WorldWideScience

Sample records for grid cyber security

  1. Cyber Security for Smart Grid, Cryptography, and Privacy

    Directory of Open Access Journals (Sweden)

    Swapna Iyer

    2011-01-01

    Full Text Available The invention of “smart grid” promises to improve the efficiency and reliability of the power system. As smart grid is turning out to be one of the most promising technologies, its security concerns are becoming more crucial. The grid is susceptible to different types of attacks. This paper will focus on these threats and risks especially relating to cyber security. Cyber security is a vital topic, since the smart grid uses high level of computation like the IT. We will also see cryptography and key management techniques that are required to overcome these attacks. Privacy of consumers is another important security concern that this paper will deal with.

  2. Bio-Inspired Cyber Security for Smart Grid Deployments

    Energy Technology Data Exchange (ETDEWEB)

    McKinnon, Archibald D.; Thompson, Seth R.; Doroshchuk, Ruslan A.; Fink, Glenn A.; Fulp, Errin W.

    2013-05-01

    mart grid technologies are transforming the electric power grid into a grid with bi-directional flows of both power and information. Operating millions of new smart meters and smart appliances will significantly impact electric distribution systems resulting in greater efficiency. However, the scale of the grid and the new types of information transmitted will potentially introduce several security risks that cannot be addressed by traditional, centralized security techniques. We propose a new bio-inspired cyber security approach. Social insects, such as ants and bees, have developed complex-adaptive systems that emerge from the collective application of simple, light-weight behaviors. The Digital Ants framework is a bio-inspired framework that uses mobile light-weight agents. Sensors within the framework use digital pheromones to communicate with each other and to alert each other of possible cyber security issues. All communication and coordination is both localized and decentralized thereby allowing the framework to scale across the large numbers of devices that will exist in the smart grid. Furthermore, the sensors are light-weight and therefore suitable for implementation on devices with limited computational resources. This paper will provide a brief overview of the Digital Ants framework and then present results from test bed-based demonstrations that show that Digital Ants can identify a cyber attack scenario against smart meter deployments.

  3. Survey of cyber security issues in smart grids

    Science.gov (United States)

    Chen, Thomas M.

    2010-04-01

    The future smart grid will enable cost savings and lower energy use by means of smart appliances and smart meters which support dynamic load management and real-time monitoring of energy use and distribution. The introduction of two-way communications and control into power grid introduces security and privacy concerns. This talk will survey the security and privacy issues in smart grids using the NIST reference model, and relate these issues to cyber security in the Internet.

  4. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  5. Cyber security issues, challenges and solutions for the emerging smart grid

    Energy Technology Data Exchange (ETDEWEB)

    Westlund, D. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

    2007-07-01

    This paper explored the technology and business issues and challenges associated the smart grid's tolerance of physical and cyber security attacks and proposed a framework that provides practical solutions for the electric operator. The 7 characteristics of a smart grid were described. Notably, a smart grid is self healing; supports client equipment and usage behaviour; tolerates physical and cyber security attacks; delivers high-quality power to customers; supports various power generation technologies; supports competitive power markets; and, delivers capital asset optimization while minimizing operational costs. According to the North American Electric Reliability Council (NERC), power capacity will increase by 6 per cent in the United States and 9 per cent in Canada, while the demand for electricity is expected to rise by 19 and 13 per cent respectively. In addition, total transmission miles are projected to increase by less than 7 per cent in the U.S. and by only 3.5 per cent in Canada. A Smart Grid, with distributed monitoring and control, is therefore needed to meet the increased demand. However, the power and energy sectors are targets for cyber attackers. Cyber security in real-time grid operations is a complex matter. Cyber risks include unauthorized access to control systems; interception of control data; attack on system components; interception of monitoring data; intentional and unintentional human intervention; and, impairment to application software. The proposed solution framework is based on a roadmap developed by the United States Homeland Security organization, the United States Department of Energy, and the Canadian Energy Infrastructure Protection Division. NERC reliability standards and framework are also integrated into this framework. The technical aspects of the framework include: ease of use; defence-in-depth characteristics; extensive monitoring within electronic security perimeters; protection of legacy systems; auditing, logging

  6. 75 FR 18819 - Second DRAFT NIST Interagency Report (NISTIR) 7628, Smart Grid Cyber Security Strategy and...

    Science.gov (United States)

    2010-04-13

    ... a cyber attack. 2. It is essential that those parts or equipment of the Smart Grid that optimize the...-0143-01] Second DRAFT NIST Interagency Report (NISTIR) 7628, Smart Grid Cyber Security Strategy and... (NIST) seeks comments on the second draft of NISTIR 7628, Smart Grid Cyber Security Strategy and...

  7. Cyber security and vulnerability of 'smart' power grids

    OpenAIRE

    Jovanović, Slobodan

    2012-01-01

    Smart power grids deliver electric energy from generation to consumers using two-way Smart Meter technology (smart meters), enabling remote control of consumer energy use. However, smart power grids are increasingly very attractive targets for hackers and terrorists. This paper discusses the key characteristics of cyber security/vulnerability of smart power grids, and their communication architecture, and their vulnerability points. Then, it describes guidelines which are needed to be impleme...

  8. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2014-07-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

  9. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    Science.gov (United States)

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

  10. Research of Smart Grid Cyber Architecture and Standards Deployment with High Adaptability for Security Monitoring

    DEFF Research Database (Denmark)

    Hu, Rui; Hu, Weihao; Chen, Zhe

    2015-01-01

    Security Monitoring is a critical function for smart grid. As a consequence of strongly relying on communication, cyber security must be guaranteed by the specific system. Otherwise, the DR signals and bidding information can be easily forged or intercepted. Customers’ privacy and safety may suffer...... huge losses. Although OpenADR specificationsprovide continuous, secure and reliable two-way communications in application level defined in ISO model, which is also an open architecture for security is adopted by it and no specific or proprietary technologies is restricted to OpenADR itself....... It is significant to develop a security monitoring system. This paper discussed the cyber architecture of smart grid with high adaptability for security monitoring. An adaptable structure with Demilitarized Zone (DMZ) is proposed. Focusing on this network structure, the rational utilization of standards...

  11. Smart grid cyber security for Europe

    International Nuclear Information System (INIS)

    Pearson, Ivan L.G.

    2011-01-01

    In Europe, environmental and economic considerations are driving a revolution in power transmission and distribution. Specifically of interest to this paper, utility companies are increasingly using information and communication technology (ICT) to increase the efficiency and reliability of the grid, as well as to incorporate smaller-scale sources of intermittent wind and solar power into our electricity supply. This should have a positive effect on Europe's energy policy objectives. However, developments in the field of international security have made clear that increased reliance on ICT within the electricity sector will create new vulnerabilities that may undermine these gains. This paper argues that the European Union (EU) has the opportunity to mitigate these vulnerabilities by virtue of its strengthening regulatory position in the European market, and its record of promoting energy technology research. However, the organization will need to act now in recognizing that cyber security as an essential dimension of its energy policy. This paper recommends that the Commission acts now to appoint a coordinator to accelerate the adoption of sensitive institutional changes in this vein. It also suggests that the EU would benefit from cooperation with the United States-a country with strong cyber capabilities that would complement the European program. - Highlights: → Increased reliance on ICT has created new challenges in Europe's electricity sector.→ The European Union has the opportunity to mitigate these.→ The Union must acts now to prevent a potentially costly technological lock-in.→ It should designate a coordinator to drive through necessary legislative reforms.→ The United States would be a good international partner on the issue.

  12. Smart grid cyber security for Europe

    Energy Technology Data Exchange (ETDEWEB)

    Pearson, Ivan L.G., E-mail: ivan.pearson@ec.europa.eu [F03 - Energy Security Unit (ESU), European Commission, Joint Research Centre, Institute for Energy (Netherlands)

    2011-09-15

    In Europe, environmental and economic considerations are driving a revolution in power transmission and distribution. Specifically of interest to this paper, utility companies are increasingly using information and communication technology (ICT) to increase the efficiency and reliability of the grid, as well as to incorporate smaller-scale sources of intermittent wind and solar power into our electricity supply. This should have a positive effect on Europe's energy policy objectives. However, developments in the field of international security have made clear that increased reliance on ICT within the electricity sector will create new vulnerabilities that may undermine these gains. This paper argues that the European Union (EU) has the opportunity to mitigate these vulnerabilities by virtue of its strengthening regulatory position in the European market, and its record of promoting energy technology research. However, the organization will need to act now in recognizing that cyber security as an essential dimension of its energy policy. This paper recommends that the Commission acts now to appoint a coordinator to accelerate the adoption of sensitive institutional changes in this vein. It also suggests that the EU would benefit from cooperation with the United States-a country with strong cyber capabilities that would complement the European program. - Highlights: > Increased reliance on ICT has created new challenges in Europe's electricity sector.> The European Union has the opportunity to mitigate these.> The Union must acts now to prevent a potentially costly technological lock-in.> It should designate a coordinator to drive through necessary legislative reforms.> The United States would be a good international partner on the issue.

  13. Smart Grid Security. White Paper

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2011-09-15

    One of the biggest concerns for smart grid developers is cyber security due to the reliance on IT communication networks. While the current grid is not immune to energy theft, fraud and malicious cyber-attacks, the smart grid poses new security issues. It is more likely now that theft, malicious attack and fraud will be committed by people working remotely from a laptop several miles away, even in a different country, than someone physically manipulating meters. This makes it difficult to predict where attacks will come from.

  14. Smart grid security

    CERN Document Server

    Goel, Sanjay; Papakonstantinou, Vagelis; Kloza, Dariusz

    2015-01-01

    This book on smart grid security is meant for a broad audience from managers to technical experts. It highlights security challenges that are faced in the smart grid as we widely deploy it across the landscape. It starts with a brief overview of the smart grid and then discusses some of the reported attacks on the grid. It covers network threats, cyber physical threats, smart metering threats, as well as privacy issues in the smart grid. Along with the threats the book discusses the means to improve smart grid security and the standards that are emerging in the field. The second part of the b

  15. Wireless Sensor Network Based Smart Grid Communications: Cyber Attacks, Intrusion Detection System and Topology Control

    Directory of Open Access Journals (Sweden)

    Lipi Chhaya

    2017-01-01

    Full Text Available The existing power grid is going through a massive transformation. Smart grid technology is a radical approach for improvisation in prevailing power grid. Integration of electrical and communication infrastructure is inevitable for the deployment of Smart grid network. Smart grid technology is characterized by full duplex communication, automatic metering infrastructure, renewable energy integration, distribution automation and complete monitoring and control of entire power grid. Wireless sensor networks (WSNs are small micro electrical mechanical systems that are deployed to collect and communicate the data from surroundings. WSNs can be used for monitoring and control of smart grid assets. Security of wireless sensor based communication network is a major concern for researchers and developers. The limited processing capabilities of wireless sensor networks make them more vulnerable to cyber-attacks. The countermeasures against cyber-attacks must be less complex with an ability to offer confidentiality, data readiness and integrity. The address oriented design and development approach for usual communication network requires a paradigm shift to design data oriented WSN architecture. WSN security is an inevitable part of smart grid cyber security. This paper is expected to serve as a comprehensive assessment and analysis of communication standards, cyber security issues and solutions for WSN based smart grid infrastructure.

  16. Handbook on Securing Cyber-Physical Critical Infrastructure

    CERN Document Server

    Das, Sajal K; Zhang, Nan

    2012-01-01

    The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports a

  17. Cyber Security and Resilient Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  18. Cyber Security and Resilient Systems

    International Nuclear Information System (INIS)

    Anderson, Robert S.

    2009-01-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  19. Cyber physical systems approach to smart electric power grid

    CERN Document Server

    Khaitan, Siddhartha Kumar; Liu, Chen Ching

    2015-01-01

    This book documents recent advances in the field of modeling, simulation, control, security and reliability of Cyber- Physical Systems (CPS) in power grids. The aim of this book is to help the reader gain insights into working of CPSs and understand their potential in transforming the power grids of tomorrow. This book will be useful for all those who are interested in design of cyber-physical systems, be they students or researchers in power systems, CPS modeling software developers, technical marketing professionals and business policy-makers.

  20. Smart Grid Security A Smart Meter-Centric Perspective

    DEFF Research Database (Denmark)

    Vigo, Roberto; Yuksel, Ender; Ramli, Carroline Dewi Puspa Kencana

    2012-01-01

    , leading to what is known as the Smart Grid. The development of this Cyber-Physical System introduces new security issues, thus calling for efforts in studying possible attacks and devising suitable countermeasures. In this paper, we review a generic model for the Smart Grid, and present possible attacks......The electricity grid is a key infrastructure for our society, therefore its security is a critical public concern. This physical system is becoming more and more complex as it is coupled with a cyber layer carrying information about power usage and control instructions for intelligent appliances...

  1. Smart Grid Security: Threats, Challenges, and Solutions

    OpenAIRE

    Sanjab, Anibal; Saad, Walid; Guvenc, Ismail; Sarwat, Arif; Biswas, Saroj

    2016-01-01

    The cyber-physical nature of the smart grid has rendered it vulnerable to a multitude of attacks that can occur at its communication, networking, and physical entry points. Such cyber-physical attacks can have detrimental effects on the operation of the grid as exemplified by the recent attack which caused a blackout of the Ukranian power grid. Thus, to properly secure the smart grid, it is of utmost importance to: a) understand its underlying vulnerabilities and associated threats, b) quanti...

  2. Effectively protecting cyber infrastructure and assessing security needs

    Energy Technology Data Exchange (ETDEWEB)

    Robbins, J.; Starman, R. [EWA Canada Ltd., Edmonton, AB (Canada)

    2002-07-01

    This presentation addressed some of the requirements for effectively protecting cyber infrastructure and assessing security needs. The paper discussed the hype regarding cyber attacks, and presented the Canadian reality (as viewed by CanCERT). An assessment of security concerns was also presented. Recent cyber attacks on computer networks have raised fears of unsafe energy networks. Some experts claim the attacks are linked to terrorism, others blame industrial spying and mischief. Others dismiss the notion that somebody could bring down a power grid with a laptop as being far-fetched. It was noted that the cyber security threat is real, and that attacks are becoming more sophisticated as we live in a target rich environment. The issue of assessing vulnerabilities was discussed along with the selection of safeguards such as improving SCADA systems and the latest encryption methods to prevent hackers from bringing down computer networks. 3 tabs., 23 figs.

  3. Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

    OpenAIRE

    Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

    2013-01-01

    Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cy...

  4. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  5. Securing the smart grid information exchange

    Energy Technology Data Exchange (ETDEWEB)

    Fries, Steffen; Falk, Rainer [Siemens AG, Corporate Technology, Muenchen (Germany)

    2012-07-01

    The smart grid is based on information exchange between various stakeholders using open communication technologies, to control the physical electric grid through the information grid. Protection against cyber attacks is essential to ensure a reliable operation of the smart grid. This challenge is addressed by various regulatory, standardization, and research activities. After giving an overview of the security demand of a smart grid, existing and appearing standardization activities are described. (orig.)

  6. What kind of cyber security? Theorising cyber security and mapping approaches

    OpenAIRE

    Laura Fichtner

    2018-01-01

    Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances...

  7. Cyber Security : Home User's Perspective

    OpenAIRE

    Ikonen, Mikko

    2014-01-01

    Cyber security is important to understand for home users. New technology allows for new cyber threats to emerge and new solutions must be considered to counter them. Nearly every device is connected to the Internet and this opens new possibilities and threats to cyber security. This Bachelor's thesis explores the different aspects of cyber security and suggests solutions to different cyber security issues found. The different aspects of cyber security under research here include personal ...

  8. Cyber-physical securi

    Directory of Open Access Journals (Sweden)

    Aditya Ashok

    2014-07-01

    Full Text Available Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

  9. Protecting Intelligent Distributed Power Grids against Cyber Attacks

    Energy Technology Data Exchange (ETDEWEB)

    Dong Wei; Yan Lu; Mohsen Jafari; Paul Skare; Kenneth Rohde

    2010-12-31

    Like other industrial sectors, the electrical power industry is facing challenges involved with the increasing demand for interconnected operations and control. The electrical industry has largely been restructured due to deregulation of the electrical market and the trend of the Smart Grid. This moves new automation systems from being proprietary and closed to the current state of Information Technology (IT) being highly interconnected and open. However, while gaining all of the scale and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications for the power grid were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: (1) integration with existing, legacy systems in a non-intrusive fashion; (2) desirable performance in terms of modularity, scalability, extendibility, and manageability; (3) alignment to the 'Roadmap to Secure Control Systems in the Energy Sector' and the future smart grid. The on-site system test of the developed prototype security system is briefly presented as well.

  10. Understanding the Perils of our Power Grid Security

    OpenAIRE

    Unton, Chris

    2016-01-01

    Our nation depends on electric power to support daily conveniences as well as critical functions like street lights, hospitals, and 911 phone calls. As the equipment to operate the bulk electric system becomes increasingly computerized and connected, we face an increasing risk of Cyber Security breach disabling or damaging the grid. Regulators have devised Critical Infrastructure Protection standards to enforce a minimum level of Cyber Security protection at utilities and other companies resp...

  11. Review of Cyber-Physical Attacks and Counter Defense Mechanisms for Advanced Metering Infrastructure in Smart Grid

    OpenAIRE

    Wei, Longfei; Rondon, Luis Puche; Moghadasi, Amir; Sarwat, Arif I.

    2018-01-01

    The Advanced Metering Infrastructure (AMI) is a vital element in the current development of the smart grid. AMI technologies provide electric utilities with an effective way of continuous monitoring and remote control of smart grid components. However, owing to its increasing scale and cyber-physical nature, the AMI has been faced with security threats in both cyber and physical domains. This paper provides a comprehensive review of the crucial cyber-physical attacks and counter defense mecha...

  12. What kind of cyber security? Theorising cyber security and mapping approaches

    Directory of Open Access Journals (Sweden)

    Laura Fichtner

    2018-05-01

    Full Text Available Building on conceptual work on security and cyber security, the paper explores how different approaches to cyber security are constructed. It outlines structural components and presents four common approaches. Each of them suggests a different role for the actors involved and is motivated and justified by different values such as privacy, economic order and national security. When a cyber security policy or initiative is chosen by policymakers, the analysis of the underlying approach enhances our understanding of how this shapes relationships between actors and of the values prioritised, promoted and inscribed into the concerned technologies.

  13. Cyber security threats in the power sector: Need for a domain specific regulatory framework in India

    International Nuclear Information System (INIS)

    Ananda Kumar, V.; Pandey, Krishan K.; Punia, Devendra Kumar

    2014-01-01

    India is poised to spend over USD 5.8 billion as part of the National Smart Grid Mission aimed to alleviate India's ailing power sector as part of its 12th Five year plan (2012–2017). The federal government sponsored Restructured Accelerated Power Development and Reforms Program (R-APDRP) is also focused on building ICT capability in the state electricity boards. Presently however, there is no power sector specific cyber security mandates or policies in India. The Stuxnet, Shamoon and Anonymous incidents have shown that cyber attacks can cause significant damage and pose a risk to National Critical Infrastructure. A lack of security planning as part of designing the Smart grids can potentially leave gaping holes in the country's power sector stability. The paper highlights key cyber security threats across the entire power sector value chain—from generation, to transmission and distribution. It is aimed at building the case for power sector specific cyber security regulations based on the experience of regulators in other critical infrastructure sectors like Banking and Telecom in India and power sector regulations internationally. - Highlights: • Cyber security in power sector is key to protecting national critical infrastructure. • Poor cyber security planning would impact the power sector in India. • A laissez-faire approach to cyber security in power sector may not yield results. • There is a need for power sector specific cyber security regulations

  14. THE CYBER THREAT AND THE PROBLEM OF INFORMATION SECURITY - A critical analysis of the concepts of cyber-power and cyber-space

    Directory of Open Access Journals (Sweden)

    Sebastian SÂRBU

    2017-06-01

    Full Text Available In this paper we approached from a researcher’s angle and analyzed the concepts of cyber-space, cyber-power from the security school perspective, from that of the international organizations, and from the civil society point of view. Therefore we referred to the documents and the international initiatives concerning the security of data transfer in the context of the current threats against cybernetic security on the one hand, and its interpretation as a threat to the values, rights and democratic freedoms of the civil society, on the other. The risk society is defined both through the grid of political sociology, of the Copenhagen school, as a key element of reference in this case, as well as through the necessity to build a safe cyber space, here being scrutinized in a value-based antithesis between terror and democracy / freedom of speech.

  15. Enhancing the cyber-security of smart grids with applications to synchrophasor data

    Science.gov (United States)

    Pal, Seemita

    In the power grids, Supervisory Control and Data Acquisition (SCADA) systems are used as part of the Energy Management System (EMS) for enabling grid monitoring, control and protection. In recent times, with the ongoing installation of thousands of Phasor Measurement Units (PMUs), system operators are becoming increasingly reliant on PMU-generated synchrophasor measurements for executing wide-area monitoring and real-time control. The availability of PMU data facilitates dynamic state estimation of the system, thus improving the efficiency and resiliency of the grid. Since the SCADA and PMU data are used to make critical control decisions including actuation of physical systems, the timely availability and integrity of this networked data is of paramount importance. Absence or wrong control actions can potentially lead to disruption of operations, monetary loss, damage to equipments or surroundings or even blackout. This has posed new challenges to information security especially in this age of ever-increasing cyber-attacks. In this thesis, potential cyber-attacks on smart grids are presented and effective and implementable schemes are proposed for detecting them. The focus is mainly on three kinds of cyber-attacks and their detection: (i) gray-hole attacks on synchrophasor systems, (ii) PMU data manipulation attacks and (iii) data integrity attacks on SCADA systems. In the case of gray-hole attacks, also known as packet-drop attacks, the adversary may arbitrarily drop PMU data packets as they traverse the network, resulting in unavailability of time-sensitive data for the various critical power system applications. The fundamental challenge is to distinguish packets dropped by the adversary from those that occur naturally due to network congestion.The proposed gray-hole attack detection technique is based on exploiting the inherent timing information in the GPS time-stamped PMU data packets and using the temporal trends of the latencies to classify the cause of

  16. Threat Assessment for Multistage Cyber Attacks in Smart Grid Communication Networks

    OpenAIRE

    He, Xiaobing

    2017-01-01

    In smart grids, managing and controlling power operations are supported by information and communication technology (ICT) and supervisory control and data acquisition (SCADA) systems. The increasing adoption of new ICT assets in smart grids is making smart grids vulnerable to cyber threats, as well as raising numerous concerns about the adequacy of current security approaches. As a single act of penetration is often not sufficient for an attacker to achieve his/her goal, multistage cyb...

  17. National Cyber Security Policy

    Indian Academy of Sciences (India)

    National Cyber Security Policy. Salient Features: Caters to ... Creating a secure cyber ecosystem. Creating an assurance framework. Encouraging Open Standards. Strengthening the Regulatory framework. Creating mechanisms for security threat early warning, vulnerability management and response to security threats.

  18. Cyber terrorism and cyber-crime – threats for cyber security

    OpenAIRE

    Ackoski, Jugoslav; Dojcinovski, Metodija

    2012-01-01

    This paper has aim to give contribution in supporting efforts against cyber threats recognized as a cyber terrorism and cyber crime. Also, it has aim to show future challenges related to cyber security and their emerging threats – cyber war, cyber terrorism and cyber crime. Accelerate weapon development called ICT (Information Communication Technology) which is developed every day faster and faster, and development of human conscious on higher level about consequences of ICT enormous pene...

  19. Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

  20. Metaphors for cyber security.

    Energy Technology Data Exchange (ETDEWEB)

    Moore, Judy Hennessey; Parrott, Lori K.; Karas, Thomas H.

    2008-08-01

    This report is based upon a workshop, called 'CyberFest', held at Sandia National Laboratories on May 27-30, 2008. Participants in the workshop came from organizations both outside and inside Sandia. The premise of the workshop was that thinking about cyber security from a metaphorical perspective could lead to a deeper understanding of current approaches to cyber defense and perhaps to some creative new approaches. A wide range of metaphors was considered, including those relating to: military and other types of conflict, biological, health care, markets, three-dimensional space, and physical asset protection. These in turn led to consideration of a variety of possible approaches for improving cyber security in the future. From the proposed approaches, three were formulated for further discussion. These approaches were labeled 'Heterogeneity' (drawing primarily on the metaphor of biological diversity), 'Motivating Secure Behavior' (taking a market perspective on the adoption of cyber security measures) and 'Cyber Wellness' (exploring analogies with efforts to improve individual and public health).

  1. Cyber Security Analysis of Turkey

    OpenAIRE

    Senturk, Hakan; Çil, Zaim; Sağıroğlu, Şeref

    2016-01-01

    Considering the criticality of the cyber security threat in the 21st century, it is presumed that the nations are busy with series of activities in order to protect their security in the cyber space domain. In this paper, in light of the recent developments in the cyber security field, Turkey’s cyber security analysis is performed using a macro analysis model. We researched for the measures taken in Turkey with respect to those in the other countries, reviewed the posture, the activities and ...

  2. Cyber security in digitalized nuclear power plants

    Energy Technology Data Exchange (ETDEWEB)

    Sohn, Kwang Young; Yi, Woo June [KoRTS Co., Ltd., Daejeon (Korea, Republic of)

    2008-10-15

    This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully.

  3. Cyber security in digitalized nuclear power plants

    International Nuclear Information System (INIS)

    Sohn, Kwang Young; Yi, Woo June

    2008-01-01

    This paper analyzer the cyber security issues pertaining to networks and general systems, and provides cyber security activity model. For this, the importance of security, and the domestic and international trends of cyber security are surveyed in order to introduce the strategies and countermeasures of cyber security which should be interfaced with Quality Assurance (QA) plan Based on the result of cyber security model introduced in this paper, activities for cyber security, work load, necessary resources and process for activities, and duration could be estimated hopefully

  4. Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

    Directory of Open Access Journals (Sweden)

    Karl H. Stingeder

    2015-09-01

    Full Text Available Welche Rolle spielt Cyber Crime gegenwärtig? Was unterscheidet Cyber Crime von Cyber War? Wie muss Cyber Security gestaltet sein, um effektiven Schutz nachhaltig zu gewährleisten? Cyber Crime-Aktivitäten kennzeichnen sich häufig durch eine einfache Zugänglichkeit von betrügerischem Know-How und technischen Hilfsmitteln. Bedingt durch eine schleppende und mangelhafte Umsetzung von koordinierten Gegenmaßnahmen, resultieren Cyber-Delikte in einem Low-Risk und High-Reward Szenario für Cyber-Kriminelle. Je organisierter und spezialisierter ein Cyber-Crime-Netzwerk gestaltet ist, desto größer wird das Schadenspotenzial. Cyber Crime ist der Überbegriff für betrügerische Aktivitäten über das Internet. Diese stützen sich auf das Vorbild von "traditionellen" Offline-Kriminalitätsverhaltensmustern, welche durch das technologische Spektrum des Internets einfach zugänglich sind. Nichtsdestoweniger ist es die technische Ausführung der Delikte, die ein wesentliches Unterscheidungsmerkmal zwischen Online- und Offline-Betrug bildet. Auch steht die für organisierte, kriminelle Verbindungen, so auch für Regierungen oder Terrororganisationen geringere Hemmschwelle für eine militärische Instrumentalisierung des Internets im Brennpunkt von Cyber Security. Erfolgen Cyber Crime Aktivitäten unter dem Anspruch der Verfolgung politischer Ziele, sprechen wir von Cyber War. Nachhaltige, gegen Cyber Crime und Cyber War gerichtete Cyber Security-Maßnahmen finden in einem hochdynamischen Umfeld statt. Cyber-Kriminelle sind im Regelfall logistisch und finanziell gut ausgestattet. Viele werden von Regierungen unterstützt. Cyber Crime-Player verfügen über weitreichende technische Fähigkeiten, sodass sie maßgeschneiderte Schadprogramme (Malware für ihre Ziele entwickeln können. Aktuell fehlt vielen Unternehmen und öffentlichen Institutionen das Bewusstsein für die Notwendigkeit von Abwehrsystemen. Ein Cyber Security-Fokus auf Pr

  5. A Hierarchical Security Architecture for Cyber-Physical Systems

    Energy Technology Data Exchange (ETDEWEB)

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  6. Maritime Cyber Security University Research

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-06-16 Maritime Cyber Security...Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security University

  7. On a simulation study for reliable and secured smart grid communications

    Science.gov (United States)

    Mallapuram, Sriharsha; Moulema, Paul; Yu, Wei

    2015-05-01

    Demand response is one of key smart grid applications that aims to reduce power generation at peak hours and maintain a balance between supply and demand. With the support of communication networks, energy consumers can become active actors in the energy management process by adjusting or rescheduling their electricity usage during peak hours based on utilities pricing incentives. Nonetheless, the integration of communication networks expose the smart grid to cyber-attacks. In this paper, we developed a smart grid simulation test-bed and designed evaluation scenarios. By leveraging the capabilities of Matlab and ns-3 simulation tools, we conducted a simulation study to evaluate the impact of cyber-attacks on demand response application. Our data shows that cyber-attacks could seriously disrupt smart grid operations, thus confirming the need of secure and resilient communication networks for supporting smart grid operations.

  8. Smart Grids Cyber Security Issues and Challenges

    OpenAIRE

    Imen Aouini; Lamia Ben Azzouz

    2015-01-01

    The energy need is growing rapidly due to the population growth and the large new usage of power. Several works put considerable efforts to make the electricity grid more intelligent to reduce essentially energy consumption and provide efficiency and reliability of power systems. The Smart Grid is a complex architecture that covers critical devices and systems vulnerable to significant attacks. Hence, security is a crucial factor for the success and the wide deployment of...

  9. Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

    Directory of Open Access Journals (Sweden)

    Dan Constantin TOFAN

    2012-01-01

    Full Text Available Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, dispersed nationwide, and acting within various economic sectors. The collected data will make us able to determine a national cyber-security alert score that could help policy makers in establishing the best strategies for protecting the national cyber-space.

  10. Literature Review on Cyber Security Investment Decisions

    OpenAIRE

    ŞENTÜRK, Hakan; ÇİL, Celal Zaim; SAĞIROĞLU, Şeref

    2016-01-01

    Severe financial losses incurred by cyber security attacks with increasing complexity and frequency, as well as booming cyber security sector offering variety of products as investment options have led the focus of the research in the field to the economic dimension of cyber security. The need for determination of methods to be used when making cyber security investment decisions under budget constraints have become prominent. In five sections as the cyber security investment strategies, risk...

  11. Game Based Cyber Security Training: are Serious Games suitable for cyber security training?

    Directory of Open Access Journals (Sweden)

    Maurice Hendrix

    2016-03-01

    Full Text Available Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search.While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

  12. Game based cyber security training: are serious games suitable for cyber security training?

    OpenAIRE

    Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom

    2016-01-01

    Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security profession...

  13. Cyber Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  14. Cyber Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  15. Cyber security issues in online games

    Science.gov (United States)

    Zhao, Chen

    2018-04-01

    With the rapid development of the Internet, online gaming has become a way of entertainment for many young people in the modern era. However, in recent years, cyber security issues in online games have emerged in an endless stream, which have also caused great attention of many game operators. Common cyber security problems in the game include information disclosure and cyber-attacks. These problems will directly or indirectly cause economic losses to gamers. Many gaming companies are enhancing the stability and security of their network or gaming systems in order to enhance the gaming user experience. This article has carried out the research of the cyber security issues in online games by introducing the background and some common cyber security threats, and by proposing the latent solution. Finally, it speculates the future research direction of the cyber security issues of online games in the hope of providing feasible solution and useful information for game operators.

  16. Canvassing the Cyber Security Landscape: Why Energy Companies Need to Pay Attention

    OpenAIRE

    Averill, B.; Luiijf, H.A.M.

    2010-01-01

    Recent news of a “highly sophisticated and targeted” cyber attack on Google, Yahoo, and perhaps on as many as a dozen other companies has once again brought the issue of cyber security to the top of the news. Internet companies, however, are not the only ones vulnerable to such attacks. Over the past decade, a series of events has highlighted the vulnerability of the electric grid and other energy infrastructures to both cyber disruptions (due, e.g., to malware) and from outside attacks using...

  17. Blockchain: A Path to Grid Modernization and Cyber Resiliency

    Energy Technology Data Exchange (ETDEWEB)

    Mylrea, Michael E.; Gourisetti, Sri Nikhil G.

    2017-09-19

    Blockchain may help solve several complex problems related to integrity and trustworthiness of rapid, distributed, complex energy transactions and data exchanges. In a move towards resilience, blockchain commoditizes trust and enables automated smart contracts to support auditable multiparty transactions based on predefined rules between distributed energy providers and customers. Blockchain based smart contracts also help remove the need to interact with third-parties, facilitating the adoption and monetization of distributed energy transactions and exchanges, both energy flows as well as financial transactions. This may help reduce transactive energy costs and increase the security and sustainability of distributed energy resource (DER) integration, helping to remove barriers to a more decentralized and resilient power grid. This paper explores the application of blockchain and smart contracts to improve smart grid cyber resiliency and secure transactive energy applications.

  18. Development of Cyber Security Scheme for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Choi, Y. S.; Cho, J. W. (and others)

    2009-12-15

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures.

  19. Development of Cyber Security Scheme for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Choi, Y. S.; Cho, J. W.

    2009-12-01

    Nuclear I and C system is considered to be safe on the cyber threat because of the use of exclusive communication network and operating system. But the trend of open architecture and standardization on the equipment of I and C system, it is not safe on the cyber threat such as hacking and cyber terror. It is needed to protect nuclear I and C systems by the cyber attack, Countermeasures of the cyber security is required a lot of time and endeavors because there are many factors on the environment of cyber security and cyber attack. For the nuclear cyber security, we should make structural framework and eliminate cyber vulnerabilities by the analysis of cyber environment. The framework for the cyber security includes planning, embodiment of security technologies, security audit, security management and security maintenance. In this report, we examined IT security technology and the trend of standard in the industrial I and C system, and proposed a method to construct cyber security for the nuclear power plant. We analysed the threat of cyber security, vulnerability and cyber risk, then we present a method for the cyber security structure and the countermeasures

  20. NATIONAL SECURITY IMPLICATIONS OF CYBER THREATS

    Directory of Open Access Journals (Sweden)

    ALEJANDRO AMIGO TOSSI

    2017-09-01

    Full Text Available Cyber threat is one of the main risks for security in developing countries, as well in States on the development path, such as ours. This phenomena is a challenge to national security, that needs the adoption of a paramount approach in its analysis, that have to consider all the aspects that had transformed the actors and malevolent actions in this environment in one of the most important challenges to the security of governmental as well as private organizations all over the world. States, hackers, cyber activists, and cyber criminals have been main actors in several situations that had shaped a new dimension for international and national security. The purpose of this article is to propose topics that could be included in the national assessment of cyber threats to the Chilean national security, based upon several conceptual definitions, cyber attacks already executed to state and military organization’s in Chile, and lastly, considerations over cyber threats included in the National Security Strategies of some western powers.

  1. Cyber security analytics, technology and automation

    CERN Document Server

    Neittaanmäki, Pekka

    2015-01-01

    Over the last two decades, the Internet and more broadly cyberspace has had a tremendous impact on all parts of society. Governments across the world have started to develop cyber security strategies and to consider cyberspace as an increasingly important international issue. The book, in addition to the cyber threats and technology, processes cyber security from many sides as a social phenomenon and how the implementation of the cyber security strategy is carried out. The book gives a profound idea of the most spoken phenomenon of this time. The book is suitable for a wide-ranging audience from graduate to professionals/practitioners and researchers. Relevant disciplines for the book are  Telecommunications / Network security, Applied mathematics / Data analysis, Mobile systems / Security, Engineering / Security of critical infrastructure and Military science / Security.

  2. Cyber security for nuclear power plants

    International Nuclear Information System (INIS)

    Verma, Ruchi; Razdan, Mayuri; Munshi, Prabhat

    2005-01-01

    Cyber Security, cyber terrorism and cyber crime are the buzzwords in security related aspects of information technology. These terms are related to computers and networks that are critical for normal functionality and operations of nuclear power plants. At one end, this inter connected era is giving us the ease to perform various critical operation with a click of command, but on the other end it is giving rise to the new world of terrorism. In today's internet connected world, terrorism has left all the boundaries back and taken the new form, term it cyber terrorism or cyber crime. This paper aims to spread the awareness about cyber terrorism and how it can affect the overall security of nuclear power plants and establishments. (author)

  3. Information fusion for cyber-security analytics

    CERN Document Server

    Karabatis, George; Aleroud, Ahmed

    2017-01-01

    This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

  4. Review on Cyber Security Programs for NPP Application

    Energy Technology Data Exchange (ETDEWEB)

    Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

    2010-10-15

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  5. Review on Cyber Security Programs for NPP Application

    International Nuclear Information System (INIS)

    Oh, Eung Se

    2010-01-01

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  6. Cyber Crime & Cyber War – "Part of the Game": Cyber Security, Quo Vadis?

    OpenAIRE

    Karl H. Stingeder

    2015-01-01

    Welche Rolle spielt Cyber Crime gegenwärtig? Was unterscheidet Cyber Crime von Cyber War? Wie muss Cyber Security gestaltet sein, um effektiven Schutz nachhaltig zu gewährleisten? Cyber Crime-Aktivitäten kennzeichnen sich häufig durch eine einfache Zugänglichkeit von betrügerischem Know-How und technischen Hilfsmitteln. Bedingt durch eine schleppende und mangelhafte Umsetzung von koordinierten Gegenmaßnahmen, resultieren Cyber-Delikte in einem Low-Risk und High-Reward Szenario für Cyber-Krimi...

  7. Development of a cyber security risk model using Bayesian networks

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Son, Hanseong; Khalil ur, Rahman; Heo, Gyunyoung

    2015-01-01

    Cyber security is an emerging safety issue in the nuclear industry, especially in the instrumentation and control (I and C) field. To address the cyber security issue systematically, a model that can be used for cyber security evaluation is required. In this work, a cyber security risk model based on a Bayesian network is suggested for evaluating cyber security for nuclear facilities in an integrated manner. The suggested model enables the evaluation of both the procedural and technical aspects of cyber security, which are related to compliance with regulatory guides and system architectures, respectively. The activity-quality analysis model was developed to evaluate how well people and/or organizations comply with the regulatory guidance associated with cyber security. The architecture analysis model was created to evaluate vulnerabilities and mitigation measures with respect to their effect on cyber security. The two models are integrated into a single model, which is called the cyber security risk model, so that cyber security can be evaluated from procedural and technical viewpoints at the same time. The model was applied to evaluate the cyber security risk of the reactor protection system (RPS) of a research reactor and to demonstrate its usefulness and feasibility. - Highlights: • We developed the cyber security risk model can be find the weak point of cyber security integrated two cyber analysis models by using Bayesian Network. • One is the activity-quality model signifies how people and/or organization comply with the cyber security regulatory guide. • Other is the architecture model represents the probability of cyber-attack on RPS architecture. • The cyber security risk model can provide evidence that is able to determine the key element for cyber security for RPS of a research reactor

  8. Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

    International Nuclear Information System (INIS)

    Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon; Kang, Mingyun

    2015-01-01

    Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately

  9. Considerations on Cyber Security Assessments of Korean Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jung-Woon; Song, Jae-Gu; Han, Kyung-Soo; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Kang, Mingyun [E-Gonggam Co. Ltd., Daejeon (Korea, Republic of)

    2015-10-15

    Korea Institute of Nuclear Nonproliferation and Control (KINAC) has prepared the regulatory standard RS-015 based on RG 5.71. RS-015 defines the elements of a cyber security program to be established in nuclear facilities and describes the security control items and relevant requirements. Cyber security assessments are important initial activities in a cyber security program for NPPs. Cyber security assessments can be performed in the following key steps: 1) Formation of a cyber security assessment team (CSAT); 2) Identification of critical systems and critical digital assets (CDAs); 3) Plant compliance checks with the security control requirements in RS-015. Through the assessments, the current status of security controls applied to NPPs can be found out. The assessments provide baseline data for remedial activities. Additional analyses with the results from the assessments should be performed before the implementation of remedial security controls. The cyber security team at the Korea Atomic Energy Research Institute (KAERI) has studied how to perform cyber security assessments for NPPs based on the regulatory requirements. Recently, KAERI's cyber security team has performed pilot cyber security assessments of a Korean NPP. Based on this assessment experience, considerations and checkpoints which would be helpful for full-scale cyber security assessments of Korean NPPs and the implementation of remedial security controls are discussed in this paper. Cyber security assessment is one of important and immediate activities for NPP cyber security. The quality of the first assessment will be a barometer for NPP cyber security. Hence cyber security assessments of Korean NPPs should be performed elaborately.

  10. Study on Nuclear Facility Cyber Security Awareness and Training Programs

    International Nuclear Information System (INIS)

    Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon

    2016-01-01

    Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

  11. Study on Nuclear Facility Cyber Security Awareness and Training Programs

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jung-Woon; Song, Jae-Gu; Lee, Cheol-Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2016-10-15

    Cyber security awareness and training, which is a part of operational security controls, is defined to be implemented later in the CSP implementation schedule. However, cyber security awareness and training is a prerequisite for the appropriate implementation of a cyber security program. When considering the current situation in which it is just started to define cyber security activities and to assign personnel who has responsibilities for performing those activities, a cyber security awareness program is necessary to enhance cyber security culture for the facility personnel to participate positively in cyber security activities. Also before the implementation of stepwise CSP, suitable education and training should be provided to both cyber security teams (CST) and facility personnel who should participate in the implementation. Since such importance and urgency of cyber security awareness and training is underestimated at present, the types, trainees, contents, and development strategies of cyber security awareness and training programs are studied to help Korean nuclear facilities to perform cyber security activities more effectively. Cyber security awareness and training programs should be developed ahead of the implementation of CSP. In this study, through the analysis of requirements in the regulatory standard RS-015, the types and trainees of overall cyber security training programs in nuclear facilities are identified. Contents suitable for a cyber security awareness program and a technical training program are derived. It is suggested to develop stepwise the program contents in accordance with the development of policies, guides, and procedures as parts of the facility cyber security program. Since any training programs are not available for the specialized cyber security training in nuclear facilities, a long-term development plan is necessary. As alternatives for the time being, several cyber security training courses for industrial control systems by

  12. Disruptive Ideas for Power Grid Security and Resilience With DER

    Energy Technology Data Exchange (ETDEWEB)

    Ibrahim, Erfan [National Renewable Energy Laboratory (NREL), Golden, CO (United States)

    2017-10-23

    This presentation by Erfan Ibrahim was prepared for NREL's 2017 Cybersecurity and Reslience Workshop on distributed energy resource (DER) best practices. The presentation provides an overview of NREL's Cyber-Physical Systems Security and Resilience R&D Center, the Center's approach to cybersecurity, and disruptive ideas for power grid security and resilience with DER.

  13. Realizing Scientific Methods for Cyber Security

    Energy Technology Data Exchange (ETDEWEB)

    Carroll, Thomas E.; Manz, David O.; Edgar, Thomas W.; Greitzer, Frank L.

    2012-07-18

    There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber security science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.

  14. Deliverable 1.1 Smart grid scenario

    DEFF Research Database (Denmark)

    Korman, Matus; Ekstedt, Mathias; Gehrke, Oliver

    2015-01-01

    The purpose of the SALVAGE project is to develop better support for managing and designing a secure future smart grid. This approach includes cyber security technologies dedicated to power grid operation as well as support for the migration to the future smart grid solutions, including the legacy...... of ICT that necessarily will be part of it. The objective is further to develop cyber security technology and methodology optimized with the particular needs and context of the power industry, something that is to a large extent lacking in general cyber security best practices and technologies today...

  15. Nuclear Cyber Security Issues and Policy Recommendations

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Cheol-Kwon; Lee, Dong-Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Lee, Na-Young; Hwang, Young-Soo [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2015-10-15

    The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities.

  16. Nuclear Cyber Security Issues and Policy Recommendations

    International Nuclear Information System (INIS)

    Lee, Cheol-Kwon; Lee, Dong-Young; Lee, Na-Young; Hwang, Young-Soo

    2015-01-01

    The cyber-attack against computer systems causes the loss of function which brings about the big economic loss, and it becomes a national-wide issue. In recent days the cyber threat has occurred in the national critical infrastructure around the world. In the nuclear industry, while discussing responses to various threats against nuclear facilities since 2006, cyber-terrorism was also discussed. But at that time, cyber-attacks against control networks in nuclear facilities were not seriously considered because those networks were isolated from the Internet thoroughly and it was evaluated that cyber penetration would not be possible. However Stuxnet worm virus which attacked Iran's nuclear facilities confirmed that the cyber security problem could occur even in other nuclear facilities. The facilities were isolated from the Internet. After the cyber incident, we began to discuss the topic of NPP cyber security. It is very difficult to predict whether or when or how the cyber-attack will be occurred, which is a characteristic of cyber-attack. They could be always detected only after when an incident had occurred. This paper summarizes the report, 'Nuclear Cyber Security Issues and Policy Recommendations' by issue committee in the Korea Nuclear Society, which reviewed the cyber security framework for nuclear facilities in the Republic of Korea being established to prevent nuclear facilities from cyber-attacks and to respond systematically. As a result this paper proposes several comments to improve the security and furthermore safety of nuclear facilities Digital technology will be used more widely at the national critical infrastructure including nuclear facilities in the future, and moreover wireless technologies and mobile devices will be soon introduced to nuclear industry. It is therefore anticipated that the rapid advance in digital technology will accelerate the opportunity of hacking these facilities

  17. Mathematical and Statistical Opportunities in Cyber Security

    Energy Technology Data Exchange (ETDEWEB)

    Meza, Juan; Campbell, Scott; Bailey, David

    2009-03-23

    The role of mathematics in a complex system such as the Internet has yet to be deeply explored. In this paper, we summarize some of the important and pressing problems in cyber security from the viewpoint of open science environments. We start by posing the question 'What fundamental problems exist within cyber security research that can be helped by advanced mathematics and statistics'? Our first and most important assumption is that access to real-world data is necessary to understand large and complex systems like the Internet. Our second assumption is that many proposed cyber security solutions could critically damage both the openness and the productivity of scientific research. After examining a range of cyber security problems, we come to the conclusion that the field of cyber security poses a rich set of new and exciting research opportunities for the mathematical and statistical sciences.

  18. Cyber Security Applications: Freeware & Shareware

    Science.gov (United States)

    Rogers, Gary; Ashford, Tina

    2015-01-01

    This paper will discuss some assignments using freeware/shareware instructors can find on the Web to use to provide students with hands-on experience in this arena. Also, the college, Palm Beach State College, via a grant with the U.S. Department of Labor, has recently purchased a unique cyber security device that simulates cyber security attacks…

  19. Cyber security for greater service reliability

    Energy Technology Data Exchange (ETDEWEB)

    Vickery, P. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

    2008-05-15

    Service reliability in the electricity transmission and distribution (T and D) industry is being challenged by increased equipment failures, harsher climatic conditions, and computer hackers who aim to disrupt services by gaining access to transmission and distribution resources. This article discussed methods of ensuring the cyber-security of T and D operators. Weak points in the T and D industry include remote terminal units; intelligent electronic devices; distributed control systems; programmable logic controllers; and various intelligent field devices. An increasing number of interconnection points exist between an operator's service control system and external systems. The North American Electric Reliability Council (NERC) standards specify that cyber security strategies should ensure that all cyber assets are protected, and that access points must be monitored to detect intrusion attempts. The introduction of new advanced metering initiatives must also be considered. Comprehensive monitoring systems should be available to support compliance with cyber security standards. It was concluded that senior management should commit to a periodic cyber security re-assessment program in order to keep up-to-date.

  20. Europe’s fragmented approach towards cyber security

    Directory of Open Access Journals (Sweden)

    Karine e Silva

    2013-10-01

    Full Text Available The article proposes a deeper insight into the variety of concepts used to describe the term cyber security and the ways in which it has been used in recent years. It examines the role of three important actors involved in the internet governance arena, namely governments, private sector and civil society, and how they have influenced the debate. To this end, this paper analyses how different organisations, industry and societal actors see cyber security and how their interests influence the way the debate has evolved. The difficult balance between security and fundamental rights, although not new to governments and society, is of great importance for the internet. Citizens have engaged in favour of an open internet. However, little attention has been paid to the demands of citizens and how they may contribute to a concept of cyber security that brings society to its core. The paper states that for cyberspace to be open and supportive of innovation, the practice of cyber security needs to internalise the interests and perspectives of end users. A multistakeholder approach to cyber security asks a more participative environment where the rules of the game are decided with public participation and consultation, giving citizens the means and methods to influence the way cyber security is conceived and implemented. The paper concludes that although a citizen centric approach towards cyber security should be the way forward, this seems to be yet far from being included in the governmental agenda. The methodology applied in the paper was mainly focused on desk research.

  1. Cyber Security Policy. A methodology for Determining a National Cyber-Security Alert Level

    OpenAIRE

    Dan Constantin TOFAN; Maria Lavinia ANDREI; Lavinia Mihaela DINCÄ‚

    2012-01-01

    Nowadays, assuring the security of the national cyber-space has become a big issue that can only be tackled through collaborative approaches. Threats cannot be confined to a single computer system just as much as computer systems are rendered useless without being con-nected to a supporting network. The authors of this article propose an innovative architecture of a system designated to help governments collect and analyze data about cyber-security in-cidents, from different organizations, di...

  2. Competitive Cyber-Insurance and Internet Security

    Science.gov (United States)

    Shetty, Nikhil; Schwartz, Galina; Felegyhazi, Mark; Walrand, Jean

    This paper investigates how competitive cyber-insurers affect network security and welfare of the networked society. In our model, a user's probability to incur damage (from being attacked) depends on both his security and the network security, with the latter taken by individual users as given. First, we consider cyberinsurers who cannot observe (and thus, affect) individual user security. This asymmetric information causes moral hazard. Then, for most parameters, no equilibrium exists: the insurance market is missing. Even if an equilibrium exists, the insurance contract covers only a minor fraction of the damage; network security worsens relative to the no-insurance equilibrium. Second, we consider insurers with perfect information about their users' security. Here, user security is perfectly enforceable (zero cost); each insurance contract stipulates the required user security. The unique equilibrium contract covers the entire user damage. Still, for most parameters, network security worsens relative to the no-insurance equilibrium. Although cyber-insurance improves user welfare, in general, competitive cyber-insurers fail to improve network security.

  3. Smart Grid Communications Security Project, U.S. Department of Energy

    Energy Technology Data Exchange (ETDEWEB)

    Barnes, Frank [Univ. of Colorado, Boulder, CO (United States)

    2012-09-01

    There were four groups that worked on this project in different areas related to Smart Girds and Security. They included faculty and students from electric computer and energy engineering, law, business and sociology. The results of the work are summarized in a verity of reports, papers and thesis. A major report to the Governor of Colorado’s energy office with contributions from all the groups working on this project is given bellow. Smart Grid Deployment in Colorado: Challenges and Opportunities, Report to Colorado Governor’s Energy Office and Colorado Smart Grid Task Force(2010) (Kevin Doran, Frank Barnes, and Puneet Pasrich, eds.) This report includes information on the state of the grid cyber security, privacy, energy storage and grid stability, workforce development, consumer behavior with respect to the smart grid and safety issues.

  4. Cyber-crime Science = Crime Science + Information Security

    NARCIS (Netherlands)

    Hartel, Pieter H.; Junger, Marianne; Wieringa, Roelf J.

    2010-01-01

    Cyber-crime Science is an emerging area of study aiming to prevent cyber-crime by combining security protection techniques from Information Security with empirical research methods used in Crime Science. Information security research has developed techniques for protecting the confidentiality,

  5. CENTER FOR CYBER SECURITY STUDIES

    Data.gov (United States)

    Federal Laboratory Consortium — The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare, to facilitate the sharing of expertise...

  6. Kanttekeningen bij de Europese cyber security strategie

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Smulders, A.C.M.; Kamphuis, P.

    2013-01-01

    In februari presenteerde de Europese Unie de Europese cyber security strategie en begeleidende concept richtlijn. The Hague Security Delta (HSD) is verheugd dat de Nederlandse Nationale Cyber Security Strategie nu ook op Europees niveau navolging krijgt. Toch plaatsen we een paar kantekeningen.

  7. Addressing the Cyber-security and Cyber-terrorism Threats [video

    OpenAIRE

    Robi Sen; Center for Homeland Defense and Security Naval Postgraduate School

    2015-01-01

    While cyber terrorism is a relatively new threat in the world of national defense, the security issues we face are not necessarily new as a genre. In this segment, Chief Science Officer Robi Sen draws on the changing attitudes towards the cyber world. Topics include cooperation between law enforcement and hackers, the major motivations behind criminal hacking, and the realistic threats of cyber terrorism.

  8. Argonne to lead 8 DOE Grid Modernization Projects | Argonne National

    Science.gov (United States)

    Inverters Develop a holistic attack-resilient architecture and layered cyber-physical solution portfolio to ensuring that the grid is resilient and secure to withstand growing cyber security and climate challenges vehicles to buildings, as well as system-level vehicle-grid integration, analysis and cyber security. Find

  9. Cyber security issues imposed on nuclear power plants

    International Nuclear Information System (INIS)

    Kim, Do-Yeon

    2014-01-01

    Highlights: • Provide history of cyber attacks targeting at nuclear facilities. • Provide cyber security issues imposed on nuclear power plants. • Provide possible countermeasures for protecting nuclear power plants. - Abstract: With the introduction of new technology based on the increasing digitalization of control systems, the potential of cyber attacks has escalated into a serious threat for nuclear facilities, resulting in the advent of the Stuxnet. In this regard, the nuclear industry needs to consider several cyber security issues imposed on nuclear power plants, including regulatory guidelines and standards for cyber security, the possibility of Stuxnet-inherited malware attacks in the future, and countermeasures for protecting nuclear power plants against possible cyber attacks

  10. An assessment of the cyber security legislation and its impact on the United States electrical sector

    Science.gov (United States)

    Born, Joshua

    The purpose of this research was to examine the cyber-security posture for the United States' electrical grid, which comprises a major component of critical infrastructure for the country. The United States electrical sector is so vast, that the Department of Homeland Security (DHS) estimates, it contains more than 6,413 power plants (this includes 3,273 traditional electric utilities and 1,738 nonutility power producers) with approximately 1,075 gigawatts of energy produced on a daily basis. A targeted cyber-security attack against the electric grid would likely have catastrophic results and could even serve as a precursor to a physical attack against the United States. A recent report by the consulting firm Black and Veatch found that one of the top five greatest concerns for United States electric utilities is the risk that cybersecurity poses to their industry and yet, only one-third state they are currently prepared to meet the increasingly likely threat. The report goes on to state, "only 32% of electric utilities surveyed had integrated security systems with the proper segmentation, monitoring and redundancies needed for cyber threat protection. Another 48 % said they did not" Recent estimates indicate that a large-scale cyber-attack against this sector could cost the United States economy as much as a trillion dollars within a weeks' time. Legislative efforts in the past have primarily been focused on creating mandates that encourage public and private partnership, which have been not been adopted as quickly as desired. With 85 % of all electric utilities being privately owned, it is key that the public and private sector partner in order to mitigate risks and respond as a cohesive unit in the event of a major attack. Keywords: Cybersecurity, Professor Riddell, cyber security, energy, intelligence, outlook, electrical, compliance, legislation, partnerships, critical infrastructure.

  11. Cyber/Physical Security Vulnerability Assessment Integration

    International Nuclear Information System (INIS)

    MacDonald, Douglas G.; Key, Brad; Clements, Samuel L.; Hutton, William J.; Craig, Philip A.; Patrick, Scott W.; Crawford, Cary E.

    2011-01-01

    This internally funded Laboratory-Directed R and D project by the Pacific Northwest National Laboratory, in conjunction with QinetiQ North America, is intended to identify and properly assess areas of overlap (and interaction) in the vulnerability assessment process between cyber security and physical protection. Existing vulnerability analysis (VA) processes and software tools exist, and these are heavily utilized in the determination of predicted vulnerability within the physical and cyber security domains. These determinations are normally performed independently of one another, and only interact on a superficial level. Both physical and cyber security subject matter experts have come to realize that though the various interactive elements exist, they are not currently quantified in most periodic security assessments. This endeavor aims to evaluate both physical and cyber VA techniques and provide a strategic approach to integrate the interdependent relationships of each into a single VA capability. This effort will also transform the existing suite of software currently utilized in the physical protection world to more accurately quantify the risk associated with a blended attack scenario. Performance databases will be created to support the characterization of the cyber security elements, and roll them into prototype software tools. This new methodology and software capability will enable analysts to better identify and assess the overall risk during a vulnerability analysis.

  12. Cyber power crime, conflict and security in cyberspace

    CERN Document Server

    Ghernaouti, Solange

    2013-01-01

    Most books on cybercrime are written by national security or political experts, and rarely propose an integrated and comprehensive approach to cybercrime, cyber-terrorism, cyber-war and cyber-security. This work develops approaches to crucial cyber-security issues that are non-political, non-partisan, and non-governmental. It informs readers through high-level summaries and the presentation of a consistent approach to several cyber-risk related domains, both from a civilian and a military perspective. Explaining fundamental principles in an interdisciplinary manner, it sheds light on the societal, economic, political, military, and technical issues related to the use and misuse of information and communication technologies.

  13. Cyber Security in Digital I and C Implementation

    Energy Technology Data Exchange (ETDEWEB)

    Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William [Doosan HF Controls, Texas (United States)

    2011-08-15

    During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described.

  14. Cyber Security in Digital I and C Implementation

    International Nuclear Information System (INIS)

    Chow, Ivan; Hsu, Allen; Kim, Jong Min; Luo, William

    2011-01-01

    During the Nuclear Regulatory Commission (NRC) audit process of Doosan HF Control HFC-6000 safety system 2009, cyber security assessment was a major audit process. The result of the assessment was favorably satisfied. As preventing digital I and C systems from being hijacked by malicious software a major goal for the NRC, audit process of actual digital I and C implementations such as the HFC-6000 safety system which provides already strong cyber security measures is mutually beneficial to both the NRC and the vendor: NRC can enhance their set of cyber security assessments and vendors such as Doosan HFC can also augment their cyber security measures. The NRC Safety Evaluation Report (SER) for the HFC-6000 system was released in April 2011 qualifying the system to be used as safety systems in US nuclear power plants. This paper provides the summary of the cyber security assessment of the complete software life cycle of HFC-6000 Safety System. Lessons learned in each life cycle phase are provided. In addition, alternate measures or recommendations for enhancing the cyber security in each life cycle phase are also described

  15. Building organisational cyber resilience: A strategic knowledge-based view of cyber security management.

    Science.gov (United States)

    Ferdinand, Jason

    The concept of cyber resilience has emerged in recent years in response to the recognition that cyber security is more than just risk management. Cyber resilience is the goal of organisations, institutions and governments across the world and yet the emerging literature is somewhat fragmented due to the lack of a common approach to the subject. This limits the possibility of effective collaboration across public, private and governmental actors in their efforts to build and maintain cyber resilience. In response to this limitation, and to calls for a more strategically focused approach, this paper offers a knowledge-based view of cyber security management that explains how an organisation can build, assess, and maintain cyber resilience.

  16. Smart Grid Demonstration Project

    Energy Technology Data Exchange (ETDEWEB)

    Miller, Craig [National Rural Electric Cooperative Association, Arlington, VA (United States); Carroll, Paul [National Rural Electric Cooperative Association, Arlington, VA (United States); Bell, Abigail [National Rural Electric Cooperative Association, Arlington, VA (United States)

    2015-03-11

    The National Rural Electric Cooperative Association (NRECA) organized the NRECA-U.S. Department of Energy (DOE) Smart Grid Demonstration Project (DE-OE0000222) to install and study a broad range of advanced smart grid technologies in a demonstration that spanned 23 electric cooperatives in 12 states. More than 205,444 pieces of electronic equipment and more than 100,000 minor items (bracket, labels, mounting hardware, fiber optic cable, etc.) were installed to upgrade and enhance the efficiency, reliability, and resiliency of the power networks at the participating co-ops. The objective of this project was to build a path for other electric utilities, and particularly electrical cooperatives, to adopt emerging smart grid technology when it can improve utility operations, thus advancing the co-ops’ familiarity and comfort with such technology. Specifically, the project executed multiple subprojects employing a range of emerging smart grid technologies to test their cost-effectiveness and, where the technology demonstrated value, provided case studies that will enable other electric utilities—particularly electric cooperatives— to use these technologies. NRECA structured the project according to the following three areas: Demonstration of smart grid technology; Advancement of standards to enable the interoperability of components; and Improvement of grid cyber security. We termed these three areas Technology Deployment Study, Interoperability, and Cyber Security. Although the deployment of technology and studying the demonstration projects at coops accounted for the largest portion of the project budget by far, we see our accomplishments in each of the areas as critical to advancing the smart grid. All project deliverables have been published. Technology Deployment Study: The deliverable was a set of 11 single-topic technical reports in areas related to the listed technologies. Each of these reports has already been submitted to DOE, distributed to co-ops, and

  17. Primer Control System Cyber Security Framework and Technical Metrics

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  18. TCIA Secure Cyber Critical Infrastructure Modernization.

    Energy Technology Data Exchange (ETDEWEB)

    Keliiaa, Curtis M. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-02-01

    The Sandia National Laboratories (Sandia Labs) tribal cyber infrastructure assurance initiative was developed in response to growing national cybersecurity concerns in the the sixteen Department of Homeland Security (DHS) defined critical infrastructure sectors1. Technical assistance is provided for the secure modernization of critical infrastructure and key resources from a cyber-ecosystem perspective with an emphasis on enhanced security, resilience, and protection. Our purpose is to address national critical infrastructure challenges as a shared responsibility.

  19. The Soft Side of Cyber Security - Social Media

    DEFF Research Database (Denmark)

    Nissen, Thomas Elkjer

    2016-01-01

    The importance of cyber-security is growing. With the continued digitization of our everyday life we become increasingly vulnerable to cyber-attacks – also personally. Therefore, it is an issue to be taken extremely seriously.......The importance of cyber-security is growing. With the continued digitization of our everyday life we become increasingly vulnerable to cyber-attacks – also personally. Therefore, it is an issue to be taken extremely seriously....

  20. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

  1. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2016-01-01

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

  2. Cyber security evaluation of II&C technologies

    Energy Technology Data Exchange (ETDEWEB)

    Thomas, Ken [Idaho National Laboratory (INL), Idaho Falls, ID (United States)

    2014-11-01

    The Light Water Reactor Sustainability (LWRS) Program is a research and development program sponsored by the Department of Energy, which is conducted in close collaboration with industry to provide the technical foundations for licensing and managing the long-term, safe and economical operation of current nuclear power plants The LWRS Program serves to help the US nuclear industry adopt new technologies and engineering solutions that facilitate the continued safe operation of the plants and extension of the current operating licenses. Within the LWRS Program, the Advanced Instrumentation, Information, and Control (II&C) Systems Technologies Pathway conducts targeted research and development (R&D) to address aging and reliability concerns with the legacy instrumentation and control and related information systems of the U.S. operating light water reactor (LWR) fleet. The II&C Pathway is conducted by Idaho National Laboratory (INL). Cyber security is a common concern among nuclear utilities and other nuclear industry stakeholders regarding the digital technologies that are being developed under this program. This concern extends to the point of calling into question whether these types of technologies could ever be deployed in nuclear plants given the possibility that the information in them can be compromised and the technologies themselves can potentially be exploited to serve as attack vectors for adversaries. To this end, a cyber security evaluation has been conducted of these technologies to determine whether they constitute a threat beyond what the nuclear plants already manage within their regulatory-required cyber security programs. Specifically, the evaluation is based on NEI 08-09, which is the industry’s template for cyber security programs and evaluations, accepted by the Nuclear Regulatory Commission (NRC) as responsive to the requirements of the nuclear power plant cyber security regulation found in 10 CFR 73.54. The evaluation was conducted by a

  3. Security Analysis of Smart Grid Cyber Physical Infrastructures Using Modeling and Game Theoretic Simulation

    Energy Technology Data Exchange (ETDEWEB)

    Abercrombie, Robert K [ORNL; Sheldon, Frederick T. [University of Idaho

    2015-01-01

    Cyber physical computing infrastructures typically consist of a number of sites are interconnected. Its operation critically depends both on cyber components and physical components. Both types of components are subject to attacks of different kinds and frequencies, which must be accounted for the initial provisioning and subsequent operation of the infrastructure via information security analysis. Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our analysis on the electric sector failure scenarios and impact analyses by the NESCOR Working Group Study, From the Section 5 electric sector representative failure scenarios; we extracted the four generic failure scenarios and grouped them into three specific threat categories (confidentiality, integrity, and availability) to the system. These specific failure scenarios serve as a demonstration of our simulation. The analysis using our ABGT simulation demonstrates how to model the electric sector functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the cyber physical infrastructure network with respect to CIA.

  4. Cyber Security Awareness and Its Impact on Employee’s Behavior

    OpenAIRE

    Li, Ling; Xu, Li; He, Wu; Chen, Yong; Chen, Hong

    2016-01-01

    Part 3: Security and Privacy Issues; International audience; This paper proposes a model that extends the Protection Motivation Theory to validate the relationships among peer behavior, cue to action, and employees’ action experience of cyber security, threat perception, response perception, and employee’s cyber security behavior. The findings of the study suggest that the influence from peer behavior and employees action experience of cyber security is an important factor for improving cyber...

  5. Ten national cyber security strategies: A comparison

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Besseling, K. van; Spoelstra, M.; Graaf, P. de

    2013-01-01

    A number of nations developed and published a national cyber security strategy (NCSS). Most of them were published in the period 2009 - 2011. Despite the fact that each of these NCSS intends to address the cyber security threat, large differences exist between the NCSS approaches. This paper

  6. Breaking the cyber-security dilemma: aligning security needs and removing vulnerabilities.

    Science.gov (United States)

    Dunn Cavelty, Myriam

    2014-09-01

    Current approaches to cyber-security are not working. Rather than producing more security, we seem to be facing less and less. The reason for this is a multi-dimensional and multi-faceted security dilemma that extends beyond the state and its interaction with other states. It will be shown how the focus on the state and "its" security crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system. The threat arising from cyberspace to (national) security is presented as possible disruption to a specific way of life, one building on information technologies and critical functions of infrastructures, with relatively little consideration for humans directly. This non-focus on people makes it easier for state actors to militarize cyber-security and (re-)assert their power in cyberspace, thereby overriding the different security needs of human beings in that space. Paradoxically, the use of cyberspace as a tool for national security, both in the dimension of war fighting and the dimension of mass-surveillance, has detrimental effects on the level of cyber-security globally. A solution out of this dilemma is a cyber-security policy that is decidedly anti-vulnerability and at the same time based on strong considerations for privacy and data protection. Such a security would have to be informed by an ethics of the infosphere that is based on the dignity of information related to human beings.

  7. APPROACH TO CYBER SECURITY ISSUES IN NIGERIA: CHALLENGES AND SOLUTION

    Directory of Open Access Journals (Sweden)

    Frank Ibikunle

    2013-06-01

    Full Text Available Cyber-space refers to the boundless space known as the internet. Cyber-security is the body of rules put in place for the protection of the cyber space. Cyber-crime refers to the series of organized crime attacking both cyber space and cyber security. The Internet is one of the fastest-growing areas of technical infrastructure development. Over the past decades, the growth of the internet and its use afforded everyone this opportunity. Google, Wikipedia and Bing to mention a few, give detailed answers to millions of questions every day. Cyberspace is a world that contains just about anything one is searching for. With the advent of these advancements in information accessibility and the advantages and applications of the internet comes an exponentially growing disadvantage- Cyber Crime. Cyber security has risen to become a national concern as threats concerning it now need to be taken more seriously. This paper attempts to provide an overview of Cybercrime and Cyber-security. It defines the concept of cybercrime, identify reasons for cyber-crime and its eradication. It look at those involved and the reasons for their involvement. Methods of stepping up cyber security and the recommendations that would help in checking the increasing rate of cyber-crimes were highlighted. The paper also attempts to name some challenges of cybercrime and present practical and logical solutions to these threats.

  8. Control Systems Cyber Security Standards Support Activities

    Energy Technology Data Exchange (ETDEWEB)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  9. Systematic elicitation of cyber-security controls for NPP I and C system

    Energy Technology Data Exchange (ETDEWEB)

    Lee, M. S.; Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of); Park, S. P. [AhnLab Inc., Seongnam (Korea, Republic of); Kim, Y. M. [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

    2015-05-15

    Cyber-security implementation starts with a development of a cyber security plan considering characteristics of I and C system. In this paper, we describe a method that develops a cyber security plan for NPP I and C system. Especially, we propose a method for systematic elicitation of technical security controls that should be applied to I and C system. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system. The rest of the paper is organized as follows: Section 2 introduces activities to develop a cyber-security plan and presents the result of each activity of the security plan. Section 3 concludes the paper. We proposed a method for systematic elicitation of security controls and described the method through examples. Development companies that want to implement cyber-security in I and C system can develop a cyber-security plan and apply the cyber-security program to their system according to our method. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system.

  10. Systematic elicitation of cyber-security controls for NPP I and C system

    International Nuclear Information System (INIS)

    Lee, M. S.; Kim, T. H.; Park, S. P.; Kim, Y. M.

    2015-01-01

    Cyber-security implementation starts with a development of a cyber security plan considering characteristics of I and C system. In this paper, we describe a method that develops a cyber security plan for NPP I and C system. Especially, we propose a method for systematic elicitation of technical security controls that should be applied to I and C system. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system. The rest of the paper is organized as follows: Section 2 introduces activities to develop a cyber-security plan and presents the result of each activity of the security plan. Section 3 concludes the paper. We proposed a method for systematic elicitation of security controls and described the method through examples. Development companies that want to implement cyber-security in I and C system can develop a cyber-security plan and apply the cyber-security program to their system according to our method. We expect that this study can provide a basis to develop a cyber-security plan for I and C system. Also, the study can contribute enhancing security to NPP I and C system

  11. Hyper-connectivity : intricacies of national and international cyber securities

    OpenAIRE

    Dawson, Maurice

    2017-01-01

    This thesis examined the three core themes: the role of education in cyber security, the role of technology in cyber security, and the role of policy in cyber security, the areas in which the papers are published. The associated works are published in referred journals, peer reviewed book chapters, and conference proceedings. Research can be found in the following outlets: 1. Security Solutions for Hyperconnectivity and the Internet of Things; 2. Developing Next-Generation Countermeasures for...

  12. A framework for cyber security test

    International Nuclear Information System (INIS)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon

    2014-01-01

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done

  13. A framework for cyber security test

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-05-15

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done.

  14. Cyber Security Audit and Attack Detection Toolkit

    Energy Technology Data Exchange (ETDEWEB)

    Peterson, Dale

    2012-05-31

    This goal of this project was to develop cyber security audit and attack detection tools for industrial control systems (ICS). Digital Bond developed and released a tool named Bandolier that audits ICS components commonly used in the energy sector against an optimal security configuration. The Portaledge Project developed a capability for the PI Historian, the most widely used Historian in the energy sector, to aggregate security events and detect cyber attacks.

  15. Empirical analysis of the effects of cyber security incidents.

    Science.gov (United States)

    Davis, Ginger; Garcia, Alfredo; Zhang, Weide

    2009-09-01

    We analyze the time series associated with web traffic for a representative set of online businesses that have suffered widely reported cyber security incidents. Our working hypothesis is that cyber security incidents may prompt (security conscious) online customers to opt out and conduct their business elsewhere or, at the very least, to refrain from accessing online services. For companies relying almost exclusively on online channels, this presents an important business risk. We test for structural changes in these time series that may have been caused by these cyber security incidents. Our results consistently indicate that cyber security incidents do not affect the structure of web traffic for the set of online businesses studied. We discuss various public policy considerations stemming from our analysis.

  16. The cyber security threat stops in the boardroom.

    Science.gov (United States)

    Scully, Tim

    The attitude that 'it won't happen to me' still prevails in the boardrooms of industry when senior executives consider the threat of targeted cyber intrusions. Not much has changed in the commercial world of cyber security over the past few years; hackers are not being challenged to find new ways to steal companies' intellectual property and confidential information. The consequences of even major security breaches seem not to be felt by the leaders of victim companies. Why is this so? Surely IT security practitioners are seeking new ways to detect and prevent targeted intrusions into companies' networks? Are the consequences of targeted intrusions so insignificant that the captains of industry tolerate them? Or do only others feel the pain of their failure? This paper initially explores the failure of cyber security in industry and contends that, while industry leaders should not be alone in accepting responsibility for this failure, they must take the initiative to make life harder for cyber threat actors. They cannot wait for government leadership on policy, strategy or coordination. The paper then suggests some measures that a CEO can adopt to build a new corporate approach to cyber security.

  17. Designing Fuzzy Rule Based Expert System for Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2016-01-01

    The state of cyber security has begun to attract more attention and interest outside the community of computer security experts. Cyber security is not a single problem, but rather a group of highly different problems involving different sets of threats. Fuzzy Rule based system for cyber security is a system consists of a rule depository and a mechanism for accessing and running the rules. The depository is usually constructed with a collection of related rule sets. The aim of this study is to...

  18. Critical infrastructure cyber-security risk management

    OpenAIRE

    Spyridopoulos, T.; Maraslis, K.; Tryfonas, T.; Oikonomou, G.

    2017-01-01

    Traditional IT cyber-security risk management methods are based on the evaluation of risks calculated as the likelihood of cyber-security incidents occurring. However, these probabilities are usually estimations or guesses based on past experience and incomplete data. Incorrect estimations can lead to errors in the evaluation of risks that can ultimately affect the protection of the system. This issue is also transferred to methods used in Industrial Control Systems (ICSs), as they are mainly...

  19. Maritime Cyber Security University Research: Phase 1

    Science.gov (United States)

    2016-05-01

    i Classification | CG-926 RDC | author | audience | month year Maritime Cyber Security University Research Phase I - Final Report...Appendices Distribution Statement A: Approved for public release; distribution is unlimited. May 2016 Report No. CG-D-07-16 Maritime ...Macesker Executive Director United States Coast Guard Research & Development Center 1 Chelsea Street New London, CT 06320 Maritime Cyber Security

  20. Method and apparatus for detecting cyber attacks on an alternating current power grid

    Science.gov (United States)

    McEachern, Alexander; Hofmann, Ronald

    2017-04-11

    A method and apparatus for detecting cyber attacks on remotely-operable elements of an alternating current distribution grid. Two state estimates of the distribution grid are prepared, one of which uses micro-synchrophasors. A difference between the two state estimates indicates a possible cyber attack.

  1. Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Final Technical Report - November 20, 2015

    Energy Technology Data Exchange (ETDEWEB)

    Sanders, William H. [Univ. of Illinois, Urbana-Champaign, IL (United States); Sauer, Peter W. [Univ. of Illinois, Urbana-Champaign, IL (United States); Valdes, Alfonso [Univ. of Illinois, Urbana-Champaign, IL (United States); Scaglione, Anna [Arizona State Univ., Tempe, AZ (United States); Smith, Sean W [Dartmouth College, Hanover, NH (United States); Hauser, Carl [Washington State Univ., Pullman, WA (United States)

    2015-11-20

    The Trustworthy Cyber Infrastructure for the Power Grid project (TCIPG) was funded by DOE and DHS for a period of performance that ran from October 1, 2009 to August 31 2015. The partnership included the University of Illinois at Urbana-Champaign (lead institution) and partner institutions Arizona State University (replacing original partner UC Davis when faculty moved), Dartmouth College, and Washington State University. TCIPG was a unique public-private partnership of government, academia, and industry that was formed to meet the challenge of keeping our power grid secure. TCIPG followed from the earlier NSF-funded TCIP project, which kicked off in 2005. At that time, awareness of cyber security and resiliency in grid systems (and in control systems in general) was low, and the term “smart grid” was not in wide use. The original partnership was formed from a team of academic researchers with a shared vision for the importance of research in this area, and a commitment to producing more impactful results through early involvement of industry. From the TCIPG standpoint, “industry” meant both utilities (investor-owned as well as cooperatives and municipals) and system vendors (who sell technology to the utility sector). Although TCIPG was a university-led initiative, we have from the start stressed real-world impact and partnership with industry. That has led to real-world adoption of TCIPG technologies within the industry, achieving practical benefits. This report summarizes the achievements of TCIPG over its period of performance.

  2. Human-Technology Centric In Cyber Security Maintenance For Digital Transformation Era

    Science.gov (United States)

    Ali, Firkhan Ali Bin Hamid; Zalisham Jali, Mohd, Dr

    2018-05-01

    The development of the digital transformation in the organizations has become more expanding in these present and future years. This is because of the active demand to use the ICT services among all the organizations whether in the government agencies or private sectors. While digital transformation has led manufacturers to incorporate sensors and software analytics into their offerings, the same innovation has also brought pressure to offer clients more accommodating appliance deployment options. So, their needs a well plan to implement the cyber infrastructures and equipment. The cyber security play important role to ensure that the ICT components or infrastructures execute well along the organization’s business successful. This paper will present a study of security management models to guideline the security maintenance on existing cyber infrastructures. In order to perform security model for the currently existing cyber infrastructures, combination of the some security workforces and security process of extracting the security maintenance in cyber infrastructures. In the assessment, the focused on the cyber security maintenance within security models in cyber infrastructures and presented a way for the theoretical and practical analysis based on the selected security management models. Then, the proposed model does evaluation for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. The implemented cyber security maintenance within security management model in a prototype and evaluated it for practical and theoretical scenarios. Furthermore, a framework model is presented which allows the evaluation of configuration changes in the agile and dynamic cyber infrastructure environments with regard to properties like vulnerabilities or expected availability. In case of a security perspective, this evaluation can be used to monitor the security levels of the configuration over its lifetime and

  3. Interdependent Risk and Cyber Security: An Analysis of Security Investment and Cyber Insurance

    Science.gov (United States)

    Shim, Woohyun

    2010-01-01

    An increasing number of firms rely on highly interconnected information networks. In such environments, defense against cyber attacks is complicated by residual risks caused by the interdependence of information security decisions of firms. IT security is affected not only by a firm's own management strategies but also by those of others. This…

  4. Cyber Security Analysis by Attack Trees for a Reactor Protection System

    International Nuclear Information System (INIS)

    Park, Gee-Yong; Lee, Cheol Kwon; Choi, Jong Gyun; Kim, Dong Hoon; Lee, Young Jun; Kwon, Kee-Choon

    2008-01-01

    As nuclear facilities are introducing digital systems, the cyber security becomes an emerging topic to be analyzed and resolved. The domestic and other nation's regulatory bodies notice this topic and are preparing an appropriate guidance. The nuclear industry where new construction or upgrade of I and C systems is planned is analyzing and establishing a cyber security. A risk-based analysis for the cyber security has been performed in the KNICS (Korea Nuclear I and C Systems) project where the cyber security analysis has been applied to a reactor protection system (RPS). In this paper, the cyber security analysis based on the attack trees is proposed for the KNICS RPS

  5. A Study of Cyber Security Activities for Development of Safety-related Controller

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa [Korea Univ., Seoul (Korea, Republic of)

    2014-05-15

    Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test.

  6. A Study of Cyber Security Activities for Development of Safety-related Controller

    International Nuclear Information System (INIS)

    Lee, Myeongkyun; Song, Seunghwan; Yoo, Kwanwoo; Yun, Donghwa

    2014-01-01

    Nuclear Power Plant Regulatory guide describes the regulatory requirements to implement cyber security activities to ensure that design and operate to respond to cyber threats that exploited to vulnerability of digital-based technologies associated with safety-related digital instrumentation and control systems at nuclear power plants. Cyber security activities coverage is instrumentation and control systems to perform safety functions and digital-based equipment to use development, test, analysis and asset for instrumentation and control systems. Regulatory guidance is required to the cyber security activities that should be performed in each development phase of safety-related controller. Development organization should establish and implement to cyber security plans for responding to cyber threats throughout each lifecycle phase and the result of the cyber security activities should be generated to the documents. In addition, the independent verification and validation organization should perform simulated penetration test for enhancing response capabilities to cyber security threats and development organization should establish and implement response hardening solutions for the cyber security vulnerabilities identified in the simulated penetration test

  7. APPROACH TO CYBER SECURITY ISSUES IN NIGERIA: CHALLENGES AND SOLUTION

    OpenAIRE

    Frank Ibikunle; Odunayo Eweniyi

    2013-01-01

    Cyber-space refers to the boundless space known as the internet. Cyber-security is the body of rules put in place for the protection of the cyber space. Cyber-crime refers to the series of organized crime attacking both cyber space and cyber security. The Internet is one of the fastest-growing areas of technical infrastructure development. Over the past decades, the growth of the internet and its use afforded everyone this opportunity. Google, Wikipedia and Bing to mention a few, give detaile...

  8. Help for the Developers of Control System Cyber Security Standards

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  9. Cyber-Physical Systems Security: a Systematic Mapping Study

    OpenAIRE

    Lun, Yuriy Zacchia; D'Innocenzo, Alessandro; Malavolta, Ivano; Di Benedetto, Maria Domenica

    2016-01-01

    Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds some light on how security is actually addressed when dealing with cyber-physical systems. The provided systematic map of 118 selected studies is based on, for instance, application fields, various system components, relate...

  10. Development on Guidance of Cyber Security Exercise for the Nuclear Facilities

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Hyundoo [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2016-10-15

    Cyber threats and attacks are increasing rapidly against infrastructure including energy and utilities industry over the world. Because of lack of human resource and incident response system to prevent or defend increased cyber threats, many governments and major national infrastructures perform cyber security exercises to improve capabilities of cyber security incident response. Accordingly there are exponential growth in the number of cyber security exercises over the past decade with the trend expecting to accelerate in the coming years. Even though there were many cyber security exercises in the Nuclear Facilities, this exercise was first which focused on mitigation and recovery of the system of the Nuclear Facility against cyber incident. So many insufficient items were deduced such as absence of a procedure for mitigation and recovery of cyber incident. These procedures should be developed and established through 3rd phase of Cyber Security Plan (CSP) and other technical complement actions under regulatory body’s guidance. Also developed and existed procedures should be regularly performed to make cyber incident response team and related people rapidly response against cyber incident through exercises or other training. The insufficient items come from the exercise should be reflected to developed and existed procedures by periods.

  11. Development on Guidance of Cyber Security Exercise for the Nuclear Facilities

    International Nuclear Information System (INIS)

    Kim, Hyundoo

    2016-01-01

    Cyber threats and attacks are increasing rapidly against infrastructure including energy and utilities industry over the world. Because of lack of human resource and incident response system to prevent or defend increased cyber threats, many governments and major national infrastructures perform cyber security exercises to improve capabilities of cyber security incident response. Accordingly there are exponential growth in the number of cyber security exercises over the past decade with the trend expecting to accelerate in the coming years. Even though there were many cyber security exercises in the Nuclear Facilities, this exercise was first which focused on mitigation and recovery of the system of the Nuclear Facility against cyber incident. So many insufficient items were deduced such as absence of a procedure for mitigation and recovery of cyber incident. These procedures should be developed and established through 3rd phase of Cyber Security Plan (CSP) and other technical complement actions under regulatory body’s guidance. Also developed and existed procedures should be regularly performed to make cyber incident response team and related people rapidly response against cyber incident through exercises or other training. The insufficient items come from the exercise should be reflected to developed and existed procedures by periods

  12. Drie nationale cyber security strategieën vergeleken

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2011-01-01

    Onafhankelijk van elkaar brachten Frankrijk, Duitsland en Nederland hun nationale cyber security strategieën vrijwel tegelijk uit. De strategieën hebben overeenkomsten, maar tonen ook grote verschillen. De drie landen onderkennen een urgente noodzaak om cyber security aan te pakken, maar hebben

  13. Bayesian Network Models in Cyber Security: A Systematic Review

    OpenAIRE

    Chockalingam, S.; Pieters, W.; Herdeiro Teixeira, A.M.; van Gelder, P.H.A.J.M.; Lipmaa, Helger; Mitrokotsa, Aikaterini; Matulevicius, Raimundas

    2017-01-01

    Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a systematic review of the scientific literature and identify 17 standard BN models in cyber security. We analyse these models based on 9 different criteri...

  14. DETERMINATION OF CYBER SECURITY AWARENESS OF PUBLIC EMPLOYEES AND CONSCIOUSNESS-RISING SUGGESTIONS

    Directory of Open Access Journals (Sweden)

    Huseyin Kuru

    2016-07-01

    Full Text Available The aim of this study is to measure Turkish government employees’ awareness of cyber security and cyber space elements. Participants were 71 Turkish public employees working for various ministries. Both qualitative and quantitative research methods were used to get the most detailed information from the participants. A survey was administered to cyber security officers in chosen state institutions. For qualitative research, open-ended questions were administered to the participants. Reliability and validity issues were established for both surveys. Results show that employees have enough information about cyber security and cyber warfare. Findings clearly suggests that cyber defense policy should be planned in coordination with other state institutions and experiences should be shared. In order to create feasible and realistic cyber security policy at institutional level, experts at cyber security must be trained, hired and help must be requested from specialized individuals and institutions. This study recommends that rapid reaction teams (RRT should be established to take care of cyber systems, to react against cyber breaches in time, to alert staff for cyber-attacks in order to establish effective recovery.

  15. Development of IT-based Cyber Security Technology for Nuclear Power Plant

    International Nuclear Information System (INIS)

    Hong, S. B.; Lee, J. C.; Choi, Y. S.; Choi, Y. R.; Cho, J. W.; Jung, C. E.; Jeong, K. I.; Park, B.; Koo, I. S.

    2009-11-01

    Development and enlargement of the high speed communication network make it possible the user to access online information easily. It generates changing offline activities to online in the economics, expansion of cultural interchanges and convenient life. But it also causes misuse, wiretapping, forgery and alteration of the information via illegal invasion(virus, hacking), and these are derived from the open network characteristic, weakness of the securities of the TCP/IP protocol and information systems. The security of individual and the national foundation facility(industry and government) can be threatened because of these problems, and theses can be used as a instrument of cyber-war. Many cyber security technologies have been developed to corp with the cyber threat. One of the most important national facility is the nuclear power plant and the necessity of the cyber security for the digital I and C of it have been proposed since middle of the 2000. KINS announced the regulation of the cyber security for the digital I and C of the nuclear power plant in 2007. The main concept of the cyber security for it is similar to the IT field that is treated as a leader of the cyber security. Because of the difference of the characteristics between the IT field and the nuclear industry, applying the cyber security technologies developed and used in the IT field to the nuclear industry has some critical constraints. We will analyze these problems and propose a cyber security method based on cryptograph and authentication for the I and C communication network in this report

  16. Development of IT-based Cyber Security Technology for Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Hong, S. B.; Lee, J. C.; Choi, Y. S.; Choi, Y. R.; Cho, J. W.; Jung, C. E.; Jeong, K. I.; Park, B.; Koo, I. S

    2009-11-15

    Development and enlargement of the high speed communication network make it possible the user to access online information easily. It generates changing offline activities to online in the economics, expansion of cultural interchanges and convenient life. But it also causes misuse, wiretapping, forgery and alteration of the information via illegal invasion(virus, hacking), and these are derived from the open network characteristic, weakness of the securities of the TCP/IP protocol and information systems. The security of individual and the national foundation facility(industry and government) can be threatened because of these problems, and theses can be used as a instrument of cyber-war. Many cyber security technologies have been developed to corp with the cyber threat. One of the most important national facility is the nuclear power plant and the necessity of the cyber security for the digital I and C of it have been proposed since middle of the 2000. KINS announced the regulation of the cyber security for the digital I and C of the nuclear power plant in 2007. The main concept of the cyber security for it is similar to the IT field that is treated as a leader of the cyber security. Because of the difference of the characteristics between the IT field and the nuclear industry, applying the cyber security technologies developed and used in the IT field to the nuclear industry has some critical constraints. We will analyze these problems and propose a cyber security method based on cryptograph and authentication for the I and C communication network in this report.

  17. Cyber Security Analysis by Attack Trees for a Reactor Protection System

    Energy Technology Data Exchange (ETDEWEB)

    Park, Gee-Yong; Lee, Cheol Kwon; Choi, Jong Gyun; Kim, Dong Hoon; Lee, Young Jun; Kwon, Kee-Choon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2008-10-15

    As nuclear facilities are introducing digital systems, the cyber security becomes an emerging topic to be analyzed and resolved. The domestic and other nation's regulatory bodies notice this topic and are preparing an appropriate guidance. The nuclear industry where new construction or upgrade of I and C systems is planned is analyzing and establishing a cyber security. A risk-based analysis for the cyber security has been performed in the KNICS (Korea Nuclear I and C Systems) project where the cyber security analysis has been applied to a reactor protection system (RPS). In this paper, the cyber security analysis based on the attack trees is proposed for the KNICS RPS.

  18. Secure it now or secure it later: the benefits of addressing cyber-security from the outset

    Science.gov (United States)

    Olama, Mohammed M.; Nutaro, James

    2013-05-01

    The majority of funding for research and development (R&D) in cyber-security is focused on the end of the software lifecycle where systems have been deployed or are nearing deployment. Recruiting of cyber-security personnel is similarly focused on end-of-life expertise. By emphasizing cyber-security at these late stages, security problems are found and corrected when it is most expensive to do so, thus increasing the cost of owning and operating complex software systems. Worse, expenditures on expensive security measures often mean less money for innovative developments. These unwanted increases in cost and potential slowing of innovation are unavoidable consequences of an approach to security that finds and remediate faults after software has been implemented. We argue that software security can be improved and the total cost of a software system can be substantially reduced by an appropriate allocation of resources to the early stages of a software project. By adopting a similar allocation of R&D funds to the early stages of the software lifecycle, we propose that the costs of cyber-security can be better controlled and, consequently, the positive effects of this R&D on industry will be much more pronounced.

  19. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    system force and structure reliance – are discovered and tantamount with EU nations. Thusly I indicated reason viewpoints and figures of security of data structures it additionally relates to the reason of estimation of transient dangers of security of frameworks for that I begin my proposal with one of the fundamental class of data security which is Cyber security. Keyword : Cyber Security, IT

  20. Mission Assurance Modeling and Simulation: A Cyber Security Roadmap

    Science.gov (United States)

    Gendron, Gerald; Roberts, David; Poole, Donold; Aquino, Anna

    2012-01-01

    This paper proposes a cyber security modeling and simulation roadmap to enhance mission assurance governance and establish risk reduction processes within constrained budgets. The term mission assurance stems from risk management work by Carnegie Mellon's Software Engineering Institute in the late 19905. By 2010, the Defense Information Systems Agency revised its cyber strategy and established the Program Executive Officer-Mission Assurance. This highlights a shift from simply protecting data to balancing risk and begins a necessary dialogue to establish a cyber security roadmap. The Military Operations Research Society has recommended a cyber community of practice, recognizing there are too few professionals having both cyber and analytic experience. The authors characterize the limited body of knowledge in this symbiotic relationship. This paper identifies operational and research requirements for mission assurance M&S supporting defense and homeland security. M&S techniques are needed for enterprise oversight of cyber investments, test and evaluation, policy, training, and analysis.

  1. Public–private partnerships on cyber security: a practice of loyalty

    DEFF Research Database (Denmark)

    Christensen, Kristoffer Kjærgaard; Petersen, Karen Lund

    2017-01-01

    The governance of cyber-security risks is seen as increasingly important to the security of the nation. However, cyber-security risks are characterized by a fundamental uncertainty, which poses a great challenge to their governance and calls for new modes of organizing security politics. Public......–private partnerships (PPPs) are often seen as the answer to this challenge by enhancing flexibility and robustness through knowledge-sharing. Engaging with the literature on PPPs and the Danish practice on cyber security, we show how PPPs involve controversies over different threat realities of cyber security....... This plays out as controversies over what is considered threatened, the scope of the issue and the kind of expertise to be mobilized. Arguing that PPPs on security are not defined narrowly by short-sighted strategic self-interest but also loyalty and commitment, we suggest that the innovative potential...

  2. Automated Big Traffic Analytics for Cyber Security

    OpenAIRE

    Miao, Yuantian; Ruan, Zichan; Pan, Lei; Wang, Yu; Zhang, Jun; Xiang, Yang

    2018-01-01

    Network traffic analytics technology is a cornerstone for cyber security systems. We demonstrate its use through three popular and contemporary cyber security applications in intrusion detection, malware analysis and botnet detection. However, automated traffic analytics faces the challenges raised by big traffic data. In terms of big data's three characteristics --- volume, variety and velocity, we review three state of the art techniques to mitigate the key challenges including real-time tr...

  3. Cyber Security--Are You Prepared?

    Science.gov (United States)

    Newman, Scott

    2007-01-01

    During the summer 2002 term, Oklahoma State University-Okmulgee's Information Technologies Division offered a one credit-hour network security course--which barely had adequate student interest to meet the institution's enrollment requirements. Today, OSU-Okmulgee boasts one of the nation's premier cyber security programs. Many prospective…

  4. Selection of the Best Security Controls for Rapid Development of Enterprise-Level Cyber Security

    Science.gov (United States)

    2017-03-01

    investment (ROI) assessment. This ROI assessment entailed consideration of both the likely/expected security benefits of each candidate security control...the top 10–20 cyber security controls, where ranking was based upon a return on investment (ROI) assessment. This ROI assessment entailed...11  II.  CYBER SECURITY: UNDERLYING PRINCIPLES, FUNDAMENTALS AND BEST PRACTICES .................................................13  A

  5. Cyber security best practices for the nuclear industry

    International Nuclear Information System (INIS)

    Badr, I.

    2012-01-01

    When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

  6. Cyber security best practices for the nuclear industry

    Energy Technology Data Exchange (ETDEWEB)

    Badr, I. [Rational IBM Software Group, IBM Corporation, Evanston, IL 60201 (United States)

    2012-07-01

    When deploying software based systems, such as, digital instrumentation and controls for the nuclear industry, it is vital to include cyber security assessment as part of architecture and development process. When integrating and delivering software-intensive systems for the nuclear industry, engineering teams should make use of a secure, requirements driven, software development life cycle, ensuring security compliance and optimum return on investment. Reliability protections, data loss prevention, and privacy enforcement provide a strong case for installing strict cyber security policies. (authors)

  7. Economic Analysis of Cyber Security

    National Research Council Canada - National Science Library

    Gallaher, Michael P; Rowe, Brent R; Rogozhin, Alex V; Link, Albert N

    2006-01-01

    .... However, few organizations attempt such analysis for their cyber security mechanisms. Key performance and evaluation metrics are not available, so organizations rely on qualitative assessments...

  8. Smart grid security

    Energy Technology Data Exchange (ETDEWEB)

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  9. Cyber Security Considerations for Autonomous Tactical Wheeled Vehicles

    Science.gov (United States)

    2016-04-01

    Update Will Enable Autonomous Driving. Retrieved August 6, 2015, from http://spectrum.ieee.org/: http://spectrum.ieee.org/ cars -that-think...Cyber Security Considerations for Autonomous Tactical Wheeled Vehicles 1 UNCLASSIFIED Cyber Security Considerations for... Autonomous Tactical Wheeled Vehicles Sebastian C Iovannitti 4/1/2016 Submitted to Lawrence Technological University College of Management in

  10. Bio-inspiring cyber security and cloud services trends and innovations

    CERN Document Server

    Kim, Tai-Hoon; Kacprzyk, Janusz; Awad, Ali

    2014-01-01

    This volume presents recent research in cyber security, and reports how organizations can gain competitive advantages by applying the different security techniques in real-world scenarios. The volume provides reviews of cutting–edge technologies, algorithms, applications and insights for bio-inspiring cyber security-based systems. The book will be a valuable companion and comprehensive reference for both postgraduate and senior undergraduate students who are taking a course in cyber security. The volume is organized in self-contained chapters to provide greatest reading flexibility.  

  11. Microgrid cyber security reference architecture.

    Energy Technology Data Exchange (ETDEWEB)

    Veitch, Cynthia K.; Henry, Jordan M.; Richardson, Bryan T.; Hart, Derek H.

    2013-07-01

    This document describes a microgrid cyber security reference architecture. First, we present a high-level concept of operations for a microgrid, including operational modes, necessary power actors, and the communication protocols typically employed. We then describe our motivation for designing a secure microgrid; in particular, we provide general network and industrial control system (ICS)-speci c vulnerabilities, a threat model, information assurance compliance concerns, and design criteria for a microgrid control system network. Our design approach addresses these concerns by segmenting the microgrid control system network into enclaves, grouping enclaves into functional domains, and describing actor communication using data exchange attributes. We describe cyber actors that can help mitigate potential vulnerabilities, in addition to performance bene ts and vulnerability mitigation that may be realized using this reference architecture. To illustrate our design approach, we present a notional a microgrid control system network implementation, including types of communica- tion occurring on that network, example data exchange attributes for actors in the network, an example of how the network can be segmented to create enclaves and functional domains, and how cyber actors can be used to enforce network segmentation and provide the neces- sary level of security. Finally, we describe areas of focus for the further development of the reference architecture.

  12. Bayesian Network Models in Cyber Security: A Systematic Review

    NARCIS (Netherlands)

    Chockalingam, S.; Pieters, W.; Herdeiro Teixeira, A.M.; van Gelder, P.H.A.J.M.; Lipmaa, Helger; Mitrokotsa, Aikaterini; Matulevicius, Raimundas

    2017-01-01

    Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these

  13. Cyber secure systems approach for NPP digital control systems

    Energy Technology Data Exchange (ETDEWEB)

    McCreary, T. J.; Hsu, A. [HF Controls Corporation, 16650 Westgrove Drive, Addison, TX 75001 (United States)

    2006-07-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from

  14. Cyber secure systems approach for NPP digital control systems

    International Nuclear Information System (INIS)

    McCreary, T. J.; Hsu, A.

    2006-01-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

  15. Operating Nuclear Power Stations in a Regulated Cyber Security Environment

    Energy Technology Data Exchange (ETDEWEB)

    Dorman, E.

    2014-07-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

  16. Operating Nuclear Power Stations in a Regulated Cyber Security Environment

    International Nuclear Information System (INIS)

    Dorman, E.

    2014-01-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NR C. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. (Author)

  17. Securing the United States' power infrastructure

    Energy Technology Data Exchange (ETDEWEB)

    Happenny, Sean F. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

    2015-08-01

    The United States’ power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power distribution networks utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the networks protecting them are becoming easier to breach. Providing a virtual power substation network to each student team at the National Collegiate Cyber Defense Competition, thereby supporting the education of future cyber security professionals, is another way PNNL is helping to strengthen the security of the nation’s power infrastructure.

  18. Computational Intelligence, Cyber Security and Computational Models

    CERN Document Server

    Anitha, R; Lekshmi, R; Kumar, M; Bonato, Anthony; Graña, Manuel

    2014-01-01

    This book contains cutting-edge research material presented by researchers, engineers, developers, and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security and Computational Models (ICC3) organized by PSG College of Technology, Coimbatore, India during December 19–21, 2013. The materials in the book include theory and applications for design, analysis, and modeling of computational intelligence and security. The book will be useful material for students, researchers, professionals, and academicians. It will help in understanding current research trends and findings and future scope of research in computational intelligence, cyber security, and computational models.

  19. A Study Of Cyber Security Challenges And Its Emerging Trends On Latest Technologies

    OpenAIRE

    Reddy, G. Nikhita; Reddy, G. J. Ugander

    2014-01-01

    Cyber Security plays an important role in the field of information technology .Securing the information have become one of the biggest challenges in the present day. When ever we think about the cyber security the first thing that comes to our mind is cyber crimes which are increasing immensely day by day. Various Governments and companies are taking many measures in order to prevent these cyber crimes. Besides various measures cyber security is still a very big concern to many. This paper ma...

  20. Cyber security. Compliance to the new CSA 290.7 standard

    Energy Technology Data Exchange (ETDEWEB)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D. [Canadian Nuclear Laboratories, Chalk River, Ontario (Canada)

    2015-12-15

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self- assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities', released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  1. Cyber security - compliance to the new CSA 290.7 standard

    Energy Technology Data Exchange (ETDEWEB)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D., E-mail: Matthew.Daley@cnl.ca [Canadian Nuclear Laboratories, Chalk River, ON, (Canada)

    2015-07-01

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self-assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities' [1], released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  2. Cyber security. Compliance to the new CSA 290.7 standard

    International Nuclear Information System (INIS)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D.

    2015-01-01

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self- assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities', released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  3. Cyber security - compliance to the new CSA 290.7 standard

    International Nuclear Information System (INIS)

    Daley, M.; Doucet, R.; Echlin, M.; MacDonald, M.; Mihaylov, V.; Sijs, J.; Trask, D.

    2015-01-01

    Since 2008, the Canadian Nuclear Safety Commission (CNSC), similar to regulators of other critical industries, has requested their licensees to implement cyber security programs and conduct self-assessments without the benefit of an industry specific cyber security standard that provides common metrics for coverage and effectiveness of their programs. However, for the nuclear industry, a new CSA standard 290.7 entitled 'Cyber security for nuclear power plants and small reactor facilities' [1], released in December 2014, will have the CNSC looking to facility operators to be compliant to the new standard. This paper will discuss initiatives at Canadian Nuclear Laboratories to develop of a suite of tools, techniques, and best practices that can be used by the regulator and industry for assessing compliance and effectiveness of cyber security technology and implementations. (author)

  4. Implementation of a RPS Cyber Security Test-bed with Two PLCs

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Heo, Gyunyoung; Son, Hanseong; An, Yongkyu; Rizwan, Uddin

    2015-01-01

    Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model

  5. Implementation of a RPS Cyber Security Test-bed with Two PLCs

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jinsoo; Heo, Gyunyoung [Kyung Hee Univ., Yongin (Korea, Republic of); Son, Hanseong [Joongbu Univ., Geumsan (Korea, Republic of); An, Yongkyu; Rizwan, Uddin [University of Illinois at Urbana-Champaign, Urbana (United States)

    2015-10-15

    Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model.

  6. Europe’s fragmented approach towards cyber security

    OpenAIRE

    Karine e Silva

    2013-01-01

    The article proposes a deeper insight into the variety of concepts used to describe the term cyber security and the ways in which it has been used in recent years. It examines the role of three important actors involved in the internet governance arena, namely governments, private sector and civil society, and how they have influenced the debate. To this end, this paper analyses how different organisations, industry and societal actors see cyber security and how their interests influence the ...

  7. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyunyong; Son, Han Seong

    2016-01-01

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures

  8. Framework for Grading of Cyber Security Check-List upon I and C Architecture

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyunyong [Kyunghee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of)

    2016-05-15

    Cyber-attack can threaten research reactors as well as NPPs since the goal of cyber-attack is not only to make a catastrophic accident such as radiation exposure against public health but also to make chaos or anxiety among the public. Moreover, there is more probability to occur in research reactors than NPPs since research reactors has more users than NPPs. The nuclear regulatory agencies such as U.S.NRC and KINAC (Korea Institute of Nuclear Nonproliferation and Control) have published regulatory guides for rules against cyber-attack to maintain cyber security of nuclear facilities. U.S.NRC has published a regulatory guide (U.S.NRC / RG-5.71) and KINAC has developed a regulatory standard (KINAC / RS-015) to establish a cyber security for nuclear facilities. However, these regulatory documents represent check-list for cyber security regardless of reactor type such as NPPs or research reactors. The proposed framework in this paper was grading of cyber security check-lists with BBN by I and C architecture such as NPPs and research reactors. First, the BBN model was developed to apply I and C system architecture of target nuclear facility. The architecture model calculates the cyber security risk with structural architecture, vulnerability, and mitigation measure. Second, cyber security check-lists are defined in cyber security documents. It is, then, used with the consideration of mitigation measures of BBN model in order to apply architectural characteristic. Third, after assuming cyber-attack occurs to I and C system, the model calculates the posterior information using Bayesian update. Finally, the cyber security check-lists for nuclear facilities are graded upon I and C architecture with the posterior information for mitigation measures.

  9. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  10. Cyber-Attacks on Smart Meters in Household Nanogrid: Modeling, Simulation and Analysis

    Directory of Open Access Journals (Sweden)

    Denise Tellbach

    2018-02-01

    Full Text Available The subject of cyber-security and therefore cyber-attacks on smart grid (SG has become subject of many publications in the last years, emphasizing its importance in research, as well as in practice. One especially vulnerable part of SG are smart meters (SMs. The major contribution of simulating a variety of cyber-attacks on SMs that have not been done in previous studies is the identification and quantification of the possible impacts on the security of SG. In this study, a simulation model of a nanogrid, including a complete household with an SM, was developed. Different cyber-attacks were injected into the SM to simulate their effects on household nanogrid. The analysis of the impacts of different cyber-attacks showed that the effects of cyber-attacks can be sorted into various categories. Integrity and confidentiality attacks cause monetary effects on the grid. While, availability attacks have monetary effects on the grid as well, they are mainly aimed at compromising the SM communication by either delaying or stopping it completely.

  11. Cyber security awareness toolkit for national security: An approach to South Africa’s cybersecurity policy implementation

    CSIR Research Space (South Africa)

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed Cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives as well...

  12. Beyond grid security

    International Nuclear Information System (INIS)

    Hoeft, B; Epting, U; Koenig, T

    2008-01-01

    While many fields relevant to Grid security are already covered by existing working groups, their remit rarely goes beyond the scope of the Grid infrastructure itself. However, security issues pertaining to the internal set-up of compute centres have at least as much impact on Grid security. Thus, this talk will present briefly the EU ISSeG project (Integrated Site Security for Grids). In contrast to groups such as OSCT (Operational Security Coordination Team) and JSPG (Joint Security Policy Group), the purpose of ISSeG is to provide a holistic approach to security for Grid computer centres, from strategic considerations to an implementation plan and its deployment. The generalised methodology of Integrated Site Security (ISS) is based on the knowledge gained during its implementation at several sites as well as through security audits, and this will be briefly discussed. Several examples of ISS implementation tasks at the Forschungszentrum Karlsruhe will be presented, including segregation of the network for administration and maintenance and the implementation of Application Gateways. Furthermore, the web-based ISSeG training material will be introduced. This aims to offer ISS implementation guidance to other Grid installations in order to help avoid common pitfalls

  13. Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

    Energy Technology Data Exchange (ETDEWEB)

    Glenn, Colleen [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center; Sterbentz, Dane [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center; Wright, Aaron [Idaho National Lab. (INL), Idaho Falls, ID (United States). Mission Support Center

    2016-12-20

    With utilities in the U.S. and around the world increasingly moving toward smart grid technology and other upgrades with inherent cyber vulnerabilities, correlative threats from malicious cyber attacks on the North American electric grid continue to grow in frequency and sophistication. The potential for malicious actors to access and adversely affect physical electricity assets of U.S. electricity generation, transmission, or distribution systems via cyber means is a primary concern for utilities contributing to the bulk electric system. This paper seeks to illustrate the current cyber-physical landscape of the U.S. electric sector in the context of its vulnerabilities to cyber attacks, the likelihood of cyber attacks, and the impacts cyber events and threat actors can achieve on the power grid. In addition, this paper highlights utility perspectives, perceived challenges, and requests for assistance in addressing cyber threats to the electric sector. There have been no reported targeted cyber attacks carried out against utilities in the U.S. that have resulted in permanent or long term damage to power system operations thus far, yet electric utilities throughout the U.S. have seen a steady rise in cyber and physical security related events that continue to raise concern. Asset owners and operators understand that the effects of a coordinated cyber and physical attack on a utility’s operations would threaten electric system reliability–and potentially result in large scale power outages. Utilities are routinely faced with new challenges for dealing with these cyber threats to the grid and consequently maintain a set of best practices to keep systems secure and up to date. Among the greatest challenges is a lack of knowledge or strategy to mitigate new risks that emerge as a result of an exponential rise in complexity of modern control systems. This paper compiles an open-source analysis of cyber threats and risks to the electric grid, utility best practices

  14. Cyber Attack on Critical Infrastructure and Its Influence on International Security

    OpenAIRE

    出口 雅史

    2017-01-01

     Since the internet appeared, with increasing cyber threats, the vulnerability of critical infrastructure has become a vital issue for international security. Although cyber attack was not lethal in the past, new type of cyber assaults such as stuxnet are able to damage not only computer system digitally, but also critical infrastructure physically. This article will investigate how the recent cyber attacks have threatened critical infrastructure and their influence on international security....

  15. Science of Cyber Security as a System of Models and Problems

    OpenAIRE

    Kott, Alexander

    2015-01-01

    Terms like "Science of Cyber" or "Cyber Science" have been appearing in literature with growing frequency, and influential organizations initiated research initiatives toward developing such a science even though it is not clearly defined. We propose to define the domain of the science of cyber security by noting the most salient artifact within cyber security -- malicious software -- and defining the domain as comprised of phenomena that involve malicious software (as well as legitimate soft...

  16. Identification and Ranking of Critical Assets within an Electrical Grid under Threat of Cyber Attack

    Science.gov (United States)

    Boyer, Blake R.

    This paper examines the ranking of critical assets within an electrical grid under threat of cyber attack.1 Critical to this analysis is the assumption of zero hour exploits namely, the threat of an immediate attack as soon as a vulnerability is discovered. Modeling shows that over time load fluctuations as well as other system variations will change the importance of each asset in the delivery of bulk power. As opposed to classic stability studies where risk can be shown to be greatest during high load periods, the zero hour exploit-cyber-risk assumes that vulnerabilities will be attacked as soon as they are discovered. The probability of attacks is made uniform over time to include any and all possible attacks. Examining the impact of an attack and how the grid reacts immediately following an attack will identify and determine the criticality of each asset. This work endeavors to fulfill the NERC Critical Infrastructure Protection Requirements CIP-001-1 through CIP-009-2, cyber security requirements for the reliable supply of bulk power to customers throughout North America. 1Critical assets will here refer to facilities, systems, and equipment, which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System, NERC Glossary of Terms Used in Reliability Standards, 2009

  17. Cyber Security Risk Evaluation of a Nuclear I&C Using BN and ET

    OpenAIRE

    Jinsoo Shin; Hanseong Son; Gyunyoung Heo

    2017-01-01

    Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluatio...

  18. Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Heo, Gyunyoung; Son, Han Seong

    2016-01-01

    The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

  19. Comparative Study on Cyber Securities between Power Reactor and Research Reactor with Bayesian Update

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jinsoo; Heo, Gyunyoung [Kyung Hee University, Yongin (Korea, Republic of); Son, Han Seong [Joongbu Univiersity, Geumsan (Korea, Republic of)

    2016-10-15

    The Stuxnet has shown that nuclear facilities are no more safe from cyber-attack. Due to practical experiences and concerns on increasing of digital system application, cyber security has become the important issue in nuclear industry. Korea Institute of Nuclear Nonproliferation and control (KINAC) published a regulatory standard (KINAC/RS-015) to establish cyber security framework for nuclear facilities. However, it is difficult to research about cyber security. It is hard to quantify cyber-attack which has malicious activity which is different from existing design basis accidents (DBAs). We previously proposed a methodology on development of a cyber security risk model with BBN. However, the methodology had a limitation in which the input data as prior information was solely on expert opinions. In this study, we propose a cyber security risk model for instrumentation and control (I and C) system of nuclear facilities with some equation for quantification by using Bayesian Belief Network (BBN) in order to overcome the limitation of previous research. The proposed model has been used for comparative study on cyber securities between large-sized nuclear power plants (NPPs) and small-sized Research Reactors (RR). In this study, we proposed the cyber security risk evaluation model with BBN. It includes I and C architecture, which is a target system of cyber-attack, malicious activity, which causes cyber-attack from attacker, and mitigation measure, which mitigates the cyber-attack risk. Likelihood and consequence as prior information are evaluated by considering characteristics of I and C architecture and malicious activity. The BBN model provides posterior information with Bayesian update by adding any of assumed cyber-attack scenarios as evidence. Cyber security risk for nuclear facilities is analyzed by comparing between prior information and posterior information of each node. In this study, we conducted comparative study on cyber securities between power reactor

  20. Cyber Threats to Nuclear Infrastructures

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson; Paul Moskowitz; Mark Schanfein; Trond Bjornard; Curtis St. Michel

    2010-07-01

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  1. Cyber Threats to Nuclear Infrastructures

    International Nuclear Information System (INIS)

    Anderson, Robert S.; Moskowitz, Paul; Schanfein, Mark; Bjornard, Trond; St. Michel, Curtis

    2010-01-01

    Nuclear facility personnel expend considerable efforts to ensure that their facilities can maintain continuity of operations against both natural and man-made threats. Historically, most attention has been placed on physical security. Recently however, the threat of cyber-related attacks has become a recognized and growing world-wide concern. Much attention has focused on the vulnerability of the electric grid and chemical industries to cyber attacks, in part, because of their use of Supervisory Control and Data Acquisition (SCADA) systems. Lessons learned from work in these sectors indicate that the cyber threat may extend to other critical infrastructures including sites where nuclear and radiological materials are now stored. In this context, this white paper presents a hypothetical scenario by which a determined adversary launches a cyber attack that compromises the physical protection system and results in a reduced security posture at such a site. The compromised security posture might then be malevolently exploited in a variety of ways. The authors conclude that the cyber threat should be carefully considered for all nuclear infrastructures.

  2. Analysis of Dynamic Complexity of the Cyber Security Ecosystem of Colombia

    Directory of Open Access Journals (Sweden)

    Angélica Flórez

    2016-07-01

    Full Text Available This paper presents two proposals for the analysis of the complexity of the Cyber security Ecosystem of Colombia (CEC. This analysis shows the available knowledge about entities engaged in cyber security in Colombia and the relationships between them, which allow an understanding of the synergy between the different existing components. The complexity of the CEC is detailed from the view of the Influence Diagram of System Dynamics and the Domain Diagram of Software Engineering. The resulting model makes cyber security evident as a strategic component of national security.

  3. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  4. Industrial Control System Cyber Security: Questions And Answers Relevant To Nuclear Facilities, Safeguards And Security

    International Nuclear Information System (INIS)

    Anderson, Robert S.; Schanfein, Mark; Bjornard, Trond; Moskowitz, Paul

    2011-01-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  5. Attack tree based cyber security analysis of nuclear digital instrumentation and control systems

    International Nuclear Information System (INIS)

    Khand, P.A.

    2009-01-01

    To maintain the cyber security, nuclear digital Instrumentation and Control (I and C) systems must be analyzed for security risks because a single security breach due to a cyber attack can cause system failure, which can have catastrophic consequences on the environment and staff of a Nuclear Power Plant (NPP). Attack trees have been widely used to analyze the cyber security of digital systems due to their ability to capture system specific as well as attacker specific details. Therefore, a methodology based on attack trees has been proposed to analyze the cyber security of the systems. The methodology has been applied for the Cyber Security Analysis (CSA) of a Bistable Processor (BP) of a Reactor Protection System (RPS). Threats have been described according to their source. Attack scenarios have been generated using the attack tree and possible counter measures according to the Security Risk Level (SRL) of each scenario have been suggested. Moreover, cyber Security Requirements (SRs) have been elicited, and suitability of the requirements has been checked. (author)

  6. Cyber Security Risk Evaluation of a Nuclear I&C Using BN and ET

    Directory of Open Access Journals (Sweden)

    Jinsoo Shin

    2017-04-01

    Full Text Available Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

  7. Recommendations on Future Operational Environments Command Control and Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2015-01-01

    It is a well-known fact that today a nation's telecommunication networks, critical infrastructure, and information systems are vulnerable to growing number of attacks in cyberspace. Cyber space contains very different problems involving various sets of threats, targets and costs. Cyber security is not only problem of banking, communication or transportation. It also threatens core systems of army as command control. Some significant recommendations on command control (C2) and cyber security h...

  8. PENINGKATAN KEAMANAN SUPERVISORY CONTROL AND DATA ACQUISITION (SCADA PADA SMART GRID SEBAGAI INFRASTRUKTUR KRITIS

    Directory of Open Access Journals (Sweden)

    Ahmad Budi Setiawan

    2016-10-01

    Full Text Available SCADA (Supervisory Control and Data Acquisition systems as the control unit of the smart grid has been used in almost various industries around the world in terms of automation systems. Smart grid technology combines the energy infrastructure and telecommunications and Internet networks. The system provides the operational ease and efficiency in the industry. However, the system has a lot of vulnerabilities in information security aspects that can have a major impact for the industry and even the economy. This study tried to design in building a smart grid cyber security, it includes the strategies that must be done and the information security system architecture to be built. The study was conducted qualitative in-depth interviews, focus group discussions and direct observation. Results of this research is the design strategy recommendations ddalam development of smart grid cyber security. Recommendation results of this study also intended as a suggestion-making framework for smart grid cyber security as a reference implementation of the smart grid in Indonesia.

  9. Grid Security

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  10. Cyber Security Test Strategy for Non-safety Display System

    International Nuclear Information System (INIS)

    Son, Han Seong; Kim, Hee Eun

    2016-01-01

    Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures

  11. Cyber Security Test Strategy for Non-safety Display System

    Energy Technology Data Exchange (ETDEWEB)

    Son, Han Seong [Joongbu University, Geumsan (Korea, Republic of); Kim, Hee Eun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures.

  12. Nuclear Cyber Security Case Study and Analysis

    Energy Technology Data Exchange (ETDEWEB)

    Park, Sunae [ChungNam National Univ., Daejeon (Korea, Republic of); Kim, Kyung doo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2016-10-15

    Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis

  13. Nuclear Cyber Security Case Study and Analysis

    International Nuclear Information System (INIS)

    Park, Sunae; Kim, Kyung doo

    2016-01-01

    Due to the new trend in cyber attacks, there is an increased security threat towards every country's infrastructure. So, security measures are required now than ever before. Previous cyber attacks normal process consists of paralyzing a server function, data extraction, or data control into the IT system for trespassing. However, nowadays control systems and infrastructures are also targeted and attacking methods have changed a lot. These days, the virus is becoming increasingly serious and hacker attacks are also becoming more frequent. This virus is a computer virus produced for the purpose of destroying the infrastructure, such as power plants, airports, railways June 2010, and it was first discovered in Belarus. Israel, the US, and other countries are believed culprits behind Stuxnet attacks on other nations such as Iran. Recent malware distribution, such as website hacking threat is growing. In surveys today one of the most long-term posing security threats is from North Korea. In particular, North Korea has been caught launching ongoing cyber-attacks after their latest nuclear test. South Korea has identified national trends regarding North Korean nuclear tests and analyzed them in order to catch disclosed confidential information. Especially, many nuclear power plants in the world are found to be vulnerable to cyber-attacks. Industrial facilities should be more wary of the risk of a serious cyber attack in the middle is going to increase the reliance on universal and commercial digital systems (off the shelf) software, civilian nuclear infrastructure. Senior executives’ current risk rate levels are increasing. Digitalization of the perception of risk is lacking in nuclear power plants and workers are creating prevention methods to make them fully aware of the risks of cyber-attacks. It is suggested that it may be inappropriate to assume we are prepared for potential attacks. Due to advances in technology, a warning that the growing sense of crisis about

  14. Real time test bed development for power system operation, control and cyber security

    Science.gov (United States)

    Reddi, Ram Mohan

    The operation and control of the power system in an efficient way is important in order to keep the system secure, reliable and economical. With advancements in smart grid, several new algorithms have been developed for improved operation and control. These algorithms need to be extensively tested and validated in real time before applying to the real electric power grid. This work focuses on the development of a real time test bed for testing and validating power system control algorithms, hardware devices and cyber security vulnerability. The test bed developed utilizes several hardware components including relays, phasor measurement units, phasor data concentrator, programmable logic controllers and several software tools. Current work also integrates historian for power system monitoring and data archiving. Finally, two different power system test cases are simulated to demonstrate the applications of developed test bed. The developed test bed can also be used for power system education.

  15. Closing the Cyber Gap: Integrating Cross-Government Cyber Capabilities to Support the DHS Cyber Security Mission

    Science.gov (United States)

    2014-12-01

    identifies and eliminates the actors who seek to target our cyber 152 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed...future. 360 “2013 Data Breach Investigations Report,” Verizon Enterprise Solutions, accessed September 29, 2013, http://www.verizonenterprise.com/DBIR...critical system owners and worldwide cyber security teams.382 381 Data Breach on the Rise: Protecting Personal Information from Harm: Hearing

  16. IAEA puts cyber security in focus for nuclear facilities in 2015

    International Nuclear Information System (INIS)

    Shepherd, John

    2015-01-01

    Later in 2015 the International Atomic Energy Agency (IAEA) will convene a special conference to discuss computer security, in the wake of cyber attacks on global financial institutions and government agencies that were increasingly in the news. According to the IAEA, the prevalence of IT security incidents in recent years involving the Stuxnet malware 'demonstrated that nuclear facilities can be susceptible to cyber attack'. The IAEA said this and other events have significantly raised global concerns over potential vulnerabilities and the possibility of a cyber attack, or a joint cyber-physical attack, that could impact on nuclear security. The IAEA has correctly identified that the use of computers and other digital electronic equipment in physical protection systems at nuclear facilities, as well as in facility safety systems, instrumentation, information processing and communication, 'continues to grow and presents an ever more likely target for cyber attack'. The agency's Vienna conference, to be held in June, will review emerging trends in computer security and areas that may still need to be addressed. The meeting follows a declaration of ministers of IAEA member states in 2013 that called on the agency to help raise awareness of the growing threat of cyber attacks and their potential impact on nuclear security. The conference is being organised 'to foster international cooperation in computer security as an essential element of nuclear security', the IAEA said. Details of the IAEA's 'International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange' are on the 'meetings' section of the agency's web site.

  17. A review of game theory approach to cyber security risk management

    African Journals Online (AJOL)

    A review of game theory approach to cyber security risk management. ... This paper presents a review of game theoretic-based model for cyber security risk management. Specifically, issues on ... AJOL African Journals Online. HOW TO USE ...

  18. Survey of Cyber Security Methods for the Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Choi, Yoo Rark; Lee, Jae Cheol; Choi, Young Soo; Hong, Seok Boong [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2009-10-15

    Cyber security includes the method of protecting information, computer programs, and other computer system assets. Hardware security, which is the security of computer assets and capital equipment, refers to computer location, access control, fire protection, and storage procedures. Such measures as badges, electronic identification keys, alarm systems, and physical barriers at entries are used for this purpose. Software security entails the protection of software assets such as Application Programs, the Operating System, and the Data Base Management System and stored information. Special user numbers and passwords are typically used to prevent unauthorized access to software and data. In addition to security for hardware and software, good internal control also requires that measures be taken to prevent loss or accidental destruction of data. Cyber attacks create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for the digital I and C network of the NPP has been established for years by KINS, but its scope is very broad and conceptual. We will propose a cyber security method based on cryptography and authentication that is developed for the digital I and C network of the NPP.

  19. Survey of Cyber Security Methods for the Nuclear Power Plants

    International Nuclear Information System (INIS)

    Choi, Yoo Rark; Lee, Jae Cheol; Choi, Young Soo; Hong, Seok Boong

    2009-01-01

    Cyber security includes the method of protecting information, computer programs, and other computer system assets. Hardware security, which is the security of computer assets and capital equipment, refers to computer location, access control, fire protection, and storage procedures. Such measures as badges, electronic identification keys, alarm systems, and physical barriers at entries are used for this purpose. Software security entails the protection of software assets such as Application Programs, the Operating System, and the Data Base Management System and stored information. Special user numbers and passwords are typically used to prevent unauthorized access to software and data. In addition to security for hardware and software, good internal control also requires that measures be taken to prevent loss or accidental destruction of data. Cyber attacks create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for the digital I and C network of the NPP has been established for years by KINS, but its scope is very broad and conceptual. We will propose a cyber security method based on cryptography and authentication that is developed for the digital I and C network of the NPP

  20. Security-aware design for cyber-physical systems a platform-based approach

    CERN Document Server

    Lin, Chung-Wei

    2017-01-01

    Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

  1. Establishing cyber security programs for I and C systems at nuclear facilities

    International Nuclear Information System (INIS)

    Waedt, Karl

    2012-01-01

    In recent years, across the international nuclear community, cyber security issues have quickly gained significant attention from safety authorities and plant designers alike. This increased attention was accelerated by news of the Stuxnet virus, which impaired control systems at Iranian nuclear facilities in 2010, but is also fueled by regular news about cyber security breaches of data systems at large business corporations. This paper discusses key aspects of establishing a cyber security program for Instrumentation and Control (I and C) systems at a nuclear facility, and identifies inherent aspects of nuclear power plant (NPP) design, that differentiate the needs of such a cyber security program from those of typical corporate data systems. (orig.)

  2. Establishing cyber security programs for I and C systems at nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    Waedt, Karl [AREVA NP GmbH (Germany)

    2012-11-01

    In recent years, across the international nuclear community, cyber security issues have quickly gained significant attention from safety authorities and plant designers alike. This increased attention was accelerated by news of the Stuxnet virus, which impaired control systems at Iranian nuclear facilities in 2010, but is also fueled by regular news about cyber security breaches of data systems at large business corporations. This paper discusses key aspects of establishing a cyber security program for Instrumentation and Control (I and C) systems at a nuclear facility, and identifies inherent aspects of nuclear power plant (NPP) design, that differentiate the needs of such a cyber security program from those of typical corporate data systems. (orig.)

  3. Understanding human factors in cyber security as a dynamic system

    NARCIS (Netherlands)

    Young, H.J.; Vliet, A.J. van; Ven, J.G.S. van de; Jol, S.C.; Broekman, C.C.M.T.

    2018-01-01

    The perspective of human factors is largely missing from the wider cyber security dialogue and its scope is often limited. We propose a framework in which we consider cyber security as a state of a system. System change is brought on by an entity’s behavior. Interventions are ways of changing

  4. Cyber security deterrence and it protection for critical infrastructures

    CERN Document Server

    Martellini, Maurizio

    2013-01-01

    The experts of the International Working Group-Landau Network Centro Volta (IWG-LNCV) discuss aspects of cyber security and present possible methods of deterrence, defense and resilience against cyber attacks. This SpringerBrief covers state-of-the-art documentation on the deterrence power of cyber attacks and argues that nations are entering a new cyber arms race. The brief also provides a technical analysis of possible cyber attacks towards critical infrastructures in the chemical industry and chemical safety industry. The authors also propose modern analyses and a holistic approach to resil

  5. IAEA puts cyber security in focus for nuclear facilities in 2015

    Energy Technology Data Exchange (ETDEWEB)

    Shepherd, John [nuclear 24, Brighton (United Kingdom)

    2015-01-15

    Later in 2015 the International Atomic Energy Agency (IAEA) will convene a special conference to discuss computer security, in the wake of cyber attacks on global financial institutions and government agencies that were increasingly in the news. According to the IAEA, the prevalence of IT security incidents in recent years involving the Stuxnet malware 'demonstrated that nuclear facilities can be susceptible to cyber attack'. The IAEA said this and other events have significantly raised global concerns over potential vulnerabilities and the possibility of a cyber attack, or a joint cyber-physical attack, that could impact on nuclear security. The IAEA has correctly identified that the use of computers and other digital electronic equipment in physical protection systems at nuclear facilities, as well as in facility safety systems, instrumentation, information processing and communication, 'continues to grow and presents an ever more likely target for cyber attack'. The agency's Vienna conference, to be held in June, will review emerging trends in computer security and areas that may still need to be addressed. The meeting follows a declaration of ministers of IAEA member states in 2013 that called on the agency to help raise awareness of the growing threat of cyber attacks and their potential impact on nuclear security. The conference is being organised 'to foster international cooperation in computer security as an essential element of nuclear security', the IAEA said. Details of the IAEA's 'International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange' are on the 'meetings' section of the agency's web site.

  6. ASPECTS OF POLICIES AND STRATEGIES FOR CYBER SECURITY IN THE EUROPEAN UNION

    Directory of Open Access Journals (Sweden)

    Ilina ARMENCHEVA

    2015-10-01

    Full Text Available Freedom and prosperity of mankind greatly depend on an innovative, safe and reliable Internet that, of course, will keep evolving. Cyber space must be protected from incidents, misuse and abuse. Handling the increasing number of threats to cyber security is a challenge that national security and the trend in the international environment face. This makes taking fast and adequate measures at national, European and international level a must. Changing national security strategies and adopting new cyber security strategies are a part of these measures.

  7. A Cyber Security Self-Assessment Method for Nuclear Power Plants

    Energy Technology Data Exchange (ETDEWEB)

    Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

    2004-11-01

    A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is a digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process.

  8. A Cyber Security Self-Assessment Method for Nuclear Power Plants

    International Nuclear Information System (INIS)

    Glantz, Clifford S.; Coles, Garill A.; Bass, Robert B.

    2004-01-01

    A cyber security self-assessment method (the Method) has been developed by Pacific Northwest National Laboratory. The development of the Method was sponsored and directed by the U.S. Nuclear Regulatory Commission. Members of the Nuclear Energy Institute Cyber Security Task Force also played a substantial role in developing the Method. The Method's structured approach guides nuclear power plants in scrutinizing their digital systems, assessing the potential consequences to the plant of a cyber exploitation, identifying vulnerabilities, estimating cyber security risks, and adopting cost-effective protective measures. The focus of the Method is on critical digital assets. A critical digital asset is a digital device or system that plays a role in the operation, maintenance, or proper functioning of a critical system (i.e., a plant system that can impact safety, security, or emergency preparedness). A critical digital asset may have a direct or indirect connection to a critical system. Direct connections include both wired and wireless communication pathways. Indirect connections include sneaker-net pathways by which software or data are manually transferred from one digital device to another. An indirect connection also may involve the use of instructions or data stored on a critical digital asset to make adjustments to a critical system. The cyber security self-assessment begins with the formation of an assessment team, and is followed by a six-stage process

  9. Application of the JDL data fusion process model for cyber security

    Science.gov (United States)

    Giacobe, Nicklaus A.

    2010-04-01

    A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

  10. A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

    International Nuclear Information System (INIS)

    Song, S. H.; Lee, M. S.; Kim, T. H.; Park, C. H.; Park, S. P.; Kim, H. S.

    2014-01-01

    As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system

  11. A Case Study on Cyber-security Program for the Programmable Logic Controller of Modern NPPs

    Energy Technology Data Exchange (ETDEWEB)

    Song, S. H. [Korea University, Seoul (Korea, Republic of); Lee, M. S.; Kim, T. H. [Formal Work Inc., Seoul (Korea, Republic of); Park, C. H. [LINE Corp., Tokyo (Japan); Park, S. P. [Ahnlab Inc., Seoul (Korea, Republic of); Kim, H. S. [Sejong University, Seoul (Korea, Republic of)

    2014-08-15

    As instrumentation and control (I and C) systems for modern Nuclear Power Plants (NPPs) have been digitalized to cope with their growing complexity, the cyber-security has become an important issue. To protect the I and C systems adequately from cyber threats, such as Stuxnet that attacked Iran's nuclear facilities, regulations of many countries require a cyber-security program covering all the life cycle phases of the system development, from the concept to the retirement. This paper presents a case study of cyber-security program that has been performed during the development of the programmable logic controller (PLC) for modern NPPs of Korea. In the case study, a cyber-security plan, including technical, management, and operational controls, was established through a security risk assessment. Cyber-security activities, such as development of security functions and periodic inspections, were conducted according to the plan: the security functions were applied to the PLC as the technical controls, and periodic inspections and audits were held to check the security of the development environment, as the management and operational controls. A final penetration test was conducted to inspect all the security problems that had been issued during the development. The case study has shown that the systematic cyber-security program detected and removed the vulnerabilities of the target system, which could not be found otherwise, enhancing the cyber-security of the system.

  12. Cyber security risk evaluation of a nuclear I and C using BN and ET

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyun Young [Dept. of Nuclear Engineering, Kyung Hee University, Yongin (Korea, Republic of); Son, Han Seong [Computer and Game Science, Joongbu University, Geumsan (Korea, Republic of)

    2017-04-15

    Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks.

  13. Cyber security risk evaluation of a nuclear I and C using BN and ET

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong

    2017-01-01

    Cyber security is an important issue in the field of nuclear engineering because nuclear facilities use digital equipment and digital systems that can lead to serious hazards in the event of an accident. Regulatory agencies worldwide have announced guidelines for cyber security related to nuclear issues, including U.S. NRC Regulatory Guide 5.71. It is important to evaluate cyber security risk in accordance with these regulatory guides. In this study, we propose a cyber security risk evaluation model for nuclear instrumentation and control systems using a Bayesian network and event trees. As it is difficult to perform penetration tests on the systems, the evaluation model can inform research on cyber threats to cyber security systems for nuclear facilities through the use of prior and posterior information and backpropagation calculations. Furthermore, we suggest a methodology for the application of analytical results from the Bayesian network model to an event tree model, which is a probabilistic safety assessment method. The proposed method will provide insight into safety and cyber security risks

  14. THE INFORMATION CONFIDENTIALITY AND CYBER SECURITY IN MEDICAL INSTITUTIONS

    Directory of Open Access Journals (Sweden)

    SABAU-POPA CLAUDIA DIANA

    2015-07-01

    Full Text Available The information confidentiality and cyber security risk affects the right to confidentiality and privacy of the patient, as regulated in Romania by the Law 46/2002. The manifestation of the cyber security risk event affects the reputation of the healthcare institution and is becoming more and more complex and often due to the: development of network technology, the medical equipment connected to wifi and the electronic databases. The databases containing medical records were implemented due to automation. Thus, transforming data into medical knowledge contribute to a better understanding of the disease. Due to these factors, the measures taken by the hospital management for this type of risk are adapted to the cyber changes. The hospital objectives aim: the implementation of a robust information system, the early threats identifications and the incident reporting. Neglecting this type of risk can generate financial loss, inability to continue providing health care services for a certain period of time, providing an erroneous diagnosis, medical equipment errors etc. Thus, in a digital age the appropriate risk management for the information security and cyber risk represent a necessity. The main concern of hospitals worldwide is to align with international requirements and obtain credentials in terms of data security from the International Organisation for Standardization, which regulates the management of this type of risk. Romania is at the beginning in terms of concerns regarding the management, avoidance and mitigation of information security, the health system being most highly exposed to its manifestation. The present paper examines the concerns of the health system to the confidentiality of information and cyber security risk and its management arrangements. Thus, a set of key risk indicators is implemented and monitored for 2011-2013, using a user interface, a Dashboard, which acts as an early warning system of the manifestation of the

  15. Best Practices for Operating Government-Industry Partnerships in Cyber Security

    Directory of Open Access Journals (Sweden)

    Larry Clinton

    2015-12-01

    Full Text Available Since the publication of the first National Strategy to Secure Cyber Space in 2003 the US federal government has realized that due to the interconnected nature of the Internet, securing the system would require an industry-government partnership. However, defining exactly what that new partnership would look like and how it would operate has been unclear. The ramifications of this ambiguous strategy have been noted elsewhere including the 2011 JSS article “A Relationship on the Brink” which described the dysfunctional state of public private partnerships with respect to cyber security. Subsequently, a joint industry-government study of partnership programs has generated a consensus list of “best practices” for operating such programs successfully. Moreover, subsequent use of these principles seems to confirm their ability to enhance the partnership and hopefully helps ameliorate, to some degree, the growing cyber threat. This article provides a brief history of the evolution of public-private partnerships in cyber security, the joint study to assess them and the 12 best practices generated by that analysis.

  16. Your employees: the front line in cyber security

    OpenAIRE

    Ashenden, D

    2016-01-01

    First published in The Chemical Engineer and reproduced by Crest - Centre for Research and Evidence on Security Threats, 26/01/2016 (https://crestresearch.ac.uk/comment/employees-front-line-cyber-security/)

  17. Survey of Cyber Security Intrinsic for a Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Choi, Yoo Rark; Lee, Jae Cheol [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2009-05-15

    Federal agencies are facing a set of emerging cyber security threats that are the result of increasingly sophisticated methods of attack and the blending of once distinct types of attack into more complex and damaging forms. Spam, phishing, and spyware, while once viewed as discrete consumer challenges, are being blended to create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for a NPP has been established for years by KINS, but its scope is very broad and conceptual. We will describe several important cyber security issues for a NPP in the applicative boundary.

  18. Survey of Cyber Security Intrinsic for a Nuclear Power Plant

    International Nuclear Information System (INIS)

    Choi, Yoo Rark; Lee, Jae Cheol

    2009-01-01

    Federal agencies are facing a set of emerging cyber security threats that are the result of increasingly sophisticated methods of attack and the blending of once distinct types of attack into more complex and damaging forms. Spam, phishing, and spyware, while once viewed as discrete consumer challenges, are being blended to create substantial threats to large enterprises, including federal systems and digital I and C of a NPP (Nuclear Power Plant) is one of them. The cyber security policy for a NPP has been established for years by KINS, but its scope is very broad and conceptual. We will describe several important cyber security issues for a NPP in the applicative boundary

  19. A Testbed Environment for Buildings-to-Grid Cyber Resilience Research and Development

    Energy Technology Data Exchange (ETDEWEB)

    Sridhar, Siddharth; Ashok, Aditya; Mylrea, Michael E.; Pal, Seemita; Rice, Mark J.; Gourisetti, Sri Nikhil Gup

    2017-09-19

    The Smart Grid is characterized by the proliferation of advanced digital controllers at all levels of its operational hierarchy from generation to end consumption. Such controllers within modern residential and commercial buildings enable grid operators to exercise fine-grained control over energy consumption through several emerging Buildings-to-Grid (B2G) applications. Though this capability promises significant benefits in terms of operational economics and improved reliability, cybersecurity weaknesses in the supporting infrastructure could be exploited to cause a detrimental effect and this necessitates focused research efforts on two fronts. First, the understanding of how cyber attacks in the B2G space could impact grid reliability and to what extent. Second, the development and validation of cyber-physical application-specific countermeasures that are complementary to traditional infrastructure cybersecurity mechanisms for enhanced cyber attack detection and mitigation. The PNNL B2G testbed is currently being developed to address these core research needs. Specifically, the B2G testbed combines high-fidelity buildings+grid simulators, industry-grade building automation and Supervisory Control and Data Acquisition (SCADA) systems in an integrated, realistic, and reconfigurable environment capable of supporting attack-impact-detection-mitigation experimentation. In this paper, we articulate the need for research testbeds to model various B2G applications broadly by looking at the end-to-end operational hierarchy of the Smart Grid. Finally, the paper not only describes the architecture of the B2G testbed in detail, but also addresses the broad spectrum of B2G resilience research it is capable of supporting based on the smart grid operational hierarchy identified earlier.

  20. SALVAGE Report D2.1 Description of existing and extended smart grid component models for use in the intrusion detection system

    DEFF Research Database (Denmark)

    Kosek, Anna Magdalena; Heussen, Kai

    2015-01-01

    The purpose of the SALVAGE project is to develop better support for managing and designing a secure future smart grid. This approach includes cyber security technologies dedicated to power grid operation as well as support for the migration to the future smart grid solutions, including the legacy...... of ICT that necessarily will be part of it. The objective is further to develop cyber security technology and methodology optimized with the particular needs and context of the power industry, something that is to a large extent lacking in general cyber security best practices and technologies today...

  1. Cyber Security Research Frameworks For Coevolutionary Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Rush, George D. [Missouri Univ. of Science and Technology, Rolla, MO (United States); Tauritz, Daniel Remy [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-12-03

    Several architectures have been created for developing and testing systems used in network security, but most are meant to provide a platform for running cyber security experiments as opposed to automating experiment processes. In the first paper, we propose a framework termed Distributed Cyber Security Automation Framework for Experiments (DCAFE) that enables experiment automation and control in a distributed environment. Predictive analysis of adversaries is another thorny issue in cyber security. Game theory can be used to mathematically analyze adversary models, but its scalability limitations restrict its use. Computational game theory allows us to scale classical game theory to larger, more complex systems. In the second paper, we propose a framework termed Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) that can coevolve attacker and defender agent strategies and capabilities and evaluate potential solutions with a custom network defense simulation. The third paper is a continuation of the CANDLES project in which we rewrote key parts of the framework. Attackers and defenders have been redesigned to evolve pure strategy, and a new network security simulation is devised which specifies network architecture and adds a temporal aspect. We also add a hill climber algorithm to evaluate the search space and justify the use of a coevolutionary algorithm.

  2. European Cyber Security Perspectives 2015

    NARCIS (Netherlands)

    Baloo, J.; Geveke, H.G.; Paulissen, W.; Vries, H. de

    2015-01-01

    Following the success of last year’s publication, we are proud to present the second edition of our European Cyber Security Perspectives report. Through this collection of articles, we aim to share our different perspectives and insights, the latest developments and achievements in the field of

  3. Cyber Security Risk Assessment for the KNICS Safety Systems

    International Nuclear Information System (INIS)

    Lee, C. K.; Park, G. Y.; Lee, Y. J.; Choi, J. G.; Kim, D. H.; Lee, D. Y.; Kwon, K. C.

    2008-01-01

    In the Korea Nuclear I and C Systems Development (KNICS) project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and communication networks. In 2006 the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC and it describes the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore it is required that the new requirements are incorporated into the developed platforms to apply to NPP, and a cyber security risk assessment is performed. The results of the assessment were input for establishing the cyber security policies and planning the work breakdown to incorporate them

  4. Security for grids

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.; Jackson, Keith R.

    2005-08-14

    Securing a Grid environment presents a distinctive set of challenges. This paper groups the activities that need to be secured into four categories: naming and authentication; secure communication; trust, policy, and authorization; and enforcement of access control. It examines the current state of the art in securing these processes and introduces new technologies that promise to meet the security requirements of Grids more completely.

  5. Cyber-security: industrials must stop denying the risk of cyber-attacks

    International Nuclear Information System (INIS)

    Hausermann, L.

    2015-01-01

    The risk of cyber-attacks of industrial sites is real. Recently the Anvers port and the Bakou-Tbilissi-Ceyhan pipeline have been attacked. In both cases hackers succeeded: they were able to track sea containers in which drug was concealed and recover it in the Anvers port and in the case of the pipeline the hackers took control of the control system and were able to trigger a huge explosion by shunning security systems and allowing damaging pressure surges. The massive use of digital systems and of automated systems in various industrial sectors has led to huge network of inter-connected smart devices whose purpose is not to process data but to monitor and control. All these devices and equipment are controlled by software whose weaknesses and fault lines multiply the risk of cyber-attacks even for 'closed' networks. While the total hacking of a nuclear power plant is highly unlikely, real threats exist and must be taken into account. Innovative solutions based on the mapping of the fluxes of the system and combined with an inventory of all its weaknesses may pave the way towards cyber-security. (A.C.)

  6. Cyber indicators of compromise: a domain ontology for security information and event management

    Science.gov (United States)

    2017-03-01

    heuristics, mapping, and detection. CybOX is aimed at supporting a broad range of important cyber security domains to include [31]: • Digital...REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE CYBER INDICATORS OF COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND...Distribution is unlimited. CYBER INDICATORS OF COMPROMISE: A DOMAIN ONTOLOGY FOR SECURITY INFORMATION AND EVENT MANAGEMENT Marsha D. Rowell

  7. Data fusion in cyber security: first order entity extraction from common cyber data

    Science.gov (United States)

    Giacobe, Nicklaus A.

    2012-06-01

    The Joint Directors of Labs Data Fusion Process Model (JDL Model) provides a framework for how to handle sensor data to develop higher levels of inference in a complex environment. Beginning from a call to leverage data fusion techniques in intrusion detection, there have been a number of advances in the use of data fusion algorithms in this subdomain of cyber security. While it is tempting to jump directly to situation-level or threat-level refinement (levels 2 and 3) for more exciting inferences, a proper fusion process starts with lower levels of fusion in order to provide a basis for the higher fusion levels. The process begins with first order entity extraction, or the identification of important entities represented in the sensor data stream. Current cyber security operational tools and their associated data are explored for potential exploitation, identifying the first order entities that exist in the data and the properties of these entities that are described by the data. Cyber events that are represented in the data stream are added to the first order entities as their properties. This work explores typical cyber security data and the inferences that can be made at the lower fusion levels (0 and 1) with simple metrics. Depending on the types of events that are expected by the analyst, these relatively simple metrics can provide insight on their own, or could be used in fusion algorithms as a basis for higher levels of inference.

  8. An Integrated Research Infrastructure for Validating Cyber-Physical Energy Systems

    DEFF Research Database (Denmark)

    Strasser, T. I.; Moyo, C.; Bründlinger, R.

    2017-01-01

    quality and ensure security of supply. At the same time, the increased availability of advanced automation and communication technologies provides new opportunities for the derivation of intelligent solutions to tackle the challenges. Previous work has shown various new methods of operating highly...... interconnected power grids, and their corresponding components, in a more effective way. As a consequence of these developments, the traditional power system is being transformed into a cyber-physical energy system, a smart grid. Previous and ongoing research have tended to mainly focus on how specific aspects...... of smart grids can be validated, but until there exists no integrated approach for the analysis and evaluation of complex cyber-physical systems configurations. This paper introduces integrated research infrastructure that provides methods and tools for validating smart grid systems in a holistic, cyber...

  9. Evaluation of a Cyber Security System for Hospital Network.

    Science.gov (United States)

    Faysel, Mohammad A

    2015-01-01

    Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

  10. Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy

    Directory of Open Access Journals (Sweden)

    Audrey Guinchard

    2011-01-01

    Full Text Available Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing anti-virus software on the basis that "these are likely to be factored into normal day-to-day expenditures for the Government, businesses, and individuals. This article contends if these costs had been quantified and integrated into the cost of cyber crime, then the analysis would have revealed that what matters is not so much cyber crime, but the fertile terrain of vulnerabilities that unleash a range of possibilities to whomever wishes to exploit them. By downplaying the vulnerabilities, the threats represented by cyber war, cyber terrorism, and cyber crime are conversely inflated. Therefore, reassessing risk as a strategy for security in cyberspace must include acknowledgment of understated vulnerabilities, as well as a better distributed knowledge about the nature and character of the overhyped threats of cyber crime, cyber terrorism, and cyber war.

  11. Cyber security in ports: Business as usual

    OpenAIRE

    Moerel, Lokke; Dezeure, Freddy

    2017-01-01

    Our paper summarizes the risks and provides concrete and pragmatic proposals to increase substantially the cyber maturity and resilience in the ports by organizing training and awareness raising, fostering cooperation and information exchange both between the stakeholders in the ports and across the ports and integrating the cyber risk into the physical security risk management processes and structures already in place within the ports. This also involves a higher degree of oversight by the P...

  12. Cyber-Attacks on Smart Meters in Household Nanogrid: Modeling, Simulation and Analysis

    OpenAIRE

    Tellbach, Denise; Li, Yan-Fu

    2018-01-01

    The subject of cyber-security and therefore cyber-attacks on smart grid (SG) has become subject of many publications in the last years, emphasizing its importance in research, as well as in practice. One especially vulnerable part of SG are smart meters (SMs). The major contribution of simulating a variety of cyber-attacks on SMs that have not been done in previous studies is the identification and quantification of the possible impacts on the security of SG. In this study, a simulation model...

  13. A preliminary cyber-physical security assessment of the Robot Operating System (ROS)

    Science.gov (United States)

    McClean, Jarrod; Stull, Christopher; Farrar, Charles; Mascareñas, David

    2013-05-01

    Over the course of the last few years, the Robot Operating System (ROS) has become a highly popular software framework for robotics research. ROS has a very active developer community and is widely used for robotics research in both academia and government labs. The prevalence and modularity of ROS cause many people to ask the question: "What prevents ROS from being used in commercial or government applications?" One of the main problems that is preventing this increased use of ROS in these applications is the question of characterizing its security (or lack thereof). In the summer of 2012, a crowd sourced cyber-physical security contest was launched at the cyber security conference DEF CON 20 to begin the process of characterizing the security of ROS. A small-scale, car-like robot was configured as a cyber-physical security "honeypot" running ROS. DEFFCON-20 attendees were invited to find exploits and vulnerabilities in the robot while network traffic was collected. The results of this experiment provided some interesting insights and opened up many security questions pertaining to deployed robotic systems. The Federal Aviation Administration is tasked with opening up the civil airspace to commercial drones by September 2015 and driverless cars are already legal for research purposes in a number of states. Given the integration of these robotic devices into our daily lives, the authors pose the following question: "What security exploits can a motivated person with little-to-no experience in cyber security execute, given the wide availability of free cyber security penetration testing tools such as Metasploit?" This research focuses on applying common, low-cost, low-overhead, cyber-attacks on a robot featuring ROS. This work documents the effectiveness of those attacks.

  14. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  15. CYBER SECURITY FOR AIRPORTS

    OpenAIRE

    Kasthurirangan Gopalakrishnan; Manimaran Govindarasu; Doug W. Jacobson; Brent M. Phares

    2013-01-01

    In today’s information age, government organizations and business enterprises are heavily relying on interconnected computer systems to manage a variety of public services including energy, transportation, water, etc. While this increased connectivity has many operational advantages benefitting the public, they have also become vulnerable to cyber attacks such as Corporate Security Breaches, Spear Phishing, and Social Media Fraud. The aviation sector is one the critical infrastructure systems...

  16. Transmission grid security

    CERN Document Server

    Haarla, Liisa; Hirvonen, Ritva; Labeau, Pierre-Etienne

    2011-01-01

    In response to the growing importance of power system security and reliability, ""Transmission Grid Security"" proposes a systematic and probabilistic approach for transmission grid security analysis. The analysis presented uses probabilistic safety assessment (PSA) and takes into account the power system dynamics after severe faults. In the method shown in this book the power system states (stable, not stable, system breakdown, etc.) are connected with the substation reliability model. In this way it is possible to: estimate the system-wide consequences of grid faults; identify a chain of eve

  17. Nuclear Power Plant Cyber Security Discrete Dynamic Event Tree Analysis (LDRD 17-0958) FY17 Report

    Energy Technology Data Exchange (ETDEWEB)

    Wheeler, Timothy A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Denman, Matthew R. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Williams, R. A. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Martin, Nevin [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Jankovsky, Zachary Kyle [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-09-01

    Instrumentation and control of nuclear power is transforming from analog to modern digital assets. These control systems perform key safety and security functions. This transformation is occurring in new plant designs as well as in the existing fleet of plants as the operation of those plants is extended to 60 years. This transformation introduces new and unknown issues involving both digital asset induced safety issues and security issues. Traditional nuclear power risk assessment tools and cyber security assessment methods have not been modified or developed to address the unique nature of cyber failure modes and of cyber security threat vulnerabilities. iii This Lab-Directed Research and Development project has developed a dynamic cyber-risk in- formed tool to facilitate the analysis of unique cyber failure modes and the time sequencing of cyber faults, both malicious and non-malicious, and impose those cyber exploits and cyber faults onto a nuclear power plant accident sequence simulator code to assess how cyber exploits and cyber faults could interact with a plants digital instrumentation and control (DI&C) system and defeat or circumvent a plants cyber security controls. This was achieved by coupling an existing Sandia National Laboratories nuclear accident dynamic simulator code with a cyber emulytics code to demonstrate real-time simulation of cyber exploits and their impact on automatic DI&C responses. Studying such potential time-sequenced cyber-attacks and their risks (i.e., the associated impact and the associated degree of difficulty to achieve the attack vector) on accident management establishes a technical risk informed framework for developing effective cyber security controls for nuclear power.

  18. Introduction of regulatory guide on cyber security of L and C systems in nuclear facilities

    International Nuclear Information System (INIS)

    Kang, Y.; Jeong, C. H.; Kim, D. I.

    2008-01-01

    In the case of unauthorized individuals, systems and entities or process threatening the instrumentation and control systems of nuclear facilities using the intrinsic vulnerabilities of digital based technologies, those systems may lose their own required functions. The loss of required functions of the systems can seriously affect the safety of nuclear facilities. Consequently, digital instrumentation and control systems, which perform functions important to safety, should be designed and operated to respond to cyber threats capitalizing on the vulnerabilities of digital based technologies. To make it possible, the developers and licensees of nuclear facilities should perform appropriate cyber security activities throughout the whole life cycle of digital instrumentation and control systems. Under the goal of securing the safety of nuclear facilities, this paper presents the regulatory on cyber security activities to remove the cyber threats that exploit the vulnerabilities of digital instrumentation and control systems and to mitigate the effect of such threats. Presented regulatory guide includes establishing the cyber security policy and plan, analyzing and classifying the cyber threats and cyber security assessment of digital instrumentation and control systems. (authors)

  19. Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

    Energy Technology Data Exchange (ETDEWEB)

    Dorman, E., E-mail: Erik.Dorman@areva.com [AREVA Inc., Cyber Security Solutions, Charlotte, NC (United States)

    2015-07-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

  20. Operating nuclear power stations in a regulated cyber security environment: a roadmap for success

    International Nuclear Information System (INIS)

    Dorman, E.

    2015-01-01

    The United States Nuclear Regulatory Commission (NRC) issued 10CFR73.54 to implement a regulated Cyber Security Program at each operating nuclear reactor facility. Milestones were implemented December 31, 2012 to mitigate the attack vectors for the most critical digital assets acknowledged by the industry and the NRC. The NRC inspections have begun. The nuclear Cyber Security Plan, implemented by the site Cyber Security Program (Program), is an element of the operating license at each facility. The Program is designed to protect critical digital assets (CDAs) by applying and maintaining defense-in depth protective strategies to ensure the capability to detect, respond to, and recover from cyber-attacks. The Program references NEI 08-09 R. 6, the Nuclear Energy Institute Template that provides guidance for applying Cyber Security controls derived from NIST 800-53/82 and slightly modified to fit the nuclear environment. Many mature processes are in place at nuclear facilities in response to numerous regulations implemented over the past 30 years. Many of these processes such as the Physical Security Program offer protections that are leveraged to protect the functions of critical digital assets from unauthorized physical access. Other processes and technology such as engineering design control, work management and pre-job briefs, control of portable media and mobile devices, and deterministically segregated networks protect critical digital assets. By leveraging the regulated nuclear environment, integrating NIST type Cyber Security controls, and prudently deploying technology the Cyber Security posture of operating nuclear facilities supports on-demand base load electricity 24/7 with capacity factors exceeding 85%. This paper is designed to provide a glimpse into Cyber Security Programs that support safe operation and reliability in the regulated nuclear environment while supporting the on-demand base load electricity production 24/7. (author)

  1. Developing cyber security architecture for military networks using cognitive networking

    OpenAIRE

    Kärkkäinen, Anssi

    2015-01-01

    In recent years, the importance of cyber security has increased. Cyber security has not become a critical issue only for governmental or business actors, but also for armed forces that nowadays rely on national or even global networks in their daily activities. The Network Centric Warfare (NCW) paradigm has increased the significance of networking during last decades as it enables information superiority in which military combat power increased by networking the battlefield actors from perspe...

  2. Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

    Energy Technology Data Exchange (ETDEWEB)

    Ondrej Linda; Todd Vollmer; Jason Wright; Milos Manic

    2011-04-01

    Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrained computational requirements of low-cost embedded network security cyber sensors. The performance of the system was evaluated on a set of network data recorded from an experimental test-bed mimicking the environment of a critical infrastructure control system.

  3. Using a Prediction Model to Manage Cyber Security Threats

    Directory of Open Access Journals (Sweden)

    Venkatesh Jaganathan

    2015-01-01

    Full Text Available Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization.

  4. Using a Prediction Model to Manage Cyber Security Threats.

    Science.gov (United States)

    Jaganathan, Venkatesh; Cherurveettil, Priyesh; Muthu Sivashanmugam, Premapriya

    2015-01-01

    Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization.

  5. Using a Prediction Model to Manage Cyber Security Threats

    Science.gov (United States)

    Muthu Sivashanmugam, Premapriya

    2015-01-01

    Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization. PMID:26065024

  6. Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

    CERN Document Server

    Tilaro, F

    2011-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

  7. Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

    International Nuclear Information System (INIS)

    Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K.

    2012-01-01

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases

  8. Design concept of CSRAS (Cyber Security Risk Analysis and Assessment System) for digital I and C systems

    Energy Technology Data Exchange (ETDEWEB)

    Song, J. G.; Lee, J. W.; Lee, D. Y.; Lee, C. K. [KAERI, Daejeon (Korea, Republic of)

    2012-10-15

    The instrumentation and control (I and C) systems in nuclear power plants (NPPs) have been digitalized recently. Hence, cyber security becomes an important feature to be incorporated into the I and C systems. The Regulatory Guide 5.71 published by U.C NRC in 2010 presents a comprehensive set of security controls for the cyber security of I and C systems in NPPs. However, the application of security controls specified in the RG 5.71 in a specific I and C system still requires many analysis efforts based on the understanding of the security controls, since the guideline does not provide the details to system designers or developers regarding what, where, and how to apply the security controls. To apply security controls to I and C systems, cyber security requirements should be identified based on the cyber security policy and program, then the design and implementation of security controls should be performed along with the I and C system development life cycle. It can be assumed that cyber security requirements are identified during the system design(SD) phase and the design and implementation of security controls is performed during the component design(CD) phase. When identifying security requirements and performing the design and implementation of security controls, cyber security risk assessments should be processed with the understanding of the characteristics of target systems. In this study, the Cyber Security Risk Analysis and Assessment System (CSRAS) has been developed as a tool for analyzing security requirements and technical security controls considering based on a general cyber security risk assessment procedure with the consideration of the characteristics of I and C systems and the development phases.

  9. Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users.

    Science.gov (United States)

    Veksler, Vladislav D; Buchler, Norbou; Hoffman, Blaine E; Cassenti, Daniel N; Sample, Char; Sugrim, Shridat

    2018-01-01

    Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting.

  10. Secure Interoperable Open Smart Grid Demonstration Project

    Energy Technology Data Exchange (ETDEWEB)

    Magee, Thoman [Consolidated Edison Company Of New York, Inc., NY (United States)

    2014-12-28

    The Consolidated Edison, Inc., of New York (Con Edison) Secure Interoperable Open Smart Grid Demonstration Project (SGDP), sponsored by the United States (US) Department of Energy (DOE), demonstrated that the reliability, efficiency, and flexibility of the grid can be improved through a combination of enhanced monitoring and control capabilities using systems and resources that interoperate within a secure services framework. The project demonstrated the capability to shift, balance, and reduce load where and when needed in response to system contingencies or emergencies by leveraging controllable field assets. The range of field assets includes curtailable customer loads, distributed generation (DG), battery storage, electric vehicle (EV) charging stations, building management systems (BMS), home area networks (HANs), high-voltage monitoring, and advanced metering infrastructure (AMI). The SGDP enables the seamless integration and control of these field assets through a common, cyber-secure, interoperable control platform, which integrates a number of existing legacy control and data systems, as well as new smart grid (SG) systems and applications. By integrating advanced technologies for monitoring and control, the SGDP helps target and reduce peak load growth, improves the reliability and efficiency of Con Edison’s grid, and increases the ability to accommodate the growing use of distributed resources. Con Edison is dedicated to lowering costs, improving reliability and customer service, and reducing its impact on the environment for its customers. These objectives also align with the policy objectives of New York State as a whole. To help meet these objectives, Con Edison’s long-term vision for the distribution grid relies on the successful integration and control of a growing penetration of distributed resources, including demand response (DR) resources, battery storage units, and DG. For example, Con Edison is expecting significant long-term growth of DG

  11. Challenges and Aspects of Cyber Security of the Republic of Croatia

    Directory of Open Access Journals (Sweden)

    Protrka Nikola

    2017-06-01

    Full Text Available The development of the information and communication technology (ICT, regardless of its many advantages, unfortunately has its disadvantage - the abuse of the cyberworld. The global character of cyberspace is specific in terms of national legislation and its view of specificities. Some countries adopted the recommendation of the Convention on Cybercrime of the Council of Europe (Official Gazette NN-MU 9/02, 4/04 and amended their national legislation, whereas others kept implementing their criminal law solutions, which are outdated and cannot reach the level of this type of criminal offences. Consequently, governments are inclined to cooperate and exchange information about this type of crime due to the fact that the criminal offender may be anywhere, and the offence itself can take place at a great distance from the offender. In September 2015, the government of the Republic of Croatia adopted the National Cyber Security Strategy and the Action Plan for the Implementation of the National Cyber Security Strategy, the first allencompassing strategy of the Republic of Croatia on cyber security. The paper also focuses on the role of the Police College in the Action Plan for the Implementation of the National Cyber Security Strategy.

  12. A conceptual framework for cyber security awareness and education in SA

    Directory of Open Access Journals (Sweden)

    Noluxolo Kortjan

    2014-06-01

    Full Text Available The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

  13. Reliability analysis for the smart grid : from cyber control and communication to physical manifestations of failure.

    Science.gov (United States)

    2010-01-01

    The Smart Grid is a cyber-physical system comprised of physical components, such as transmission lines and generators, and a : network of embedded systems deployed for their cyber control. Our objective is to qualitatively and quantitatively analyze ...

  14. Cyber security consideration on I and C system development process

    International Nuclear Information System (INIS)

    Park, Jaek Wan; Park, Jeyun; Kim, Young Ki

    2012-01-01

    Instrumentation and control (I and C) systems in nuclear power plants collect sensor signals installed in plant fields, monitor plant performance and status, and generate signals to control instruments for plant operation and protection. Recently, digital systems of I and C are required to be protected from cyber threats. It has been reported that several plants have been attacked and malfunctioned by outside intruders. To cope with cyber attacks, various studies have been proposed in IT and plant industries. From 2006, regulatory guides and industry standards for cyber security have been published. Therefore, these guides should be strongly considered in the development process of a digital system. Our framework refers to the system development life cycle described in RG 1.152. The main activities of RG 5.71 are included in the framework appropriately. This approach supports the consistent application of system features for cyber security by incorporating the security requirements required in the operation and maintenance phases into the initial phase of development process. It is expected that the application of the framework to a new plant system design may comply with both RG 1.152 and 5.71

  15. Cyber security consideration on I and C system development process

    Energy Technology Data Exchange (ETDEWEB)

    Park, Jaek Wan; Park, Jeyun; Kim, Young Ki [KAERI, Daejeon (Korea, Republic of)

    2012-10-15

    Instrumentation and control (I and C) systems in nuclear power plants collect sensor signals installed in plant fields, monitor plant performance and status, and generate signals to control instruments for plant operation and protection. Recently, digital systems of I and C are required to be protected from cyber threats. It has been reported that several plants have been attacked and malfunctioned by outside intruders. To cope with cyber attacks, various studies have been proposed in IT and plant industries. From 2006, regulatory guides and industry standards for cyber security have been published. Therefore, these guides should be strongly considered in the development process of a digital system. Our framework refers to the system development life cycle described in RG 1.152. The main activities of RG 5.71 are included in the framework appropriately. This approach supports the consistent application of system features for cyber security by incorporating the security requirements required in the operation and maintenance phases into the initial phase of development process. It is expected that the application of the framework to a new plant system design may comply with both RG 1.152 and 5.71.

  16. Security Evaluation of the Cyber Networks under Advanced Persistent Threats

    NARCIS (Netherlands)

    Yang, L.; Li, Pengdeng; Yang, Xiaofan; Tang, Yuan Yan

    2017-01-01

    Advanced persistent threats (APTs) pose a grave threat to cyberspace, because they deactivate all the conventional cyber defense mechanisms. This paper addresses the issue of evaluating the security of the cyber networks under APTs. For this purpose, a dynamic model capturing the APT-based

  17. Methodology for Applying Cyber Security Risk Evaluation from BN Model to PSA Model

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Youngin (Korea, Republic of); Kang, Hyun Gook [KAIST, Dajeon (Korea, Republic of); Son, Han Seong [Joongbu University, Chubu (Korea, Republic of)

    2014-08-15

    There are several advantages to use digital equipment such as cost, convenience, and availability. It is inevitable to use the digital I and C equipment replaced analog. Nuclear facilities have already started applying the digital system to I and C system. However, the nuclear facilities also have to change I and C system even though it is difficult to use digital equipment due to high level of safety, irradiation embrittlement, and cyber security. A cyber security which is one of important concerns to use digital equipment can affect the whole integrity of nuclear facilities. For instance, cyber-attack occurred to nuclear facilities such as the SQL slammer worm, stuxnet, DUQU, and flame. The regulatory authorities have published many regulatory requirement documents such as U.S. NRC Regulatory Guide 5.71, 1.152, IAEA guide NSS-17, IEEE Standard, and KINS Regulatory Guide. One of the important problem of cyber security research for nuclear facilities is difficulty to obtain the data through the penetration experiments. Therefore, we make cyber security risk evaluation model with Bayesian network (BN) for nuclear reactor protection system (RPS), which is one of the safety-critical systems to trip the reactor when the accident is happened to the facilities. BN can be used for overcoming these problems. We propose a method to apply BN cyber security model to probabilistic safety assessment (PSA) model, which had been used for safety assessment of system, structure and components of facility. The proposed method will be able to provide the insight of safety as well as cyber risk to the facility.

  18. Methodology for Applying Cyber Security Risk Evaluation from BN Model to PSA Model

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyun Young; Kang, Hyun Gook; Son, Han Seong

    2014-01-01

    There are several advantages to use digital equipment such as cost, convenience, and availability. It is inevitable to use the digital I and C equipment replaced analog. Nuclear facilities have already started applying the digital system to I and C system. However, the nuclear facilities also have to change I and C system even though it is difficult to use digital equipment due to high level of safety, irradiation embrittlement, and cyber security. A cyber security which is one of important concerns to use digital equipment can affect the whole integrity of nuclear facilities. For instance, cyber-attack occurred to nuclear facilities such as the SQL slammer worm, stuxnet, DUQU, and flame. The regulatory authorities have published many regulatory requirement documents such as U.S. NRC Regulatory Guide 5.71, 1.152, IAEA guide NSS-17, IEEE Standard, and KINS Regulatory Guide. One of the important problem of cyber security research for nuclear facilities is difficulty to obtain the data through the penetration experiments. Therefore, we make cyber security risk evaluation model with Bayesian network (BN) for nuclear reactor protection system (RPS), which is one of the safety-critical systems to trip the reactor when the accident is happened to the facilities. BN can be used for overcoming these problems. We propose a method to apply BN cyber security model to probabilistic safety assessment (PSA) model, which had been used for safety assessment of system, structure and components of facility. The proposed method will be able to provide the insight of safety as well as cyber risk to the facility

  19. Cyber resilience: a review of critical national infrastructure and cyber security protection measures applied in the UK and USA.

    Science.gov (United States)

    Harrop, Wayne; Matteson, Ashley

    This paper presents cyber resilience as key strand of national security. It establishes the importance of critical national infrastructure protection and the growing vicarious nature of remote, well-planned, and well executed cyber attacks on critical infrastructures. Examples of well-known historical cyber attacks are presented, and the emergence of 'internet of things' as a cyber vulnerability issue yet to be tackled is explored. The paper identifies key steps being undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on critical national infrastructure in the United Kingdom and the USA.

  20. Secure estimation, control and optimization of uncertain cyber-physical systems with applications to power networks

    Science.gov (United States)

    Taha, Ahmad Fayez

    Transportation networks, wearable devices, energy systems, and the book you are reading now are all ubiquitous cyber-physical systems (CPS). These inherently uncertain systems combine physical phenomena with communication, data processing, control and optimization. Many CPSs are controlled and monitored by real-time control systems that use communication networks to transmit and receive data from systems modeled by physical processes. Existing studies have addressed a breadth of challenges related to the design of CPSs. However, there is a lack of studies on uncertain CPSs subject to dynamic unknown inputs and cyber-attacks---an artifact of the insertion of communication networks and the growing complexity of CPSs. The objective of this dissertation is to create secure, computational foundations for uncertain CPSs by establishing a framework to control, estimate and optimize the operation of these systems. With major emphasis on power networks, the dissertation deals with the design of secure computational methods for uncertain CPSs, focusing on three crucial issues---(1) cyber-security and risk-mitigation, (2) network-induced time-delays and perturbations and (3) the encompassed extreme time-scales. The dissertation consists of four parts. In the first part, we investigate dynamic state estimation (DSE) methods and rigorously examine the strengths and weaknesses of the proposed routines under dynamic attack-vectors and unknown inputs. In the second part, and utilizing high-frequency measurements in smart grids and the developed DSE methods in the first part, we present a risk mitigation strategy that minimizes the encountered threat levels, while ensuring the continual observability of the system through available, safe measurements. The developed methods in the first two parts rely on the assumption that the uncertain CPS is not experiencing time-delays, an assumption that might fail under certain conditions. To overcome this challenge, networked unknown input

  1. Guideline of Cyber Security Policy for Digital I and C Systems in Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Zeen; Kim, Jang Seong; Kim, Kwang Jo [Information and Communications University, Daejeon (Korea, Republic of); Kang, Young Doo; Kim, Dai Il; Jeong, Choong Heui [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)

    2007-10-15

    Recently computers and communication systems have been developed very fast and applied to various areas in many applications. This development has raised new vulnerabilities that may endanger the critical systems for nuclear safety and physical protection at the facilities. In order to protect the critical infrastructures from these new cyber attacks, we clearly need deep considerations on the risks and threats through the cyberspace. Based on these needs, many organizations which related to nuclear power plants suggested various cyber security protection methods based on regulation or technical safeguard. Even if security countermeasures against various cyber attacks are important, it is required to establish the best practices of cyber security policy by the vendor and licensee. Based on the policy they can evaluate their activities against various cyber attacks throughout the whole life cycle. In this paper, we discuss how to establish the cyber security policy for digital instrumentation and control (I and C) systems in nuclear power plants.

  2. Guideline of Cyber Security Policy for Digital I and C Systems in Nuclear Power Plant

    International Nuclear Information System (INIS)

    Kim, Zeen; Kim, Jang Seong; Kim, Kwang Jo; Kang, Young Doo; Kim, Dai Il; Jeong, Choong Heui

    2007-01-01

    Recently computers and communication systems have been developed very fast and applied to various areas in many applications. This development has raised new vulnerabilities that may endanger the critical systems for nuclear safety and physical protection at the facilities. In order to protect the critical infrastructures from these new cyber attacks, we clearly need deep considerations on the risks and threats through the cyberspace. Based on these needs, many organizations which related to nuclear power plants suggested various cyber security protection methods based on regulation or technical safeguard. Even if security countermeasures against various cyber attacks are important, it is required to establish the best practices of cyber security policy by the vendor and licensee. Based on the policy they can evaluate their activities against various cyber attacks throughout the whole life cycle. In this paper, we discuss how to establish the cyber security policy for digital instrumentation and control (I and C) systems in nuclear power plants

  3. Measuring Library Vendor Cyber Security: Seven Easy Questions Every Librarian Can Ask

    Directory of Open Access Journals (Sweden)

    Alex Caro

    2016-04-01

    Full Text Available This article is based on an independent cyber security risk management audit for a public library system completed by the authors in early 2015 and based on a research paper by the same group at Clark University in 2014. We stress that while cyber security must include raising public knowledge in regard to cyber security issues and resources, and libraries are indeed the perfect place to disseminate this knowledge, librarians are also in a unique position as the gatekeepers of information services provided to the public and should conduct internal audits to ensure our content partners and IT vendors take cyber security as seriously as the library and its staff. One way to do this is through periodic reviews of existing vendor relationships. To this end, the authors created a simple grading rubric you can adopt or modify to help take this first step towards securing your library data. It is intended to be used by both technical and non-technical staff as a simple measurement of what vendor agreements currently exist and how they rank, while at the same time providing a roadmap for which security features or policy statements the library can or should require moving forward.

  4. The GridSite Web/Grid security system

    International Nuclear Information System (INIS)

    McNab, Andrew; Li Yibiao

    2010-01-01

    We present an overview of the current status of the GridSite toolkit, describing the security model for interactive and programmatic uses introduced in the last year. We discuss our experiences of implementing these internal changes and how they and previous rounds of improvements have been prompted by requirements from users and wider security trends in Grids (such as CSRF). Finally, we explain how these have improved the user experience of GridSite-based websites, and wider implications for portals and similar web/grid sites.

  5. Evaluating cyber security awareness in South Africa

    CSIR Research Space (South Africa)

    Grobler, M

    2011-07-01

    Full Text Available broadband capability and knowledge transfer within rural communities. To evaluate the current level of cyber security awareness, a series of exploratory surveys have been distributed to less technologically resourced entities in rural and deep rural...

  6. Asset Analysis Method for the Cyber Security of Man Machine Interface System

    Energy Technology Data Exchange (ETDEWEB)

    Kang, Sung Kon; Kim, Hun Hee; Shin, Yeong Cheol [Korea Hydro and Nuclear Power, Daejeon (Korea, Republic of)

    2010-10-15

    As digital MMIS (Man Machine Interface System) is applied in Nuclear Power Plant (NPP), cyber security is becoming more and more important. Regulatory guide (KINS/GT-N27) requires that implementation plan for cyber security be prepared in NPP. Regulatory guide recommends the following 4 processes: 1) an asset analysis of MMIS, 2) a vulnerability analysis of MMIS, 3) establishment of countermeasures, and 4) establishment of operational guideline for cyber security. Conventional method for the asset analysis is mainly performed with a table form for each asset. Conventional method requires a lot of efforts due to the duplication of information. This paper presents an asset analysis method using object oriented approach for the NPP

  7. Asset Analysis Method for the Cyber Security of Man Machine Interface System

    International Nuclear Information System (INIS)

    Kang, Sung Kon; Kim, Hun Hee; Shin, Yeong Cheol

    2010-01-01

    As digital MMIS (Man Machine Interface System) is applied in Nuclear Power Plant (NPP), cyber security is becoming more and more important. Regulatory guide (KINS/GT-N27) requires that implementation plan for cyber security be prepared in NPP. Regulatory guide recommends the following 4 processes: 1) an asset analysis of MMIS, 2) a vulnerability analysis of MMIS, 3) establishment of countermeasures, and 4) establishment of operational guideline for cyber security. Conventional method for the asset analysis is mainly performed with a table form for each asset. Conventional method requires a lot of efforts due to the duplication of information. This paper presents an asset analysis method using object oriented approach for the NPP

  8. Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

    Directory of Open Access Journals (Sweden)

    Vladislav D. Veksler

    2018-05-01

    Full Text Available Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior via techniques such as model tracing and dynamic parameter fitting.

  9. Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

    Science.gov (United States)

    Veksler, Vladislav D.; Buchler, Norbou; Hoffman, Blaine E.; Cassenti, Daniel N.; Sample, Char; Sugrim, Shridat

    2018-01-01

    Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision likelihood distributions, (b) human factors of cyber tools to address human system integration challenges, estimation of defender cognitive states, and opportunities for automation, (c) dynamic simulations involving attacker, defender, and user models to enhance studies of cyber epidemiology and cyber hygiene, and (d) training effectiveness research and training scenarios to address human cyber-security performance, maturation of cyber-security skill sets, and effective decision-making. Models may be initially constructed at the group-level based on mean tendencies of each subject's subgroup, based on known statistics such as specific skill proficiencies, demographic characteristics, and cultural factors. For more precise and accurate predictions, cognitive models may be fine-tuned to each individual attacker, defender, or user profile, and updated over time (based on recorded behavior) via techniques such as model tracing and dynamic parameter fitting. PMID:29867661

  10. Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy

    OpenAIRE

    Audrey Guinchard

    2011-01-01

    Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing ant...

  11. 78 FR 38949 - Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response

    Science.gov (United States)

    2013-06-28

    ... exposed to various forms of cyber attack. In some cases, attacks can be thwarted through the use of...-3383-01] Computer Security Incident Coordination (CSIC): Providing Timely Cyber Incident Response... systems will be successfully attacked. When a successful attack occurs, the job of a Computer Security...

  12. Cyber Security Training and Awareness Through Game Play

    National Research Council Canada - National Science Library

    Cone, Benjamin D; Thompson, Michael F; Irvine, Cynthia E; Nguyen, Thuy D

    2006-01-01

    Although many of the concepts included in staff cyber-security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization...

  13. Security and privacy in smart grids

    CERN Document Server

    Xiao, Yang

    2013-01-01

    Presenting the work of prominent researchers working on smart grids and related fields around the world, Security and Privacy in Smart Grids identifies state-of-the-art approaches and novel technologies for smart grid communication and security. It investigates the fundamental aspects and applications of smart grid security and privacy and reports on the latest advances in the range of related areas-making it an ideal reference for students, researchers, and engineers in these fields. The book explains grid security development and deployment and introduces novel approaches for securing today'

  14. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  15. Multi sensor national cyber security data fusion

    CSIR Research Space (South Africa)

    Swart, I

    2015-03-01

    Full Text Available in a real world system. The data examined will then be applied to a case study that will show the results of applying available open source security information against the model to relate to the current South African cyber landscape....

  16. Cyber security in nuclear power plants and its portability to other industrial infrastructures

    International Nuclear Information System (INIS)

    Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl

    2017-01-01

    Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

  17. Security Scheme Based on Parameter Hiding Technic for Mobile Communication in a Secure Cyber World

    Directory of Open Access Journals (Sweden)

    Jong Hyuk Park

    2016-10-01

    Full Text Available Long Term Evolution (LTE and Long Term Evolution-Advanced (LTE-A support a better data transmission service than 3G dose and are globally commercialized technologies in a cyber world that is essential for constructing a future mobile environment, since network traffics have exponentially increased as people have started to use more than just one mobile device. However, when User Equipment (UE is executing initial attach processes to access LTE networks, there is a vulnerability in which identification parameters like International Mobile Subscriber Identity (IMSI and Radio Network Temporary Identities (RNTI are transmitted as plain texts. It can threat various services that are commercialized therewith in a cyber world. Therefore, a security scheme is proposed in this paper where identification parameters can be securely transmitted and hidden in four cases where initial attach occurs between UE and Mobility Management Entity (MME. The proposed security scheme not only supports encrypted transmission of identification parameters but also mutual authentication between Evolved Node B (eNB and MME to make a secure cyber world. Additionally, performance analysis results using an OPNET simulator showed the satisfaction of the average delay rate that is specified in LTE standards.

  18. Wide-area situation awareness in electric power grid

    Science.gov (United States)

    Greitzer, Frank L.

    2010-04-01

    Two primary elements of the US energy policy are demand management and efficiency and renewable sources. Major objectives are clean energy transmission and integration, reliable energy transmission, and grid cyber security. Development of the Smart Grid seeks to achieve these goals by lowering energy costs for consumers, achieving energy independence and reducing greenhouse gas emissions. The Smart Grid is expected to enable real time wide-area situation awareness (SA) for operators. Requirements for wide-area SA have been identified among interoperability standards proposed by the Federal Energy Regulatory Commission and the National Institute of Standards and Technology to ensure smart-grid functionality. Wide-area SA and enhanced decision support and visualization tools are key elements in the transformation to the Smart Grid. This paper discusses human factors research to promote SA in the electric power grid and the Smart Grid. Topics that will be discussed include the role of human factors in meeting US energy policy goals, the impact and challenges for Smart Grid development, and cyber security challenges.

  19. A Cyber Security Risk Assessment of Hospital Infrastructure including TLS/SSL and other Threats

    OpenAIRE

    Millar, Stuart

    2016-01-01

    Cyber threats traditionally target governments, financial institutions and businesses. However, of growing concern is the threat to healthcare organizations. This study conducts a cyber security risk assessment of a theoretical hospital environment, to include TLS/SSL, which is an encryption protocol for network communications, plus other physical, logical and human threats. Despite significant budgets in the UK for the NHS, the spend on cyber security appears worryingly low and many hospital...

  20. SecureCPS: Defending a nanosatellite cyber-physical system

    Science.gov (United States)

    Forbes, Lance; Vu, Huy; Udrea, Bogdan; Hagar, Hamilton; Koutsoukos, Xenofon D.; Yampolskiy, Mark

    2014-06-01

    Recent inexpensive nanosatellite designs employ maneuvering thrusters, much as large satellites have done for decades. However, because a maneuvering nanosatellite can threaten HVAs on-­orbit, it must provide a level of security typically reserved for HVAs. Securing nanosatellites with maneuvering capability is challenging due to extreme cost, size, and power constraints. While still in the design process, our low-­cost SecureCPS architecture promises to dramatically improve security, to include preempting unknown binaries and detecting abnormal behavior. SecureCPS also applies to a broad class of cyber-­physical systems (CPS), such as aircraft, cars, and trains. This paper focuses on Embry-­Riddle's ARAPAIMA nanosatellite architecture, where we assume any off-­the-­shelf component could be compromised by a supply chain attack.1 Based on these assumptions, we have used Vanderbilt's Cyber Physical -­ Attack Description Language (CP-­ADL) to represent realistic attacks, analyze how these attacks propagate in the ARAPAIMA architecture, and how to defeat them using the combination of a low-­cost Root of Trust (RoT) Module, Global InfoTek's Advanced Malware Analysis System (GAMAS), and Anomaly Detection by Machine Learning (ADML).2 Our most recent efforts focus on refining and validating the design of SecureCPS.

  1. Security analysis of cyber-physical system

    Science.gov (United States)

    Li, Bo; Zhang, Lichen

    2017-05-01

    In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

  2. Development of a Quantitative Method for Evaluating the Efficacy of Cyber Security Controls in NPPs based on Intrusion Tolerant Concept

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2017-01-01

    Digital I and C systems have been developed and installed in nuclear power plants (NPPs). However, due to installation of digital I and C systems, cyber security concerns are increasing in the nuclear industry. In order to provide useful information about cyber security issues, many regulatory documents, guides and standards were already published in the nuclear industry. The documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. In order for useful information about cyber security issues, many regulatory documents, guides and standards have been already published in the nuclear industry. However, there are still difficulties when it comes to deciding which security controls are needed and to defining appropriate security control requirements. It is because practical examples for the application of security controls have not been available to system designers and there is a lack of means for estimating the effectiveness of security controls. In this regard, this paper suggested a framework to quantitatively evaluate how much cyber security is improved when specific cyber security controls are applied in NPPs.

  3. Mapping the coverage of security controls in cyber insurance proposal forms

    OpenAIRE

    Woods, D; Agrafiotis, I; Nurse, JRC; Creese, S

    2017-01-01

    Policy discussions often assume that wider adoption of cyber insurance will promote information security best practice. However, this depends on the process that applicants need to go through to apply for cyber insurance. A typical process would require an applicant to fill out a proposal form, which is a self-assessed questionnaire. In this paper, we examine 24 proposal forms, offered by insurers based in the UK and the US, to determine which security controls are present in the ...

  4. Smart grid security innovative solutions for a modernized grid

    CERN Document Server

    Skopik, Florian

    2015-01-01

    The Smart Grid security ecosystem is complex and multi-disciplinary, and relatively under-researched compared to the traditional information and network security disciplines. While the Smart Grid has provided increased efficiencies in monitoring power usage, directing power supplies to serve peak power needs and improving efficiency of power delivery, the Smart Grid has also opened the way for information security breaches and other types of security breaches. Potential threats range from meter manipulation to directed, high-impact attacks on critical infrastructure that could bring down regi

  5. Computer network security and cyber ethics

    CERN Document Server

    Kizza, Joseph Migga

    2014-01-01

    In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

  6. Cyber security with radio frequency interferences mitigation study for satellite systems

    Science.gov (United States)

    Wang, Gang; Wei, Sixiao; Chen, Genshe; Tian, Xin; Shen, Dan; Pham, Khanh; Nguyen, Tien M.; Blasch, Erik

    2016-05-01

    Satellite systems including the Global Navigation Satellite System (GNSS) and the satellite communications (SATCOM) system provide great convenience and utility to human life including emergency response, wide area efficient communications, and effective transportation. Elements of satellite systems incorporate technologies such as navigation with the global positioning system (GPS), satellite digital video broadcasting, and information transmission with a very small aperture terminal (VSAT), etc. The satellite systems importance is growing in prominence with end users' requirement for globally high data rate transmissions; the cost reduction of launching satellites; development of smaller sized satellites including cubesat, nanosat, picosat, and femtosat; and integrating internet services with satellite networks. However, with the promising benefits, challenges remain to fully develop secure and robust satellite systems with pervasive computing and communications. In this paper, we investigate both cyber security and radio frequency (RF) interferences mitigation for satellite systems, and demonstrate that they are not isolated. The action space for both cyber security and RF interferences are firstly summarized for satellite systems, based on which the mitigation schemes for both cyber security and RF interferences are given. A multi-layered satellite systems structure is provided with cross-layer design considering multi-path routing and channel coding, to provide great security and diversity gains for secure and robust satellite systems.

  7. Cyber-Security Challenges with SMEs in Developing Economies: Issues of Confidentiality, Integrity & Availability (CIA)

    DEFF Research Database (Denmark)

    Yeboah-Boateng, Ezer Osei

    The essence of this study is first to highlight the cyber-security challenges confronting SMEs in developing economies, and to model a framework for safeguarding their assets, to ensure continuous optimal business operations, and to participate and compete securely in the ubiquitous cyber......, to develop customer-centric strategies. While connectivity is indispensable for achieving business success, being connected also implies being exposed to a myriad of cyber-security challenges, such as vulnerabilities of confidentiality, integrity and availability (CIA). As vulnerabilities are exploited...... cognitive map (FCM) approach is also used to show the implications of vulnerabilities amongst SMEs asset disposal policies....

  8. Cyber security in nuclear power plants and its portability to other industrial infrastructures

    Energy Technology Data Exchange (ETDEWEB)

    Champigny, Sebastien; Gupta, Deeksha; Watson, Venesa; Waedt, Karl [AREVA GmbH, Erlangen (Germany)

    2017-06-15

    Power generation increasingly relies on decentralised and interconnected computerised systems. Concepts like ''Industrial Internet of Things'' of the Industrial Internet Consortium (IIC), and ''Industry 4.0'' find their way in this strategic industry. Risk of targeted exploits of errors and vulnerabilities increases with complexity, interconnectivity and decentralization. Inherently stringent security requirements and features make nuclear computerised applications and systems a benchmark for industrial counterparts seeking to hedge against those risks. Consequently, this contribution presents usual cyber security regulations and practices for nuclear power plants. It shows how nuclear cyber security can be ported and used in an industrial context to protect critical infrastructures against cyber-attacks and industrial espionage.

  9. Advances in cyber security technology, operations, and experiences

    CERN Document Server

    Hsu, D Frank

    2013-01-01

    Advances in Cyber Security provides, in a technical yet easy to understand fashion, a real life story of the evolving cyberspace ecosystem from the perspectives of structure, function, and application. It also provides ways and means to secure and sustain this ecosystem by the collective wisdom of professionals and practitioners from government, academia, and industry across national and international boundaries.

  10. 78 FR 6807 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

    Science.gov (United States)

    2013-01-31

    ... coordinating and sponsoring an executive-led Critical Infrastructure Protection and Cyber Security mission to... on the cyber security, critical infrastructure protection, and emergency management, ports of entry... security, including border protection, civil defense capabilities, and coast guard and maritime...

  11. Cyber-Security aus ordnungspolitischer Sicht: Verfügungsrechte, Wettbewerb und Nudges

    OpenAIRE

    Dold, Malte; Krieger, Tim

    2017-01-01

    Cyber-Security ist aus ökonomischer Sicht vor allem eine Frage fehlgeleiteter Anreize. Wenn Marktakteure nicht die vollen Kosten ihres informationstechnologischen Handelns tragen, führt dies zu ineffizienten Märkten. Ein Grund für die geringen Investitionen in Cyber-Security dürfte in fehlenden Verfügungsrechten an den eigenen Daten im Internet liegen. Darüber hinaus müsste das Wettbewerbsrecht ausgeweitet werden, um eine Machtkonzentration auf Anbieterseite zu verhindern und ein Mindestmaß a...

  12. Analyzing Resiliency of the Smart Grid Communication Architectures

    Energy Technology Data Exchange (ETDEWEB)

    None, None

    2016-08-01

    Smart grids are susceptible to cyber-attack as a result of new communication, control and computation techniques employed in the grid. In this paper, we characterize and analyze the resiliency of smart grid communication architecture, specifically an RF mesh based architecture, under cyber attacks. We analyze the resiliency of the communication architecture by studying the performance of high-level smart grid functions such as metering, and demand response which depend on communication. Disrupting the operation of these functions impacts the operational resiliency of the smart grid. Our analysis shows that it takes an attacker only a small fraction of meters to compromise the communication resiliency of the smart grid. We discuss the implications of our result to critical smart grid functions and to the overall security of the smart grid.

  13. Towards the cyber security paradigm of ehealth: Resilience and design aspects

    Science.gov (United States)

    Rajamäki, Jyri; Pirinen, Rauno

    2017-06-01

    Digital technologies have significantly changed the role of healthcare clients in seeking and receiving medical help, as well as brought up more cooperative policy issues in healthcare cross-border services. Citizens continue to take a more co-creative role in decisions about their own healthcare, and new technologies can enable and facilitate this emergent trend. In this study, healthcare services have been intended as a critical societal sector and therefore healthcare systems are focused on as critical infrastructures that ought to be protected from all types of fears, including cyber security threats and attacks. Despite continual progress in the systemic risk management of cyber domain, it is clear that anticipation and prevention of all possible types of attack and malfunction are not achievable for current or future cyber infrastructures. This study focuses on the investigation of a cyber security paradigm, adaptive systems and sense of resilience in a healthcare critical information infrastructure.

  14. International Conference on Computational Intelligence, Cyber Security, and Computational Models

    CERN Document Server

    Ramasamy, Vijayalakshmi; Sheen, Shina; Veeramani, C; Bonato, Anthony; Batten, Lynn

    2016-01-01

    This book aims at promoting high-quality research by researchers and practitioners from academia and industry at the International Conference on Computational Intelligence, Cyber Security, and Computational Models ICC3 2015 organized by PSG College of Technology, Coimbatore, India during December 17 – 19, 2015. This book enriches with innovations in broad areas of research like computational modeling, computational intelligence and cyber security. These emerging inter disciplinary research areas have helped to solve multifaceted problems and gained lot of attention in recent years. This encompasses theory and applications, to provide design, analysis and modeling of the aforementioned key areas.

  15. Evaluation Report on The Department's Unclassified Cyber Security Program - 2009

    International Nuclear Information System (INIS)

    Anon

    2009-01-01

    Industry experts report that security challenges and threats are continually evolving as malicious activity has become more web-based and attackers are able to rapidly adapt their attack methods. In addition, the number of data breaches continues to rise. In an effort to mitigate and address threats and protect valuable information, the Department of Energy anticipated spending about $275 million in Fiscal Year (FY) 2009 to implement cyber security measures necessary to protect its information technology resources. These systems and data are designed to support the Department's mission and business lines of energy security, nuclear security, scientific discovery and innovation, and environmental responsibility. The Federal Information Security Management Act of 2002 (FISMA) provides direction to agencies on the management and oversight of information security risks, including design and implementation of controls to protect Federal information and systems. As required by FISMA, the Office of Inspector General conducts an annual independent evaluation to determine whether the Department's unclassified cyber security program adequately protects its information systems and data. This memorandum and the attached report present the results of our evaluation for FY 2009. The Department continued to make incremental improvements in its unclassified cyber security program. Our evaluation disclosed that most sites had taken action to address weaknesses previously identified in our FY 2008 evaluation report. They improved certification and accreditation of systems; strengthened configuration management of networks and systems; performed independent assessments; and, developed and/or refined certain policies and procedures. In addition, the Department instituted a centralized incident response organization designed to eliminate duplicative efforts throughout the Department. As we have noted in previous reports, the Department continued to maintain strong network perimeter

  16. The North West cyber security industry : export potential assessment

    OpenAIRE

    Prince, Daniel David Campbell; Fitton, Oliver James

    2016-01-01

    Cyber Security businesses in the North West of England form an industry which is growing. This study has taken an in depth analysis of the industry to determine its size, make up and readiness to export and is the first of its kind classifying business within the framework identified by the UKTI cyber export strategy. This report presents the findings of the research undertaken independently by Lancaster University commissioned by the UKTI.

  17. Additional Security Considerations for Grid Management

    Science.gov (United States)

    Eidson, Thomas M.

    2003-01-01

    The use of Grid computing environments is growing in popularity. A Grid computing environment is primarily a wide area network that encompasses multiple local area networks, where some of the local area networks are managed by different organizations. A Grid computing environment also includes common interfaces for distributed computing software so that the heterogeneous set of machines that make up the Grid can be used more easily. The other key feature of a Grid is that the distributed computing software includes appropriate security technology. The focus of most Grid software is on the security involved with application execution, file transfers, and other remote computing procedures. However, there are other important security issues related to the management of a Grid and the users who use that Grid. This note discusses these additional security issues and makes several suggestions as how they can be managed.

  18. Advanced Course in Engineering (ACE) - Cyber Security Boot Camp

    National Research Council Canada - National Science Library

    Older, Susan

    2008-01-01

    .... ACE achieved its stated objectives by completely immersing students in the cyber-security discipline for ten weeks, through a combination of intense coursework, open-ended problems, and internship...

  19. Cyber Security Scenarios and Control for Small and Medium Enterprises

    Directory of Open Access Journals (Sweden)

    Nilaykumar Kiran SANGANI

    2012-01-01

    Full Text Available As the world advances towards the computing era, security threats keeps on increasing in the form of malware, viruses, internet attack, theft of IS assets / technology and a lot more. This is a major concern for any form of business. Loss in company’s status / liability / reputation is a huge downfall for a running business. We have witnessed the attacks getting carried out; large firm’s data getting breached / government bodies’ sites getting phished / attacked. These huge entities have technology expertise to safeguard their company’s interest against such attacks through investing huge amounts of capital in manpower and secure tools. But what about SMEs? SMEs enrich a huge part of the country’s economy. Big organizations have their own security measures policy which ideally is not applied when it comes to a SME. The aim of this paper is to come out with an Information Security Assurance Cyber Control for SMEs (ISACC against common cyber security threats implemented at a cost effective measure.

  20. Quantitative Vulnerability Assessment of Cyber Security for Distribution Automation Systems

    Directory of Open Access Journals (Sweden)

    Xiaming Ye

    2015-06-01

    Full Text Available The distribution automation system (DAS is vulnerable to cyber-attacks due to the widespread use of terminal devices and standard communication protocols. On account of the cost of defense, it is impossible to ensure the security of every device in the DAS. Given this background, a novel quantitative vulnerability assessment model of cyber security for DAS is developed in this paper. In the assessment model, the potential physical consequences of cyber-attacks are analyzed from two levels: terminal device level and control center server level. Then, the attack process is modeled based on game theory and the relationships among different vulnerabilities are analyzed by introducing a vulnerability adjacency matrix. Finally, the application process of the proposed methodology is illustrated through a case study based on bus 2 of the Roy Billinton Test System (RBTS. The results demonstrate the reasonability and effectiveness of the proposed methodology.

  1. Cyber-security of nuclear facilities: stakes and challenges

    International Nuclear Information System (INIS)

    Marquez, T.

    2016-01-01

    Major players in the French nuclear industry have implemented the concept of cyber-resilience that aims at anticipating and identifying real threats and detecting the weaknesses of the critical installations in order to protect them more efficiently. French law imposes for some categories of installations including nuclear power plants the implementation of advanced protection solutions to reach a high standard of cyber security. Sentryo, a start-up has developed a system that allows the detection of intruders in a digital network by analysing the interactions between the nodes of the network. The intruder is detected when the interaction mapping appears to be different from a configuration considered as normal. The feedback experience shows that any function in an enterprise must be made aware of the cyber risk. (A.C.)

  2. A Comparison of Cross-Sector Cyber Security Standards

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2005-09-01

    This report presents a review and comparison (commonality and differences) of three cross-sector cyber security standards and an internationally recognized information technology standard. The comparison identifies the security areas covered by each standard and reveals where the standards differ in emphasis. By identifying differences in the standards, the user can evaluate which standard best meets their needs. For this report, only cross-sector standards were reviewed.

  3. Cyber crisis management: a decision-support framework for disclosing security incident information

    NARCIS (Netherlands)

    Kulikova, Olga; Heil, Ronald; van den Berg, Jan; Pieters, Wolter

    2012-01-01

    The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal

  4. A Video Game for Cyber Security Training and Awareness

    National Research Council Canada - National Science Library

    Cone, Benjamin D; Irvine, Cynthia E; Thompson, Michael F; Nguyen, Thuy D

    2006-01-01

    Although many of the concepts included in cyber security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization...

  5. Security Pricing as an Enabler of Cyber-Insurance: A First Look at Differentiated Pricing Markets

    OpenAIRE

    Pal, Ranjan; Golubchik, Leana; Psounis, Konstantinos; Hui, Pan

    2016-01-01

    Despite the promising potential of network risk management services (e.g., cyber-insurance) to improve information security, their deployment is relatively scarce, primarily due to such service companies being unable to guarantee profitability. As a novel approach to making cyber-insurance services more viable, we explore a symbiotic relationship between security vendors (e.g., Symantec) capable of price differentiating their clients, and cyber-insurance agencies having possession of informat...

  6. Enhancing Cyber Security for SME organizations through self-assessments : How self-assessment raises awareness

    OpenAIRE

    Hassinen, Tarmo

    2017-01-01

    This thesis primarily studied the importance of self-assessment in increasing business organizations’ cyber security awareness of their ICT environment. The secondary studied item was the relevance of self-assessment in detecting new business potential while understanding ICT environment changes. The self-assessment is based on FINCS, the Finnish basic level cyber security certificate launched in December 2016. FINCSC consists of physical and management security, ICT service and system securi...

  7. A Method to Analyze Threats and Vulnerabilities by Using a Cyber Security Test-bed of an Operating NPP

    International Nuclear Information System (INIS)

    Kim, Yong Sik; Son, Choul Woong; Lee, Soo Ill

    2016-01-01

    In order to implement cyber security controls for an Operating NPP, a security assessment should conduct in advance, and it is essential to analyze threats and vulnerabilities for a cyber security risk assessment phase. It might be impossible to perform a penetration test or scanning for a vulnerability analysis because the test may cause adverse effects on the inherent functions of ones. This is the reason why we develop and construct a cyber security test-bed instead of using real I and C systems in the operating NPP. In this paper, we propose a method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. The test-bed is being developed considering essential functions of the selected safety and non-safety system. This paper shows the method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. In order to develop the cyber security test-bed with both safety and non-safety functions, test-bed functions analysis and preliminary threats and vulnerabilities identification have been conducted. We will determine the attack scenarios and conduct the test-bed based vulnerability analysis

  8. A Method to Analyze Threats and Vulnerabilities by Using a Cyber Security Test-bed of an Operating NPP

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Yong Sik; Son, Choul Woong; Lee, Soo Ill [KHNP CRI, Daejeon (Korea, Republic of)

    2016-10-15

    In order to implement cyber security controls for an Operating NPP, a security assessment should conduct in advance, and it is essential to analyze threats and vulnerabilities for a cyber security risk assessment phase. It might be impossible to perform a penetration test or scanning for a vulnerability analysis because the test may cause adverse effects on the inherent functions of ones. This is the reason why we develop and construct a cyber security test-bed instead of using real I and C systems in the operating NPP. In this paper, we propose a method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. The test-bed is being developed considering essential functions of the selected safety and non-safety system. This paper shows the method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. In order to develop the cyber security test-bed with both safety and non-safety functions, test-bed functions analysis and preliminary threats and vulnerabilities identification have been conducted. We will determine the attack scenarios and conduct the test-bed based vulnerability analysis.

  9. Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system

    OpenAIRE

    Kokkonen, Tero

    2016-01-01

    Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation conc...

  10. Cyber Security Threats to Safety-Critical, Space-Based Infrastructures

    Science.gov (United States)

    Johnson, C. W.; Atencia Yepez, A.

    2012-01-01

    Space-based systems play an important role within national critical infrastructures. They are being integrated into advanced air-traffic management applications, rail signalling systems, energy distribution software etc. Unfortunately, the end users of communications, location sensing and timing applications often fail to understand that these infrastructures are vulnerable to a wide range of security threats. The following pages focus on concerns associated with potential cyber-attacks. These are important because future attacks may invalidate many of the safety assumptions that support the provision of critical space-based services. These safety assumptions are based on standard forms of hazard analysis that ignore cyber-security considerations This is a significant limitation when, for instance, security attacks can simultaneously exploit multiple vulnerabilities in a manner that would never occur without a deliberate enemy seeking to damage space based systems and ground infrastructures. We address this concern through the development of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios that justify the allocation of additional design resources so that safety barriers can be strengthened to increase our resilience against security threats.

  11. Cyber Security Vulnerability Impact on I and C Reliability

    International Nuclear Information System (INIS)

    Hadley, Mark D.; McBride, Justin B.

    2006-01-01

    We present a discussion of the cyber security vulnerability impact on instrument and control reliability. In the discussion we demonstrate the likely vector of attack and vulnerabilities associated with commodity hardware, protocols and communication media. The current fleet of nuclear power plants in the United States utilizes aging analog instrument and control systems which are more frequently suffering from obsolescence and failure. The commodity equipment available now and in the near future incorporates features from information technology systems which compound cyber vulnerabilities

  12. A novel proposed network security management approach for cyber attacks

    International Nuclear Information System (INIS)

    Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

    2007-01-01

    Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

  13. NREL's Cybersecurity Initiative Aims to Wall Off the Smart Grid from

    Science.gov (United States)

    NREL Launches into Cyber The two-way communications technologies being added to the power grid work the Cyber Physical Systems Security and Resilience Center, under NREL's Energy Systems Integration network from unauthorized users, so that hackers can't even detect the computer server. You can't attack

  14. 78 FR 39712 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

    Science.gov (United States)

    2013-07-02

    ... DEPARTMENT OF COMMERCE International Trade Administration Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait Clarification and Amendment AGENCY... cyber-security firms and trade organizations which have not already submitted an application are...

  15. Computer Security: Security operations at CERN (4/4)

    CERN Document Server

    CERN. Geneva

    2012-01-01

    Stefan Lueders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and infrastructure control systems against cyber-threats. Subsequently, he joined the CERN Computer Security Incident Response Team and is today heading this team as CERN's Computer Security Officer with the mandate to coordinate all aspects of CERN's computer security --- office computing security, computer centre security, GRID computing security and control system security --- whilst taking into account CERN's operational needs. Dr. Lueders has presented on these topics at many different occasions to international bodies, governments, and companies, and published several articles. With the prevalence of modern information technologies and...

  16. Anticipatory Cyber Security Research: An Ultimate Technique for the First-Move Advantage

    Directory of Open Access Journals (Sweden)

    Bharat S.Rawal

    2016-02-01

    Full Text Available Across all industry segments, 96 percent of systems could be breached on average. In the game of cyber security, every moment a new player (attacker is entering the game with new skill sets. An attacker only needs to be effective once while defenders of cyberspace have to be successful all of the time. There will be a first-mover advantage in such a chasing game, which means that the first move often wins. In this paper, in order to face the security challenges brought in by attacker’s first move advantage, we analyzed the past ten years of cyber-attacks, studied the immediate attack’s pattern and offer the tools to predict the next move of the cyber attacker.

  17. Adversarial Reinforcement Learning in a Cyber Security Simulation}

    NARCIS (Netherlands)

    Elderman, Richard; Pater, Leon; Thie, Albert; Drugan, Madalina; Wiering, Marco

    2017-01-01

    This paper focuses on cyber-security simulations in networks modeled as a Markov game with incomplete information and stochastic elements. The resulting game is an adversarial sequential decision making problem played with two agents, the attacker and defender. The two agents pit one reinforcement

  18. Policing cyber hate, cyber threat and cyber terrorism

    OpenAIRE

    Chambers-Jones, C.

    2013-01-01

    In late August 2012 the Government Forum of Incident Response and Cyber security Teams (GFIRST) gathered in Atlanta to discuss cyber threats and how new realities are emerging and how new forms of regulation are needed. At the same time Policing cyber hate, cyber threat and cyber terrorism was published. This comprehensive book brings together a divergent problem and tackles each with a candid exploration. The book has ten chapters and covers aspects such as extortion via the internet, the ps...

  19. A Survey on Cyber Security awareness among college students in Tamil Nadu

    Science.gov (United States)

    Senthilkumar, K.; Easwaramoorthy, Sathishkumar

    2017-11-01

    The aim of the study is to analyse the awareness of cyber security on college students in Tamil Nadu by focusing various security threats in the internet. In recent years cybercrime is an enormous challenge in all areas including national security, public safety and personal privacy. To prevent from a victim of cybercrime everyone must know about their own security and safety measures to protect by themselves. A well-structured questionnaire survey method will be applied to analyse the college student’s awareness in the area of cyber security. This survey will be going to conducted in major cities of Tamil Nadu by focusing various security threats like email, virus, phishing, fake advertisement, popup windows and other attacks in the internet. This survey examines the college students’ awareness and the level of awareness about the security issues and some suggestions are set forth to overcome these issues.

  20. Inside the Wire: American Security and Cyber Warfare

    Science.gov (United States)

    2017-03-01

    Roberts, Kerry V. " SUN TZU and The Art of Cyber Warfare." Journal of Counterterrorism & Homeland Security International 19, no. 1(Spring 2013): 12-4...12. REPORT TYPE 3. DATES COVERED (From - To) 01-03-2017 Bibliography 4. TITLE AND SUBTITLE Sa. CONTRACT NUMBER Inside the Wire: American Security...MCDERMOTT LIBRARY U.S. AIR FORCE ACADEMY 11. SPONSOR/MONITOR’S REPORT USAF ACADEMY CO 80840-6214 NUMBER(S) Special Bibliography Series # 119 12

  1. Simulations in Cyber-Security: A Review of Cognitive Modeling of Network Attackers, Defenders, and Users

    OpenAIRE

    Vladislav D. Veksler; Norbou Buchler; Blaine E. Hoffman; Daniel N. Cassenti; Char Sample; Shridat Sugrim

    2018-01-01

    Computational models of cognitive processes may be employed in cyber-security tools, experiments, and simulations to address human agency and effective decision-making in keeping computational networks secure. Cognitive modeling can addresses multi-disciplinary cyber-security challenges requiring cross-cutting approaches over the human and computational sciences such as the following: (a) adversarial reasoning and behavioral game theory to predict attacker subjective utilities and decision li...

  2. Model Based Cyber Security Analysis for Research Reactor Protection System

    Energy Technology Data Exchange (ETDEWEB)

    Sho, Jinsoo; Rahman, Khalil Ur; Heo, Gyunyoung [Kyung Hee Univ., Yongin (Korea, Republic of); Son, Hanseong [Joongbu Univ., Geumsan (Korea, Republic of)

    2013-07-01

    The study on the qualitative risk due to cyber-attacks into research reactors was performed using bayesian Network (BN). This was motivated to solve the issues of cyber security raised due to digitalization of instrumentation and control (I and C) system. As a demonstrative example, we chose the reactor protection system (RPS) of research reactors. Two scenarios of cyber-attacks on RPS were analyzed to develop mitigation measures against vulnerabilities. The one is the 'insertion of reactor trip' and the other is the 'scram halt'. The six mitigation measures are developed for five vulnerability for these scenarios by getting the risk information from BN.

  3. Model Based Cyber Security Analysis for Research Reactor Protection System

    International Nuclear Information System (INIS)

    Sho, Jinsoo; Rahman, Khalil Ur; Heo, Gyunyoung; Son, Hanseong

    2013-01-01

    The study on the qualitative risk due to cyber-attacks into research reactors was performed using bayesian Network (BN). This was motivated to solve the issues of cyber security raised due to digitalization of instrumentation and control (I and C) system. As a demonstrative example, we chose the reactor protection system (RPS) of research reactors. Two scenarios of cyber-attacks on RPS were analyzed to develop mitigation measures against vulnerabilities. The one is the 'insertion of reactor trip' and the other is the 'scram halt'. The six mitigation measures are developed for five vulnerability for these scenarios by getting the risk information from BN

  4. Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber Activities

    Directory of Open Access Journals (Sweden)

    Jawad Hussain Awan

    2018-04-01

    Full Text Available Nowadays, every internet user is part of cyber world. In this way, millions of users, knowledge seekers, and service provider organizations are connected to each other, a vast number of common people shifted their everyday activities to cyber world as they can save their time, traffic problem and gets effective and costless services by using various services such as, online banking, social networking sites, government services and cloud services. The use of Cyber services, eBusiness, eCommerce and eGovernance increases the usage of online/cyber services also increased the issue of cyber security. Recently, various cases have been reported in the literature and media about the cyber-attacks and crimes which seriously disrupted governments, businesses and personal lives. From the literature. It is noticed that every cyber user is unaware about privacy and security practices and measures. Therefore, cyber user has provided knowledge and fully aware them from the online services and also about cyber privacy and security. This paper presents a review on the recent cybercrimes, threats and attacks reported in the literature and media. In addition, the impact of these cyber breaches and cyber law to deal with cyber security has been discussed. At last, a defensive model is also proposed to mitigate cyber-criminal activities.

  5. A decision support system for corporations cyber security risk management

    OpenAIRE

    Molina, Gabriela del Rocio Roldan

    2017-01-01

    This thesis presents a decision aiding system named C3-SEC (Contex-aware Corporative Cyber Security), developed in the context of a master program at Polytechnic Institute of Leiria, Portugal. The research dimension and the corresponding software development process that followed are presented and validated with an application scenario and case study performed at Universidad de las Fuerzas Armadas ESPE – Ecuador. C3-SEC is a decision aiding software intended to support cyber ri...

  6. Reconciling Malicious and Accidental Risk in Cyber Security

    NARCIS (Netherlands)

    Pieters, Wolter; Lukszo, Zofia; Hadziosmanovic, D.; van den Berg, Jan

    Consider the question whether a cyber security investment is cost-effective. The result will depend on the expected frequency of attacks. Contrary to what is referred to as threat event frequencies or hazard rates in safety risk management, frequencies of targeted attacks are not independent from

  7. A cyber security risk assessment for the design of I and C system in nuclear power plants

    International Nuclear Information System (INIS)

    Song, Jae Gu; Lee, Jung Woon; Lee, Cheal Kwon; Kwon, Kee Choon; Lee, Dong Young

    2012-01-01

    The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the life cycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

  8. A cyber security risk assessment for the design of I and C system in nuclear power plants

    Energy Technology Data Exchange (ETDEWEB)

    Song, Jae Gu; Lee, Jung Woon; Lee, Cheal Kwon; Kwon, Kee Choon; Lee, Dong Young [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2012-12-15

    The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the life cycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

  9. Cyber security information exchange to gain insight into the effects of cyber threats and incidents

    NARCIS (Netherlands)

    Fransen, F.; Smulders, A.C.M.; Kerkdijk, H.

    2015-01-01

    The last couple of years we have seen an increase in interests and initiatives in establishing threat intelligence sharing communities, and on the development of standards and platforms for automated cyber security information sharing. These initiatives are focused on helping organisations to

  10. Physical Watermarking for Securing Cyber-Physical Systems via Packet Drop Injections

    Energy Technology Data Exchange (ETDEWEB)

    Ozel, Omur [Carnegie Mellon Univ., Pittsburgh, PA (United States); Weekrakkody, Sean [Carnegie Mellon Univ., Pittsburgh, PA (United States); Sinopoli, Bruno [Carnegie Mellon Univ., Pittsburgh, PA (United States)

    2017-10-23

    Physical watermarking is a well known solution for detecting integrity attacks on Cyber-Physical Systems (CPSs) such as the smart grid. Here, a random control input is injected into the system in order to authenticate physical dynamics and sensors which may have been corrupted by adversaries. Packet drops may naturally occur in a CPS due to network imperfections. To our knowledge, previous work has not considered the role of packet drops in detecting integrity attacks. In this paper, we investigate the merit of injecting Bernoulli packet drops into the control inputs sent to actuators as a new physical watermarking scheme. With the classical linear quadratic objective function and an independent and identically distributed packet drop injection sequence, we study the effect of packet drops on meeting security and control objectives. Our results indicate that the packet drops could act as a potential physical watermark for attack detection in CPSs.

  11. Canvassing the Cyber Security Landscape: Why Energy Companies Need to Pay Attention

    NARCIS (Netherlands)

    Averill, B.; Luiijf, H.A.M.

    2010-01-01

    Recent news of a “highly sophisticated and targeted” cyber attack on Google, Yahoo, and perhaps on as many as a dozen other companies has once again brought the issue of cyber security to the top of the news. Internet companies, however, are not the only ones vulnerable to such attacks. Over the

  12. Lecture 13: Control System Cyber Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

  13. A study of cyber security in hospitality industry- threats and countermeasures: case study in Reno, Nevada

    OpenAIRE

    Shabani, Neda

    2017-01-01

    The purpose of this study is to analyze cyber security and security practices of electronic information and network system, network threats, and techniques to prevent the cyber attacks in hotels. Helping the information technology directors and chief information officers (CIO) is the aim of this study to advance policy for security of electronic information in hotels and suggesting some techniques and tools to secure the computer networks. This research is completely qualitative while the cas...

  14. Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

    International Nuclear Information System (INIS)

    Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y.

    2011-01-01

    With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

  15. Development Methodology of a Cyber Security Risk Analysis and Assessment Tool for Digital I and C Systems in Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Cha, K. H.; Lee, C. K.; Song, J. G.; Lee, Y. J.; Kim, J. Y.; Lee, J. W.; Lee, D. Y. [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2011-05-15

    With the use of digital computers and communication networks the hot issues on cyber security were raised about 10 years ago. The scope of cyber security application has now been extended from the safety Instrumentation and Control (I and C) system to safety important systems, plant security system, and emergency preparedness system. Therefore, cyber security should be assessed and managed systematically throughout the development life cycle of I and C systems in order for their digital assets to be protected from cyber attacks. Fig. 1 shows the concept of a cyber security risk management of digital I and C systems in nuclear power plants (NPPs). A lot of cyber security risk assessment methods, techniques, and supported tools have been developed for Information Technology (IT) systems, but they have not been utilized widely for cyber security risk assessments of the digital I and C systems in NPPs. The main reason is a difference in goals between IT systems and nuclear I and C systems. Confidentiality is important in IT systems, but availability and integrity are important in nuclear I and C systems. Last year, it was started to develop a software tool to be specialized for the development process of nuclear I and C systems. This paper presents a development methodology of the Cyber Security Risk analysis and Assessment Tool (CSRAT) for the digital I and C systems in NPP

  16. Crowdsourcing cyber security: a property rights view of exclusion and theft on the information commons

    Directory of Open Access Journals (Sweden)

    Gary Shiffman

    2013-02-01

    Full Text Available Individuals increasingly rely upon the internet for basic economic interaction. Current cyber security mechanisms are unable to stop adversaries and hackers from gaining access to sensitive information stored on government, business, and public computers. Experts propose implementing attribution and audit frameworks in cyberspace to deter, prevent, and prosecute cyber criminals and attackers. However, this method faces significant policy and resource constraints. Social science research, specifically in law and economics, concerning common-pool resources suggests an organic approach to cyber security may yield an appropriate solution. This cyber commons method involves treating the internet as a commons and encouraging individuals and institutions to voluntarily implement innovative and adaptive monitoring mechanisms. Such mechanisms are already in use and in many cases have proven more effective than attribution mechanisms in resisting and tracing the source of cyber attacks.

  17. An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System

    Directory of Open Access Journals (Sweden)

    Halima Ibrahim Kure

    2018-05-01

    Full Text Available A cyber-physical system (CPS is a combination of physical system components with cyber capabilities that have a very tight interconnectivity. CPS is a widely used technology in many applications, including electric power systems, communications, and transportation, and healthcare systems. These are critical national infrastructures. Cybersecurity attack is one of the major threats for a CPS because of many reasons, including complexity and interdependencies among various system components, integration of communication, computing, and control technology. Cybersecurity attacks may lead to various risks affecting the critical infrastructure business continuity, including degradation of production and performance, unavailability of critical services, and violation of the regulation. Managing cybersecurity risks is very important to protect CPS. However, risk management is challenging due to the inherent complex and evolving nature of the CPS system and recent attack trends. This paper presents an integrated cybersecurity risk management framework to assess and manage the risks in a proactive manner. Our work follows the existing risk management practice and standard and considers risks from the stakeholder model, cyber, and physical system components along with their dependencies. The approach enables identification of critical CPS assets and assesses the impact of vulnerabilities that affect the assets. It also presents a cybersecurity attack scenario that incorporates a cascading effect of threats and vulnerabilities to the assets. The attack model helps to determine the appropriate risk levels and their corresponding mitigation process. We present a power grid system to illustrate the applicability of our work. The result suggests that risk in a CPS of a critical infrastructure depends mainly on cyber-physical attack scenarios and the context of the organization. The involved risks in the studied context are both from the technical and

  18. The cyber security of French nuclear installations: stakes and opportunities

    International Nuclear Information System (INIS)

    Marquez, Thierry

    2016-01-01

    Notably due to the development of the number of connected objects, nuclear installations, their supply chain and all the actors of the chain value are exposed to cyber risks, even if a recent study noticed that successful cyber attacks involving nuclear plants are rare, but real. Thus, the threat is actual and growing, and the IAEA is already working with Interpol on this issue. The author then describes how French actors (EDF, Areva, CEA) have introduced cyber-resilience to better anticipate and identify actual threats and critical vulnerabilities in order to protect infrastructures. He comments some strengthened regulatory measures introduced for the French nuclear sector, and continuous improvements brought in the field of cyber security. He shows that handling these risks is also an opportunity to develop crisis management tools through the development of a specific know-how which also has an industrial value

  19. Cyber security risk assessment for SCADA and DCS networks.

    Science.gov (United States)

    Ralston, P A S; Graham, J H; Hieb, J L

    2007-10-01

    The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

  20. A Survey on Next-generation Power Grid Data Architecture

    Energy Technology Data Exchange (ETDEWEB)

    You, Shutang [University of Tennessee, Knoxville (UTK); Zhu, Dr. Lin [University of Tennessee (UT); Liu, Yong [ORNL; Liu, Yilu [ORNL; Shankar, Mallikarjun (Arjun) [ORNL; Robertson, Russell [Grid Protection Alliance; King Jr, Thomas J [ORNL

    2015-01-01

    The operation and control of power grids will increasingly rely on data. A high-speed, reliable, flexible and secure data architecture is the prerequisite of the next-generation power grid. This paper summarizes the challenges in collecting and utilizing power grid data, and then provides reference data architecture for future power grids. Based on the data architecture deployment, related research on data architecture is reviewed and summarized in several categories including data measurement/actuation, data transmission, data service layer, data utilization, as well as two cross-cutting issues, interoperability and cyber security. Research gaps and future work are also presented.

  1. Measuring the Effectiveness of Visual Analytics and Data Fusion Techniques on Situation Awareness in Cyber-Security

    Science.gov (United States)

    Giacobe, Nicklaus A.

    2013-01-01

    Cyber-security involves the monitoring a complex network of inter-related computers to prevent, identify and remediate from undesired actions. This work is performed in organizations by human analysts. These analysts monitor cyber-security sensors to develop and maintain situation awareness (SA) of both normal and abnormal activities that occur on…

  2. Cyber security for remote monitoring and control of small reactors

    Energy Technology Data Exchange (ETDEWEB)

    Trask, D., E-mail: dave.trask@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada); Jung, C. [Canadian Nuclear Safety Commission, Ottawa, ON (Canada); MacDonald, M., E-mail: marienna.macdonald@cnl.ca [Atomic Energy of Canada Limited, Chalk River, ON (Canada)

    2014-07-01

    There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

  3. Cyber security for remote monitoring and control of small reactors

    International Nuclear Information System (INIS)

    Trask, D.; Jung, C.; MacDonald, M.

    2014-01-01

    There is growing international interest and activity in the development of small nuclear reactor technology with a number of vendors interested in building small reactors in Canada to serve remote locations. A common theme of small reactor designs proposed for remote Canadian locations is the concept of a centrally located main control centre operating several remotely located reactors via satellite communications. This theme was echoed at a recent IAEA conference where a recommendation was made to study I&C for remotely controlled small modular reactors, including satellite links and cyber security. This paper summarizes the results of an AECL-CNSC research project to analyze satellite communication technologies used for remote monitoring and control functions in order to provide cyber security regulatory considerations. The scope of this research included a basic survey of existing satellite communications technology and its use in industrial control applications, a brief history of satellite vulnerabilities and a broad review of over 50 standards, guidelines, and regulations from recognized institutions covering safety, cyber security, and industrial communication networks including wireless communications in general. This paper concludes that satellite communications should not be arbitrarily excluded by standards or regulation from use for the remote control and monitoring of small nuclear reactors. Instead, reliance should be placed on processes that are independent of any particular technology, such as reducing risks by applying control measures and demonstrating required reliability through good design practices and testing. Ultimately, it is compliance to well-developed standards that yields the evidence to conclude whether a particular application that uses satellite communications is safe and secure. (author)

  4. Cyber security in the workplace: Understanding and \\ud promoting behaviour change

    OpenAIRE

    Blythe, John

    2013-01-01

    Cyber security and the role employees play in securing information are major concerns for businesses. The aim of this research is to explore employee security behaviours and design interventions that can motivate behaviour change. Previous research has focused on exploring factors that influence information security policy compliance; however there are several limitations with this approach. Our work-to-date has explored the behaviours that constitute ‘information security’ and potential infl...

  5. Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks

    Science.gov (United States)

    Prichard, Janet J.; MacDonald, Laurie E.

    2004-01-01

    On September 11th, 2001 the United States experienced the largest terrorist attack in its history. This event caused many government agencies to review their security practices and procedures. It also has raised awareness of other avenues that terrorists might pursue to achieve their goals, including cyber terrorism. Cyber terrorism can be…

  6. The process matters: cyber security in industrial control systems

    NARCIS (Netherlands)

    Hadziosmanovic, D.

    2014-01-01

    An industrial control system (ICS) is a computer system that controls industrial processes such as power plants, water and gas distribution, food production, etc. Since cyber-attacks on an ICS may have devastating consequences on human lives and safety in general, the security of ICS is important.

  7. Cyber security assessment of a power plant

    Energy Technology Data Exchange (ETDEWEB)

    Nai Fovino, Igor; Masera, Marcelo; Stefanini, Alberto [Joint Research Centre, Institute for the Protection and Security of the Citizen, Ispra (Italy); Guidi, Luca [Enel Ingegneria e Innovazione, Pisa (Italy)

    2011-02-15

    Critical infrastructures and systems are today exposed not only to traditional safety and availability problems, but also to new kinds of security threats. These are mainly due to the large number of new vulnerabilities and architectural weaknesses introduced by the extensive use of information and communication technologies (ICT) into such complex systems. In this paper we present the outcomes of an exhaustive ICT security assessment, targeting an operational power plant, which consisted also of the simulation of potential cyber attacks. The assessment shows that the plant is considerably vulnerable to malicious attacks. This situation cannot be ignored, because the potential outcomes of an induced plant malfunction can be severe. (author)

  8. Cyber crisis management: a decision-support framework for disclosing security incident information

    OpenAIRE

    Kulikova, Olga; Heil, Ronald; van den Berg, Jan; Pieters, Wolter

    2012-01-01

    The growing sophistication and frequency of cyber attacks force modern companies to be prepared beforehand for potential cyber security incidents and data leaks. A proper incident disclosure strategy can significantly improve timeliness and effectiveness of incident response activities, reduce legal fines, and restore confidence and trust of a company's key stakeholders. In this paper, four factors that shape organizational preferences regarding incident information disclosure are introduced....

  9. The impact of security and intelligence policy in the era of cyber crimes

    Directory of Open Access Journals (Sweden)

    MSc. Bahri Gashi

    2016-07-01

    Full Text Available Creation of National Cyber Defense Strategy, is the only security and the best protection against cyber-crimes. This is the starting point, from where adequate policies and necessary legal measures begin, aiming the creation of a solid ground and responsible users by implementing comprehensive measures and legal restrictions. The methodology used to achieve the recognition of users with applicable legislation and regulations on the use of the Internet, as well as legal obligations; implementation of procedures to use communication systems; signing and approval by users of their responsibilities; knowledge and information on the risks and threats stemming from the use of communication networks; certification of trained and specialized staff; classification and processing of information in a particular system; identifying unauthorized users who use classified information networks in  public systems and private sector; creating barriers in distance entry networks and information systems, etc. Various Security and Intelligence institutions covering and operating in these areas are responsible for the creation and promotion of National Cyber Defense Strategy, analyzing the risk to implement protective measures for preventing attacks on Cybercrime (Cyber Crimes.

  10. Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies.

    Science.gov (United States)

    Paté-Cornell, M-Elisabeth; Kuypers, Marshall; Smith, Matthew; Keller, Philip

    2018-02-01

    Managing cyber security in an organization involves allocating the protection budget across a spectrum of possible options. This requires assessing the benefits and the costs of these options. The risk analyses presented here are statistical when relevant data are available, and system-based for high-consequence events that have not happened yet. This article presents, first, a general probabilistic risk analysis framework for cyber security in an organization to be specified. It then describes three examples of forward-looking analyses motivated by recent cyber attacks. The first one is the statistical analysis of an actual database, extended at the upper end of the loss distribution by a Bayesian analysis of possible, high-consequence attack scenarios that may happen in the future. The second is a systems analysis of cyber risks for a smart, connected electric grid, showing that there is an optimal level of connectivity. The third is an analysis of sequential decisions to upgrade the software of an existing cyber security system or to adopt a new one to stay ahead of adversaries trying to find their way in. The results are distributions of losses to cyber attacks, with and without some considered countermeasures in support of risk management decisions based both on past data and anticipated incidents. © 2017 Society for Risk Analysis.

  11. A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2013-10-15

    In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds.

  12. A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

    International Nuclear Information System (INIS)

    Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon

    2013-01-01

    In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds

  13. Cyber Security: Rule of Use Internet Safely?

    OpenAIRE

    -, Maskun

    2013-01-01

    International Journal Cyber security plays on important role to guarantee and protect people who use internet in their daily life. Some cases take place around the world that people get inconvenience condition when they access and use internet. Misuse of internet becomes a current issue which some cases take place including a university. Advantages of using internet in the university of course assist the student to get some information in internet. However, they have to be protected in ord...

  14. Lemnos Interoperable Security Program

    Energy Technology Data Exchange (ETDEWEB)

    Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

  15. Cyber Security Penetration Test for Digital Safety I and C Systems

    International Nuclear Information System (INIS)

    Lee, C. K.; Kim, D. H.; Kwon, K. C.; Joo, H. K.; Song, J. S.

    2010-01-01

    In the Korea Nuclear I and C Systems Development project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and few types of communication network. However the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC in 2006 and it recommended the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore to incorporate the new licensing requirement, a cyber security risk assessment is performed for the platforms. Then the vulnerabilities identified by the risk assessment are validated by penetration test. This paper summarizes test scenario, test results and their incorporation into system design

  16. Comparative Analysis of Curricula for Bachelor's Degree in Cyber Security in the USA and Ukraine

    Science.gov (United States)

    Bystrova, Bogdana

    2017-01-01

    At the present stage of science and technology development the need to strengthen cyber security in every developed country and transform it into one of the most important sectors of society is growing. The peculiarities of the professional training of cyber security bachelors in the U.S. higher education system have been defined. The relevance of…

  17. A study of authorization architectures for grid security

    International Nuclear Information System (INIS)

    Pang Yanguang; Sun Gongxing; Pei Erming; Ma Nan

    2006-01-01

    Grid security is one of key issues in grid computing, while current research focus is put on the grid authorization. There is a brief discussion about the drawback of the common GSI (Grid Security Infrastructure) authorization firstly, then analysis is made on the latest several grid authorization architectures, such as structures, policy descriptions, engines, applications, and finally their features are summarized. (authors)

  18. Security Hardened Cyber Components for Nuclear Power Plants: Phase I SBIR Final Technical Report

    Energy Technology Data Exchange (ETDEWEB)

    Franusich, Michael D. [SpiralGen, Inc., Pittsburgh, PA (United States)

    2016-03-18

    SpiralGen, Inc. built a proof-of-concept toolkit for enhancing the cyber security of nuclear power plants and other critical infrastructure with high-assurance instrumentation and control code. The toolkit is based on technology from the DARPA High-Assurance Cyber Military Systems (HACMS) program, which has focused on applying the science of formal methods to the formidable set of problems involved in securing cyber physical systems. The primary challenges beyond HACMS in developing this toolkit were to make the new technology usable by control system engineers and compatible with the regulatory and commercial constraints of the nuclear power industry. The toolkit, packaged as a Simulink add-on, allows a system designer to assemble a high-assurance component from formally specified and proven blocks and generate provably correct control and monitor code for that subsystem.

  19. Cyber-assurance for the Internet of Things

    CERN Document Server

    2017-01-01

    This book discusses the cyber-assurance needs of the IoT environment, highlighting key information assurance (IA) IoT issues and identifying the associated security implications. Through contributions from cyber-assurance, IA, information security and IoT industry practitioners and experts, the text covers fundamental and advanced concepts necessary to grasp current IA issues, challenges, and solutions for the IoT. The future trends in IoT infrastructures, architectures and applications are also examined. Other topics discussed include the IA protection of IoT systems and information being stored, processed or transmitted from unauthorized access or modification of machine-2-machine (M2M) devices, radio-frequency identification (RFID) networks, wireless sensor networks, smart grids, and supervisory control and data acquisition (SCADA) systems. The book also discusses IA measures necessary to detect, rotect, and defend IoT information and networks/systems to ensure their availability, integrity, authentication...

  20. Three tenets for secure cyber-physical system design and assessment

    Science.gov (United States)

    Hughes, Jeff; Cybenko, George

    2014-06-01

    This paper presents a threat-driven quantitative mathematical framework for secure cyber-physical system design and assessment. Called The Three Tenets, this originally empirical approach has been used by the US Air Force Research Laboratory (AFRL) for secure system research and development. The Tenets were first documented in 2005 as a teachable methodology. The Tenets are motivated by a system threat model that itself consists of three elements which must exist for successful attacks to occur: - system susceptibility; - threat accessibility and; - threat capability. The Three Tenets arise naturally by countering each threat element individually. Specifically, the tenets are: Tenet 1: Focus on What's Critical - systems should include only essential functions (to reduce susceptibility); Tenet 2: Move Key Assets Out-of-Band - make mission essential elements and security controls difficult for attackers to reach logically and physically (to reduce accessibility); Tenet 3: Detect, React, Adapt - confound the attacker by implementing sensing system elements with dynamic response technologies (to counteract the attackers' capabilities). As a design methodology, the Tenets mitigate reverse engineering and subsequent attacks on complex systems. Quantified by a Bayesian analysis and further justified by analytic properties of attack graph models, the Tenets suggest concrete cyber security metrics for system assessment.

  1. Cyber Security: Assessing Our Vulnerabilities and Developing an Effective Defense

    Science.gov (United States)

    Spafford, Eugene H.

    The number and sophistication of cyberattacks continues to increase, but no national policy is in place to confront them. Critical systems need to be built on secure foundations, rather than the cheapest general-purpose platform. A program that combines education in cyber security, increasing resources for law enforcement, development of reliable systems for critical applications, and expanding research support in multiple areas of security and reliability is essential to combat risks that are far beyond the nuisances of spam email and viruses, and involve widespread espionage, theft, and attacks on essential services.

  2. Digital identities. Basis for IT security in smart grids; Digitale Identitaeten. Basis fuer IT Sicherheit im Smart Grid

    Energy Technology Data Exchange (ETDEWEB)

    Fiat, Roland; Stoertkuhl, Thomas [TUEV SUED AG Embedded Systems, Muenchen (Germany)

    2012-07-01

    An essential part of a given IT environment's cyber-security is the proper authentication of persons, systems and applications. Indeed, this is a fundamental requirement to secure communication. With the appearance of malware like Stuxnet and other cyber-attacks securing the communication in industrial infrastructures becomes increasingly important. To improve the authentication during device to device communication, this paper drafts a solution based on digital certificates which guarantee a sufficient level of authentication thanks to the use of established asymmetric cryptographic algorithms. A prerequisite for a widespread use of digital certificates, however, is an according infrastructure that allows for the secure generation and distribution of such certificates on the devices ideally in an automated way. The present paper outlines such a methodology as a starting point for further discussions. (orig.)

  3. Control Systems Security Center Comparison Study of Industrial Control System Standards against the Control Systems Protection Framework Cyber-Security Requirements

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2005-09-01

    Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several Department of Energy (DOE) National Laboratories, including Argonne National Laboratory, Idaho National Laboratory, Pacific Northwest National Laboratory, and Sandia National Laboratories. This study was conducted in two parts: a standard identification effort and a comparison analysis effort. During the standard identification effort, the Standard Awareness Team conducted a comprehensive open-source survey of existing control systems security standards, regulations, and guidelines in several of the critical infrastructure (CI) sectors, including the telecommunication, water, chemical, energy (electric power, petroleum and oil, natural gas), and transportation--rail sectors and sub-sectors. During the comparison analysis effort, the team compared the requirements contained in selected, identified, industry standards with the cyber security requirements in ''Cyber Security Protection Framework'', Version 0.9 (hereafter referred to as the ''Framework''). For each of the seven sector/sub-sectors listed above, one standard was

  4. a review of game theory approach to cyber security risk management

    African Journals Online (AJOL)

    HOD

    Keywords: Cyber Security, Risk Management, Game Theory, Model. 1. INTRODUCTION. Risk is ... behaviors. This implies they are triggered by self- motivated goal .... embrace diligence verification of the recipient of the email as well as lack of ...

  5. Framework for an African policy towards creating cyber security awareness

    CSIR Research Space (South Africa)

    Dlamini, IZ

    2011-05-01

    Full Text Available Cyber security is a GLOBAL issue. The rest of the world needs Africa to be aware and ready. Furthermore, Africa can only be aware and ready if it is internally organised and collaborates effectively with the rest of the world. The African continent...

  6. Individual differences in cyber security behaviors: an examination of who is sharing passwords.

    Science.gov (United States)

    Whitty, Monica; Doodson, James; Creese, Sadie; Hodges, Duncan

    2015-01-01

    In spite of the number of public advice campaigns, researchers have found that individuals still engage in risky password practices. There is a dearth of research available on individual differences in cyber security behaviors. This study focused on the risky practice of sharing passwords. As predicted, we found that individuals who scored high on a lack of perseverance were more likely to share passwords. Contrary to our hypotheses, we found younger [corrected] people and individuals who score high on self-monitoring were more likely to share passwords. We speculate on the reasons behind these findings, and examine how they might be considered in future cyber security educational campaigns.

  7. Cyber crime and cyber warfare with international cyber collaboration for RSA – preparing communities

    CSIR Research Space (South Africa)

    Grobler, M

    2012-03-01

    Full Text Available aspects come into play that may have an influence on the manner in which the military reacts to cyber attacks (Wilson 2007): ? new national security policy issues; ? consideration of psychological operations used to affect friendly nations... relationship between modern cyber space, cyber warfare and traditional legislation. As a starting point, cyber warfare is defined for the purpose of this article as the use of exploits in cyber space as a way to intentionally cause harm to people, assets...

  8. Cyber-Informed Engineering

    Energy Technology Data Exchange (ETDEWEB)

    Anderson, Robert S. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Benjamin, Jacob [Idaho National Lab. (INL), Idaho Falls, ID (United States); Wright, Virginia L. [Idaho National Lab. (INL), Idaho Falls, ID (United States); Quinones, Luis [Idaho National Lab. (INL), Idaho Falls, ID (United States); Paz, Jonathan [Idaho National Lab. (INL), Idaho Falls, ID (United States)

    2017-03-01

    A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

  9. Cyber-Informed Engineering

    International Nuclear Information System (INIS)

    Anderson, Robert S.; Benjamin, Jacob; Wright, Virginia L.; Quinones, Luis; Paz, Jonathan

    2017-01-01

    A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

  10. Literature Review on Modeling Cyber Networks and Evaluating Cyber Risks.

    Energy Technology Data Exchange (ETDEWEB)

    Kelic, Andjelka; Campbell, Philip L

    2018-04-01

    The National Infrastructure Simulations and Analysis Center (NISAC) conducted a literature review on modeling cyber networks and evaluating cyber risks. The literature review explores where modeling is used in the cyber regime and ways that consequence and risk are evaluated. The relevant literature clusters in three different spaces: network security, cyber-physical, and mission assurance. In all approaches, some form of modeling is utilized at varying levels of detail, while the ability to understand consequence varies, as do interpretations of risk. This document summarizes the different literature viewpoints and explores their applicability to securing enterprise networks.

  11. Analysis and improvement of security of energy smart grids

    International Nuclear Information System (INIS)

    Halimi, Halim

    2014-01-01

    The Smart grid is the next generation power grid, which is a new self-healing, self-activating form of electricity network, and integrates power-flow control, increased quality of electricity, and energy reliability, energy efficiency and energy security using information and communication technologies. Communication networks play a critical role in smart grid, as the intelligence of smart grid is built based on information exchange across the power grid. Its two-way communication and electricity flow enable to monitor, predict and manage the energy usage. To upgrade an existing power grid into a smart grid, it requires an intelligent and secure communication infrastructure. Because of that, the main goal of this dissertation is to propose new architecture and implementation of algorithms for analysis and improvement of the security and reliability in smart grid. In power transmission segments of smart grid, wired communications are usually adopted to ensure robustness of the backbone power network. In contrast, for a power distribution grid, wireless communications provide many benefits such as low cost high speed links, easy setup of connections among different devices/appliances, and so on. Wireless communications are usually more vulnerable to security attacks than wired ones. Developing appropriate wireless communication architecture and its security measures is extremely important for a smart grid system. This research addresses physical layer security in a Wireless Smart Grid. Hence a defense Quorum- based algorithm is proposed to ensure physical security in wireless communication. The new security architecture for smart grid that supports privacy-preserving, data aggregation and access control is defined. This architecture consists of two parts. In the first part we propose to use an efficient and privacy-preserving aggregation scheme (EPPA), which aggregates real-time data of consumers by Local Gateway. During aggregation the privacy of consumers is

  12. Main control computer security model of closed network systems protection against cyber attacks

    Science.gov (United States)

    Seymen, Bilal

    2014-06-01

    The model that brings the data input/output under control in closed network systems, that maintains the system securely, and that controls the flow of information through the Main Control Computer which also brings the network traffic under control against cyber-attacks. The network, which can be controlled single-handedly thanks to the system designed to enable the network users to make data entry into the system or to extract data from the system securely, intends to minimize the security gaps. Moreover, data input/output record can be kept by means of the user account assigned for each user, and it is also possible to carry out retroactive tracking, if requested. Because the measures that need to be taken for each computer on the network regarding cyber security, do require high cost; it has been intended to provide a cost-effective working environment with this model, only if the Main Control Computer has the updated hardware.

  13. 78 FR 35539 - Transforming Our Nation's Electric Grid Through Improved Siting, Permitting, and Review

    Science.gov (United States)

    2013-06-12

    ... key factor in future economic growth, and a critical component of our energy security. Countries that... manage cyber-security threats. By diversifying power sources and reducing congestion, a modernized grid will also create cost savings for consumers and spur economic growth. Modernizing our Nation's electric...

  14. 75 FR 26203 - Implementing the National Broadband Plan by Empowering Consumers and the Smart Grid: Data Access...

    Science.gov (United States)

    2010-05-11

    ... Smart Grid: Data Access, Third Party Use, and Privacy AGENCY: Department of Energy. ACTION: Request for..., What the Smart Grid Means to Americans, 2, 23 (Aug. 31, 2009), available at http://www.oe.energy.gov... 7628 (Feb. 2010)--Smart Grid Cyber Security: Strategy and Requirements.\\15\\ This Draft NISTIR was...

  15. Computer Security of NPP Instrumentation and Control Systems: Cyber Threats

    International Nuclear Information System (INIS)

    Klevtsov, A.L.; Trubchaninov, S.A.

    2015-01-01

    The paper is devoted to cyber threats, as one of the aspects in computer security of instrumentation and control systems for nuclear power plants (NPP). The basic concepts, terms and definitions are shortly addressed. The paper presents a detailed analysis of potential cyber threats during the design and operation of NPP instrumentation and control systems. Eleven major types of threats are considered, including: the malicious software and hardware Trojans (in particular, in commercial-off-the-shelf software and hardware), computer attacks through data networks and intrusion of malicious software from an external storage media and portable devices. Particular attention is paid to the potential use of lower safety class software as a way of harmful effects (including the intrusion of malicious fragments of code) on higher safety class software. The examples of actual incidents at various nuclear facilities caused by intentional cyber attacks or unintentional computer errors during the operation of software of systems important to NPP safety.

  16. Adversarial Reinforcement Learning in a Cyber Security Simulation}

    OpenAIRE

    Elderman, Richard; Pater, Leon; Thie, Albert; Drugan, Madalina; Wiering, Marco

    2017-01-01

    This paper focuses on cyber-security simulations in networks modeled as a Markov game with incomplete information and stochastic elements. The resulting game is an adversarial sequential decision making problem played with two agents, the attacker and defender. The two agents pit one reinforcement learning technique, like neural networks, Monte Carlo learning and Q-learning, against each other and examine their effectiveness against learning opponents. The results showed that Monte Carlo lear...

  17. A Grid-Based Cyber Infrastructure for High Performance Chemical Dynamics Simulations

    Directory of Open Access Journals (Sweden)

    Khadka Prashant

    2008-10-01

    Full Text Available Chemical dynamics simulation is an effective means to study atomic level motions of molecules, collections of molecules, liquids, surfaces, interfaces of materials, and chemical reactions. To make chemical dynamics simulations globally accessible to a broad range of users, recently a cyber infrastructure was developed that provides an online portal to VENUS, a popular chemical dynamics simulation program package, to allow people to submit simulation jobs that will be executed on the web server machine. In this paper, we report new developments of the cyber infrastructure for the improvement of its quality of service by dispatching the submitted simulations jobs from the web server machine onto a cluster of workstations for execution, and by adding an animation tool, which is optimized for animating the simulation results. The separation of the server machine from the simulation-running machine improves the service quality by increasing the capacity to serve more requests simultaneously with even reduced web response time, and allows the execution of large scale, time-consuming simulation jobs on the powerful workstation cluster. With the addition of an animation tool, the cyber infrastructure automatically converts, upon the selection of the user, some simulation results into an animation file that can be viewed on usual web browsers without requiring installation of any special software on the user computer. Since animation is essential for understanding the results of chemical dynamics simulations, this animation capacity provides a better way for understanding simulation details of the chemical dynamics. By combining computing resources at locations under different administrative controls, this cyber infrastructure constitutes a grid environment providing physically and administratively distributed functionalities through a single easy-to-use online portal

  18. Security Implications of Typical Grid Computing Usage Scenarios

    International Nuclear Information System (INIS)

    Humphrey, Marty; Thompson, Mary R.

    2001-01-01

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing

  19. Security Implications of Typical Grid Computing Usage Scenarios

    Energy Technology Data Exchange (ETDEWEB)

    Humphrey, Marty; Thompson, Mary R.

    2001-06-05

    A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing.

  20. Security on the US Fusion Grid

    Energy Technology Data Exchange (ETDEWEB)

    Burruss, Justin R.; Fredian, Tom W.; Thompson, Mary R.

    2005-06-01

    The National Fusion Collaboratory project is developing and deploying new distributed computing and remote collaboration technologies with the goal of advancing magnetic fusion energy research. This work has led to the development of the US Fusion Grid (FusionGrid), a computational grid composed of collaborative, compute, and data resources from the three large US fusion research facilities and with users both in the US and in Europe. Critical to the development of FusionGrid was the creation and deployment of technologies to ensure security in a heterogeneous environment. These solutions to the problems of authentication, authorization, data transfer, and secure data storage, as well as the lessons learned during the development of these solutions, may be applied outside of FusionGrid and scale to future computing infrastructures such as those for next-generation devices like ITER.

  1. Security on the US Fusion Grid

    International Nuclear Information System (INIS)

    Burruss, Justin R.; Fredian, Tom W.; Thompson, Mary R.

    2005-01-01

    The National Fusion Collaboratory project is developing and deploying new distributed computing and remote collaboration technologies with the goal of advancing magnetic fusion energy research. This work has led to the development of the US Fusion Grid (FusionGrid), a computational grid composed of collaborative, compute, and data resources from the three large US fusion research facilities and with users both in the US and in Europe. Critical to the development of FusionGrid was the creation and deployment of technologies to ensure security in a heterogeneous environment. These solutions to the problems of authentication, authorization, data transfer, and secure data storage, as well as the lessons learned during the development of these solutions, may be applied outside of FusionGrid and scale to future computing infrastructures such as those for next-generation devices like ITER

  2. Security on the US fusion grid

    International Nuclear Information System (INIS)

    Burruss, J.R.; Fredian, T.W.; Thompson, M.R.

    2006-01-01

    The National Fusion Collaboratory project is developing and deploying new distributed computing and remote collaboration technologies with the goal of advancing magnetic fusion energy research. This has led to the development of the U.S. fusion grid (FusionGrid), a computational grid composed of collaborative, compute, and data resources from the three large U.S. fusion research facilities and with users both in the U.S. and in Europe. Critical to the development of FusionGrid was the creation and deployment of technologies to ensure security in a heterogeneous environment. These solutions to the problems of authentication, authorization, data transfer, and secure data storage, as well as the lessons learned during the development of these solutions, may be applied outside of FusionGrid and scale to future computing infrastructures such as those for next-generation devices like ITER

  3. Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

    International Nuclear Information System (INIS)

    Shin, Jin Soo; Heo, Gyun Young; Son, Han Seong; Kim, Young Ki; Park, Jaek Wan

    2012-01-01

    Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security

  4. Cyber security level assignment for research reactor digital instrumentation and control system architecture using concept of defense in depth

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Jin Soo; Heo, Gyun Young [Kyung Hee University, Seoul (Korea, Republic of); Son, Han Seong [Joongbu Univ., Chungnam (Korea, Republic of); Kim, Young Ki; Park, Jaek Wan [KAERI, Daejeon (Korea, Republic of)

    2012-10-15

    Due to recent aging of the analog instrumentation of many nuclear power plants (NPPs) and research reactors, the system reliability decreases while maintenance and testing costs increase. In addition, it is difficult to find the substitutable analog equipment s due to obsolescence. Therefore, the instrumentation and control (I and C) systems have changed from analog system to digital system due to these facts. With the introduction of digital systems, research reactors are forced to care for the problem of cyber attacks because I and C systems have been digitalized using networks or communication systems. Especially, it is more issued at research reactors due to the accessibility of human resources. In the real world, an IBM researcher has been successful in controlling the software by penetrating a NPPs network in U.S. on July 2008 and acquiring the control right of nuclear facilities after one week. Moreover, the malignant code called 'stuxnet' impaired the nearly 1,000 centrifugal separators in Iran according to an IAEA report. The problem of cyber attacks highlights the important of cyber security, which should be emphasized. Defense.in.depth (DID) is a significant concept for the cyber security to work properly. DID institutes and maintains a hardy program for critical digital asset (CDA) by implementing multiple security boundaries. In this work, we assign cyber security levels to a typical digital I and C system using DID concept. This work is very useful in applying the concept of DID to nuclear industry with respect to cyber security.

  5. 网络空间安全人才培养探讨%Discussions on the talent cultivation of cyber security

    Institute of Scientific and Technical Information of China (English)

    翁健; 马昌社; 古亮

    2016-01-01

    Cyber security has been formally approved to be the first level discipline in June 2015. How to train the cyber security talents that meet the needs of our country has become an urgent problem to be solved in the discipline construction. Synthetical analysis of the current situation of training related talents at domestic and foreign, as well as the actual demand for the cyber security talents was presented. According to the characteristics of the talent culti-vation in cyber security, some suggestions on training the cyber security talents were given.%自从2015年6月网络空间安全正式被批准为国家一级学科,如何培养符合国家需要的网络空间安全人才成为了学科建设中一个亟待解决的问题。综合分析了国内外培养相关方面人才的现状与网络空间安全的实际人才需求;结合我国网络空间安全人才培养的特点,给出了我国网络空间安全人才培养的部分建议。

  6. Engineering safe and secure cyber-physical systems the specification PEARL approach

    CERN Document Server

    Gumzej, Roman

    2016-01-01

    This book introduces the concept of holistic design and development of cyber physical systems to achieve their safe and secure operation. It shows that by following the standards for embedded system’s safety and using appropriate hardware and software components inherently safe system’s architectures can be devised and certified. While the standards already enable testing and certification of inherently safe and sound hardware, this is still not the case with software. The book demonstrates that Specification PEARL(SPEARL) addresses this issue and proposes appropriate solutions from the viewpoints of software engineering as well as concrete program components. By doing so it reduces the complexity of cyber physical systems design in an innovative way. Three ultimate goals are being followed in the course of defining this new PEARL standard, namely: 1. simplicity over complexity, 2. inherent real-time ability, and 3. conformity to safety integrity and security capability levels.

  7. Ideal Based Cyber Security Technical Metrics for Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    W. F. Boyer; M. A. McQueen

    2007-10-01

    Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

  8. Cyber armies: the unseen military in the grid

    CSIR Research Space (South Africa)

    Aschmann, M

    2015-03-01

    Full Text Available power and/or civilian force within the cyber domain that has the ability to launch cyber-attacks and collect information in order to gain strategic military advantage on a national level. Selected cyber armies are compared to portray the impact...

  9. Re-thinking Grid Security Architecture

    NARCIS (Netherlands)

    Demchenko, Y.; de Laat, C.; Koeroo, O.; Groep, D.; van Engelen, R.; Govindaraju, M.; Cafaro, M.

    2008-01-01

    The security models used in Grid systems today strongly bear the marks of their diverse origin. Historically retrofitted to the distributed systems they are designed to protect and control, the security model is usually limited in scope and applicability, and its implementation tailored towards a

  10. Cyber Security: US - Chinese Relations

    OpenAIRE

    Debnárová, Barbora

    2015-01-01

    This diploma thesis deals with cyber relation of the United States of America and the People's republic of China. The aim of this diploma thesis is to answer the following questions: What kind of cyber threat for the United States does China represent? How is China's cyber strategy characterised? How do USA react on this threat and what are the gaps in this reaction? The thesis is divided into four chapters. The first chapter deals with definition of cyberwarfare and its perception in Chinese...

  11. The cyber threat, trophy information and the fortress mentality.

    Science.gov (United States)

    Scully, Tim

    2011-10-01

    'It won't happen to me' is a prevalent mindset among senior executives in the private and public sectors when considering targeted cyber intrusions. This is exacerbated by the long-term adoption of a 'fortress mentality' towards cyber security, and by the attitude of many of our cyber-security professionals, who speak a different language when it comes to communicating cyber-security events to senior executives. The prevailing approaches to cyber security have clearly failed. Almost every week another serious, targeted cyber intrusion is reported, but reported intrusions are only the tip of the iceberg. Why have we got it so wrong? It must be acknowledged that cyber security is no longer the domain of cyber-security experts alone. Many more of us at various levels of leadership must understand, and be more deeply engaged in, the cyber-security challenge if we are to deal with the threat holistically and effectively. Governments cannot combat the cyber threat alone, particularly the so-called advanced persistent threat; they must work closely with industry as trusted partners. Industry will be the 'boots on the ground' in cyber security, but there are challenges to building this relationship, which must be based on sound principles.

  12. Cyber Security Evaluation of the Wireless Communication for the Mobile Safeguard Systems in Nuclear Power Plants

    International Nuclear Information System (INIS)

    Lee, S.; Kim, Y.S.; Ye, S.H.

    2015-01-01

    This paper introduces cyber security evaluation results and a design of the wireless communication technology to apply to safeguard systems in nuclear power plants. While wireless communication technologies can generally make mobility and efficiency on plant operation, those have seldom been installed on the nuclear I&C systems due to the negative concern of unexpected outcomes that stem from electromagnetic interference and cyber attack. New design of advanced digital safeguard and I&C systems uses computer-based systems for the safeguard and safety functions. On the other hand, those are being exposed to various types of new and existing cyber threats, vulnerabilities and risks which significantly increase the likelihood that those could be compromised. In order to employ the wireless communication technology in safeguard function, licencees assess and manage the potential for adverse effects on safeguard and safety functions so as to provide high assurance that critical functions are properly protected cyber attack. It is expected that the safeguard function, specifically on the area of real-time monitoring, logging, can be enhanced by employing the mobile safeguard devices (: smart phone, laptop, smart pad, etc). In this paper, we deal with the cyber security evaluation, which consists of threat analysis, vulnerability test, establishment of security plan, and design solutions for the wireless communication on the basis of IEEE 802.11(Wi-Fi) protocol. Proposed evaluation and design solution could be a basis for the design of wireless communication and mobile safeguard systems in nuclear power plants. (author)

  13. Introducing cyber.

    Science.gov (United States)

    Hult, Fredrik; Sivanesan, Giri

    In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

  14. The EU's cybercrime and cyber-security rulemaking: mapping the internal and external dimensions of EU security

    NARCIS (Netherlands)

    Fahey, E.

    2014-01-01

    By taking the EU Cyber Strategy as a case in point, this contribution examines how the distinction between external and internal security in contemporary EU law manifests itself in large-scale risk regulation and in particular, how the EU relies upon external norms to regulate risk. This article

  15. Security and privacy in cyber-physical systems foundations, principles, and applications

    CERN Document Server

    Song, Houbing; Jeschke, Sabina

    2017-01-01

    Written by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this book provides an in-depth look at security and privacy, two of the most critical challenges facing both the CPS research and development community and ICT professionals. It explores, in depth, the key technical, social, and legal issues at stake, and it provides readers with the information they need to advance research and development in this exciting area. Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, and usability far in excess of what today's simple embedded systems can provide. Just as the Internet revolutionized the way we interact with information, CPS technology has already begun to transform the way people interact with engineered systems. In the years ahead, smart CPS will drive innovat...

  16. Security Challenges in Smart-Grid Metering and Control Systems

    Directory of Open Access Journals (Sweden)

    Xinxin Fan

    2013-07-01

    Full Text Available The smart grid is a next-generation power system that is increasingly attracting the attention of government, industry, and academia. It is an upgraded electricity network that depends on two-way digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems. Considering that energy utilities play an increasingly important role in our daily life, smart-grid technology introduces new security challenges that must be addressed. Deploying a smart grid without adequate security might result in serious consequences such as grid instability, utility fraud, and loss of user information and energy-consumption data. Due to the heterogeneous communication architecture of smart grids, it is quite a challenge to design sophisticated and robust security mechanisms that can be easily deployed to protect communications among different layers of the smart grid-infrastructure. In this article, we focus on the communication-security aspect of a smart-grid metering and control system from the perspective of cryptographic techniques, and we discuss different mechanisms to enhance cybersecurity of the emerging smart grid. We aim to provide a comprehensive vulnerability analysis as well as novel insights on the cybersecurity of a smart grid.

  17. Scenario-based approach to risk analysis in support of cyber security

    Energy Technology Data Exchange (ETDEWEB)

    Gertman, D. I.; Folkers, R.; Roberts, J. [Idaho National Laboratory, Roberts and Folkers Associates, LLC, Idaho Falls, ID 83404 (United States)

    2006-07-01

    The US infrastructure is continually challenged by hostile nation states and others who would do us harm. Cyber vulnerabilities and weaknesses are potential targets and are the result of years of construction and technological improvement in a world less concerned with security than is currently the case. As a result, cyber attack presents a class of challenges for which we are just beginning to prepare. What has been done in the nuclear, chemical and energy sectors as a means of anticipating and preparing for randomly occurring accidents and off-normal events is to develop scenarios as a means by which to prioritize and quantify risk and to take action. However, the number of scenarios risk analysts can develop is almost limitless. How do we ascertain which scenario has the greatest merit? One of the more important contributions of probabilistic risk analysis (PRA) has been to quantify the initiating event probability associated with various classes of accidents; and to quantify the occurrence of various conditions, i.e., end-states, as a function of these important accident sequences. Typically, various classes of conditions are represented by scenarios and are quantified in terms of cut sets and binned into end states. For example, the nuclear industry has a well-defined set of initiating events that are studied in assessing risk. The maturation of risk analysis for cyber security from accounting for barriers or looking at conditions statically to one of ascertaining the probability associated with certain events is, in part, dependent upon the adoption of a scenario-based approach. For example, scenarios take into account threats to personnel and public safety; economic damage, and compromises to major operational and safety functions. Scenarios reflect system, equipment, and component configurations as well as key human-system interactions related to event detection, diagnosis, mitigation and restoration of systems. As part of a cyber attack directed toward

  18. Scenario-based approach to risk analysis in support of cyber security

    International Nuclear Information System (INIS)

    Gertman, D. I.; Folkers, R.; Roberts, J.

    2006-01-01

    The US infrastructure is continually challenged by hostile nation states and others who would do us harm. Cyber vulnerabilities and weaknesses are potential targets and are the result of years of construction and technological improvement in a world less concerned with security than is currently the case. As a result, cyber attack presents a class of challenges for which we are just beginning to prepare. What has been done in the nuclear, chemical and energy sectors as a means of anticipating and preparing for randomly occurring accidents and off-normal events is to develop scenarios as a means by which to prioritize and quantify risk and to take action. However, the number of scenarios risk analysts can develop is almost limitless. How do we ascertain which scenario has the greatest merit? One of the more important contributions of probabilistic risk analysis (PRA) has been to quantify the initiating event probability associated with various classes of accidents; and to quantify the occurrence of various conditions, i.e., end-states, as a function of these important accident sequences. Typically, various classes of conditions are represented by scenarios and are quantified in terms of cut sets and binned into end states. For example, the nuclear industry has a well-defined set of initiating events that are studied in assessing risk. The maturation of risk analysis for cyber security from accounting for barriers or looking at conditions statically to one of ascertaining the probability associated with certain events is, in part, dependent upon the adoption of a scenario-based approach. For example, scenarios take into account threats to personnel and public safety; economic damage, and compromises to major operational and safety functions. Scenarios reflect system, equipment, and component configurations as well as key human-system interactions related to event detection, diagnosis, mitigation and restoration of systems. As part of a cyber attack directed toward

  19. Modeling and simulation for cyber-physical system security research, development and applications.

    Energy Technology Data Exchange (ETDEWEB)

    Pollock, Guylaine M.; Atkins, William Dee; Schwartz, Moses Daniel; Chavez, Adrian R.; Urrea, Jorge Mario; Pattengale, Nicholas; McDonald, Michael James; Cassidy, Regis H.; Halbgewachs, Ronald D.; Richardson, Bryan T.; Mulder, John C.

    2010-02-01

    This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

  20. Security Games for Cyber-Physical Systems

    DEFF Research Database (Denmark)

    Vigo, Roberto; Bruni, Alessandro; Yuksel, Ender

    2013-01-01

    The development of quantitative security analyses that consider both active attackers and reactive defenders is a main challenge in the design of trustworthy Cyber-Physical Systems. We propose a game-theoretic approach where it is natural to model attacker’s and defender’s actions explicitly......, associating costs to attacks and countermeasures. Cost considerations enable to contrast different strategies on the basis of their effectiveness and efficiency, paving the way to a multi-objective notion of optimality. Moreover, the framework allows expressing the probabilistic nature of the environment...... and of the attack detection process. Finally, a solver is presented to compute strategies and their costs, resorting to a recent combination of strategy iteration with linear programming....

  1. Cyber Attacks and Energy Infrastructures: Anticipating Risks

    International Nuclear Information System (INIS)

    Desarnaud, Gabrielle

    2017-01-01

    This study analyses the likelihood of cyber-attacks against European energy infrastructures and their potential consequences, particularly on the electricity grid. It also delivers a comparative analysis of measures taken by different European countries to protect their industries and collaborate within the European Union. The energy sector experiences an unprecedented digital transformation upsetting its activities and business models. Our energy infrastructures, sometimes more than a decade old and designed to remain functional for many years to come, now constantly interact with light digital components. The convergence of the global industrial system with the power of advanced computing and analytics reveals untapped opportunities at every step of the energy value chain. However, the introduction of digital elements in old and unprotected industrial equipment also exposes the energy industry to the cyber risk. One of the most compelling example of the type of threat the industry is facing, is the 2015 cyber-attack on the Ukraine power grid, which deprived about 200 000 people of electricity in the middle of the winter. The number and the level of technical expertise of cyber-attacks rose significantly after the discovery of the Stuxnet worm in the network of Natanz uranium enrichment site in 2010. Energy transition policies and the growing integration of renewable sources of energy will intensify this tendency, if cyber security measures are not part of the design of our future energy infrastructures. Regulators try to catch up and adapt, like in France where the authorities collaborate closely with the energy industry to set up a strict and efficient regulatory framework, and protect critical operators. This approach is adopted elsewhere in Europe, but common measures applicable to the whole European Union are essential to protect strongly interconnected energy infrastructures against a multiform threat that defies frontiers

  2. Assessing loss event frequencies of smart grid cyber threats: Encoding flexibility into FAIR using Bayesian network approach

    NARCIS (Netherlands)

    Le, Anhtuan; Chen, Yue; Chai, Kok Keong; Vasenev, Alexandr; Montoya, L.

    Assessing loss event frequencies (LEF) of smart grid cyber threats is essential for planning cost-effective countermeasures. Factor Analysis of Information Risk (FAIR) is a well-known framework that can be applied to consider threats in a structured manner by using look-up tables related to a

  3. Secure and Resilient Functional Modeling for Navy Cyber-Physical Systems

    Science.gov (United States)

    2017-05-24

    control systems, it was determined that this project will employ the model of a Ship Chilled Water Distribution System as a central use case. This model...Siemens Corporation Corporate Technology Unrestricted. Distribution Statement A. Approved for public...release; distribution is unlimited. Page 1 of 4 Secure & Resilient Functional Modeling for Navy Cyber-Physical Systems FY17 Quarter 1 Technical Progress

  4. Cybercom Chief Details U.S. Cyber Threats

    Science.gov (United States)

    Security Robots Lasers RSS Feed Cybercom Chief Details U.S. Cyber Threats - December 2, 2014 Navy Adm . Rogers, the commander of U.S. Cyber Command, director of the National Security Agency and chief of the Framework for Cyber Sharing But before Cybercom can help commercial companies deal with cyber criminals and

  5. Cyber attack analysis on cyber-physical systems: Detectability, severity, and attenuation strategy

    Science.gov (United States)

    Kwon, Cheolhyeon

    Security of Cyber-Physical Systems (CPS) against malicious cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is usually intractable to describe and diagnose them systematically. Motivated by such difficulties, this thesis presents a set of theories and algorithms for a cyber-secure architecture of the CPS within the control theoretic perspective. Here, instead of identifying a specific cyber attack model, we are focused on analyzing the system's response during cyber attacks. Firstly, we investigate the detectability of the cyber attacks from the system's behavior under cyber attacks. Specifically, we conduct a study on the vulnerabilities in the CPS's monitoring system against the stealthy cyber attack that is carefully designed to avoid being detected by its detection scheme. After classifying three kinds of cyber attacks according to the attacker's ability to compromise the system, we derive the necessary and sufficient conditions under which such stealthy cyber attacks can be designed to cause the unbounded estimation error while not being detected. Then, the analytical design method of the optimal stealthy cyber attack that maximizes the estimation error is developed. The proposed stealthy cyber attack analysis is demonstrated with illustrative examples on Air Traffic Control (ATC) system and Unmanned Aerial Vehicle (UAV) navigation system applications. Secondly, in an attempt to study the CPSs' vulnerabilities in more detail, we further discuss a methodology to identify potential cyber threats inherent in the given CPSs and quantify the attack severity accordingly. We then develop an analytical algorithm to test the behavior of the CPS under various cyber attack combinations. Compared to a numerical approach, the analytical algorithm enables the prediction of the most effective cyber attack combinations without computing the severity of all possible attack combinations, thereby greatly reducing the

  6. Cyber security: a question of method

    International Nuclear Information System (INIS)

    Cappelle, A.

    2016-01-01

    Industrial devices are more and more connected which has generated numerous weaknesses and flaws in networks. Most attacks concern basic things. The French law about military programming defines vital infrastructures whose operators must comply with a minimal cyber security standard. These vital infrastructures include water treatment plants, nuclear power plants or hospitals. In last december the black-ware BlackEnergy enabled hackers to access the management systems of several power plants in Ukraine causing a huge power outage. Technical solutions exist but solving this issue is above all a question of method: you must study your network, identifying the fluxes of information and then to set adequate solutions at the right places. By positioning components able to analyse fluxes you can detect abnormal fluxes and bar the access. The right settings of software like firewalls are an important thing to get a high standard of security. For external communication efficient encoding solutions exist that ensure a high level of secrecy and can identify the contact person. (A.C.)

  7. Towards an integrated defense system for cyber security situation awareness experiment

    Science.gov (United States)

    Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

    2015-05-01

    In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

  8. Data security on the national fusion grid

    Energy Technology Data Exchange (ETDEWEB)

    Burruss, Justine R.; Fredian, Tom W.; Thompson, Mary R.

    2005-06-01

    The National Fusion Collaboratory project is developing and deploying new distributed computing and remote collaboration technologies with the goal of advancing magnetic fusion energy research. This work has led to the development of the US Fusion Grid (FusionGrid), a computational grid composed of collaborative, compute, and data resources from the three large US fusion research facilities and with users both in the US and in Europe. Critical to the development of FusionGrid was the creation and deployment of technologies to ensure security in a heterogeneous environment. These solutions to the problems of authentication, authorization, data transfer, and secure data storage, as well as the lessons learned during the development of these solutions, may be applied outside of FusionGrid and scale to future computing infrastructures such as those for next-generation devices like ITER.

  9. Data security on the national fusion grid

    International Nuclear Information System (INIS)

    Burruss, Justine R.; Fredian, Tom W.; Thompson, Mary R.

    2005-01-01

    The National Fusion Collaboratory project is developing and deploying new distributed computing and remote collaboration technologies with the goal of advancing magnetic fusion energy research. This work has led to the development of the US Fusion Grid (FusionGrid), a computational grid composed of collaborative, compute, and data resources from the three large US fusion research facilities and with users both in the US and in Europe. Critical to the development of FusionGrid was the creation and deployment of technologies to ensure security in a heterogeneous environment. These solutions to the problems of authentication, authorization, data transfer, and secure data storage, as well as the lessons learned during the development of these solutions, may be applied outside of FusionGrid and scale to future computing infrastructures such as those for next-generation devices like ITER

  10. Cyber-Physical War Gaming

    OpenAIRE

    Colbert, E. J. M.; Sullivan, D. T.; Kott, A

    2017-01-01

    This paper presents general strategies for cyber war gaming of Cyber-Physical Systems (CPSs) that are used for cyber security research at the U.S. Army Research Laboratory (ARL). Since Supervisory Control and Data Acquisition (SCADA) and other CPSs are operational systems, it is difficult or impossible to perform security experiments on actual systems. The authors describe how table-top strategy sessions and realistic, live CPS war games are conducted at ARL. They also discuss how the recorde...

  11. Design of High-Fidelity Testing Framework for Secure Electric Grid Control

    Energy Technology Data Exchange (ETDEWEB)

    Yoginath, Srikanth B [ORNL; Perumalla, Kalyan S [ORNL

    2014-01-01

    A solution methodology and implementation components are presented that can uncover unwanted, unintentional or unanticipated effects on electric grids from changes to actual electric grid control software. A new design is presented to leapfrog over the limitations of current modeling and testing techniques for cyber technologies in electric grids. We design a fully virtualized approach in which actual, unmodified operational software under test is enabled to interact with simulated surrogates of electric grids. It enables the software to influence the (simulated) grid operation and vice versa in a controlled, high fidelity environment. Challenges in achieving such capability include achieving low-overhead time control mechanisms in hypervisor schedulers, network capture and time-stamping, translation of network packets emanating from grid software into discrete events of virtual grid models, translation back from virtual sensors/actuators into data packets to control software, and transplanting the entire system onto an accurately and efficiently maintained virtual-time plane.

  12. Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

    Directory of Open Access Journals (Sweden)

    Erdal IRMAK

    2017-12-01

    Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

  13. Probabilistic Characterization of Adversary Behavior in Cyber Security

    Energy Technology Data Exchange (ETDEWEB)

    Meyers, C A; Powers, S S; Faissol, D M

    2009-10-08

    The objective of this SMS effort is to provide a probabilistic characterization of adversary behavior in cyber security. This includes both quantitative (data analysis) and qualitative (literature review) components. A set of real LLNL email data was obtained for this study, consisting of several years worth of unfiltered traffic sent to a selection of addresses at ciac.org. The email data was subjected to three interrelated analyses: a textual study of the header data and subject matter, an examination of threats present in message attachments, and a characterization of the maliciousness of embedded URLs.

  14. A security architecture for the ALICE grid services

    CERN Document Server

    Schreiner, Steffen; Buchmann, Johannes; Betev, Latchezar; Grigoras, Alina

    2012-01-01

    Globally distributed research cyberinfrastructures, like the ALICE Grid Services, need to provide traceability and accountability of operations and internal interactions. This document presents a new security architecture for the ALICE Grid Services, allowing to establish non-repudiation with respect to creatorship and ownership of Grid files and jobs. It is based on mutually authenticated and encrypted communication using X.509 Public Key Infrastructure and the Transport Layer Security (TLS) protocol. Introducing certified Grid file entries and signed Grid jobs by implementing a model of Mediated Definite Delegation it allows to establish long-term accountability concerning Grid jobs and files. Initial submissions as well as any alteration of Grid jobs are becoming verifiable and can be traced back to the originator. The architecture has been implemented as a prototype along with the development of a new central Grid middleware, called jAliEn.

  15. Cyber Defense Exercises and their Role in Cyber Warfare

    OpenAIRE

    Bogdan Alexandru Bratosin

    2014-01-01

    The threat of cyber-attacks is increasing with the access to PC’s and Internet of a larger number of people around the world. Although the Internet provides a large number of advantages, it can also be used as a cyber-weapon in order to serve the interests of counties, political and economic groups or individual. The cyber-attacks of today are capable to disable the manufacturing of nuclear bombs of a country. Thus, there is an increasing demand for IT security specialists. Cyber-defense exer...

  16. Increasing the resilience and security of the United States' power infrastructure

    Energy Technology Data Exchange (ETDEWEB)

    Happenny, Sean F. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

    2015-08-01

    The United States' power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power infrastructure control and distribution paradigms by utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Understanding how these systems behave in real-world conditions will lead to new ways to make our power infrastructure more resilient and secure. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the aging networks protecting them are becoming easier to attack.

  17. Division of Cyber Safety and Security Responsibilities Between Control System Owners and Suppliers

    OpenAIRE

    Skotnes , Ruth

    2016-01-01

    Part 2: CONTROL SYSTEMS SECURITY; International audience; The chapter discusses the important issue of responsibility for information and communications technology (ICT) – or cyber – safety and security for industrial control systems and the challenges involved in dividing the responsibility between industrial control system owners and suppliers in the Norwegian electric power supply industry. Industrial control system owners are increasingly adopting information and communications technologi...

  18. Addressing Human Factors Gaps in Cyber Defense

    Science.gov (United States)

    2016-09-23

    awareness (Endsley, 1995), and thus stands a good chance of benefiting from similar study. It should be noted that cyber situation awareness as a...models of the environment, divided across multiple types of cyber operations (Tyworth, Giacobe, Mancuso, McNeese, & Hall, 2013). Given the... Attention Switching in Cyber Security Dr. Christopher Wickens Colorado State University Cyber-security analysts at whatever level they serve

  19. Secure Protocol and IP Core for Configuration of Networking Hardware IPs in the Smart Grid

    Directory of Open Access Journals (Sweden)

    Marcelo Urbina

    2018-02-01

    Full Text Available Nowadays, the incorporation and constant evolution of communication networks in the electricity sector have given rise to the so-called Smart Grid, which is why it is necessary to have devices that are capable of managing new communication protocols, guaranteeing the strict requirements of processing required by the electricity sector. In this context, intelligent electronic devices (IEDs with network architectures are currently available to meet the communication, real-time processing and interoperability requirements of the Smart Grid. The new generation IEDs include an Field Programmable Gate Array (FPGA, to support specialized networking switching architectures for the electric sector, as the IEEE 1588-aware High-availability Seamless Redundancy/Parallel Redundancy Protocol (HSR/PRP. Another advantage to using an FPGA is the ability to update or reconfigure the design to support new requirements that are being raised to the standards (IEC 61850. The update of the architecture implemented in the FPGA can be done remotely, but it is necessary to establish a cyber security mechanism since the communication link generates vulnerability in the case the attacker gains physical access to the network. The research presented in this paper proposes a secure protocol and Intellectual Property (IP core for configuring and monitoring the networking IPs implemented in a Field Programmable Gate Array (FPGA. The FPGA based implementation proposed overcomes this issue using a light Layer-2 protocol fully implemented on hardware and protected by strong cryptographic algorithms (AES-GCM, defined in the IEC 61850-90-5 standard. The proposed secure protocol and IP core are applicable in any field where remote configuration over Ethernet is required for IP cores in FPGAs. In this paper, the proposal is validated in communications hardware for Smart Grids.

  20. Gamification for Measuring Cyber Security Situational Awareness

    Energy Technology Data Exchange (ETDEWEB)

    Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

    2013-03-01

    Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

  1. 75 FR 26171 - Cyber Security Certification Program

    Science.gov (United States)

    2010-05-11

    ... Internet users rely are becoming increasingly susceptible to operator error and malicious cyber attack. For... susceptibility to operator error and malicious cyber attack, Federal entities, frequently in cooperation with the... transfers from cyber threats, such as espionage, disruption, and denial of service attacks. Specifically...

  2. Emerging Security Mechanisms for Medical Cyber Physical Systems.

    Science.gov (United States)

    Kocabas, Ovunc; Soyata, Tolga; Aktas, Mehmet K

    2016-01-01

    The following decade will witness a surge in remote health-monitoring systems that are based on body-worn monitoring devices. These Medical Cyber Physical Systems (MCPS) will be capable of transmitting the acquired data to a private or public cloud for storage and processing. Machine learning algorithms running in the cloud and processing this data can provide decision support to healthcare professionals. There is no doubt that the security and privacy of the medical data is one of the most important concerns in designing an MCPS. In this paper, we depict the general architecture of an MCPS consisting of four layers: data acquisition, data aggregation, cloud processing, and action. Due to the differences in hardware and communication capabilities of each layer, different encryption schemes must be used to guarantee data privacy within that layer. We survey conventional and emerging encryption schemes based on their ability to provide secure storage, data sharing, and secure computation. Our detailed experimental evaluation of each scheme shows that while the emerging encryption schemes enable exciting new features such as secure sharing and secure computation, they introduce several orders-of-magnitude computational and storage overhead. We conclude our paper by outlining future research directions to improve the usability of the emerging encryption schemes in an MCPS.

  3. Protecting water and wastewater infrastructure from cyber attacks

    Science.gov (United States)

    Panguluri, Srinivas; Phillips, William; Cusimano, John

    2011-12-01

    Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor's approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

  4. Protecting water and wastewater infrastructure from cyber attacks

    Institute of Scientific and Technical Information of China (English)

    Srinivas Panguluri; William Phillips; John Cusimano

    2011-01-01

    Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion:cyber attacks are real and can cause significant damages.This paper presents some recent statistics on cyber attacks and resulting damages.Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks.Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are:1) the increasing interconnection of their business and control system networks,2) large variation of proprietary industrial control equipment utilized,3) multitude of cross-sector cyber-security standards,and 4) the differences in the equipment vendor's approaches to meet these security standards.The utilities can meet these challenges by voluntarily selecting and adopting security standards,conducting a gap analysis,performing vulnerability/risk analysis,and undertaking countermeasures that best meets their security and organizational requirements.Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years.Implementing cyber security does not necessarily have to be expensive,substantial improvements can be accomplished through policy,procedure,training and awareness.Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

  5. Cyber Defense Management

    Science.gov (United States)

    2016-09-01

    of market capitalization after a cyber security incident Financial Geer, 2001 Gordon and Loeb, 2005 Willemson, 2006 Determine the return on security...thoughtheir vulnerability may be less. That is because the return on investment for protecting agiven information set is a function both of its vulnerability...can ensure that it is investing properly to provide cyber resilience to its systems. The study investigated ways to inform future investment

  6. Defending Critical Infrastructure as Cyber Key Terrain

    Science.gov (United States)

    2016-08-01

    to Secure Cyberspace (NSSC) is as it lists three strategic objectives:4 1) Prevent cyber attacks against America’s critical infrastructures; 2...House, “National Strategy to Secure Cyberspace,” (Washington, DC: The White House, 2003) Trey Herr, "PrEP: A framework for malware & cyber weapons...David Kuipers and Mark Fabro. “Control Systems Cyber Security : Defense in Depth Strategies,” [United States: Department of Energy, 2006]: 4

  7. Countering the Cyber-Attack, a case-study [video

    OpenAIRE

    Keith Squires; Center for Homeland Defense and Security Naval Postgraduate School

    2015-01-01

    A cyber-criminal organization electronically diverts funds, a hacking group uses their prowess to try to influence politics, these are examples of the evolving world of cyber crime. Keith Squires, Commissioner of Public Safety and Homeland Security Advisor for the State of Utah talks about his experience in building a cyber security program to counter such cyber criminals.

  8. Cyber Epidemic Models with Dependences

    OpenAIRE

    Xu, Maochao; Da, Gaofeng; Xu, Shouhuai

    2016-01-01

    Studying models of cyber epidemics over arbitrary complex networks can deepen our understanding of cyber security from a whole-system perspective. In this paper, we initiate the investigation of cyber epidemic models that accommodate the {\\em dependences} between the cyber attack events. Due to the notorious difficulty in dealing with such dependences, essentially all existing cyber epidemic models have assumed them away. Specifically, we introduce the idea of Copulas into cyber epidemic mode...

  9. A Review of Cyber-Physical Energy System Security Assessment

    DEFF Research Database (Denmark)

    Rasmussen, Theis Bo; Yang, Guangya; Nielsen, Arne Hejde

    2017-01-01

    Increasing penetration of renewable energy resources (RES) and electrification of services by implementing distributed energy resources (DER) has caused a paradigm shift in the operation of the power system. The controllability of the power system is predicted to be shifted from the generation side...... to the consumption side. This transition entails that the future power system evolves into a complex cyber-physical energy system (CPES) with strong interactions between the power, communication and neighboring energy systems. Current power system security assessment methods are based on centralized computation...

  10. An Analysis of Cyber-Attack on NPP Considering Physical Impact

    Energy Technology Data Exchange (ETDEWEB)

    Lee, In Hyo; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of); Son, Han Seong [Joonbu University, Geumsan (Korea, Republic of)

    2016-05-15

    Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

  11. An Analysis of Cyber-Attack on NPP Considering Physical Impact

    International Nuclear Information System (INIS)

    Lee, In Hyo; Kang, Hyun Gook; Son, Han Seong

    2016-01-01

    Some research teams performed related works on cyber-physical system which is a system that cyber-attack can lead to serious consequences including product loss, damage, injury and death when it is attacked. They investigated the physical impact on cyber-physical system due to the cyber-attack. But it is hard to find the research about NPP cyber security considering the physical impact or safety. In this paper, to investigate the relationship between physical impact and cyber-attack, level 1 PSA results are utilized in chapter 2 and cyber-attack analysis is performed in chapter 3. The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

  12. High-Performance Secure Database Access Technologies for HEP Grids

    Energy Technology Data Exchange (ETDEWEB)

    Matthew Vranicar; John Weicher

    2006-04-17

    The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the

  13. High-Performance Secure Database Access Technologies for HEP Grids

    International Nuclear Information System (INIS)

    Vranicar, Matthew; Weicher, John

    2006-01-01

    The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist's computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that 'Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications'. There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure

  14. The Cyber-Physical Attacker

    DEFF Research Database (Denmark)

    Vigo, Roberto

    2012-01-01

    The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

  15. Cyber security in nuclear industry – Analytic study from the terror incident in nuclear power plants (NPPs)

    International Nuclear Information System (INIS)

    Cho, Hyo Sung; Woo, Tae Ho

    2017-01-01

    Highlights: • The cyber terrorism in NPPs of South Korea shows the study motivations. • Analyses of the cyber terrorism in NPPs are investigated. • Designed solutions for the cyber terrorism in NPPs are discussed. • South Korean case is considered as the cyber terrorism in NPPs. - Abstract: The cyber terrorism for nuclear power plants (NPPs) is investigated for the analytic study following the South Korean case on December 2014. There are several possible cyber terror attacks in which the twelve cases are studied for the nuclear terror cases including the computer hacking and data stealing. The defense-in-depth concept is compared for cyber terrorism, which was imported from the physical terror analysis. The conventional three conditions of the physical protection system (PPS) are modified as prevention, detection, and response. The six cases are introduced for the solutions of the facility against the possible cyber terrorism in NPPs. The computer hacking methods and related solutions are analyzed for the applications in the nuclear industry. The nuclear security in the NPPs could be an extremely serious condition and the remedies are very important in the safe plant operations. In addition, the quantitative modeling study is performed.

  16. Cyber crimes.

    Science.gov (United States)

    Nuzback, Kara

    2014-07-01

    Since it began offering cyber liability coverage in December 2011, the Texas Medical Liability Trust has received more than 150 cyber liability claims, most of which involved breaches of electronic protected health information. TMLT's cyber liability insurance will protect practices financially should a breach occur. The insurance covers a breach notification to customers and business partners, expenses for legal counsel, information security and forensic data services, public relations support, call center and website support, credit monitoring, and identity theft restoration services.

  17. Reducing the risk of cyber threats in utilities through log management

    Energy Technology Data Exchange (ETDEWEB)

    Patnaik, A. [ArcSight, Cupertino, CA (United States)

    2010-01-15

    Electrical blackouts caused by terrorists hacking into targeted control systems have already occurred in Brazil. A patchwork of security tools is needed to reduce potential threats. The continuous collection and analysis of data is also needed to detect cyber threats. The real time correlation of logs across all systems, applications and users is needed to ensure the reliability and security of the power grid. Solutions must also integrate well with identity management sources in order to prevent remote access account hijacking. Effective log management can be used to detect threats and reduce the risk of power outages. 1 fig.

  18. 8th International Symposium on Intelligent Distributed Computing & Workshop on Cyber Security and Resilience of Large-Scale Systems & 6th International Workshop on Multi-Agent Systems Technology and Semantics

    CERN Document Server

    Braubach, Lars; Venticinque, Salvatore; Badica, Costin

    2015-01-01

    This book represents the combined peer-reviewed proceedings of the Eight International Symposium on Intelligent Distributed Computing - IDC'2014, of the Workshop on Cyber Security and Resilience of Large-Scale Systems - WSRL-2014, and of the Sixth International Workshop on Multi-Agent Systems Technology and Semantics- MASTS-2014. All the events were held in Madrid, Spain, during September 3-5, 2014. The 47 contributions published in this book address several topics related to theory and applications of the intelligent distributed computing and multi-agent systems, including: agent-based data processing, ambient intelligence, collaborative systems, cryptography and security, distributed algorithms, grid and cloud computing, information extraction, knowledge management, big data and ontologies, social networks, swarm intelligence or videogames amongst others.

  19. Quantum-Enhanced Cyber Security: Experimental Computation on Quantum-Encrypted Data

    Science.gov (United States)

    2017-03-02

    AFRL-AFOSR-UK-TR-2017-0020 Quantum-Enhanced Cyber Security: Experimental Computation on Quantum- Encrypted Data Philip Walther UNIVERSITT WIEN Final...on Quantum- Encrypted Data 5a.  CONTRACT NUMBER 5b.  GRANT NUMBER FA9550-16-1-0004 5c.  PROGRAM ELEMENT NUMBER 61102F 6. AUTHOR(S) Philip Walther 5d...1010 AT 8. PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) EOARD Unit 4515 APO AE 09421-4515 10

  20. A Cyber Situational Awareness Model for Network Administrators

    Science.gov (United States)

    2017-03-01

    amount of unnecessary data and focus on the most important information that can help them better guarantee cyber security of their systems. 14. SUBJECT...the most important information that can help them better guarantee cyber security of their systems. vi THIS PAGE INTENTIONALLY LEFT BLANK vii...DISTRIBUTION CODE 13. ABSTRACT (maximum 200 words) Although there are many well-established cyber security tools and techniques available to

  1. Stackelberg Interdependent Security Game in Distributed and Hierarchical Cyber-Physical Systems

    Directory of Open Access Journals (Sweden)

    Jiajun Shen

    2017-01-01

    Full Text Available With the integration of physical plant and network, cyber-physical systems (CPSs are increasingly vulnerable due to their distributed and hierarchical framework. Stackelberg interdependent security game (SISG is proposed for characterizing the interdependent security in CPSs, that is, the interactions between individual CPSs, which are selfish but nonmalicious with the payoff function being formulated from a cross-layer perspective. The pure-strategy equilibria for two-player symmetric SISG are firstly analyzed with the strategy gap between individual and social optimum being characterized, which is known as negative externalities. Then, the results are further extended to the asymmetric and m-player SISG. At last, a numerical case of practical experiment platform is analyzed for determining the comprehensively optimal security configuration for administrator.

  2. Secure Information Exchange Gateway for Electric Grid Operations

    Energy Technology Data Exchange (ETDEWEB)

    Robertson, F. Russell [Grid Protection Alliance, Chattanooga, TN (United States); Carroll, J. Ritchie [Grid Protection Alliance, Chattanooga, TN (United States); Sanders, William [Univ. of Illinois, Urbana-Champaign, IL (United States); Yardley, Timothy [Univ. of Illinois, Urbana-Champaign, IL (United States); Heine, Erich [Univ. of Illinois, Urbana-Champaign, IL (United States); Hadley, Mark [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); McKinnon, David [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Motteler, Barbara [Alstom Grid Inc., Levallois-Perret Cedex (France); Giri, Jay [Grid Protection Alliance, Chattanooga, TN (United States); Walker, William [PJM Interconnection (PJM), Norristown, PA (United States); McCartha, Esrick [PJM Interconnection (PJM), Norristown, PA (United States)

    2014-09-30

    The major objectives of the SIEGate project were to improve the security posture and minimize the cyber-attack surface of electric utility control centers and to reduce the cost of maintaining control-room-to-control-room information exchange. Major project goals included the design, development, testing, and commercialization of a single security-hardened appliance that could meet industry needs for resisting cyber-attacks while protecting the confidentiality and integrity of a growing volume of real-time information needed to ensure the reliability of the bulk electric system and interoperating with existing data formats and networking technologies. The SIEGate project has achieved its goals and objectives. The SIEGate Design Document, issued in March 2012, presented SIEGate use cases, provided SIEGate requirements, established SIEGate design principles, and prescribed design functionality of SIEGate as well as the components that make up SIEGate. SIEGate Release Version 1.0 was posted in January 2014. Release Version 1.0.83, which was posted on March 28, 2014, fixed many issues discovered by early adopters and added several new features. Release Candidate 1.1, which added additional improvements and bug fixes, was posted in June 2014. SIEGate executables have been downloaded more than 300 times. SIEGate has been tested at PJM, Entergy, TVA, and Southern. Security testing and analysis of SIEGate has been conducted at PNNL and PJM. Alstom has provided a summary of recommended steps for commercialization of the SIEGate Appliance and identified two deployment models with immediate commercial application.

  3. LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS

    Energy Technology Data Exchange (ETDEWEB)

    Ray Fink

    2006-10-01

    The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.

  4. Hiding Critical Targets in Smart Grid Networks

    Energy Technology Data Exchange (ETDEWEB)

    Bao, Wei [Univ. of Arkansas, Fayetteville, AR (United States); Li, Qinghua

    2017-10-23

    With the integration of advanced communication technologies, the power grid is expected to greatly enhance efficiency and reliability of future power systems. However, since most electrical devices in power grid substations are connected via communication networks, cyber security of these communication networks becomes a critical issue. Real-World incidents such as Stuxnet have shown the feasibility of compromising a device in the power grid network to further launch more sophisticated attacks. To deal with security attacks of this spirit, this paper aims to hide critical targets from compromised internal nodes and hence protect them from further attacks launched by those compromised nodes. In particular, we consider substation networks and propose to add carefully-controlled dummy traffic to a substation network to make critical target nodes indistinguishable from other nodes in network traffic patterns. This paper describes the design and evaluation of such a scheme. Evaluations show that the scheme can effectively protect critical nodes with acceptable communication cost.

  5. Towards the Development of a Methodology for the Cyber Security Analysis of Safety Related Nuclear Digital I and C Systems

    International Nuclear Information System (INIS)

    Khand, Parvaiz Ahmed; Seong, Poong Hyun

    2007-01-01

    In nuclear power plants the redundant safety related systems are designed to take automatic action to prevent and mitigate accident conditions if the operators and the non-safety systems fail to maintain the plant within normal operating conditions. In case of an event, the failure of these systems has catastrophic consequences. The tendency in the industry over the past 10 years has been to use of commercial of the shelf (COTS) technologies in these systems. COTS software was written with attention to function and performance rather than security. COTS hardware usually designed to fail safe, but security vulnerabilities could be exploited by an attacker to disable the fail safe mechanisms. Moreover, the use of open protocols and operating systems in these technologies make the plants to become vulnerable to a host of cyber attacks. An effective security analysis process is required during all life cycle phases of these systems in order to ensure the security from cyber attacks. We are developing a methodology for the cyber security analysis of safety related nuclear digital I and C Systems. This methodology will cover all phases of development, operation and maintenance processes of software life cycle. In this paper, we will present a security analysis process for the concept stage of software development life cycle

  6. Carboy Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors

  7. Carboy Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Noyes, Daniel [Idaho National Laboratory, Idaho (United States)

    2012-03-15

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  8. Cyber-Physical System Security With Deceptive Virtual Hosts for Industrial Control Networks

    International Nuclear Information System (INIS)

    Vollmer, Todd; Manic, Milos

    2014-01-01

    A challenge facing industrial control network administrators is protecting the typically large number of connected assets for which they are responsible. These cyber devices may be tightly coupled with the physical processes they control and human induced failures risk dire real-world consequences. Dynamic virtual honeypots are effective tools for observing and attracting network intruder activity. This paper presents a design and implementation for self-configuring honeypots that passively examine control system network traffic and actively adapt to the observed environment. In contrast to prior work in the field, six tools were analyzed for suitability of network entity information gathering. Ettercap, an established network security tool not commonly used in this capacity, outperformed the other tools and was chosen for implementation. Utilizing Ettercap XML output, a novel four-step algorithm was developed for autonomous creation and update of a Honeyd configuration. This algorithm was tested on an existing small campus grid and sensor network by execution of a collaborative usage scenario. Automatically created virtual hosts were deployed in concert with an anomaly behavior (AB) system in an attack scenario. Virtual hosts were automatically configured with unique emulated network stack behaviors for 92% of the targeted devices. The AB system alerted on 100% of the monitored emulated devices

  9. Assessment and testing of industrial devices robustness against cyber security attacks

    International Nuclear Information System (INIS)

    Tilaro, F.; Copy, B.

    2012-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. CERN - in collaboration with Siemens - has designed and implemented a dedicated working environment, the Test-bench for Robustness of Industrial Equipment. Such tests attempt to detect possible anomalies by exploiting corrupt communication channels and manipulating the normal behavior of the communication protocols, in the same way as a cyber attacker would proceed. Our approach consists of analyzing protocol implementations by injecting malformed PDUs (Protocol Data Unit) to corrupt the normal behaviour of the system. As a PDU typically has many fields, the number of possible syntactically faulty PDUs grows exponentially with the number of fields. In this document, we proposed a strategy to explore this huge test domain using a hybrid approach of fuzzing and syntax techniques, specifically developed to evaluate industrial device communication robustness. So far, not all the tests can be integrated into automatic tools, human analysis and management is necessary to discover and investigate specific possible failures

  10. Cyber Incidents Involving Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert J. Turk

    2005-10-01

    The Analysis Function of the US-CERT Control Systems Security Center (CSSC) at the Idaho National Laboratory (INL) has prepared this report to document cyber security incidents for use by the CSSC. The description and analysis of incidents reported herein support three CSSC tasks: establishing a business case; increasing security awareness and private and corporate participation related to enhanced cyber security of control systems; and providing informational material to support model development and prioritize activities for CSSC. The stated mission of CSSC is to reduce vulnerability of critical infrastructure to cyber attack on control systems. As stated in the Incident Management Tool Requirements (August 2005) ''Vulnerability reduction is promoted by risk analysis that tracks actual risk, emphasizes high risk, determines risk reduction as a function of countermeasures, tracks increase of risk due to external influence, and measures success of the vulnerability reduction program''. Process control and Supervisory Control and Data Acquisition (SCADA) systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. New research indicates this confidence is misplaced--the move to open standards such as Ethernet, Transmission Control Protocol/Internet Protocol, and Web technologies is allowing hackers to take advantage of the control industry's unawareness. Much of the available information about cyber incidents represents a characterization as opposed to an analysis of events. The lack of good analyses reflects an overall weakness in reporting requirements as well as the fact that to date there have been very few serious cyber attacks on control systems. Most companies prefer not to share cyber attack incident data because of potential financial repercussions. Uniform reporting requirements will do much to make this

  11. Decentral Smart Grid Control

    Science.gov (United States)

    Schäfer, Benjamin; Matthiae, Moritz; Timme, Marc; Witthaut, Dirk

    2015-01-01

    Stable operation of complex flow and transportation networks requires balanced supply and demand. For the operation of electric power grids—due to their increasing fraction of renewable energy sources—a pressing challenge is to fit the fluctuations in decentralized supply to the distributed and temporally varying demands. To achieve this goal, common smart grid concepts suggest to collect consumer demand data, centrally evaluate them given current supply and send price information back to customers for them to decide about usage. Besides restrictions regarding cyber security, privacy protection and large required investments, it remains unclear how such central smart grid options guarantee overall stability. Here we propose a Decentral Smart Grid Control, where the price is directly linked to the local grid frequency at each customer. The grid frequency provides all necessary information about the current power balance such that it is sufficient to match supply and demand without the need for a centralized IT infrastructure. We analyze the performance and the dynamical stability of the power grid with such a control system. Our results suggest that the proposed Decentral Smart Grid Control is feasible independent of effective measurement delays, if frequencies are averaged over sufficiently large time intervals.

  12. Decentral Smart Grid Control

    International Nuclear Information System (INIS)

    Schäfer, Benjamin; Matthiae, Moritz; Timme, Marc; Witthaut, Dirk

    2015-01-01

    Stable operation of complex flow and transportation networks requires balanced supply and demand. For the operation of electric power grids—due to their increasing fraction of renewable energy sources—a pressing challenge is to fit the fluctuations in decentralized supply to the distributed and temporally varying demands. To achieve this goal, common smart grid concepts suggest to collect consumer demand data, centrally evaluate them given current supply and send price information back to customers for them to decide about usage. Besides restrictions regarding cyber security, privacy protection and large required investments, it remains unclear how such central smart grid options guarantee overall stability. Here we propose a Decentral Smart Grid Control, where the price is directly linked to the local grid frequency at each customer. The grid frequency provides all necessary information about the current power balance such that it is sufficient to match supply and demand without the need for a centralized IT infrastructure. We analyze the performance and the dynamical stability of the power grid with such a control system. Our results suggest that the proposed Decentral Smart Grid Control is feasible independent of effective measurement delays, if frequencies are averaged over sufficiently large time intervals. (paper)

  13. Cyber Security in Nuclear Power Plants - U.S. NRC Regulatory Guide 5.71

    International Nuclear Information System (INIS)

    Pogacic, Goran

    2014-01-01

    We have already made a big step into new millennia and with it there is no more dilemma about presence of computers and internet in our lives. Almost all modern facilities struggle with this new dimension of information flow and how to use it to their best interest. But there is also the other side of the coin- the security threat. For nuclear power plants this threat poses even greater risk. In addition to protecting their trade secrets, personal data or other common targets of cyber attacks, nuclear power plants need to protect their digital computers, communication systems and networks up to and including the design basis threat (DBT). As stated in U.S. Nuclear Regulatory Commission (NRC) Regulatory Commission Regulations, Title 10, Code of Federal Regulations (CFR), section 73.1, 'Purpose and Scope' this includes protection against acts of radiological sabotage and prevention of the theft or diversion of special nuclear material. The main purpose of this paper is to explore the NRC Regulatory Guide (RG) 5.71 and its guidance in implementing cyber security requirements stated in NRC 10 CFR, section 73.54, 'Protection of Digital Computer and Communication Systems and Networks'. In particular, this section requires protection of digital computers, communication systems and networks associated with the following categories of functions: · safety-related and important-to-safety functions, · security functions, · emergency preparedness functions, including offsite communication, and · support systems and equipment which, if compromised, would adversely impact safety, security, or emergency preparedness functions. This section requires protection of such systems and networks from those cyber attacks that would act to modify, destroy, or compromise the integrity or confidentiality of data or software; deny access to systems, services or data; and impact the operation of systems, networks, and equipment. This paper will also present some of

  14. Suggestions on cyber security talents cultivation%网络空间安全人才培养的规划建议

    Institute of Scientific and Technical Information of China (English)

    张宏莉; 于海宁; 翟健宏; 余翔湛

    2016-01-01

    Talent competition is the core content ofcyber security competition. Firstly, the definitions and character-istics of cyber security were introduced. Then, the development status of international cyber security talents cultiva-tion were analyzed, and the main problems existing in cyber security talents cultivation were pointed out. Finally, based on national significant strategy, suggestions on cyber security talents cultivation to explore a sophisticated ar-chitecture were proposed, which refer to the national overall planning, academic education, vocational training and certification, genius discovery and cultivation.%网络空间安全竞争的核心是人才的竞争。首先介绍了网络空间安全的内涵和特点,分析了目前国际上网络空间安全人才的培养现状。然后,指出了我国网络空间安全人才培养中存在的主要问题。最后,面向国家在网络空间安全人才建设方面的重大战略需求,从国家统筹规划、学历教育、职业培训与认证、专才发现与培养等4个方面给出了规划建议,以探索完善我国网络空间安全人才培养体系。

  15. MDEP Common Position No DICWG08. Common position on the impact of cyber security features on digital I and C safety systems

    International Nuclear Information System (INIS)

    2012-01-01

    Cyber security measures are generally implemented at nuclear facilities to protect against cyber-attacks that may compromise safety. The implementation of such cyber security measures may vary based on site specific requirements and each country's regulatory frameworks. Safety measures and cyber security measures for a nuclear power plant should be designed and implemented so that they do not compromise one another. This common position is intended to only apply to systems classified to the highest level of safety. The Digital Instrumentation and Controls Working Group (DICWG) has agreed that a common position on this topic is warranted given the increase of use of Digital I and C in new reactor designs, its safety implications, and the need to develop a common understanding from the perspectives of regulatory authorities. This action follows the DICWG examination of the regulatory requirements of the participating members and of relevant industry standards and IAEA documents. The DICWG proposes a common position based on its recent experience with the new reactor application reviews and operating plant issues

  16. An Analysis Of Cyber Security And How It Is Affecting A Contract Writing System, Seaport

    Science.gov (United States)

    2016-06-01

    features to protect U.S. interests. Secure Socket Layers or SSL works by allowing a user to encrypt information sent or received across a network ...and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2...however, theoretically, cyber security can be attributed. Recommendations include adding more servers to existing SeaPort network infrastructure and

  17. Cyber Deterrence and Stability

    Energy Technology Data Exchange (ETDEWEB)

    Goychayev, Rustam [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Carr, Geoffrey A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Weise, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Donnelly, David A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Clements, Samuel L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Benz, Jacob M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Rodda, Kabrena E. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bartholomew, Rachel A. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); McKinnon, Archibald D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Andres, Richard B. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States)

    2017-09-30

    Throughout the 20th and early 21st centuries, deterrence and arms control have been cornerstones of strategic stability between the superpowers. However, the weaponization of the cyber realm by State actors and the multipolar nature of cyber conflict now undermines that stability. Strategic stability is the state in which nations believe that if they act aggressively to undermine U.S. national interests and the post-World War II liberal democratic order, the consequences will outweigh the benefits. The sense of lawlessness and lack of consequences in the cyber realm embolden States to be more aggressive in taking actions that undermine stability. Accordingly, this paper examines 1) the role of deterrence and arms control in securing cyber stability, and 2) the limitations and challenges associated with these traditional national security paradigms as applied to this emerging threat domain. This paper demonstrates that many 20th-century deterrence and arms control concepts are not particularly applicable in the cyber realm. However, they are not entirely irrelevant. The United States can distill lessons learned from this rich deterrence and arms control experience to develop and deploy a strategy to advance cyber stability.

  18. Enabling secure and privacy preserving communications in smart grids

    CERN Document Server

    Li, Hongwei

    2014-01-01

    This brief focuses on the current research on security and privacy preservation in smart grids. Along with a review of the existing works, this brief includes fundamental system models, possible frameworks, useful performance, and future research directions. It explores privacy preservation demand response with adaptive key evolution, secure and efficient Merkle tree based authentication, and fine-grained keywords comparison in the smart grid auction market. By examining the current and potential security and privacy threats, the author equips readers to understand the developing issues in sma

  19. For the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations

    Science.gov (United States)

    2015-06-12

    the Common Defense of Cyberspace: Implications of a US Cyber Militia on Department of Defense Cyber Operations 5a. CONTRACT NUMBER 5b. GRANT ...20130423/ NEWS/304230016/Navy-wants-1-000-more-cyber-warriors. 33 Edward Cardon , “Army Cyber Capabilities” (Lecture, Advanced Operations Course...Finally, once a cyber security professional is trained, many argue, to include the head of Army’s Cyber Command, Lieutenant General Edward Cardon

  20. Special Operations And Cyber Warfare

    Science.gov (United States)

    2016-12-01

    Cyber weapons have multiple functions and can be used for espionage or OPE. It is important to highlight the similarities between the intelligence...James Clapper, Director of National Intelligence, emphasized the importance of cyber operations as he identified cyber as the third major hazard facing...support the development of the capacity and capability of foreign security forces and their supporting institutions.”52 The DOD’s Cyber Strategy states

  1. OPNET/Simulink Based Testbed for Disturbance Detection in the Smart Grid

    Energy Technology Data Exchange (ETDEWEB)

    Sadi, Mohammad A. H. [University of Memphis; Dasgupta, Dipankar [ORNL; Ali, Mohammad Hassan [University of Memphis; Abercrombie, Robert K [ORNL

    2015-01-01

    The important backbone of the smart grid is the cyber/information infrastructure, which is primarily used to communicate with different grid components. A smart grid is a complex cyber physical system containing a numerous and variety number of sources, devices, controllers and loads. Therefore, the smart grid is vulnerable to grid related disturbances. For such dynamic system, disturbance and intrusion detection is a paramount issue. This paper presents a Simulink and Opnet based co-simulated platform to carry out a cyber-intrusion in cyber network for modern power systems and the smart grid. The IEEE 30 bus power system model is used to demonstrate the effectiveness of the simulated testbed. The experiments were performed by disturbing the circuit breakers reclosing time through a cyber-attack. Different disturbance situations in the considered test system are considered and the results indicate the effectiveness of the proposed co-simulated scheme.

  2. Recommendations for Model Driven Paradigms for Integrated Approaches to Cyber Defense

    Science.gov (United States)

    2017-03-06

    Human Cognitive Modeling in Cyber Security 13 4.1 Models of Human in the Cyber Detection Loop 14 4.2 Perception and Representation of the Cyber ...paradigm applied to cyber operations is likely to benefit traditional disciplines of cyber defense such as security , vulnerability analysis, intrusion...and simulation for full range of cyber specialties, not only for training and rehearsal. • Encourage participation of commercial companies , in NATO

  3. China's Cyber Initiatives Counter International Pressure

    Directory of Open Access Journals (Sweden)

    Emilio Iasiello

    2017-03-01

    Full Text Available Prior to its historic 2015 “no hack” pact for commercial advantage with the United States, Beijing has been engaged drafting and passing legislation, most with specific cyber components, to enhance its security posture while protecting its economic interests. This approach is in stark contrast to United States efforts that have demonstrated a focus on “acting globally, thinking locally” philosophy wherein most of its cyber efforts have been outwardly facing and are distinct from other security considerations. This paper suggests that by strengthening its domestic front with a legal framework, Beijing is preparing itself to counter any foreign initiative contrary to Beijing’s plans (e.g., cyber norms of behavior, cyber sanctions, etc. by being able to exert legal measures against foreign interests in country, thereby preserving its cyber sovereignty.

  4. Comparing models of offensive cyber operations

    CSIR Research Space (South Africa)

    Grant, T

    2015-10-01

    Full Text Available would be needed by a Cyber Security Operations Centre in order to perform offensive cyber operations?". The analysis was performed, using as a springboard seven models of cyber-attack, and resulted in the development of what is described as a canonical...

  5. Selection of the best security controls for rapid development of enterprise-level cyber security

    OpenAIRE

    Tytarenko, Oleksandr

    2017-01-01

    Approved for public release; distribution is unlimited State-supported cyber attacks, cyber espionage campaigns, and hacktivist movements have forced many states to accelerate their cyber defense development in order to achieve at least a minimum level of protection against expanding threats of cyber space. As with any other development effort, cyber capability development requires resources of time, money, and people, which in most cases are very restricted. To rapidly build up the first ...

  6. A review of cyber security risk assessment methods for SCADA systems

    OpenAIRE

    Cherdantseva, Yulia; Burnap, Peter; Blyth, Andrew; Eden, Peter; Jones, Kevin; Soulsby, Hugh; Stoddart, Kristan

    2016-01-01

    This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim; application domain; the stages of risk management addressed; key risk management concepts covered; impact measurement; sources of probabilistic data; evaluat...

  7. Index of cyber integrity

    Science.gov (United States)

    Anderson, Gustave

    2014-05-01

    Unfortunately, there is no metric, nor set of metrics, that are both general enough to encompass all possible types of applications yet specific enough to capture the application and attack specific details. As a result we are left with ad-hoc methods for generating evaluations of the security of our systems. Current state of the art methods for evaluating the security of systems include penetration testing and cyber evaluation tests. For these evaluations, security professionals simulate an attack from malicious outsiders and malicious insiders. These evaluations are very productive and are able to discover potential vulnerabilities resulting from improper system configuration, hardware and software flaws, or operational weaknesses. We therefore propose the index of cyber integrity (ICI), which is modeled after the index of biological integrity (IBI) to provide a holistic measure of the health of a system under test in a cyber-environment. The ICI provides a broad base measure through a collection of application and system specific metrics. In this paper, following the example of the IBI, we demonstrate how a multi-metric index may be used as a holistic measure of the health of a system under test in a cyber-environment.

  8. A genetic epidemiology approach to cyber-security.

    Science.gov (United States)

    Gil, Santiago; Kott, Alexander; Barabási, Albert-László

    2014-07-16

    While much attention has been paid to the vulnerability of computer networks to node and link failure, there is limited systematic understanding of the factors that determine the likelihood that a node (computer) is compromised. We therefore collect threat log data in a university network to study the patterns of threat activity for individual hosts. We relate this information to the properties of each host as observed through network-wide scans, establishing associations between the network services a host is running and the kinds of threats to which it is susceptible. We propose a methodology to associate services to threats inspired by the tools used in genetics to identify statistical associations between mutations and diseases. The proposed approach allows us to determine probabilities of infection directly from observation, offering an automated high-throughput strategy to develop comprehensive metrics for cyber-security.

  9. Cyber Attacks and Combat Behavior

    Directory of Open Access Journals (Sweden)

    Carataș Maria Alina

    2017-01-01

    Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

  10. Cyber Attacks: A New Threat to the Energy Industry

    International Nuclear Information System (INIS)

    Desarnaud, Gabrielle

    2016-01-01

    The Network and Information Security (NIS) Directive has been adopted on July 6, 2016 by the European Parliament, three years after the initial proposal by the European Commission. It paves the way for a much needed common cyber security strategy within the EU. This Edito explains the reasons why the energy industry is particularly vulnerable to cyber- attacks, and what tools this new directive brings about to protect European critical infrastructures. In about two decades, the energy industry has been deeply transformed by the digital revolution, which penetrated companies' commercial, administrative and financial branches, but also their industrial systems. From the optimization of electric grids to the precision of oil drilling, information and communication technologies (ICT) are now essential to every stage of energy production, transport and distribution processes. Data mining and analysis are increasingly considered as the energy sector's new 'black gold', and generate new activities just like the platform Predix, designed by General Electric to help energy companies (among others) collect and analyze industrial data. This silent revolution offers countless economic opportunities and paves the way for a better resource distribution and use. But it also puts physical energy infrastructures at risk

  11. 7 Key Challenges for Visualization in Cyber Network Defense

    Energy Technology Data Exchange (ETDEWEB)

    Best, Daniel M.; Endert, Alexander; Kidwell, Dan

    2014-12-02

    In this paper we present seven challenges, informed by two user studies, to be considered when developing a visualization for cyber security purposes. Cyber security visualizations must go beyond isolated solutions and “pretty picture” visualizations in order to make impact to users. We provide an example prototype that addresses the challenges with a description of how they are met. Our aim is to assist in increasing utility and adoption rates for visualization capabilities in cyber security.

  12. Technical Aspects of Cyber Kill Chain

    OpenAIRE

    Yadav, Tarun; Mallari, Rao Arvind

    2016-01-01

    Recent trends in targeted cyber-attacks has increased the interest of research in the field of cyber security. Such attacks have massive disruptive effects on rganizations, enterprises and governments. Cyber kill chain is a model to describe cyber-attacks so as to develop incident response and analysis capabilities. Cyber kill chain in simple terms is an attack chain, the path that an intruder takes to penetrate information systems over time to execute an attack on the target. This paper broa...

  13. NERSC Cyber Security Challenges That Require DOE Development andSupport

    Energy Technology Data Exchange (ETDEWEB)

    Draney, Brent; Campbell, Scott; Walter, Howard

    2007-01-16

    Traditional security approaches do not adequately addressall the requirements of open, scientific computing facilities. Many ofthe methods used for more restricted environments, including almost allcorporate/commercial systems, do not meet the needs of today's science.Use of only the available "state of the practice" commercial methods willhave adverse impact on the ability of DOE to accomplish its sciencegoals, and impacts the productivity of the DOE Science community. Inparticular, NERSC and other high performance computing (HPC) centers havespecial security challenges that are unlikely to be met unless DOE fundsdevelopment and support of reliable and effective tools designed to meetthe cyber security needs of High Performance Science. The securitychallenges facing NERSC can be collected into three basic problem sets:network performance and dynamics, application complexity and diversity,and a complex user community that can have transient affiliations withactual institutions. To address these problems, NERSC proposes thefollowing four general solutions: auditing user and system activityacross sites; firewall port configuration in real time;cross-site/virtual organization identity management and access control;and detecting security issues in application middleware. Solutions arealsoproposed for three general long term issues: data volume,application complexity, and information integration.

  14. Deception used for Cyber Defense of Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Miles A. McQueen

    2009-05-01

    Control system cyber security defense mechanisms may employ deception to make it more difficult for attackers to plan and execute successful attacks. These deceptive defense mechanisms are organized and initially explored according to a specific deception taxonomy and the seven abstract dimensions of security previously proposed as a framework for the cyber security of control systems.

  15. CHDS Speaker: Hackers Critical to Defeating Cyber Threats

    OpenAIRE

    Center for Homeland Defense and Security

    2014-01-01

    Center for Homeland Defense and Security News and Stories, PRESS RELEASES Hackers are potential resources that can aid in the fight against cyber-terror far better than government bureaucrats, says internationally known security researcher Robi Sen. Sure, sophisticated cyber-criminal hackers and organizations...

  16. Definitions of Cyber Terrorism

    NARCIS (Netherlands)

    Luiijf, H.A.M.

    2014-01-01

    The phrase cyber terror appeared for the first time in the mid-eighties. According to several sources, Barry C. Collin, a senior person research fellow of the Institute for Security and Intelligence in California, defined cyber terror at that time as “the convergence of cybernetics and terrorism”—an

  17. Cyber warfare building the scientific foundation

    CERN Document Server

    Jajodia, Sushil; Subrahmanian, VS; Swarup, Vipin; Wang, Cliff

    2015-01-01

    This book features a wide spectrum of the latest computer science research relating to cyber warfare, including military and policy dimensions. It is the first book to explore the scientific foundation of cyber warfare and features research from the areas of artificial intelligence, game theory, programming languages, graph theory and more. The high-level approach and emphasis on scientific rigor provides insights on ways to improve cyber warfare defense worldwide. Cyber Warfare: Building the Scientific Foundation targets researchers and practitioners working in cyber security, especially gove

  18. Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

    Energy Technology Data Exchange (ETDEWEB)

    Shin, Ickhyun; Kwon, Kookheui [Korea Institute of Nuclear Nonproliferation and Control, Daejeon (Korea, Republic of)

    2013-05-15

    Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference.

  19. Major Cyber threat on Nuclear Facility and Key Entry Points of Malicious Codes

    International Nuclear Information System (INIS)

    Shin, Ickhyun; Kwon, Kookheui

    2013-01-01

    Cyber security incident explicitly shows that the domestic intra net system which is not connected to the Internet can be compromised by the USB based mal ware which was developed by the state-sponsored group. It also tells that the actor for cyber-attack has been changed from script kiddies to state's governments and the target has been changed to nation's main infrastructures such as electricity, transportation and etc. Since the cyber sabotage on nuclear facility has been proven to be possible and can be replicated again with same method, the cyber security on nuclear facility must be strengthened. In this paper, it is explained why the malicious code is the one of the biggest cyber threat in nuclear facility's digital I and C(Instrumentation and Controls) system by analyzing recent cyber attacks and well-known malicious codes. And a feasible cyber attack scenario on nuclear facility's digital I and C system is suggested along with some security measures for prevention of malicious code. As experienced from the cyber sabotage on Iranian nuclear facility in 2010, cyber attack on nuclear facility can be replicated by infecting the computer network with malicious codes. One of the cyber attack scenario on nuclear digital I and C computer network with using malicious code was suggested to help security manager establishing cyber security plan for prevention of malicious code. And some security measures on prevention of malicious code are also provided for reference

  20. Porous TiO₂-Based Gas Sensors for Cyber Chemical Systems to Provide Security and Medical Diagnosis.

    Science.gov (United States)

    Galstyan, Vardan

    2017-12-19

    Gas sensors play an important role in our life, providing control and security of technical processes, environment, transportation and healthcare. Consequently, the development of high performance gas sensor devices is the subject of intense research. TiO₂, with its excellent physical and chemical properties, is a very attractive material for the fabrication of chemical sensors. Meanwhile, the emerging technologies are focused on the fabrication of more flexible and smart systems for precise monitoring and diagnosis in real-time. The proposed cyber chemical systems in this paper are based on the integration of cyber elements with the chemical sensor devices. These systems may have a crucial effect on the environmental and industrial safety, control of carriage of dangerous goods and medicine. This review highlights the recent developments on fabrication of porous TiO₂-based chemical gas sensors for their application in cyber chemical system showing the convenience and feasibility of such a model to provide the security and to perform the diagnostics. The most of reports have demonstrated that the fabrication of doped, mixed and composite structures based on porous TiO₂ may drastically improve its sensing performance. In addition, each component has its unique effect on the sensing properties of material.

  1. Cyber-Physical Architecture Assisted by Programmable Networking

    OpenAIRE

    Rubio-Hernan, Jose; Sahay, Rishikesh; De Cicco, Luca; Garcia-Alfaro, Joaquin

    2018-01-01

    Cyber-physical technologies are prone to attacks, in addition to faults and failures. The issue of protecting cyber-physical systems should be tackled by jointly addressing security at both cyber and physical domains, in order to promptly detect and mitigate cyber-physical threats. Towards this end, this letter proposes a new architecture combining control-theoretic solutions together with programmable networking techniques to jointly handle crucial threats to cyber-physical systems. The arch...

  2. Modelling security properties in a grid-based operating system with anti-goals

    OpenAIRE

    Arenas, A.; Aziz, Benjamin; Bicarregui, J.; Matthews, B.; Yang, E.

    2008-01-01

    In this paper, we discuss the use of formal requirements-engineering techniques in capturing security requirements for a Grid-based operating system. We use KAOS goal model to represent two security goals for Grid systems, namely authorisation and single-sign on authentication. We apply goal-refinement to derive security requirements for these two security goals and we develop a model of antigoals and show how system vulnerabilities and threats to the security goals can arise from such anti-m...

  3. A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property.

    Science.gov (United States)

    Andrijcic, Eva; Horowitz, Barry

    2006-08-01

    The article is based on the premise that, from a macro-economic viewpoint, cyber attacks with long-lasting effects are the most economically significant, and as a result require more attention than attacks with short-lasting effects that have historically been more represented in literature. In particular, the article deals with evaluation of cyber security risks related to one type of attack with long-lasting effects, namely, theft of intellectual property (IP) by foreign perpetrators. An International Consequence Analysis Framework is presented to determine (1) the potential macro-economic consequences of cyber attacks that result in stolen IP from companies in the United States, and (2) the likely sources of such attacks. The framework presented focuses on IP theft that enables foreign companies to make economic gains that would have otherwise benefited the U.S. economy. Initial results are presented.

  4. What good cyber resilience looks like.

    Science.gov (United States)

    Hult, Fredrik; Sivanesan, Giri

    In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

  5. Development and Demonstration of a Security Core Component

    Energy Technology Data Exchange (ETDEWEB)

    Turke, Andy

    2014-02-28

    In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more data about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from

  6. 1st International Workshop on Search and Mining Terrorist Online Content and Advances in Data Science for Cyber Security and Risk on the Web

    OpenAIRE

    Tsikrika, T.; Vrochidis, S.; Akhgar, B.; Burnap, P.; Katos, Vasilis; Williams, M.L.

    2017-01-01

    The deliberate misuse of technical infrastructure (including the Web and social media) for cyber deviant and cybercriminal behaviour, ranging from the spreading of extremist and terrorism-related material to online fraud and cyber security attacks, is on the rise. This workshop aims to better understand such phenomena and develop methods for tackling them in an effective and efficient manner. The workshop brings together interdisciplinary researchers and experts in Web search, security inform...

  7. 76 FR 2151 - Assumption Buster Workshop: Defense-in-Depth is a Smart Investment for Cyber Security

    Science.gov (United States)

    2011-01-12

    ... day-long workshop on the pros and cons of the defense-in-depth strategy for cyber security. The... Technology Research and Development (NITRD) Program. ACTION: Call for participation. FOR FURTHER INFORMATION... Information Technology Research and Development (NITRD) Program on behalf of the SCORE Committee. Background...

  8. Communication, control and security challenges for the smart grid

    CERN Document Server

    Muyeen, SM

    2017-01-01

    The Smart Grid is a modern electricity grid allowing for distributed, renewable intermittent generation, partly owned by consumers. This requires advanced control and communication technologies in order to provide high quality power supply and secure generation, transmission and distribution. This book outlines these emerging technologies.

  9. Quantifiably secure power grid operation, management, and evolution :

    Energy Technology Data Exchange (ETDEWEB)

    Gray, Genetha Anne.; Watson, Jean-Paul; Silva Monroy, Cesar Augusto; Gramacy, Robert B.

    2013-09-01

    This report summarizes findings and results of the Quantifiably Secure Power Grid Operation, Management, and Evolution LDRD. The focus of the LDRD was to develop decisionsupport technologies to enable rational and quantifiable risk management for two key grid operational timescales: scheduling (day-ahead) and planning (month-to-year-ahead). Risk or resiliency metrics are foundational in this effort. The 2003 Northeast Blackout investigative report stressed the criticality of enforceable metrics for system resiliency the grids ability to satisfy demands subject to perturbation. However, we neither have well-defined risk metrics for addressing the pervasive uncertainties in a renewable energy era, nor decision-support tools for their enforcement, which severely impacts efforts to rationally improve grid security. For day-ahead unit commitment, decision-support tools must account for topological security constraints, loss-of-load (economic) costs, and supply and demand variability especially given high renewables penetration. For long-term planning, transmission and generation expansion must ensure realized demand is satisfied for various projected technological, climate, and growth scenarios. The decision-support tools investigated in this project paid particular attention to tailoriented risk metrics for explicitly addressing high-consequence events. Historically, decisionsupport tools for the grid consider expected cost minimization, largely ignoring risk and instead penalizing loss-of-load through artificial parameters. The technical focus of this work was the development of scalable solvers for enforcing risk metrics. Advanced stochastic programming solvers were developed to address generation and transmission expansion and unit commitment, minimizing cost subject to pre-specified risk thresholds. Particular attention was paid to renewables where security critically depends on production and demand prediction accuracy. To address this

  10. 76 FR 6637 - Assumption Buster Workshop: Defense-in-Depth Is a Smart Investment for Cyber Security

    Science.gov (United States)

    2011-02-07

    ... the pros and cons of the Defense-in-Depth strategy for cyber security. The workshop will be held March... Technology Research and Development (NITRD) Program. ACTION: Call for participation. FOR FURTHER INFORMATION... notice is issued by the National Coordination Office for the Networking and Information Technology...

  11. Control and Optimization Methods for Electric Smart Grids

    CERN Document Server

    Ilić, Marija

    2012-01-01

    Control and Optimization Methods for Electric Smart Grids brings together leading experts in power, control and communication systems,and consolidates some of the most promising recent research in smart grid modeling,control and optimization in hopes of laying the foundation for future advances in this critical field of study. The contents comprise eighteen essays addressing wide varieties of control-theoretic problems for tomorrow’s power grid. Topics covered include: Control architectures for power system networks with large-scale penetration of renewable energy and plug-in vehicles Optimal demand response New modeling methods for electricity markets Control strategies for data centers Cyber-security Wide-area monitoring and control using synchronized phasor measurements. The authors present theoretical results supported by illustrative examples and practical case studies, making the material comprehensible to a wide audience. The results reflect the exponential transformation that today’s grid is going...

  12. Developing a Proportionate Response to a Cyber Attack

    OpenAIRE

    Limnéll, Jarno

    2016-01-01

    The debate on both the impacts of cyber attacks and how to response to attacks is active but precedents are only a few. Strategies and political speeches are always (at least partially) declaratory and vague by nature, and beyond these declarations the practical reality of cyber security as a matter of national security issue is challenging. At the same time cyber issues have catapulted into the highest of the high politics, cyberpolitics, and the line of digital and physical is blurring in m...

  13. State of the Art Authentication, Access Control, and Secure Integration in Smart Grid

    Directory of Open Access Journals (Sweden)

    Neetesh Saxena

    2015-10-01

    Full Text Available The smart grid (SG is a promising platform for providing more reliable, efficient, and cost effective electricity to the consumers in a secure manner. Numerous initiatives across the globe are taken by both industry and academia in order to compile various security issues in the smart grid network. Unfortunately, there is no impactful survey paper available in the literature on authentications in the smart grid network. Therefore, this paper addresses the required objectives of an authentication protocol in the smart grid network along with the focus on mutual authentication, access control, and secure integration among different SG components. We review the existing authentication protocols, and analyze mutual authentication, privacy, trust, integrity, and confidentiality of communicating information in the smart grid network. We review authentications between the communicated entities in the smart grid, such as smart appliance, smart meter, energy provider, control center (CC, and home/building/neighborhood area network gateways (GW. We also review the existing authentication schemes for the vehicle-to-grid (V2G communication network along with various available secure integration and access control schemes. We also discuss the importance of the mutual authentication among SG entities while providing confidentiality and privacy preservation, seamless integration, and required access control with lower overhead, cost, and delay. This paper will help to provide a better understanding of current authentication, authorization, and secure integration issues in the smart grid network and directions to create interest among researchers to further explore these promising areas.

  14. Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

    International Nuclear Information System (INIS)

    Pollet, J.

    2006-01-01

    This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

  15. Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

    Energy Technology Data Exchange (ETDEWEB)

    Pollet, J. [PlantData Technologies, Inc., 1201 Louisiana Street, Houston, TX 77002 (United States)

    2006-07-01

    This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

  16. Study on Cyber-security Strategy and National Cyberspace Sovereignty%论网络安全战略与国家网络主权

    Institute of Scientific and Technical Information of China (English)

    邹鹏; 朱诗兵; 邹红霞

    2017-01-01

    While national interests increasingly extending with the development of cyberspace, cyberspace sovereignty and its guarantee have drawn wide attention from international communities and major countries have developed space-security strategy to safeguard their national cyberspace sovereignty.This paper analyzes the relationship between the cyberspace sovereignty and cyber-security as well as summarizes the characteristics of existing cyber-security strategies in the world.In view of protecting our national cyberspace sovereignty, it points out the issues we should pay more attention to in the formulation and implementation of cyber-security strategy which include taking national security as the starting point, taking cyberspace sovereignty as the fundament, perfecting relevant law and regulation systems, improving relevant systems, mechanisms and the support systems, accelerating the development of core technologies in cyber-security and strengthening the cyber-security training.%随着网络空间承载的国家利益日益广泛,网络主权及其保障问题引起了国际社会的高度重视,世界主要国家纷纷通过制定网络安全战略来维护本国网络主权.分析了世界各国对网络主权保护的态度及网络主权与网络安全的关系,综述了世界各国现有网络安全战略的特点.从保护我国国家网络主权的实际需求出发,指出了我国在网络安全战略的制定和实施中应当重点关注的问题,即以总体国家安全观为根本出发点、以网络主权为基本依据、健全相关法律法规体系、健全体制机制和保障力量体系、加快推进网络安全核心技术发展以及加强网络安全人才培养.

  17. Suggestion of a Framework to Analyze Failure Modes and Effect of Cyber Attacks in NPP

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Chan Young; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

    2016-05-15

    The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans.

  18. Suggestion of a Framework to Analyze Failure Modes and Effect of Cyber Attacks in NPP

    International Nuclear Information System (INIS)

    Lee, Chan Young; Seong, Poong Hyun

    2016-01-01

    The cyber security issue on NPP is inevitable issue. Unlike general cyber security, cyber-physical system like NPP can induce serious consequences such as core damage by cyber-attack. So in this paper, to find how hacker can attack the NPP, (1) PSA results were utilized to find the relationship between physical system and cyber-attack and (2) vulnerabilities on digital control systems were investigated to find how hacker can implement the possible attack. It is expected that these steps are utilized when establishing penetration test plans or cyber security drill plans

  19. Porous TiO2-Based Gas Sensors for Cyber Chemical Systems to Provide Security and Medical Diagnosis

    Science.gov (United States)

    2017-01-01

    Gas sensors play an important role in our life, providing control and security of technical processes, environment, transportation and healthcare. Consequently, the development of high performance gas sensor devices is the subject of intense research. TiO2, with its excellent physical and chemical properties, is a very attractive material for the fabrication of chemical sensors. Meanwhile, the emerging technologies are focused on the fabrication of more flexible and smart systems for precise monitoring and diagnosis in real-time. The proposed cyber chemical systems in this paper are based on the integration of cyber elements with the chemical sensor devices. These systems may have a crucial effect on the environmental and industrial safety, control of carriage of dangerous goods and medicine. This review highlights the recent developments on fabrication of porous TiO2-based chemical gas sensors for their application in cyber chemical system showing the convenience and feasibility of such a model to provide the security and to perform the diagnostics. The most of reports have demonstrated that the fabrication of doped, mixed and composite structures based on porous TiO2 may drastically improve its sensing performance. In addition, each component has its unique effect on the sensing properties of material. PMID:29257076

  20. A Secure and Scalable Data Communication Scheme in Smart Grids

    Directory of Open Access Journals (Sweden)

    Chunqiang Hu

    2018-01-01

    Full Text Available The concept of smart grid gained tremendous attention among researchers and utility providers in recent years. How to establish a secure communication among smart meters, utility companies, and the service providers is a challenging issue. In this paper, we present a communication architecture for smart grids and propose a scheme to guarantee the security and privacy of data communications among smart meters, utility companies, and data repositories by employing decentralized attribute based encryption. The architecture is highly scalable, which employs an access control Linear Secret Sharing Scheme (LSSS matrix to achieve a role-based access control. The security analysis demonstrated that the scheme ensures security and privacy. The performance analysis shows that the scheme is efficient in terms of computational cost.