet of Things (IoT) network comprising 26 billion connected devices, including everything from light bulbs to refrigerators, coffee makers to cars. From the beginning, the concept of cyber-physical systems (CPS), or the sensing and control of physical phenomena through networks of devices that work together to achieve common goals, has been implicit in the IoT enterprise. This book focuses on the increasingly hot topic of Human-in-the-loop Cyber-Physical Systems (HiTLCPS)--CPSs that incorporate human responses in IoT equation. Why have we not yet integrated the human component into CPSs? What are the major challenges to achieving HiTLCPS? How can we take advantage of ubiquitous sensing platforms, such as smartphones and personal devices to achieve that goal? While mature HiTLCPS designs have yet to be achieved, or a general consensus reached on underlying HiTLCPS requirements, principles, and theory, researchers and developers worldwide are on the cusp ...

Cyber security for remote monitoring and control of small reactors

Energy Technology Data Exchange (ETDEWEB)

Trask, D., E-mail: dave.trask@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada); Jung, C. [Canadian Nuclear Safety Commission, Ottawa, ON (Canada); MacDonald, M., E-mail: marienna.macdonald@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada)

2014-07-01

There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

Cyber security for remote monitoring and control of small reactors

International Nuclear Information System (INIS)

Trask, D.; Jung, C.; MacDonald, M.

2014-01-01

There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

A Cyber Physical Model Based on a Hybrid System for Flexible Load Control in an Active Distribution Network

Directory of Open Access Journals (Sweden)

Yun Wang

2017-02-01

Full Text Available To strengthen the integration of the primary and secondary systems, a concept of Cyber Physical Systems (CPS is introduced to construct a CPS in Power Systems (Power CPS. The most basic work of the Power CPS is to build an integration model which combines both a continuous process and a discrete process. The advanced form of smart grid, the Active Distribution Network (ADN is a typical example of Power CPS. After designing the Power CPS model architecture and its application in ADN, a Hybrid System based model and control method of Power CPS is proposed in this paper. As an application example, ADN flexible load is modeled and controlled with ADN feeder power control by a control strategy which includes the normal condition and the underpowered condition. In this model and strategy, some factors like load power consumption and load functional demand are considered and optimized. In order to make up some of the deficiencies of centralized control, a distributed control method is presented to reduce model complexity and improve calculation speed. The effectiveness of all the models and methods are demonstrated in the case study.

Possibilities of identifying cyber attack in noisy space of n-dimensional abstract system

Energy Technology Data Exchange (ETDEWEB)

Jašek, Roman; Dvořák, Jiří; Janková, Martina; Sedláček, Michal [Tomas Bata University in Zlin Nad Stranemi 4511, 760 05 Zlin, Czech republic jasek@fai.utb.cz, dvorakj@aconte.cz, martina.jankova@email.cz, michal.sedlacek@email.cz (Czech Republic)

2016-06-08

This article briefly mentions some selected options of current concept for identifying cyber attacks from the perspective of the new cyberspace of real system. In the cyberspace, there is defined n-dimensional abstract system containing elements of the spatial arrangement of partial system elements such as micro-environment of cyber systems surrounded by other suitably arranged corresponding noise space. This space is also gradually supplemented by a new image of dynamic processes in a discreet environment, and corresponding again to n-dimensional expression of time space defining existence and also the prediction for expected cyber attacksin the noise space. Noises are seen here as useful and necessary for modern information and communication technologies (e.g. in processes of applied cryptography in ICT) and then the so-called useless noises designed for initial (necessary) filtering of this highly aggressive environment and in future expectedly offensive background in cyber war (e.g. the destruction of unmanned means of an electromagnetic pulse, or for destruction of new safety barriers created on principles of electrostatic field or on other principles of modern physics, etc.). The key to these new options is the expression of abstract systems based on the models of microelements of cyber systems and their hierarchical concept in structure of n-dimensional system in given cyberspace. The aim of this article is to highlight the possible systemic expression of cyberspace of abstract system and possible identification in time-spatial expression of real environment (on microelements of cyber systems and their surroundings with noise characteristics and time dimension in dynamic of microelements’ own time and externaltime defined by real environment). The article was based on a partial task of faculty specific research.

Possibilities of identifying cyber attack in noisy space of n-dimensional abstract system

International Nuclear Information System (INIS)

Jašek, Roman; Dvořák, Jiří; Janková, Martina; Sedláček, Michal

2016-01-01

This article briefly mentions some selected options of current concept for identifying cyber attacks from the perspective of the new cyberspace of real system. In the cyberspace, there is defined n-dimensional abstract system containing elements of the spatial arrangement of partial system elements such as micro-environment of cyber systems surrounded by other suitably arranged corresponding noise space. This space is also gradually supplemented by a new image of dynamic processes in a discreet environment, and corresponding again to n-dimensional expression of time space defining existence and also the prediction for expected cyber attacksin the noise space. Noises are seen here as useful and necessary for modern information and communication technologies (e.g. in processes of applied cryptography in ICT) and then the so-called useless noises designed for initial (necessary) filtering of this highly aggressive environment and in future expectedly offensive background in cyber war (e.g. the destruction of unmanned means of an electromagnetic pulse, or for destruction of new safety barriers created on principles of electrostatic field or on other principles of modern physics, etc.). The key to these new options is the expression of abstract systems based on the models of microelements of cyber systems and their hierarchical concept in structure of n-dimensional system in given cyberspace. The aim of this article is to highlight the possible systemic expression of cyberspace of abstract system and possible identification in time-spatial expression of real environment (on microelements of cyber systems and their surroundings with noise characteristics and time dimension in dynamic of microelements’ own time and externaltime defined by real environment). The article was based on a partial task of faculty specific research.

Possibilities of identifying cyber attack in noisy space of n-dimensional abstract system

Science.gov (United States)

Jašek, Roman; Dvořák, Jiří; Janková, Martina; Sedláček, Michal

2016-06-01

This article briefly mentions some selected options of current concept for identifying cyber attacks from the perspective of the new cyberspace of real system. In the cyberspace, there is defined n-dimensional abstract system containing elements of the spatial arrangement of partial system elements such as micro-environment of cyber systems surrounded by other suitably arranged corresponding noise space. This space is also gradually supplemented by a new image of dynamic processes in a discreet environment, and corresponding again to n-dimensional expression of time space defining existence and also the prediction for expected cyber attacksin the noise space. Noises are seen here as useful and necessary for modern information and communication technologies (e.g. in processes of applied cryptography in ICT) and then the so-called useless noises designed for initial (necessary) filtering of this highly aggressive environment and in future expectedly offensive background in cyber war (e.g. the destruction of unmanned means of an electromagnetic pulse, or for destruction of new safety barriers created on principles of electrostatic field or on other principles of modern physics, etc.). The key to these new options is the expression of abstract systems based on the models of microelements of cyber systems and their hierarchical concept in structure of n-dimensional system in given cyberspace. The aim of this article is to highlight the possible systemic expression of cyberspace of abstract system and possible identification in time-spatial expression of real environment (on microelements of cyber systems and their surroundings with noise characteristics and time dimension in dynamic of microelements' own time and externaltime defined by real environment). The article was based on a partial task of faculty specific research.

Cyber Epidemic Models with Dependences

OpenAIRE

Xu, Maochao; Da, Gaofeng; Xu, Shouhuai

2016-01-01

Studying models of cyber epidemics over arbitrary complex networks can deepen our understanding of cyber security from a whole-system perspective. In this paper, we initiate the investigation of cyber epidemic models that accommodate the {\\em dependences} between the cyber attack events. Due to the notorious difficulty in dealing with such dependences, essentially all existing cyber epidemic models have assumed them away. Specifically, we introduce the idea of Copulas into cyber epidemic mode...

Nuclear Instrumentation and Control Cyber Testbed Considerations – Lessons Learned

Energy Technology Data Exchange (ETDEWEB)

Jonathan Gray; Robert Anderson; Julio G. Rodriguez; Cheol-Kwon Lee

2014-08-01

Abstract: Identifying and understanding digital instrumentation and control (I&C) cyber vulnerabilities within nuclear power plants and other nuclear facilities, is critical if nation states desire to operate nuclear facilities safely, reliably, and securely. In order to demonstrate objective evidence that cyber vulnerabilities have been adequately identified and mitigated, a testbed representing a facility’s critical nuclear equipment must be replicated. Idaho National Laboratory (INL) has built and operated similar testbeds for common critical infrastructure I&C for over ten years. This experience developing, operating, and maintaining an I&C testbed in support of research identifying cyber vulnerabilities has led the Korean Atomic Energy Research Institute of the Republic of Korea to solicit the experiences of INL to help mitigate problems early in the design, development, operation, and maintenance of a similar testbed. The following information will discuss I&C testbed lessons learned and the impact of these experiences to KAERI.

Porous TiO₂-Based Gas Sensors for Cyber Chemical Systems to Provide Security and Medical Diagnosis.

Science.gov (United States)

Galstyan, Vardan

2017-12-19

Gas sensors play an important role in our life, providing control and security of technical processes, environment, transportation and healthcare. Consequently, the development of high performance gas sensor devices is the subject of intense research. TiO₂, with its excellent physical and chemical properties, is a very attractive material for the fabrication of chemical sensors. Meanwhile, the emerging technologies are focused on the fabrication of more flexible and smart systems for precise monitoring and diagnosis in real-time. The proposed cyber chemical systems in this paper are based on the integration of cyber elements with the chemical sensor devices. These systems may have a crucial effect on the environmental and industrial safety, control of carriage of dangerous goods and medicine. This review highlights the recent developments on fabrication of porous TiO₂-based chemical gas sensors for their application in cyber chemical system showing the convenience and feasibility of such a model to provide the security and to perform the diagnostics. The most of reports have demonstrated that the fabrication of doped, mixed and composite structures based on porous TiO₂ may drastically improve its sensing performance. In addition, each component has its unique effect on the sensing properties of material.

A review of cyber security risk assessment methods for SCADA systems

OpenAIRE

Cherdantseva, Yulia; Burnap, Peter; Blyth, Andrew; Eden, Peter; Jones, Kevin; Soulsby, Hugh; Stoddart, Kristan

2016-01-01

This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim; application domain; the stages of risk management addressed; key risk management concepts covered; impact measurement; sources of probabilistic data; evaluat...

Cyber Threat and vulnerability Analysis for Digital Assets of NPPs

International Nuclear Information System (INIS)

Oh, Eun Se; Seo, In Yong; Kim, See Hong

2009-01-01

Today's computer and communication technology breakthrough make increase plant floor replacement from analog instrumentation and control systems of nuclear power plants to a full-fledged digital system . The rich functionality and crisp accuracy are one of big advantages of digital technology adaptation, but use of open networks and inherited shared system resources (memory, network, etc.) are well known weak points of digital system. Intended or un-intended cyber attack throughout power plant digital control system's weak point may result to wide area of system failures and that easily defeats system operation and multiple protection safeguards. Well organized cyber security analysis for nuclear plant digital control systems (digital assets) are required

Teaching the fundamentals of the modelling of cyber-physical systems

OpenAIRE

Tendeloo, Van, Yentl; Vangheluwe, Hans

2016-01-01

Abstract: Current Cyber-Physical Systems are becoming too complex to model and simulate using the usual approaches. This complexity is not only due to a large number of components, but also by the increasing diversity of components and problem aspects. In this paper, we report on over a decade of experience in teaching the modelling and simulation of complex Cyber-Physical Systems, at both McGill University, and the University of Antwerp. We tackle complexity through the use of multiple forma...

Norwegian Cyber Defense

Science.gov (United States)

2013-12-01

reliance on proprietary networks and hardware, SCADA systems were considered safe from cyber attacks and were not designed for security. The situation...operational data that could result in public safety concerns.43 In 2013 Norwegian newspaper Dagbladet found over 2,500 SCADA systems in Norway used for ...a. Siberian Pipeline Explosion (1982) In 1982, intruders planted a Trojan horse in the SCADA system that controls the Siberian Pipeline . This is the

Reliability of Cyber Physical Systems with Focus on Building Management Systems

DEFF Research Database (Denmark)

Lazarova-Molnar, Sanja; Shaker, Hamid Reza; Mohamed, Nader

2016-01-01

with our focus CPS, i.e. building management systems (BMS), which are not always safety critical per se, but under special circumstances they can become such. This certainly depends on the purpose of the building. We can easily imagine BMS of hospital buildings as safety-critical, but also BMS of buildings......Cyber-physical systems are slowly emerging to dominate our world. Cyber-physical systems (CPS) are systems that tightly integrates users, devices and software. Whereas many of these systems are obviously safety-critical systems, some of them become so under special circumstances. This is the case...... that store sensitive materials and equipment that could be of biological nature or encompassing sensitive technology that would need special temperature, humidity and light settings. For this reason, in this paper we would like to emphasize on the importance of reliability of CPS in general, with a special...

Cyber Security Vulnerability Impact on I and C Reliability

International Nuclear Information System (INIS)

Hadley, Mark D.; McBride, Justin B.

2006-01-01

We present a discussion of the cyber security vulnerability impact on instrument and control reliability. In the discussion we demonstrate the likely vector of attack and vulnerabilities associated with commodity hardware, protocols and communication media. The current fleet of nuclear power plants in the United States utilizes aging analog instrument and control systems which are more frequently suffering from obsolescence and failure. The commodity equipment available now and in the near future incorporates features from information technology systems which compound cyber vulnerabilities

Development of a cyber security risk model using Bayesian networks

International Nuclear Information System (INIS)

Shin, Jinsoo; Son, Hanseong; Khalil ur, Rahman; Heo, Gyunyoung

2015-01-01

Cyber security is an emerging safety issue in the nuclear industry, especially in the instrumentation and control (I and C) field. To address the cyber security issue systematically, a model that can be used for cyber security evaluation is required. In this work, a cyber security risk model based on a Bayesian network is suggested for evaluating cyber security for nuclear facilities in an integrated manner. The suggested model enables the evaluation of both the procedural and technical aspects of cyber security, which are related to compliance with regulatory guides and system architectures, respectively. The activity-quality analysis model was developed to evaluate how well people and/or organizations comply with the regulatory guidance associated with cyber security. The architecture analysis model was created to evaluate vulnerabilities and mitigation measures with respect to their effect on cyber security. The two models are integrated into a single model, which is called the cyber security risk model, so that cyber security can be evaluated from procedural and technical viewpoints at the same time. The model was applied to evaluate the cyber security risk of the reactor protection system (RPS) of a research reactor and to demonstrate its usefulness and feasibility. - Highlights: • We developed the cyber security risk model can be find the weak point of cyber security integrated two cyber analysis models by using Bayesian Network. • One is the activity-quality model signifies how people and/or organization comply with the cyber security regulatory guide. • Other is the architecture model represents the probability of cyber-attack on RPS architecture. • The cyber security risk model can provide evidence that is able to determine the key element for cyber security for RPS of a research reactor

Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

Energy Technology Data Exchange (ETDEWEB)

Glenn, Colleen [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center; Sterbentz, Dane [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center; Wright, Aaron [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center

2016-12-20

With utilities in the U.S. and around the world increasingly moving toward smart grid technology and other upgrades with inherent cyber vulnerabilities, correlative threats from malicious cyber attacks on the North American electric grid continue to grow in frequency and sophistication. The potential for malicious actors to access and adversely affect physical electricity assets of U.S. electricity generation, transmission, or distribution systems via cyber means is a primary concern for utilities contributing to the bulk electric system. This paper seeks to illustrate the current cyber-physical landscape of the U.S. electric sector in the context of its vulnerabilities to cyber attacks, the likelihood of cyber attacks, and the impacts cyber events and threat actors can achieve on the power grid. In addition, this paper highlights utility perspectives, perceived challenges, and requests for assistance in addressing cyber threats to the electric sector. There have been no reported targeted cyber attacks carried out against utilities in the U.S. that have resulted in permanent or long term damage to power system operations thus far, yet electric utilities throughout the U.S. have seen a steady rise in cyber and physical security related events that continue to raise concern. Asset owners and operators understand that the effects of a coordinated cyber and physical attack on a utility’s operations would threaten electric system reliability–and potentially result in large scale power outages. Utilities are routinely faced with new challenges for dealing with these cyber threats to the grid and consequently maintain a set of best practices to keep systems secure and up to date. Among the greatest challenges is a lack of knowledge or strategy to mitigate new risks that emerge as a result of an exponential rise in complexity of modern control systems. This paper compiles an open-source analysis of cyber threats and risks to the electric grid, utility best practices

Nuclear Cyber Security Case Study and Analysis

Energy Technology Data Exchange (ETDEWEB)

Park, Sunae [ChungNam National Univ., Daejeon (Korea, Republic of); Kim, Kyung doo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis

Nuclear Cyber Security Case Study and Analysis

International Nuclear Information System (INIS)

Park, Sunae; Kim, Kyung doo

2016-01-01

Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis about

Challenges in the Protection of US Critical Infrastructure in the Cyber Realm

Science.gov (United States)

2014-05-22

means.37 When nations begin to discuss cyber warfare they need to clarify what they mean. Examples of significant differences in meanings are Germany ...and the United States. Germany defines a cyber attack as an IT attack in the cyber realm directed against one or several other IT systems and aimed at...electrical power. However, the grids themselves suffer from the consequences of underinvestment and deregulation . Newer industrial control systems use

Cyber Physical Systems Approach to Power Electronics Education

Directory of Open Access Journals (Sweden)

Marko Vekić

2012-12-01

Full Text Available This paper proposes a Cyber Physical Approach (CPS to power electronics (PE education where all aspects of PE technology from circuit topology to the implementation of real time control code on a microprocessor are dealt with as an inseparable whole, and only the system complexity is increased during the course of instruction. This approach is now made practical thanks to the affordable and unrestricted access to high-power PE laboratory infrastructure (PE laboratory in a box in the form of high-fidelity digital PE emulators with 1us calculation time step and latency.

Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

Directory of Open Access Journals (Sweden)

Dan Constantin TOFAN

2012-01-01

Full Text Available Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, dispersed nationwide, and acting within various economic sectors. The collected data will make us able to determine a national cyber-security alert score that could help policy makers in establishing the best strategies for protecting the national cyber-space.

Some of Indonesian Cyber Law Problems

Science.gov (United States)

Machmuddin, D. D.; Pratama, B.

2017-01-01

Cyber regulation is very important to control human interaction within the Internet network in cyber space. On the surface, innovation development in science and technology facilitates human activity. But on the inside, innovation was controlled by new business model. In cyber business activities mingle with individual protection. By this condition, the law should keep the balance of the activities. Cyber law problems, were not particular country concern, but its global concern. This is a good opportunity for developing country to catch up with developed country. Beside this opportunity for talented people in law and technology is become necessity. This paper tries to describe cyber law in Indonesia. As a product of a developing country there are some of weakness that can be explained. Terminology and territory of cyber space is become interesting to discuss, because this two problems can give a broad view on cyber law in Indonesia.

Protecting water and wastewater infrastructure from cyber attacks

Science.gov (United States)

Panguluri, Srinivas; Phillips, William; Cusimano, John

2011-12-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor's approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Protecting water and wastewater infrastructure from cyber attacks

Institute of Scientific and Technical Information of China (English)

Srinivas Panguluri; William Phillips; John Cusimano

2011-01-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion:cyber attacks are real and can cause significant damages.This paper presents some recent statistics on cyber attacks and resulting damages.Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks.Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are:1) the increasing interconnection of their business and control system networks,2) large variation of proprietary industrial control equipment utilized,3) multitude of cross-sector cyber-security standards,and 4) the differences in the equipment vendor's approaches to meet these security standards.The utilities can meet these challenges by voluntarily selecting and adopting security standards,conducting a gap analysis,performing vulnerability/risk analysis,and undertaking countermeasures that best meets their security and organizational requirements.Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years.Implementing cyber security does not necessarily have to be expensive,substantial improvements can be accomplished through policy,procedure,training and awareness.Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Protecting against cyber threats in networked information systems

Science.gov (United States)

Ertoz, Levent; Lazarevic, Aleksandar; Eilertson, Eric; Tan, Pang-Ning; Dokas, Paul; Kumar, Vipin; Srivastava, Jaideep

2003-07-01

This paper provides an overview of our efforts in detecting cyber attacks in networked information systems. Traditional signature based techniques for detecting cyber attacks can only detect previously known intrusions and are useless against novel attacks and emerging threats. Our current research at the University of Minnesota is focused on developing data mining techniques to automatically detect attacks against computer networks and systems. This research is being conducted as a part of MINDS (Minnesota Intrusion Detection System) project at the University of Minnesota. Experimental results on live network traffic at the University of Minnesota show that the new techniques show great promise in detecting novel intrusions. In particular, during the past few months our techniques have been successful in automatically identifying several novel intrusions that could not be detected using state-of-the-art tools such as SNORT.

Usability Requirements for Complex Cyber-Physical Systems in a Totally Networked World

OpenAIRE

Kölmel , Bernhard; Bulander , Rebecca; Dittmann , Uwe; Schätter , Alfred; Würtz , Günther

2014-01-01

Part 7: Cyber-Physical Systems; International audience; “The Internet has made the world “flat” by transcending space. […] The Internet has transformed how we conduct research, studies, business, services, and entertainment.” [1] Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon, the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, an...

Cyber Threat and vulnerability Analysis for Digital Assets of NPPs

Energy Technology Data Exchange (ETDEWEB)

Oh, Eun Se; Seo, In Yong [Korea Electric Power research Institute, Daejeon (Korea, Republic of); Kim, See Hong [Korea Hydro and Nuclear Power Co., Seoul (Korea, Republic of)

2009-10-15

Today's computer and communication technology breakthrough make increase plant floor replacement from analog instrumentation and control systems of nuclear power plants to a full-fledged digital system . The rich functionality and crisp accuracy are one of big advantages of digital technology adaptation, but use of open networks and inherited shared system resources (memory, network, etc.) are well known weak points of digital system. Intended or un-intended cyber attack throughout power plant digital control system's weak point may result to wide area of system failures and that easily defeats system operation and multiple protection safeguards. Well organized cyber security analysis for nuclear plant digital control systems (digital assets) are required.

Cyber Security Audit and Attack Detection Toolkit

Energy Technology Data Exchange (ETDEWEB)

Peterson, Dale

2012-05-31

This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

Dataset of anomalies and malicious acts in a cyber-physical subsystem.

Science.gov (United States)

Laso, Pedro Merino; Brosset, David; Puentes, John

2017-10-01

This article presents a dataset produced to investigate how data and information quality estimations enable to detect aNomalies and malicious acts in cyber-physical systems. Data were acquired making use of a cyber-physical subsystem consisting of liquid containers for fuel or water, along with its automated control and data acquisition infrastructure. Described data consist of temporal series representing five operational scenarios - Normal, aNomalies, breakdown, sabotages, and cyber-attacks - corresponding to 15 different real situations. The dataset is publicly available in the .zip file published with the article, to investigate and compare faulty operation detection and characterization methods for cyber-physical systems.

Nuclear Cyber Security Issues and Policy Recommendations

Energy Technology Data Exchange (ETDEWEB)

Lee, Cheol-Kwon; Lee, Dong-Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Lee, Na-Young; Hwang, Young-Soo [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2015-10-15

The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities.

Nuclear Cyber Security Issues and Policy Recommendations

International Nuclear Information System (INIS)

Lee, Cheol-Kwon; Lee, Dong-Young; Lee, Na-Young; Hwang, Young-Soo

2015-01-01

The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities

Development of Cyber Security Scheme for Nuclear Power Plant

Energy Technology Data Exchange (ETDEWEB)

Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

2009-12-15

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

Development of Cyber Security Scheme for Nuclear Power Plant

International Nuclear Information System (INIS)

Hong, S. B.; Choi, Y. S.; Cho, J. W.

2009-12-01

Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

Porous TiO2-Based Gas Sensors for Cyber Chemical Systems to Provide Security and Medical Diagnosis

Science.gov (United States)

2017-01-01

Gas sensors play an important role in our life, providing control and security of technical processes, environment, transportation and healthcare. Consequently, the development of high performance gas sensor devices is the subject of intense research. TiO2, with its excellent physical and chemical properties, is a very attractive material for the fabrication of chemical sensors. Meanwhile, the emerging technologies are focused on the fabrication of more flexible and smart systems for precise monitoring and diagnosis in real-time. The proposed cyber chemical systems in this paper are based on the integration of cyber elements with the chemical sensor devices. These systems may have a crucial effect on the environmental and industrial safety, control of carriage of dangerous goods and medicine. This review highlights the recent developments on fabrication of porous TiO2-based chemical gas sensors for their application in cyber chemical system showing the convenience and feasibility of such a model to provide the security and to perform the diagnostics. The most of reports have demonstrated that the fabrication of doped, mixed and composite structures based on porous TiO2 may drastically improve its sensing performance. In addition, each component has its unique effect on the sensing properties of material. PMID:29257076

Cyber-physical system design with sensor networking technologies

CERN Document Server

Zeadally, Sherali

2016-01-01

This book describes how wireless sensor networking technologies can help in establishing and maintaining seamless communications between the physical and cyber systems to enable efficient, secure, reliable acquisition, management, and routing of data.

Study on Nuclear Facility Cyber Security Awareness and Training Programs

International Nuclear Information System (INIS)

Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon

2016-01-01

Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

Study on Nuclear Facility Cyber Security Awareness and Training Programs

Energy Technology Data Exchange (ETDEWEB)

Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2016-10-15

Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

OpenAIRE

Karl H. Stingeder

2015-01-01

Welche Rolle spielt Cyber Crime gegenwärtig? Was unterscheidet Cyber Crime von Cyber War? Wie muss Cyber Security gestaltet sein, um effektiven Schutz nachhaltig zu gewährleisten? Cyber Crime-Aktivitäten kennzeichnen sich häufig durch eine einfache Zugänglichkeit von betrügerischem Know-How und technischen Hilfsmitteln. Bedingt durch eine schleppende und mangelhafte Umsetzung von koordinierten Gegenmaßnahmen, resultieren Cyber-Delikte in einem Low-Risk und High-Reward Szenario für Cyber-Krimi...

Cyber Security Risk Evaluation of a Nuclear I&C Using BN and ET

Directory of Open Access Journals (Sweden)

Jinsoo Shin

2017-04-01

Full Text Available Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

A decision support system for corporations cyber security risk management

OpenAIRE

Molina, Gabriela del Rocio Roldan

2017-01-01

This thesis presents a decision aiding system named C3-SEC (Contex-aware Corporative Cyber Security), developed in the context of a master program at Polytechnic Institute of Leiria, Portugal. The research dimension and the corresponding software development process that followed are presented and validated with an application scenario and case study performed at Universidad de las Fuerzas Armadas ESPE – Ecuador. C3-SEC is a decision aiding software intended to support cyber ri...

Cyber Friendly Fire

Energy Technology Data Exchange (ETDEWEB)

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

2011-09-01

Cyber friendly fire (FF) is a new concept that has been brought to the attention of Department of Defense (DoD) stakeholders through two workshops that were planned and conducted by the Air Force Research Laboratory (AFRL) and research conducted for AFRL by the Pacific Northwest National Laboratory. With this previous work in mind, we offer a definition of cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, a fundamental need in avoiding cyber FF is to maintain situation awareness (SA). We suggest that cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system (and that populate the nodes), the nature of the activities or work performed, and the available defensive (and offensive) countermeasures that may be applied to thwart network attacks. A training implication is to raise awareness and understanding of these critical knowledge units; an approach to decision aids and/or visualizations is to focus on supporting these critical knowledge units. To study cyber FF, we developed an unclassified security test range comprising a combination of virtual and physical devices that present a closed network for testing, simulation, and evaluation. This network offers services found on a production network without the associated costs of a real production network. Containing enough detail to appear realistic, this virtual and physical environment can be customized to represent different configurations. For our purposes, the test range was configured to appear as an Internet-connected Managed Service Provider (MSP) offering specialized web applications to the general public

Cyber security best practices for the nuclear industry

International Nuclear Information System (INIS)

Badr, I.

2012-01-01

When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

Cyber security best practices for the nuclear industry

Energy Technology Data Exchange (ETDEWEB)

Badr, I. [Rational IBM Software Group, IBM Corporation, Evanston, IL 60201 (United States)

2012-07-01

When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

Preliminary shielding calculation for the system of CyberKnife robotic radiosurgery

International Nuclear Information System (INIS)

Toreti, Dalila; Xavier, Clarice; Moura, Fabio

2011-01-01

The CyberKnife robotic system uses a manipulator with six grade of freedom for positioning a 6 MV Linac accelerator for treatment of lesions. This paper presents calculations for a standard room, with 200 cm of thickness walls primary, build for a CyberKnife system, and calculations for a room originally designed for a Linac conventional (with gantry), with secondary barriers of 107 cm thickness. After the realization of shielding for both rooms, the results shown that walls of standard room with 200 cm thickness are adequate for the secondary shield, and for a room with a conventional Linac, from all six evaluated points, two would require additional shielding of nine cm and four cm of concrete with 2.4 g/cubic cm. This shows that the CyberKnife system can be installed in a originally designed room for a conventional Linac with neither restrict nor any shielding, since no incidence of beams on the secondary barriers is existent

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

Energy Technology Data Exchange (ETDEWEB)

Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

2011-04-01

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

Cyber security with radio frequency interferences mitigation study for satellite systems

Science.gov (United States)

Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

2016-05-01

Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

Approaches for scalable modeling and emulation of cyber systems : LDRD final report.

Energy Technology Data Exchange (ETDEWEB)

Mayo, Jackson R.; Minnich, Ronald G.; Armstrong, Robert C.; Rudish, Don W.

2009-09-01

The goal of this research was to combine theoretical and computational approaches to better understand the potential emergent behaviors of large-scale cyber systems, such as networks of {approx} 10{sup 6} computers. The scale and sophistication of modern computer software, hardware, and deployed networked systems have significantly exceeded the computational research community's ability to understand, model, and predict current and future behaviors. This predictive understanding, however, is critical to the development of new approaches for proactively designing new systems or enhancing existing systems with robustness to current and future cyber threats, including distributed malware such as botnets. We have developed preliminary theoretical and modeling capabilities that can ultimately answer questions such as: How would we reboot the Internet if it were taken down? Can we change network protocols to make them more secure without disrupting existing Internet connectivity and traffic flow? We have begun to address these issues by developing new capabilities for understanding and modeling Internet systems at scale. Specifically, we have addressed the need for scalable network simulation by carrying out emulations of a network with {approx} 10{sup 6} virtualized operating system instances on a high-performance computing cluster - a 'virtual Internet'. We have also explored mappings between previously studied emergent behaviors of complex systems and their potential cyber counterparts. Our results provide foundational capabilities for further research toward understanding the effects of complexity in cyber systems, to allow anticipating and thwarting hackers.

Cyber security evaluation of II&C technologies

Energy Technology Data Exchange (ETDEWEB)

Thomas, Ken [Idaho National Laboratory (INL), Idaho Falls, ID (United States)

2014-11-01

The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a

Survey of Cyber Security Methods for the Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Choi, Yoo Rark; Lee, Jae Cheol; Choi, Young Soo; Hong, Seok Boong [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2009-10-15

Cyber security includes the method of protecting information, computer programs, and other computer system assets. Hardware security, which is the security of computer assets and capital equipment, refers to computer location, access control, fire protection, and storage procedures. Such measures as badges, electronic identification keys, alarm systems, and physical barriers at entries are used for this purpose. Software security entails the protection of software assets such as Application Programs, the Operating System, and the Data Base Management System and stored information. Special user numbers and passwords are typically used to prevent unauthorized access to software and data. In addition to security for hardware and software, good internal control also requires that measures be taken to prevent loss or accidental destruction of data. Cyber attacks create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for the digital I and C network of the NPP has been established for years by KINS, but its scope is very broad and conceptual. We will propose a cyber security method based on cryptography and authentication that is developed for the digital I and C network of the NPP.

Survey of Cyber Security Methods for the Nuclear Power Plants

International Nuclear Information System (INIS)

Choi, Yoo Rark; Lee, Jae Cheol; Choi, Young Soo; Hong, Seok Boong

2009-01-01

Cyber security includes the method of protecting information, computer programs, and other computer system assets. Hardware security, which is the security of computer assets and capital equipment, refers to computer location, access control, fire protection, and storage procedures. Such measures as badges, electronic identification keys, alarm systems, and physical barriers at entries are used for this purpose. Software security entails the protection of software assets such as Application Programs, the Operating System, and the Data Base Management System and stored information. Special user numbers and passwords are typically used to prevent unauthorized access to software and data. In addition to security for hardware and software, good internal control also requires that measures be taken to prevent loss or accidental destruction of data. Cyber attacks create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for the digital I and C network of the NPP has been established for years by KINS, but its scope is very broad and conceptual. We will propose a cyber security method based on cryptography and authentication that is developed for the digital I and C network of the NPP

1st International Conference on Machine Learning for Cyber Physical Systems and Industry 4.0

CERN Document Server

Beyerer, Jürgen

2016-01-01

The work presents new approaches to Machine Learning for Cyber Physical Systems, experiences and visions. It contains some selected papers from the international Conference ML4CPS – Machine Learning for Cyber Physical Systems, which was held in Lemgo, October 1-2, 2015. Cyber Physical Systems are characterized by their ability to adapt and to learn: They analyze their environment and, based on observations, they learn patterns, correlations and predictive models. Typical applications are condition monitoring, predictive maintenance, image processing and diagnosis. Machine Learning is the key technology for these developments.

Cyber security risk evaluation of a nuclear I and C using BN and ET

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyun Young [Dept. of Nuclear Engineering, Kyung Hee University, Yongin (Korea, Republic of); Son, Han Seong [Computer and Game Science, Joongbu University, Geumsan (Korea, Republic of)

2017-04-15

Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

Cyber security risk evaluation of a nuclear I and C using BN and ET

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong

2017-01-01

Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks

Perceptions of Popularity-Related Behaviors in the Cyber Context: Relations to Cyber Social Behaviors

Directory of Open Access Journals (Sweden)

Michelle F. Wright

2015-01-01

Full Text Available Despite acknowledging that adolescents are active users of electronic technology, little is known about their perceptions concerning how such technologies might be used to promote their social standing among their peer group and whether these perceptions relate to their cyber social behaviors (i.e., cyber aggression perpetration, cyber prosocial behavior. To address this gap in the literature, the present study included 857 seventh graders (M age: 12.19; 50.8% female from a large Midwestern city in the United States. They completed questionnaires on face-to-face social behaviors, cyber social behaviors, perceived popularity, social preference, and their perceptions of characteristics and activities related to the cyber context which might be used to promote popularity. Findings revealed four activities and characteristics used to improve adolescents’ social standing in the peer group, including antisocial behaviors, sociability, prosocial behaviors, and technology access. Using antisocial behaviors in the cyber context to promote popularity was related to cyber aggression perpetration, while controlling for gender, social preference, and perceived popularity. On the other hand, sociability and prosocial behaviors in the cyber context used to improve popularity as well as technology access were associated with cyber prosocial behavior. A call for additional research is made.

Towards an integrated defense system for cyber security situation awareness experiment

Science.gov (United States)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

International Nuclear Information System (INIS)

Shin, Jinsoo; Heo, Gyunyoung; Son, Han Seong

2016-01-01

The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

Energy Technology Data Exchange (ETDEWEB)

Shin, Jinsoo; Heo, Gyunyoung [Kyung Hee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu Univiersity, Geumsan (Korea, Republic of)

2016-10-15

The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

Energy Technology Data Exchange (ETDEWEB)

Shin, Ickhyun; Kwon, Kookheui [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

2013-05-15

Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference.

Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

International Nuclear Information System (INIS)

Shin, Ickhyun; Kwon, Kookheui

2013-01-01

Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference

Security Hardened Cyber Components for Nuclear Power Plants: Phase I SBIR Final Technical Report

Energy Technology Data Exchange (ETDEWEB)

Franusich, Michael D. [SpiralGen, Inc., Pittsburgh, PA (United States)

2016-03-18

SpiralGen, Inc. built a proof-of-concept toolkit for enhancing the cyber security of nuclear power plants and other critical infrastructure with high-assurance instrumentation and control code. The toolkit is based on technology from the DARPA High-Assurance Cyber Military Systems (HACMS) program, which has focused on applying the science of formal methods to the formidable set of problems involved in securing cyber physical systems. The primary challenges beyond HACMS in developing this toolkit were to make the new technology usable by control system engineers and compatible with the regulatory and commercial constraints of the nuclear power industry. The toolkit, packaged as a Simulink add-on, allows a system designer to assemble a high-assurance component from formally specified and proven blocks and generate provably correct control and monitor code for that subsystem.

Oxford CyberSEM: remote microscopy

International Nuclear Information System (INIS)

Rahman, M; Kirkland, A; Cockayne, D; Meyer, R

2008-01-01

The Internet has enabled researchers to communicate over vast geographical distances, sharing ideas and documents. e-Science, underpinned by Grid and Web Services, has enabled electronic communications to the next level where, in addition to document sharing, researchers can increasingly control high precision scientific instruments over the network. The Oxford CyberSEM project developed a simple Java applet via which samples placed in a JEOL 5510LV Scanning Electron Microscope (SEM) can be manipulated and examined collaboratively over the Internet. Designed with schoolchildren in mind, CyberSEM does not require any additional hardware or software other than a generic Java-enabled web browser. This paper reflects on both the technical and social challenges in designing real-time systems for controlling scientific equipments in collaborative environments. Furthermore, it proposes potential deployment beyond the classroom setting.

Closing the Cyber Gap: Integrating Cross-Government Cyber Capabilities to Support the DHS Cyber Security Mission

Science.gov (United States)

2014-12-01

identifies and eliminates the actors who seek to target our cyber 152 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed...future. 360 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed September 29, 2013, http://www.verizonenterprise.com/DBIR...critical system owners and worldwide cyber security teams.382 381 Data Breach on the Rise: Protecting Personal Information from Harm: Hearing

Index of cyber integrity

Science.gov (United States)

Anderson, Gustave

2014-05-01

Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

Technical Aspects of Cyber Kill Chain

OpenAIRE

Yadav, Tarun; Mallari, Rao Arvind

2016-01-01

Recent trends in targeted cyber-attacks has increased the interest of research in the field of cyber security. Such attacks have massive disruptive effects on rganizations, enterprises and governments. Cyber kill chain is a model to describe cyber-attacks so as to develop incident response and analysis capabilities. Cyber kill chain in simple terms is an attack chain, the path that an intruder takes to penetrate information systems over time to execute an attack on the target. This paper broa...

MPM4CPS: multi-pardigm modelling for cyber-physical systems

NARCIS (Netherlands)

Vangeheluwe, Hans; Ameral, Vasco; Giese, Holger; Broenink, Johannes F.; Schätz, Bernhard; Norta, Alexander; Carreira, Paulo; Lukovic, Ivan; Mayerhofer, Tanja; Wimmer, Manuel; Vellecillo, Antonio

2016-01-01

The last decades have seen the emergence of truly complex, designed systems, known as Cyber-Physical Systems (CPS). Engineering such systems requires integrating physical, software, and network aspects. To date, neither a unifying theory nor systematic design methods, techniques and tools exist to

A Cyber Pearl Harbor

Science.gov (United States)

2016-02-03

door for an attack. These medium-potential cyber tools can present the pathway to espionage or attack when weaponized.18 It is important to...facilitate espionage or up to and including destruction of the system.27 Cyber attack falls on the right end of the spectrum. Before the definition for...warfare or war. Congruent with international laws on war, there is delineation between an act of espionage and act of war. Advancements in cyber

Cybersecurity through Real-Time Distributed Control Systems

Energy Technology Data Exchange (ETDEWEB)

Kisner, Roger A [ORNL; Manges, Wayne W [ORNL; MacIntyre, Lawrence Paul [ORNL; Nutaro, James J [ORNL; Munro Jr, John K [ORNL; Ewing, Paul D [ORNL; Howlader, Mostofa [ORNL; Kuruganti, Phani Teja [ORNL; Wallace, Richard M [ORNL; Olama, Mohammed M [ORNL

2010-04-01

Critical infrastructure sites and facilities are becoming increasingly dependent on interconnected physical and cyber-based real-time distributed control systems (RTDCSs). A mounting cybersecurity threat results from the nature of these ubiquitous and sometimes unrestrained communications interconnections. Much work is under way in numerous organizations to characterize the cyber threat, determine means to minimize risk, and develop mitigation strategies to address potential consequences. While it seems natural that a simple application of cyber-protection methods derived from corporate business information technology (IT) domain would lead to an acceptable solution, the reality is that the characteristics of RTDCSs make many of those methods inadequate and unsatisfactory or even harmful. A solution lies in developing a defense-in-depth approach that ranges from protection at communications interconnect levels ultimately to the control system s functional characteristics that are designed to maintain control in the face of malicious intrusion. This paper summarizes the nature of RTDCSs from a cybersecurity perspec tive and discusses issues, vulnerabilities, candidate mitigation approaches, and metrics.

The past, present and future of cyber-physical systems: a focus on models.

Science.gov (United States)

Lee, Edward A

2015-02-26

This paper is about better engineering of cyber-physical systems (CPSs) through better models. Deterministic models have historically proven extremely useful and arguably form the kingpin of the industrial revolution and the digital and information technology revolutions. Key deterministic models that have proven successful include differential equations, synchronous digital logic and single-threaded imperative programs. Cyber-physical systems, however, combine these models in such a way that determinism is not preserved. Two projects show that deterministic CPS models with faithful physical realizations are possible and practical. The first project is PRET, which shows that the timing precision of synchronous digital logic can be practically made available at the software level of abstraction. The second project is Ptides (programming temporally-integrated distributed embedded systems), which shows that deterministic models for distributed cyber-physical systems have practical faithful realizations. These projects are existence proofs that deterministic CPS models are possible and practical.

Evaluation of cyber legislations: trading in the global cyber village

OpenAIRE

Jahankhani, Hamid

2007-01-01

The menace of organised crime and terrorist activity grows ever more sophisticated as the ability to enter, control and destroy our electronic and security systems grows at an equivalent rate. Cyber-crime (organised criminal acts using microchip and software manipulation) is the world's biggest growth industry and is now costing an estimated $220 billion loss to organisations and individuals, every year. There are serious threats to nations, governments, corporations and the most vulnerable g...

Computational intelligence for decision support in cyber-physical systems

CERN Document Server

Ali, A; Riaz, Zahid

2014-01-01

This book is dedicated to applied computational intelligence and soft computing techniques with special reference to decision support in Cyber Physical Systems (CPS), where the physical as well as the communication segment of the networked entities interact with each other. The joint dynamics of such systems result in a complex combination of computers, software, networks and physical processes all combined to establish a process flow at system level. This volume provides the audience with an in-depth vision about how to ensure dependability, safety, security and efficiency in real time by making use of computational intelligence in various CPS applications ranging from the nano-world to large scale wide area systems of systems. Key application areas include healthcare, transportation, energy, process control and robotics where intelligent decision support has key significance in establishing dynamic, ever-changing and high confidence future technologies. A recommended text for graduate students and researche...

Identification of Successive ``Unobservable'' Cyber Data Attacks in Power Systems Through Matrix Decomposition

Science.gov (United States)

Gao, Pengzhi; Wang, Meng; Chow, Joe H.; Ghiocel, Scott G.; Fardanesh, Bruce; Stefopoulos, George; Razanousky, Michael P.

2016-11-01

This paper presents a new framework of identifying a series of cyber data attacks on power system synchrophasor measurements. We focus on detecting "unobservable" cyber data attacks that cannot be detected by any existing method that purely relies on measurements received at one time instant. Leveraging the approximate low-rank property of phasor measurement unit (PMU) data, we formulate the identification problem of successive unobservable cyber attacks as a matrix decomposition problem of a low-rank matrix plus a transformed column-sparse matrix. We propose a convex-optimization-based method and provide its theoretical guarantee in the data identification. Numerical experiments on actual PMU data from the Central New York power system and synthetic data are conducted to verify the effectiveness of the proposed method.

Preliminary shielding calculation for the system of CyberKnife robotic radiosurgery; Calculo de blindagem preliminar para o sistema de radiocirurgia robotica CyberKnife

Energy Technology Data Exchange (ETDEWEB)

Toreti, Dalila; Xavier, Clarice; Moura, Fabio, E-mail: clarice.xavier@rem.ind.b, E-mail: fabio.moura@rem.ind.b [REM Industria e Comercio Ltda., Sao Paulo, SP (Brazil)

2011-10-26

The CyberKnife robotic system uses a manipulator with six grade of freedom for positioning a 6 MV Linac accelerator for treatment of lesions. This paper presents calculations for a standard room, with 200 cm of thickness walls primary, build for a CyberKnife system, and calculations for a room originally designed for a Linac conventional (with gantry), with secondary barriers of 107 cm thickness. After the realization of shielding for both rooms, the results shown that walls of standard room with 200 cm thickness are adequate for the secondary shield, and for a room with a conventional Linac, from all six evaluated points, two would require additional shielding of nine cm and four cm of concrete with 2.4 g/cubic cm. This shows that the CyberKnife system can be installed in a originally designed room for a conventional Linac with neither restrict nor any shielding, since no incidence of beams on the secondary barriers is existent

Human dimensions in cyber operations research and development priorities.

Energy Technology Data Exchange (ETDEWEB)

Forsythe, James Chris; Silva, Austin Ray; Stevens-Adams, Susan Marie; Bradshaw, Jeffrey [Institute for Human and Machine Cognition

2012-11-01

Within cyber security, the human element represents one of the greatest untapped opportunities for increasing the effectiveness of network defenses. However, there has been little research to understand the human dimension in cyber operations. To better understand the needs and priorities for research and development to address these issues, a workshop was conducted August 28-29, 2012 in Washington DC. A synthesis was developed that captured the key issues and associated research questions. Research and development needs were identified that fell into three parallel paths: (1) human factors analysis and scientific studies to establish foundational knowledge concerning factors underlying the performance of cyber defenders; (2) development of models that capture key processes that mediate interactions between defenders, users, adversaries and the public; and (3) development of a multi-purpose test environment for conducting controlled experiments that enables systems and human performance measurement. These research and development investments would transform cyber operations from an art to a science, enabling systems solutions to be engineered to address a range of situations. Organizations would be able to move beyond the current state where key decisions (e.g. personnel assignment) are made on a largely ad hoc basis to a state in which there exist institutionalized processes for assuring the right people are doing the right jobs in the right way. These developments lay the groundwork for emergence of a professional class of cyber defenders with defined roles and career progressions, with higher levels of personnel commitment and retention. Finally, the operational impact would be evident in improved performance, accompanied by a shift to a more proactive response in which defenders have the capacity to exert greater control over the cyber battlespace.

Securing a cyber physical system in nuclear power plants using least square approximation and computational geometric approach

International Nuclear Information System (INIS)

Gawand, Hemangi Laxman; Bhattacharjee, A. K.; Roy, Kallol

2017-01-01

In industrial plants such as nuclear power plants, system operations are performed by embedded controllers orchestrated by Supervisory Control and Data Acquisition (SCADA) software. A targeted attack (also termed a control aware attack) on the controller/SCADA software can lead a control system to operate in an unsafe mode or sometimes to complete shutdown of the plant. Such malware attacks can result in tremendous cost to the organization for recovery, cleanup, and maintenance activity. SCADA systems in operational mode generate huge log files. These files are useful in analysis of the plant behavior and diagnostics during an ongoing attack. However, they are bulky and difficult for manual inspection. Data mining techniques such as least squares approximation and computational methods can be used in the analysis of logs and to take proactive actions when required. This paper explores methodologies and algorithms so as to develop an effective monitoring scheme against control aware cyber attacks. It also explains soft computation techniques such as the computational geometric method and least squares approximation that can be effective in monitor design. This paper provides insights into diagnostic monitoring of its effectiveness by attack simulations on a four-tank model and using computation techniques to diagnose it. Cyber security of instrumentation and control systems used in nuclear power plants is of paramount importance and hence could be a possible target of such applications

Securing a cyber physical system in nuclear power plants using least square approximation and computational geometric approach

Energy Technology Data Exchange (ETDEWEB)

Gawand, Hemangi Laxman [Homi Bhabha National Institute, Computer Section, BARC, Mumbai (India); Bhattacharjee, A. K. [Reactor Control Division, BARC, Mumbai (India); Roy, Kallol [BHAVINI, Kalpakkam (India)

2017-04-15

In industrial plants such as nuclear power plants, system operations are performed by embedded controllers orchestrated by Supervisory Control and Data Acquisition (SCADA) software. A targeted attack (also termed a control aware attack) on the controller/SCADA software can lead a control system to operate in an unsafe mode or sometimes to complete shutdown of the plant. Such malware attacks can result in tremendous cost to the organization for recovery, cleanup, and maintenance activity. SCADA systems in operational mode generate huge log files. These files are useful in analysis of the plant behavior and diagnostics during an ongoing attack. However, they are bulky and difficult for manual inspection. Data mining techniques such as least squares approximation and computational methods can be used in the analysis of logs and to take proactive actions when required. This paper explores methodologies and algorithms so as to develop an effective monitoring scheme against control aware cyber attacks. It also explains soft computation techniques such as the computational geometric method and least squares approximation that can be effective in monitor design. This paper provides insights into diagnostic monitoring of its effectiveness by attack simulations on a four-tank model and using computation techniques to diagnose it. Cyber security of instrumentation and control systems used in nuclear power plants is of paramount importance and hence could be a possible target of such applications.

Securing a Cyber Physical System in Nuclear Power Plants Using Least Square Approximation and Computational Geometric Approach

Directory of Open Access Journals (Sweden)

Hemangi Laxman Gawand

2017-04-01

Full Text Available In industrial plants such as nuclear power plants, system operations are performed by embedded controllers orchestrated by Supervisory Control and Data Acquisition (SCADA software. A targeted attack (also termed a control aware attack on the controller/SCADA software can lead a control system to operate in an unsafe mode or sometimes to complete shutdown of the plant. Such malware attacks can result in tremendous cost to the organization for recovery, cleanup, and maintenance activity. SCADA systems in operational mode generate huge log files. These files are useful in analysis of the plant behavior and diagnostics during an ongoing attack. However, they are bulky and difficult for manual inspection. Data mining techniques such as least squares approximation and computational methods can be used in the analysis of logs and to take proactive actions when required. This paper explores methodologies and algorithms so as to develop an effective monitoring scheme against control aware cyber attacks. It also explains soft computation techniques such as the computational geometric method and least squares approximation that can be effective in monitor design. This paper provides insights into diagnostic monitoring of its effectiveness by attack simulations on a four-tank model and using computation techniques to diagnose it. Cyber security of instrumentation and control systems used in nuclear power plants is of paramount importance and hence could be a possible target of such applications.

Cyber security in digitalized nuclear power plants

Energy Technology Data Exchange (ETDEWEB)

Sohn, Kwang Young; Yi, Woo June [KoRTS Co., Ltd., Daejeon (Korea, Republic of)

2008-10-15

This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully.

Cyber security in digitalized nuclear power plants

International Nuclear Information System (INIS)

Sohn, Kwang Young; Yi, Woo June

2008-01-01

This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully

A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

Energy Technology Data Exchange (ETDEWEB)

Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2013-10-15

In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds.

A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

International Nuclear Information System (INIS)

Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon

2013-01-01

In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds

A preliminary cyber-physical security assessment of the Robot Operating System (ROS)

Science.gov (United States)

McClean, Jarrod; Stull, Christopher; Farrar, Charles; Mascareñas, David

2013-05-01

Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: "What prevents ROS from being used in commercial or government applications?" One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security "honeypot" running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: "What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?" This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.

Cyber crime and cyber warfare with international cyber collaboration for RSA – preparing communities

CSIR Research Space (South Africa)

Grobler, M

2012-03-01

Full Text Available aspects come into play that may have an influence on the manner in which the military reacts to cyber attacks (Wilson 2007): ? new national security policy issues; ? consideration of psychological operations used to affect friendly nations... relationship between modern cyber space, cyber warfare and traditional legislation. As a starting point, cyber warfare is defined for the purpose of this article as the use of exploits in cyber space as a way to intentionally cause harm to people, assets...

Establishing a Cyber Warrior Force

National Research Council Canada - National Science Library

Tobin, Scott

2004-01-01

Cyber Warfare is widely touted to be the next generation of warfare. As America's reliance on automated systems and information technology increases, so too does the potential vulnerability to cyber attack...

The Past, Present and Future of Cyber-Physical Systems: A Focus on Models

Science.gov (United States)

Lee, Edward A.

2015-01-01

This paper is about better engineering of cyber-physical systems (CPSs) through better models. Deterministic models have historically proven extremely useful and arguably form the kingpin of the industrial revolution and the digital and information technology revolutions. Key deterministic models that have proven successful include differential equations, synchronous digital logic and single-threaded imperative programs. Cyber-physical systems, however, combine these models in such a way that determinism is not preserved. Two projects show that deterministic CPS models with faithful physical realizations are possible and practical. The first project is PRET, which shows that the timing precision of synchronous digital logic can be practically made available at the software level of abstraction. The second project is Ptides (programming temporally-integrated distributed embedded systems), which shows that deterministic models for distributed cyber-physical systems have practical faithful realizations. These projects are existence proofs that deterministic CPS models are possible and practical. PMID:25730486

The Past, Present and Future of Cyber-Physical Systems: A Focus on Models

Directory of Open Access Journals (Sweden)

Edward A. Lee

2015-02-01

Full Text Available This paper is about better engineering of cyber-physical systems (CPSs through better models. Deterministic models have historically proven extremely useful and arguably form the kingpin of the industrial revolution and the digital and information technology revolutions. Key deterministic models that have proven successful include differential equations, synchronous digital logic and single-threaded imperative programs. Cyber-physical systems, however, combine these models in such a way that determinism is not preserved. Two projects show that deterministic CPS models with faithful physical realizations are possible and practical. The first project is PRET, which shows that the timing precision of synchronous digital logic can be practically made available at the software level of abstraction. The second project is Ptides (programming temporally-integrated distributed embedded systems, which shows that deterministic models for distributed cyber-physical systems have practical faithful realizations. These projects are existence proofs that deterministic CPS models are possible and practical.

Handbook on Securing Cyber-Physical Critical Infrastructure

CERN Document Server

Das, Sajal K; Zhang, Nan

2012-01-01

The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports a

Embedded computing technology for highly-demanding cyber-physical systems

NARCIS (Netherlands)

Jóźwiak, L.

2015-01-01

The recent spectacular progress in the microelectronic, information, communication, material and sensor technologies created a big stimulus towards development of much more sophisticated, coherent and fit to use, smart communicating cyber-physical systems (CPS). The huge and rapidly developing

Preventing and Coping Strategies for Cyber Bullying and Cyber Victimization

OpenAIRE

Erdinc Ozturk; Gizem Akcan

2016-01-01

Although there are several advantages of information and communication technologies, they cause some problems like cyber bullying and cyber victimization. Cyber bullying and cyber victimization have lots of negative effects on people. There are lots of different strategies to prevent cyber bullying and victimization. This study was conducted to provide information about the strategies that are used to prevent cyber bullying and cyber victimization. 120 (60 women, 60 men) university students w...

Asset Analysis Method for the Cyber Security of Man Machine Interface System

Energy Technology Data Exchange (ETDEWEB)

Kang, Sung Kon; Kim, Hun Hee; Shin, Yeong Cheol [Korea Hydro and Nuclear Power, Daejeon (Korea, Republic of)

2010-10-15

As digital MMIS (Man Machine Interface System) is applied in Nuclear Power Plant (NPP), cyber security is becoming more and more important. Regulatory guide (KINS/GT-N27) requires that implementation plan for cyber security be prepared in NPP. Regulatory guide recommends the following 4 processes: 1) an asset analysis of MMIS, 2) a vulnerability analysis of MMIS, 3) establishment of countermeasures, and 4) establishment of operational guideline for cyber security. Conventional method for the asset analysis is mainly performed with a table form for each asset. Conventional method requires a lot of efforts due to the duplication of information. This paper presents an asset analysis method using object oriented approach for the NPP

Asset Analysis Method for the Cyber Security of Man Machine Interface System

International Nuclear Information System (INIS)

Kang, Sung Kon; Kim, Hun Hee; Shin, Yeong Cheol

2010-01-01

As digital MMIS (Man Machine Interface System) is applied in Nuclear Power Plant (NPP), cyber security is becoming more and more important. Regulatory guide (KINS/GT-N27) requires that implementation plan for cyber security be prepared in NPP. Regulatory guide recommends the following 4 processes: 1) an asset analysis of MMIS, 2) a vulnerability analysis of MMIS, 3) establishment of countermeasures, and 4) establishment of operational guideline for cyber security. Conventional method for the asset analysis is mainly performed with a table form for each asset. Conventional method requires a lot of efforts due to the duplication of information. This paper presents an asset analysis method using object oriented approach for the NPP

Cyber-campaigning in Denmark

DEFF Research Database (Denmark)

Hansen, Kasper Møller; Kosiara-Pedersen, Karina

2014-01-01

sites and Facebook sites are popular among candidates but other features such as blogs, feeds, newsletter, video uploads, SMS and twitter are used by less than half the candidates. Second, only age and possibly education seem to matter when explaining the uptake of cyber-campaigning. The prominent...... candidates are not significantly more likely to use cyber-campaigning tools and activities. Third, the analysis of the effect of cyber-campaigning shows that the online score has an effect on the inter-party competition for personal votes, but it does not have a significant effect when controlling for other...

Model-based approach for cyber-physical attack detection in water distribution systems.

Science.gov (United States)

Housh, Mashor; Ohar, Ziv

2018-08-01

Modern Water Distribution Systems (WDSs) are often controlled by Supervisory Control and Data Acquisition (SCADA) systems and Programmable Logic Controllers (PLCs) which manage their operation and maintain a reliable water supply. As such, and with the cyber layer becoming a central component of WDS operations, these systems are at a greater risk of being subjected to cyberattacks. This paper offers a model-based methodology based on a detailed hydraulic understanding of WDSs combined with an anomaly detection algorithm for the identification of complex cyberattacks that cannot be fully identified by hydraulically based rules alone. The results show that the proposed algorithm is capable of achieving the best-known performance when tested on the data published in the BATtle of the Attack Detection ALgorithms (BATADAL) competition (http://www.batadal.net). Copyright © 2018. Published by Elsevier Ltd.

Simulating cyber warfare and cyber defenses: information value considerations

Science.gov (United States)

Stytz, Martin R.; Banks, Sheila B.

2011-06-01

Simulating cyber warfare is critical to the preparation of decision-makers for the challenges posed by cyber attacks. Simulation is the only means we have to prepare decision-makers for the inevitable cyber attacks upon the information they will need for decision-making and to develop cyber warfare strategies and tactics. Currently, there is no theory regarding the strategies that should be used to achieve objectives in offensive or defensive cyber warfare, and cyber warfare occurs too rarely to use real-world experience to develop effective strategies. To simulate cyber warfare by affecting the information used for decision-making, we modify the information content of the rings that are compromised during in a decision-making context. The number of rings affected and value of the information that is altered (i.e., the closeness of the ring to the center) is determined by the expertise of the decision-maker and the learning outcome(s) for the simulation exercise. We determine which information rings are compromised using the probability that the simulated cyber defenses that protect each ring can be compromised. These probabilities are based upon prior cyber attack activity in the simulation exercise as well as similar real-world cyber attacks. To determine which information in a compromised "ring" to alter, the simulation environment maintains a record of the cyber attacks that have succeeded in the simulation environment as well as the decision-making context. These two pieces of information are used to compute an estimate of the likelihood that the cyber attack can alter, destroy, or falsify each piece of information in a compromised ring. The unpredictability of information alteration in our approach adds greater realism to the cyber event. This paper suggests a new technique that can be used for cyber warfare simulation, the ring approach for modeling context-dependent information value, and our means for considering information value when assigning cyber

Cyber Foraging for Improving Survivability of Mobile Systems

Science.gov (United States)

2016-02-10

Cyber-Foraging for Improving Survivability of Mobile Systems Sebastián Echeverría ( Universidad de los Andes) Grace A. Lewis James Root Ben...NUMBERS FA8721-05-C-0003 6. AUTHOR(S) Sebastián Echeverría ( Universidad de los Andes), Grace A. Lewis, James Root, & Ben Bradshaw 7. PERFORMING

Cyber security risk assessment for SCADA and DCS networks.

Science.gov (United States)

Ralston, P A S; Graham, J H; Hieb, J L

2007-10-01

The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

OpenAIRE

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2013-01-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cy...

Scheduling and development support in the Scavenger cyber foraging system

DEFF Research Database (Denmark)

Kristensen, Mads Darø; Bouvin, Niels Olof

2010-01-01

Cyber foraging is a pervasive computing technique where small mobile devices offload resource intensive tasks to stronger computing machinery in the vicinity. One of the main challenges within cyber foraging is that it is very difficult to develop cyber foraging enabled applications. An applicati...

Resilient Military Systems and the Advanced Cyber Threat

Science.gov (United States)

2013-01-01

Information Grid ( GIG ). Commercial technologies that enable the automation of some network maintenance activities and provide real-time mitigation of...will result in a serious competitive disadvantage to the U.S. economy . Key findings of the study include:  The cyber threat is serious, with...malware and other software attacks and then assuming that those systems are likely compromised. The larger GIG is then protected from those systems

Integrating Simulated Physics and Device Virtualization in Control System Testbeds

OpenAIRE

Redwood , Owen; Reynolds , Jason; Burmester , Mike

2016-01-01

Part 3: INFRASTRUCTURE MODELING AND SIMULATION; International audience; Malware and forensic analyses of embedded cyber-physical systems are tedious, manual processes that testbeds are commonly not designed to support. Additionally, attesting the physics impact of embedded cyber-physical system malware has no formal methodologies and is currently an art. This chapter describes a novel testbed design methodology that integrates virtualized embedded industrial control systems and physics simula...

Cyber threat impact assessment and analysis for space vehicle architectures

Science.gov (United States)

McGraw, Robert M.; Fowler, Mark J.; Umphress, David; MacDonald, Richard A.

2014-06-01

This paper covers research into an assessment of potential impacts and techniques to detect and mitigate cyber attacks that affect the networks and control systems of space vehicles. Such systems, if subverted by malicious insiders, external hackers and/or supply chain threats, can be controlled in a manner to cause physical damage to the space platforms. Similar attacks on Earth-borne cyber physical systems include the Shamoon, Duqu, Flame and Stuxnet exploits. These have been used to bring down foreign power generation and refining systems. This paper discusses the potential impacts of similar cyber attacks on space-based platforms through the use of simulation models, including custom models developed in Python using SimPy and commercial SATCOM analysis tools, as an example STK/SOLIS. The paper discusses the architecture and fidelity of the simulation model that has been developed for performing the impact assessment. The paper walks through the application of an attack vector at the subsystem level and how it affects the control and orientation of the space vehicle. SimPy is used to model and extract raw impact data at the bus level, while STK/SOLIS is used to extract raw impact data at the subsystem level and to visually display the effect on the physical plant of the space vehicle.

How to maintain a business continuity despite cyber incidents?

OpenAIRE

Đekić Milica D.

2015-01-01

Modern IT systems can bring a lot of advantages in terms of electronic commerce and governance as well as an automatic process control within industry, traffic and the other ways of classical and critical infrastructure. However, beside many advantages regarding technological development, there are also some drawbacks in sense of cyber risks, threats and the real hacker's attacks. In this article, we plan to deal with all these cyber risks caused by IT incidents and emergency situations that ...

Challenges and Requirements for the Application of Industry 4.0: A Special Insight with the Usage of Cyber-Physical System

Science.gov (United States)

Mueller, Egon; Chen, Xiao-Li; Riedel, Ralph

2017-09-01

Considered as a top priority of industrial development, Industry 4.0 (or Industrie 4.0 as the German version) has being highlighted as the pursuit of both academy and practice in companies. In this paper, based on the review of state of art and also the state of practice in different countries, shortcomings have been revealed as the lacking of applicable framework for the implementation of Industrie 4.0. Therefore, in order to shed some light on the knowledge of the details, a reference architecture is developed, where four perspectives namely manufacturing process, devices, software and engineering have been highlighted. Moreover, with a view on the importance of Cyber-Physical systems, the structure of Cyber-Physical System are established for the in-depth analysis. Further cases with the usage of Cyber-Physical System are also arranged, which attempts to provide some implications to match the theoretical findings together with the experience of companies. In general, results of this paper could be useful for the extending on the theoretical understanding of Industrie 4.0. Additionally, applied framework and prototypes based on the usage of Cyber-Physical Systems are also potential to help companies to design the layout of sensor nets, to achieve coordination and controlling of smart machines, to realize synchronous production with systematic structure, and to extend the usage of information and communication technologies to the maintenance scheduling.

Challenges and Requirements for the Application of Industry 4.0:A Special Insight with the Usage of Cyber-Physical System

Institute of Scientific and Technical Information of China (English)

Egon Mueller; Xiao-Li Chen; Ralph Riedel

2017-01-01

Considered as a top priority of industrial development,Industry 4.0 (or Industrie 4.0 as the German version) has being highlighted as the pursuit of both academy and practice in companies.In this paper,based on the review of state of art and also the state of practice in different countries,shortcomings have been revealed as the lacking of applicable framework for the implementation of Industrie 4.0.Therefore,in order to shed some light on the knowledge of the details,a reference architecture is developed,where four perspectives namely manufacturing process,devices,software and engineering have been highlighted.Moreover,with a view on the importance of Cyber-Physical systems,the structure of Cyber-Physical System are established for the in-depth analysis.Further cases with the usage of Cyber-Physical System are also arranged,which attempts to provide some implications to match the theoretical findings together with the experience of companies.In general,results of this paper could be useful for the extending on the theoretical understanding of Industrie 4.0.Additionally,applied framework and prototypes based on the usage of Cyber-Physical Systems are also potential to help companies to design the layout of sensor nets,to achieve coordination and controlling of smart machines,to realize synchronous production with systematic structure,and to extend the usage of information and communication technologies to the maintenance scheduling.

Cooperative Autonomous Resilient Defense Platform for Cyber-Physical Systems

OpenAIRE

Azab, Mohamed Mahmoud Mahmoud

2013-01-01

Cyber-Physical Systems (CPS) entail the tight integration of and coordination between computational and physical resources. These systems are increasingly becoming vital to modernizing the national critical infrastructure systems ranging from healthcare, to transportation and energy, to homeland security and national defense. Advances in CPS technology are needed to help improve their current capabilities as well as their adaptability, autonomicity, efficiency, reliability, safety and usabili...

Cyber Threats for Organizations of Financial Market Infrastructures

Directory of Open Access Journals (Sweden)

Natalia Georgievna Miloslavskaya

2016-03-01

Full Text Available Abstract: In the global informatization era the reliable and efficient financial market infrastructure of the Russian Federation (RF FMI plays an important role in the financial system and economy of the country. New cyber risks have acquired the status of the FR FMI systemic risk’s components, the importance of which is constantly growing due to the increase in the possible consequences of their implementation. The article introduces the basic concepts of cyber security, cyber space and cyber threats for the RF FMI and analyzes the specific features of cyber attacks against the RF FMI organizations.

Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

OpenAIRE

Dan Constantin TOFAN; Maria Lavinia ANDREI; Lavinia Mihaela DINCÄ‚

2012-01-01

Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, di...

INL Control System Situational Awareness Technology Annual Report 2012

Energy Technology Data Exchange (ETDEWEB)

Gordon Rueff; Bryce Wheeler; Todd Vollmer; Tim McJunkin; Robert Erbes

2012-10-01

The overall goal of this project is to develop an interoperable set of tools to provide a comprehensive, consistent implementation of cyber security and overall situational awareness of control and sensor network implementations. The operation and interoperability of these tools will fill voids in current technological offerings and address issues that remain an impediment to the security of control systems. This report provides an FY 2012 update on the Sophia, Mesh Mapper, Intelligent Cyber Sensor, and Data Fusion projects with respect to the year-two tasks and annual reporting requirements of the INL Control System Situational Awareness Technology report (July 2010).

Metrological Array of Cyber-Physical Systems. Part 3. Smart Energy-Efficient House

Directory of Open Access Journals (Sweden)

Ihor HNES

2015-04-01

Full Text Available Smart energy-efficient houses as the components of Cyber-Physical Systems are developed intensively. The main stream of progress consists in the research of Smart houses’ energy supply. By this option the mentioned objects are advancing from passive houses through net-zero energy houses to active houses that are capable of sharing their own accumulated energy with other components of Cyber-Physical Systems. We consider the problems of studying the metrology models and measuring the heat dissipation in such houses trying to apply network and software achievements as well as the new types of devices with improved characteristics.

Physical Watermarking for Securing Cyber-Physical Systems via Packet Drop Injections

Energy Technology Data Exchange (ETDEWEB)

Ozel, Omur [Carnegie Mellon Univ., Pittsburgh, PA (United States); Weekrakkody, Sean [Carnegie Mellon Univ., Pittsburgh, PA (United States); Sinopoli, Bruno [Carnegie Mellon Univ., Pittsburgh, PA (United States)

2017-10-23

Physical watermarking is a well known solution for detecting integrity attacks on Cyber-Physical Systems (CPSs) such as the smart grid. Here, a random control input is injected into the system in order to authenticate physical dynamics and sensors which may have been corrupted by adversaries. Packet drops may naturally occur in a CPS due to network imperfections. To our knowledge, previous work has not considered the role of packet drops in detecting integrity attacks. In this paper, we investigate the merit of injecting Bernoulli packet drops into the control inputs sent to actuators as a new physical watermarking scheme. With the classical linear quadratic objective function and an independent and identically distributed packet drop injection sequence, we study the effect of packet drops on meeting security and control objectives. Our results indicate that the packet drops could act as a potential physical watermark for attack detection in CPSs.

SU-F-T-620: Development of a Convolution/Superposition Dose Engine for CyberKnife System

Energy Technology Data Exchange (ETDEWEB)

Li, Y; Liu, B; Liang, B; Xu, X; Guo, B; Wei, R; Zhou, F [Beihang University, Beijing, Beijing (China); Song, T [Southern Medical University, Guangzhou, Guangdong (China); Xu, S [PLA General Hospital, Beijing, Beijing (China); Piao, J [302 Military Hospital, Beijing, Beijing (China)

2016-06-15

Purpose: Current CyberKnife treatment planning system (TPS) provided two dose calculation algorithms: Ray-tracing and Monte Carlo. Ray-tracing algorithm is fast, but less accurate, and also can’t handle irregular fields since a multi-leaf collimator system was recently introduced to CyberKnife M6 system. Monte Carlo method has well-known accuracy, but the current version still takes a long time to finish dose calculations. The purpose of this paper is to develop a GPU-based fast C/S dose engine for CyberKnife system to achieve both accuracy and efficiency. Methods: The TERMA distribution from a poly-energetic source was calculated based on beam’s eye view coordinate system, which is GPU friendly and has linear complexity. The dose distribution was then computed by inversely collecting the energy depositions from all TERMA points along 192 collapsed-cone directions. EGSnrc user code was used to pre-calculate energy deposition kernels (EDKs) for a series of mono-energy photons The energy spectrum was reconstructed based on measured tissue maximum ratio (TMR) curve, the TERMA averaged cumulative kernels was then calculated. Beam hardening parameters and intensity profiles were optimized based on measurement data from CyberKnife system. Results: The difference between measured and calculated TMR are less than 1% for all collimators except in the build-up regions. The calculated profiles also showed good agreements with the measured doses within 1% except in the penumbra regions. The developed C/S dose engine was also used to evaluate four clinical CyberKnife treatment plans, the results showed a better dose calculation accuracy than Ray-tracing algorithm compared with Monte Carlo method for heterogeneous cases. For the dose calculation time, it takes about several seconds for one beam depends on collimator size and dose calculation grids. Conclusion: A GPU-based C/S dose engine has been developed for CyberKnife system, which was proven to be efficient and accurate

The Application of Cyber Physical System for Thermal Power Plants: Data-Driven Modeling

Directory of Open Access Journals (Sweden)

Yongping Yang

2018-03-01

Full Text Available Optimal operation of energy systems plays an important role to enhance their lifetime security and efficiency. The determination of optimal operating strategies requires intelligent utilization of massive data accumulated during operation or prediction. The investigation of these data solely without combining physical models may run the risk that the established relationships between inputs and outputs, the models which reproduce the behavior of the considered system/component in a wide range of boundary conditions, are invalid for certain boundary conditions, which never occur in the database employed. Therefore, combining big data with physical models via cyber physical systems (CPS is of great importance to derive highly-reliable and -accurate models and becomes more and more popular in practical applications. In this paper, we focus on the description of a systematic method to apply CPS to the performance analysis and decision making of thermal power plants. We proposed a general procedure of CPS with both offline and online phases for its application to thermal power plants and discussed the corresponding methods employed to support each sub-procedure. As an example, a data-driven model of turbine island of an existing air-cooling based thermal power plant is established with the proposed procedure and demonstrates its practicality, validity and flexibility. To establish such model, the historical operating data are employed in the cyber layer for modeling and linking each physical component. The decision-making procedure of optimal frequency of air-cooling condenser is also illustrated to show its applicability of online use. It is concluded that the cyber physical system with the data mining technique is effective and promising to facilitate the real-time analysis and control of thermal power plants.

Cyber-physical-social systems and constructs in electric power engineering

CERN Document Server

Suryanarayanan, Siddharth; Roche, Robin

2016-01-01

Cyber-physical-social systems (CPSS) integrate computing, physical assets and human networks. Divided into four application areas to the electric grid, this book describes state-of-the-art CPSS in electric power systems, including detailed approaches on social constructs which are a critical aspect of the end-user realm.

Modeling and analysis of real-time and embedded systems with UML and MARTE developing cyber-physical systems

CERN Document Server

Selic, Bran

2013-01-01

Modeling and Analysis of Real-Time and Embedded Systems with UML and MARTE explains how to apply the complex MARTE standard in practical situations. This approachable reference provides a handy user guide, illustrating with numerous examples how you can use MARTE to design and develop real-time and embedded systems and software. Expert co-authors Bran Selic and Sébastien Gérard lead the team that drafted and maintain the standard and give you the tools you need apply MARTE to overcome the limitations of cyber-physical systems. The functional sophistication required of modern cyber-physical

Cyber Defense Management

Science.gov (United States)

2016-09-01

of market capitalization after a cyber security incident Financial Geer, 2001 Gordon and Loeb, 2005 Willemson, 2006 Determine the return on security...thoughtheir vulnerability may be less. That is because the return on investment for protecting agiven information set is a function both of its vulnerability...can ensure that it is investing properly to provide cyber resilience to its systems. The study investigated ways to inform future investment

Framework for Grading of Cyber Security Check-List upon I and C Architecture

International Nuclear Information System (INIS)

Shin, Jin Soo; Heo, Gyunyong; Son, Han Seong

2016-01-01

Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures

Framework for Grading of Cyber Security Check-List upon I and C Architecture

Energy Technology Data Exchange (ETDEWEB)

Shin, Jin Soo; Heo, Gyunyong [Kyunghee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of)

2016-05-15

Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures.

Hacking cyber-risks back in their tracks: to identify the right supply chain controls, look at the system

DEFF Research Database (Denmark)

Sepúlveda, Daniel; Khan, Omera

2015-01-01

A more comprehensive way of looking at cyber-risks in supply chains is required, when considering the increasing complexity of the supply networks and the exposure to unexpected disruptions, caused by cyber-attacks. This article describes some of the reasons why current risk assessment methods ar...

Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber Activities

Directory of Open Access Journals (Sweden)

Jawad Hussain Awan

2018-04-01

Full Text Available Nowadays, every internet user is part of cyber world. In this way, millions of users, knowledge seekers, and service provider organizations are connected to each other, a vast number of common people shifted their everyday activities to cyber world as they can save their time, traffic problem and gets effective and costless services by using various services such as, online banking, social networking sites, government services and cloud services. The use of Cyber services, eBusiness, eCommerce and eGovernance increases the usage of online/cyber services also increased the issue of cyber security. Recently, various cases have been reported in the literature and media about the cyber-attacks and crimes which seriously disrupted governments, businesses and personal lives. From the literature. It is noticed that every cyber user is unaware about privacy and security practices and measures. Therefore, cyber user has provided knowledge and fully aware them from the online services and also about cyber privacy and security. This paper presents a review on the recent cybercrimes, threats and attacks reported in the literature and media. In addition, the impact of these cyber breaches and cyber law to deal with cyber security has been discussed. At last, a defensive model is also proposed to mitigate cyber-criminal activities.

Critical Infrastructure: Control Systems and the Terrorist Threat

National Research Council Canada - National Science Library

Shea, Dana A

2003-01-01

.... Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority...

Critical Infrastructure: Control Systems and the Terrorist Threat

National Research Council Canada - National Science Library

Shea, Dana A

2004-01-01

.... Industrial control computer systems involved in this infrastructure are specific points of vulnerability, as cyber-security for these systems has not been previously perceived as a high priority...

The SafeCOP ECSEL Project: Safe Cooperating Cyber-Physical Systems Using Wireless Communication

DEFF Research Database (Denmark)

Pop, Paul; Scholle, Detlef; Hansson, Hans

2016-01-01

This paper presents an overview of the ECSEL project entitled "Safe Cooperating Cyber-Physical Systems using Wireless Communication" (SafeCOP), which runs during the period 2016 -- 2019. SafeCOP targets safety-related Cooperating Cyber-Physical Systems (CO-CPS) characterised by use of wireless...... detection of abnormal behaviour, triggering if needed a safe degraded mode. SafeCOP will also develop methods and tools, which will be used to produce safety assurance evidence needed to certify cooperative functions. SafeCOP will extend current wireless technologies to ensure safe and secure cooperation...

Mac protocols for cyber-physical systems

CERN Document Server

Xia, Feng

2015-01-01

This book provides a literature review of various wireless MAC protocols and techniques for achieving real-time and reliable communications in the context of cyber-physical systems (CPS). The evaluation analysis of IEEE 802.15.4 for CPS therein will give insights into configuration and optimization of critical design parameters of MAC protocols. In addition, this book also presents the design and evaluation of an adaptive MAC protocol for medical CPS, which exemplifies how to facilitate real-time and reliable communications in CPS by exploiting IEEE 802.15.4 based MAC protocols. This book wil

Implementation of Cyber-Physical Production Systems for Quality Prediction and Operation Control in Metal Casting.

Science.gov (United States)

Lee, JuneHyuck; Noh, Sang Do; Kim, Hyun-Jung; Kang, Yong-Shin

2018-05-04

The prediction of internal defects of metal casting immediately after the casting process saves unnecessary time and money by reducing the amount of inputs into the next stage, such as the machining process, and enables flexible scheduling. Cyber-physical production systems (CPPS) perfectly fulfill the aforementioned requirements. This study deals with the implementation of CPPS in a real factory to predict the quality of metal casting and operation control. First, a CPPS architecture framework for quality prediction and operation control in metal-casting production was designed. The framework describes collaboration among internet of things (IoT), artificial intelligence, simulations, manufacturing execution systems, and advanced planning and scheduling systems. Subsequently, the implementation of the CPPS in actual plants is described. Temperature is a major factor that affects casting quality, and thus, temperature sensors and IoT communication devices were attached to casting machines. The well-known NoSQL database, HBase and the high-speed processing/analysis tool, Spark, are used for IoT repository and data pre-processing, respectively. Many machine learning algorithms such as decision tree, random forest, artificial neural network, and support vector machine were used for quality prediction and compared with R software. Finally, the operation of the entire system is demonstrated through a CPPS dashboard. In an era in which most CPPS-related studies are conducted on high-level abstract models, this study describes more specific architectural frameworks, use cases, usable software, and analytical methodologies. In addition, this study verifies the usefulness of CPPS by estimating quantitative effects. This is expected to contribute to the proliferation of CPPS in the industry.

Implementation of Cyber-Physical Production Systems for Quality Prediction and Operation Control in Metal Casting

Directory of Open Access Journals (Sweden)

JuneHyuck Lee

2018-05-01

Full Text Available The prediction of internal defects of metal casting immediately after the casting process saves unnecessary time and money by reducing the amount of inputs into the next stage, such as the machining process, and enables flexible scheduling. Cyber-physical production systems (CPPS perfectly fulfill the aforementioned requirements. This study deals with the implementation of CPPS in a real factory to predict the quality of metal casting and operation control. First, a CPPS architecture framework for quality prediction and operation control in metal-casting production was designed. The framework describes collaboration among internet of things (IoT, artificial intelligence, simulations, manufacturing execution systems, and advanced planning and scheduling systems. Subsequently, the implementation of the CPPS in actual plants is described. Temperature is a major factor that affects casting quality, and thus, temperature sensors and IoT communication devices were attached to casting machines. The well-known NoSQL database, HBase and the high-speed processing/analysis tool, Spark, are used for IoT repository and data pre-processing, respectively. Many machine learning algorithms such as decision tree, random forest, artificial neural network, and support vector machine were used for quality prediction and compared with R software. Finally, the operation of the entire system is demonstrated through a CPPS dashboard. In an era in which most CPPS-related studies are conducted on high-level abstract models, this study describes more specific architectural frameworks, use cases, usable software, and analytical methodologies. In addition, this study verifies the usefulness of CPPS by estimating quantitative effects. This is expected to contribute to the proliferation of CPPS in the industry.

Implementation of Cyber-Physical Production Systems for Quality Prediction and Operation Control in Metal Casting

Science.gov (United States)

Lee, JuneHyuck; Noh, Sang Do; Kim, Hyun-Jung; Kang, Yong-Shin

2018-01-01

The prediction of internal defects of metal casting immediately after the casting process saves unnecessary time and money by reducing the amount of inputs into the next stage, such as the machining process, and enables flexible scheduling. Cyber-physical production systems (CPPS) perfectly fulfill the aforementioned requirements. This study deals with the implementation of CPPS in a real factory to predict the quality of metal casting and operation control. First, a CPPS architecture framework for quality prediction and operation control in metal-casting production was designed. The framework describes collaboration among internet of things (IoT), artificial intelligence, simulations, manufacturing execution systems, and advanced planning and scheduling systems. Subsequently, the implementation of the CPPS in actual plants is described. Temperature is a major factor that affects casting quality, and thus, temperature sensors and IoT communication devices were attached to casting machines. The well-known NoSQL database, HBase and the high-speed processing/analysis tool, Spark, are used for IoT repository and data pre-processing, respectively. Many machine learning algorithms such as decision tree, random forest, artificial neural network, and support vector machine were used for quality prediction and compared with R software. Finally, the operation of the entire system is demonstrated through a CPPS dashboard. In an era in which most CPPS-related studies are conducted on high-level abstract models, this study describes more specific architectural frameworks, use cases, usable software, and analytical methodologies. In addition, this study verifies the usefulness of CPPS by estimating quantitative effects. This is expected to contribute to the proliferation of CPPS in the industry. PMID:29734699

Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

CERN Document Server

Tilaro, F

2011-01-01

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

Preparing South Africa for cyber crime and cyber defense

CSIR Research Space (South Africa)

Grobler, M

2013-01-01

Full Text Available revolution on cybercrime and cyber defense in a developing country and will evaluate the relevant South African legislation. It will also look at the influence of cyber defense on the international position of the South African Government. South Africa... legislation and a lack of cyber defense mechanisms. As a starting point, cyber warfare for the purpose of this article is defined as the use of exploits in cyber space as a way to intentionally cause harm to people, assets or economies (Owen 2008). It can...

Multiagent voltage and reactive power control system

Directory of Open Access Journals (Sweden)

I. Arkhipov

2014-12-01

Full Text Available This paper is devoted to the research of multiagent voltage and reactive power control system development. The prototype of the system has been developed by R&D Center at FGC UES (Russia. The control system architecture is based on the innovative multiagent system theory application that leads to the achievement of several significant advantages (in comparison to traditional control systems implementation such as control system efficiency enhancement, control system survivability and cyber security.

Cyber security issues, challenges and solutions for the emerging smart grid

Energy Technology Data Exchange (ETDEWEB)

Westlund, D. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

2007-07-01

This paper explored the technology and business issues and challenges associated the smart grid's tolerance of physical and cyber security attacks and proposed a framework that provides practical solutions for the electric operator. The 7 characteristics of a smart grid were described. Notably, a smart grid is self healing; supports client equipment and usage behaviour; tolerates physical and cyber security attacks; delivers high-quality power to customers; supports various power generation technologies; supports competitive power markets; and, delivers capital asset optimization while minimizing operational costs. According to the North American Electric Reliability Council (NERC), power capacity will increase by 6 per cent in the United States and 9 per cent in Canada, while the demand for electricity is expected to rise by 19 and 13 per cent respectively. In addition, total transmission miles are projected to increase by less than 7 per cent in the U.S. and by only 3.5 per cent in Canada. A Smart Grid, with distributed monitoring and control, is therefore needed to meet the increased demand. However, the power and energy sectors are targets for cyber attackers. Cyber security in real-time grid operations is a complex matter. Cyber risks include unauthorized access to control systems; interception of control data; attack on system components; interception of monitoring data; intentional and unintentional human intervention; and, impairment to application software. The proposed solution framework is based on a roadmap developed by the United States Homeland Security organization, the United States Department of Energy, and the Canadian Energy Infrastructure Protection Division. NERC reliability standards and framework are also integrated into this framework. The technical aspects of the framework include: ease of use; defence-in-depth characteristics; extensive monitoring within electronic security perimeters; protection of legacy systems; auditing, logging

Science of Cyber Security as a System of Models and Problems

OpenAIRE

Kott, Alexander

2015-01-01

Terms like "Science of Cyber" or "Cyber Science" have been appearing in literature with growing frequency, and influential organizations initiated research initiatives toward developing such a science even though it is not clearly defined. We propose to define the domain of the science of cyber security by noting the most salient artifact within cyber security -- malicious software -- and defining the domain as comprised of phenomena that involve malicious software (as well as legitimate soft...

Modeling and Application of Vehicular Cyber Physical System Based Petri Nets

Directory of Open Access Journals (Sweden)

Lin Chen

2014-11-01

Full Text Available Mobile cyber physical system (MCPS has been a hot research area, where mobile nodes can mobile, and communicate with each other. As a typical MCPS, vehicular cyber physical system (VCPS plays an important role in intelligent transportation, especially in collision avoidance. There is no, however, a formal modeling and analysis method for VCPS. In the paper, the modeling method based Petri nets (PN is presented. Furthermore, the behavior expression analysis method is also presented which can deal with arbitrary distribution timed transitions. Finally, a case is introduced to verify the effectiveness about proposed method, and the results show that VCPS can greatly reduce the reaction time of vehicles behind when emergent accident occurs and then enhance the traffic safety.

Cyber Security Evaluation of the Wireless Communication for the Mobile Safeguard Systems in Nuclear Power Plants

International Nuclear Information System (INIS)

Lee, S.; Kim, Y.S.; Ye, S.H.

2015-01-01

This paper introduces cyber security evaluation results and a design of the wireless communication technology to apply to safeguard systems in nuclear power plants. While wireless communication technologies can generally make mobility and efficiency on plant operation, those have seldom been installed on the nuclear I&C systems due to the negative concern of unexpected outcomes that stem from electromagnetic interference and cyber attack. New design of advanced digital safeguard and I&C systems uses computer-based systems for the safeguard and safety functions. On the other hand, those are being exposed to various types of new and existing cyber threats, vulnerabilities and risks which significantly increase the likelihood that those could be compromised. In order to employ the wireless communication technology in safeguard function, licencees assess and manage the potential for adverse effects on safeguard and safety functions so as to provide high assurance that critical functions are properly protected cyber attack. It is expected that the safeguard function, specifically on the area of real-time monitoring, logging, can be enhanced by employing the mobile safeguard devices (: smart phone, laptop, smart pad, etc). In this paper, we deal with the cyber security evaluation, which consists of threat analysis, vulnerability test, establishment of security plan, and design solutions for the wireless communication on the basis of IEEE 802.11(Wi-Fi) protocol. Proposed evaluation and design solution could be a basis for the design of wireless communication and mobile safeguard systems in nuclear power plants. (author)

Toward a theoretical framework for trustworthy cyber sensing

Science.gov (United States)

Xu, Shouhuai

2010-04-01

Cyberspace is an indispensable part of the economy and society, but has been "polluted" with many compromised computers that can be abused to launch further attacks against the others. Since it is likely that there always are compromised computers, it is important to be aware of the (dynamic) cyber security-related situation, which is however challenging because cyberspace is an extremely large-scale complex system. Our project aims to investigate a theoretical framework for trustworthy cyber sensing. With the perspective of treating cyberspace as a large-scale complex system, the core question we aim to address is: What would be a competent theoretical (mathematical and algorithmic) framework for designing, analyzing, deploying, managing, and adapting cyber sensor systems so as to provide trustworthy information or input to the higher layer of cyber situation-awareness management, even in the presence of sophisticated malicious attacks against the cyber sensor systems?

Facilitating the Easy Use of Earth Observation Data in Earth System Models through CyberConnector

Science.gov (United States)

Di, L.; Sun, Z.; Zhang, C.

2017-12-01

Earth system models (ESM) are an important tool used to understand the Earth system and predict its future states. On other hand, Earth observations (EO) provides the current state of the system. EO data are very useful in ESM initialization, verification, validation, and inter-comparison. However, EO data often cannot directly be consumed by ESMs because of the syntactic and semantic mismatches between EO products and ESM requirements. In order to remove the mismatches, scientists normally spend long time to customize EO data for ESM consumption. CyberConnector, a NSF EarthCube building block, is intended to automate the data customization so that scientists can be relieved from the laborious EO data customization. CyberConnector uses web-service-based geospatial processing models (GPM) as the mechanism to automatically customize the EO data into the right products in the right form needed by ESMs. It can support many different ESMs through its standard interfaces. It consists of seven modules: GPM designer, GPM binder, GPM runner, GPM monitor, resource register, order manager, and result display. In CyberConnector, EO data instances and GPMs are independent and loosely coupled. A modeler only needs to create a GPM in the GMP designer for EO data customization. Once the modeler specifies a study area, the designed GPM will be activated and take the temporal and spatial extents as constraints to search the data sources and customize the available EO data into the ESM-acceptable form. The execution of GMP is completely automatic. Currently CyberConnector has been fully developed. In order to validate the feasibility, flexibility, and ESM independence of CyberConnector, three ESMs from different geoscience disciplines, including the Cloud-Resolving Model (CRM), the Finite Volume Coastal Ocean Model (FVCOM), and the Community Multiscale Air Quality Model (CMAQ), have been experimented with CyberConnector through closely collaborating with modelers. In the experiment

The Cyber-Physical Attacker

DEFF Research Database (Denmark)

Vigo, Roberto

2012-01-01

The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

Cyber Security Scenarios and Control for Small and Medium Enterprises

Directory of Open Access Journals (Sweden)

Nilaykumar Kiran SANGANI

2012-01-01

Full Text Available As the world advances towards the computing era, security threats keeps on increasing in the form of malware, viruses, internet attack, theft of IS assets / technology and a lot more. This is a major concern for any form of business. Loss in company’s status / liability / reputation is a huge downfall for a running business. We have witnessed the attacks getting carried out; large firm’s data getting breached / government bodies’ sites getting phished / attacked. These huge entities have technology expertise to safeguard their company’s interest against such attacks through investing huge amounts of capital in manpower and secure tools. But what about SMEs? SMEs enrich a huge part of the country’s economy. Big organizations have their own security measures policy which ideally is not applied when it comes to a SME. The aim of this paper is to come out with an Information Security Assurance Cyber Control for SMEs (ISACC against common cyber security threats implemented at a cost effective measure.

Security and privacy in cyber-physical systems foundations, principles, and applications

CERN Document Server

Song, Houbing; Jeschke, Sabina

2017-01-01

Written by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this book provides an in-depth look at security and privacy, two of the most critical challenges facing both the CPS research and development community and ICT professionals. It explores, in depth, the key technical, social, and legal issues at stake, and it provides readers with the information they need to advance research and development in this exciting area. Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, and usability far in excess of what today's simple embedded systems can provide. Just as the Internet revolutionized the way we interact with information, CPS technology has already begun to transform the way people interact with engineered systems. In the years ahead, smart CPS will drive innovat...

A pencil beam dose calculation model for CyberKnife system

Energy Technology Data Exchange (ETDEWEB)

Liang, Bin; Li, Yongbao; Liu, Bo; Zhou, Fugen [Image Processing Center, Beihang University, Beijing 100191 (China); Xu, Shouping [Department of Radiation Oncology, PLA General Hospital, Beijing 100853 (China); Wu, Qiuwen, E-mail: Qiuwen.Wu@Duke.edu [Department of Radiation Oncology, Duke University Medical Center, Durham, North Carolina 27710 (United States)

2016-10-15

Purpose: CyberKnife system is initially equipped with fixed circular cones for stereotactic radiosurgery. Two dose calculation algorithms, Ray-Tracing and Monte Carlo, are available in the supplied treatment planning system. A multileaf collimator system was recently introduced in the latest generation of system, capable of arbitrarily shaped treatment field. The purpose of this study is to develop a model based dose calculation algorithm to better handle the lateral scatter in an irregularly shaped small field for the CyberKnife system. Methods: A pencil beam dose calculation algorithm widely used in linac based treatment planning system was modified. The kernel parameters and intensity profile were systematically determined by fitting to the commissioning data. The model was tuned using only a subset of measured data (4 out of 12 cones) and applied to all fixed circular cones for evaluation. The root mean square (RMS) of the difference between the measured and calculated tissue-phantom-ratios (TPRs) and off-center-ratio (OCR) was compared. Three cone size correction techniques were developed to better fit the OCRs at the penumbra region, which are further evaluated by the output factors (OFs). The pencil beam model was further validated against measurement data on the variable dodecagon-shaped Iris collimators and a half-beam blocked field. Comparison with Ray-Tracing and Monte Carlo methods was also performed on a lung SBRT case. Results: The RMS between the measured and calculated TPRs is 0.7% averaged for all cones, with the descending region at 0.5%. The RMSs of OCR at infield and outfield regions are both at 0.5%. The distance to agreement (DTA) at the OCR penumbra region is 0.2 mm. All three cone size correction models achieve the same improvement in OCR agreement, with the effective source shift model (SSM) preferred, due to their ability to predict more accurately the OF variations with the source to axis distance (SAD). In noncircular field validation

A Cyber-ITS Framework for Massive Traffic Data Analysis Using Cyber Infrastructure

Directory of Open Access Journals (Sweden)

Yingjie Xia

2013-01-01

Full Text Available Traffic data is commonly collected from widely deployed sensors in urban areas. This brings up a new research topic, data-driven intelligent transportation systems (ITSs, which means to integrate heterogeneous traffic data from different kinds of sensors and apply it for ITS applications. This research, taking into consideration the significant increase in the amount of traffic data and the complexity of data analysis, focuses mainly on the challenge of solving data-intensive and computation-intensive problems. As a solution to the problems, this paper proposes a Cyber-ITS framework to perform data analysis on Cyber Infrastructure (CI, by nature parallel-computing hardware and software systems, in the context of ITS. The techniques of the framework include data representation, domain decomposition, resource allocation, and parallel processing. All these techniques are based on data-driven and application-oriented models and are organized as a component-and-workflow-based model in order to achieve technical interoperability and data reusability. A case study of the Cyber-ITS framework is presented later based on a traffic state estimation application that uses the fusion of massive Sydney Coordinated Adaptive Traffic System (SCATS data and GPS data. The results prove that the Cyber-ITS-based implementation can achieve a high accuracy rate of traffic state estimation and provide a significant computational speedup for the data fusion by parallel computing.

What good cyber resilience looks like.

Science.gov (United States)

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

Spoofing cyber attack detection in probe-based traffic monitoring systems using mixed integer linear programming

KAUST Repository

Canepa, Edward S.

2013-01-01

Traffic sensing systems rely more and more on user generated (insecure) data, which can pose a security risk whenever the data is used for traffic flow control. In this article, we propose a new formulation for detecting malicious data injection in traffic flow monitoring systems by using the underlying traffic flow model. The state of traffic is modeled by the Lighthill-Whitham- Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for some decision variable. We use this fact to pose the problem of detecting spoofing cyber-attacks in probe-based traffic flow information systems as mixed integer linear feasibility problem. The resulting framework can be used to detect spoofing attacks in real time, or to evaluate the worst-case effects of an attack offline. A numerical implementation is performed on a cyber-attack scenario involving experimental data from the Mobile Century experiment and the Mobile Millennium system currently operational in Northern California. © 2013 IEEE.

Spoofing cyber attack detection in probe-based traffic monitoring systems using mixed integer linear programming

KAUST Repository

Canepa, Edward S.

2013-09-01

Traffic sensing systems rely more and more on user generated (insecure) data, which can pose a security risk whenever the data is used for traffic flow control. In this article, we propose a new formulation for detecting malicious data injection in traffic flow monitoring systems by using the underlying traffic flow model. The state of traffic is modeled by the Lighthill- Whitham-Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data generated by multiple sensors of different types, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for a specific decision variable. We use this fact to pose the problem of detecting spoofing cyber attacks in probe-based traffic flow information systems as mixed integer linear feasibility problem. The resulting framework can be used to detect spoofing attacks in real time, or to evaluate the worst-case effects of an attack offliine. A numerical implementation is performed on a cyber attack scenario involving experimental data from the Mobile Century experiment and the Mobile Millennium system currently operational in Northern California. © American Institute of Mathematical Sciences.

Selection of the best security controls for rapid development of enterprise-level cyber security

OpenAIRE

Tytarenko, Oleksandr

2017-01-01

Approved for public release; distribution is unlimited State-supported cyber attacks, cyber espionage campaigns, and hacktivist movements have forced many states to accelerate their cyber defense development in order to achieve at least a minimum level of protection against expanding threats of cyber space. As with any other development effort, cyber capability development requires resources of time, money, and people, which in most cases are very restricted. To rapidly build up the first ...

Consequence-driven cyber-informed engineering (CCE)

Energy Technology Data Exchange (ETDEWEB)

Freeman, Sarah G. [Idaho National Lab. (INL), Idaho Falls, ID (United States); St Michel, Curtis [Idaho National Lab. (INL), Idaho Falls, ID (United States); Smith, Robert [Idaho National Lab. (INL), Idaho Falls, ID (United States); Assante, Michael [Idaho National Lab. (INL), Idaho Falls, ID (United States)

2016-10-18

The Idaho National Lab (INL) is leading a high-impact, national security-level initiative to reprioritize the way the nation looks at high-consequence risk within the industrial control systems (ICS) environment of the country’s most critical infrastructure and other national assets. The Consequence-driven Cyber-informed Engineering (CCE) effort provides both private and public organizations with the steps required to examine their own environments for high-impact events/risks; identify implementation of key devices and components that facilitate that risk; illuminate specific, plausible cyber attack paths to manipulate these devices; and develop concrete mitigations, protections, and tripwires to address the high-consequence risk. The ultimate goal of the CCE effort is to help organizations take the steps necessary to thwart cyber attacks from even top-tier, highly resourced adversaries that would result in a catastrophic physical effect. CCE participants are encouraged to work collaboratively with each other and with key U.S. Government (USG) contributors to establish a coalition, maximizing the positive effect of lessons-learned and further contributing to the protection of critical infrastructure and other national assets.

Implementation of a RPS Cyber Security Test-bed with Two PLCs

International Nuclear Information System (INIS)

Shin, Jinsoo; Heo, Gyunyoung; Son, Hanseong; An, Yongkyu; Rizwan, Uddin

2015-01-01

Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model

Implementation of a RPS Cyber Security Test-bed with Two PLCs

Energy Technology Data Exchange (ETDEWEB)