WorldWideScience

Sample records for testing system security

  1. Cyber Security Testing and Training Programs for Industrial Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Daniel Noyes

    2012-03-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  2. Cyber Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These trainings vary from web-based cyber security trainings for control systems engineers to more advanced hands-on training that culminates with a Red Team/ Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors.

  3. Carboy Security Testing and Training Programs for Industrial Control Systems

    International Nuclear Information System (INIS)

    Noyes, Daniel

    2012-01-01

    Service providers rely on industrial control systems (ICS) to manage the flow of water at dams, open breakers on power grids, control ventilation and cooling in nuclear power plants, and more. In today's interconnected environment, this can present a serious cyber security challenge. To combat this growing challenge, government, private industry, and academia are working together to reduce cyber risks. The Idaho National Laboratory (INL) is a key contributor to the Department of Energy National SCADA Test Bed (NSTB) and the Department of Homeland Security (DHS) Control Systems Security Program (CSSP), both of which focus on improving the overall security posture of ICS in the national critical infrastructure. In support of the NSTB, INL hosts a dedicated SCADA testing facility which consists of multiple control systems supplied by leading national and international manufacturers. Within the test bed, INL researchers systematically examine control system components and work to identify vulnerabilities. In support of the CSSP, INL develops and conducts training courses which are designed to increase awareness and defensive capabilities for IT/Control System professionals. These training vary from web-based cyber security training for control systems engineers to more advanced hands-on training that culminates with a Red Team/Blue Team exercise that is conducted within an actual control systems environment. INL also provides staffing and operational support to the DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Security Operations Center which responds to and analyzes control systems cyber incidents across the 18 US critical infrastructure sectors

  4. Control Systems Security Test Center - FY 2004 Program Summary

    Energy Technology Data Exchange (ETDEWEB)

    Robert E. Polk; Alen M. Snyder

    2005-04-01

    In May 2004, the US-CERT Control Systems Security Center (CSSC) was established at Idaho National Laboratory to execute assessment activities to reduce the vulnerability of the nation’s critical infrastructure control systems to terrorist attack. The CSSC implements a program to accomplish the five goals presented in the US-CERT National Strategy for Control Systems Security. This report summarizes the first year funding of startup activities and program achievements that took place in FY 2004 and early FY 2005. This document was prepared for the US-CERT Control Systems Security Center of the National Cyber Security Division of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs federal departments to identify and prioritize the critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the National Cyber Security Division to address the control system security component addressed in the National Strategy to Secure Cyberspace and the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems.

  5. Cyber Security Test Strategy for Non-safety Display System

    International Nuclear Information System (INIS)

    Son, Han Seong; Kim, Hee Eun

    2016-01-01

    Cyber security has been a big issue since the instrumentation and control (I and C) system of nuclear power plant (NPP) is digitalized. A cyber-attack on NPP should be dealt with seriously because it might cause not only economic loss but also the radioactive material release. Researches on the consequences of cyber-attack onto NPP from a safety point of view have been conducted. A previous study shows the risk effect brought by initiation of event and deterioration of mitigation function by cyber terror. Although this study made conservative assumptions and simplifications, it gives an insight on the effect of cyber-attack. Another study shows that the error on a non-safety display system could cause wrong actions of operators. According to this previous study, the failure of the operator action caused by a cyber-attack on a display system might threaten the safety of the NPP by limiting appropriate mitigation actions. This study suggests a test strategy focusing on the cyber-attack on the information and display system, which might cause the failure of operator. The test strategy can be suggested to evaluate and complement security measures. Identifying whether a cyber-attack on the information and display system can affect the mitigation actions of operator, the strategy to obtain test scenarios is suggested. The failure of mitigation scenario is identified first. Then, for the test target in the scenario, software failure modes are applied to identify realistic failure scenarios. Testing should be performed for those scenarios to confirm the integrity of data and to assure effectiveness of security measures

  6. Comprehensive test ban treaty international monitoring system security threats and proposed security attributes

    Energy Technology Data Exchange (ETDEWEB)

    Draelos, T.J.; Craft, R.L.

    1996-03-01

    To monitor compliance with a Comprehensive Test Ban Treaty (CTBT), a sensing network, referred to as the International Monitoring System (IMS), is being deployed. Success of the IMS depends on both its ability to preform its function and the international community`s confidence in the system. To ensure these goals, steps must be taken to secure the system against attacks that would undermine it; however, it is not clear that consensus exists with respect to the security requirements that should be levied on the IMS design. In addition, CTBT has not clearly articulated what threats it wishes to address. This paper proposes four system-level threats that should drive IMS design considerations, identifies potential threat agents, and collects into one place the security requirements that have been suggested by various elements of the IMS community. For each such requirement, issues associated with the requirement are identified and rationale for the requirement is discussed.

  7. Testing Challenges of Maritime Safety and Security Systems-of-Systems

    NARCIS (Netherlands)

    Gonzalez, A.; Piel, E.; Gross, H.G.

    2008-01-01

    Preprint of paper published in: TAIC PART 2008: Testing: Academic & Industrial Conference, Practice and Research Techniques, 29-31 August 2008; doi:10.1109/TAIC-PART.2008.14 Maritime Safety and Security systems represent a novel kind of large-scale distributed component-based systems in which the

  8. PETA: Methodology of Information Systems Security Penetration Testing

    Directory of Open Access Journals (Sweden)

    Tomáš Klíma

    2016-12-01

    Full Text Available Current methodologies of information systems penetration testing focuses mainly on a high level and technical description of the testing process. Unfortunately, there is no methodology focused primarily on the management of these tests. It often results in a situation when the tests are badly planned, managed and the vulnerabilities found are unsystematically remediated. The goal of this article is to present new methodology called PETA which is focused mainly on the management of penetration tests. Development of this methodology was based on the comparative analysis of current methodologies. New methodology incorporates current best practices of IT governance and project management represented by COBIT and PRINCE2 principles. Presented methodology has been quantitatively evaluated.

  9. Web Security Testing Cookbook

    CERN Document Server

    Hope, Paco

    2008-01-01

    Among the tests you perform on web applications, security testing is perhaps the most important, yet it's often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite.

  10. Full Scale Drinking Water System Decontamination at the Water Security Test Bed

    Data.gov (United States)

    U.S. Environmental Protection Agency — The EPA’s Water Security Test Bed (WSTB) facility is a full-scale representation of a drinking water distribution system. In collaboration with the Idaho National...

  11. Testing System Encryption-Decryption Method to RSA Security Documents

    International Nuclear Information System (INIS)

    Supriyono

    2008-01-01

    A model of document protection which was tested as one of the instruments, especially text document. The principle of the document protection was how the system was able to protect the document storage and transfer processes. Firstly, the text-formed document was encrypted; therefore, the document cannot be read for the text was transformed into random letters. The letter-randomized text was then unfolded by the description in order that the document owner was able to read it. In the recent research, the method adopted was RSA method, in which it used complicated mathematics calculation and equipped with initial protection key (with either private key or public key), thus, it was more difficult to be attacked by hackers. The system was developed by using the software of Borland Delphi 7. The results indicated that the system was capable to save and transfer the document, both via internet and intranet in the form of encrypted letter and put it back to the initial form of document by way of description. The research also tested for encrypted and decrypted process for various memory size documents. (author)

  12. Waste Receiving and Processing Facility PMS Test Report/DMS-Y2K/System Security DMS (Data Management System)

    International Nuclear Information System (INIS)

    PALMER, M.E.

    1999-01-01

    Test Plan HNF-4351 defines testing requirements for installation of a new server in the WRAP Facility. This documents shows the results of the test reports on the DMS-Y2K and DMS-F81 (Security) systems

  13. Security system

    Science.gov (United States)

    Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

    2016-02-02

    A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

  14. Network systems security analysis

    Science.gov (United States)

    Yilmaz, Ä.°smail

    2015-05-01

    Network Systems Security Analysis has utmost importance in today's world. Many companies, like banks which give priority to data management, test their own data security systems with "Penetration Tests" by time to time. In this context, companies must also test their own network/server systems and take precautions, as the data security draws attention. Based on this idea, the study cyber-attacks are researched throughoutly and Penetration Test technics are examined. With these information on, classification is made for the cyber-attacks and later network systems' security is tested systematically. After the testing period, all data is reported and filed for future reference. Consequently, it is found out that human beings are the weakest circle of the chain and simple mistakes may unintentionally cause huge problems. Thus, it is clear that some precautions must be taken to avoid such threats like updating the security software.

  15. Model-Based Security Testing

    Directory of Open Access Journals (Sweden)

    Ina Schieferdecker

    2012-02-01

    Full Text Available Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.

  16. Cyber Security Penetration Test for Digital Safety I and C Systems

    International Nuclear Information System (INIS)

    Lee, C. K.; Kim, D. H.; Kwon, K. C.; Joo, H. K.; Song, J. S.

    2010-01-01

    In the Korea Nuclear I and C Systems Development project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and few types of communication network. However the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC in 2006 and it recommended the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore to incorporate the new licensing requirement, a cyber security risk assessment is performed for the platforms. Then the vulnerabilities identified by the risk assessment are validated by penetration test. This paper summarizes test scenario, test results and their incorporation into system design

  17. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Directory of Open Access Journals (Sweden)

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  18. Information Systems Security Audit

    OpenAIRE

    Gheorghe Popescu; Veronica Adriana Popescu; Cristina Raluca Popescu

    2007-01-01

    The article covers:Defining an information system; benefits obtained by introducing new information technologies; IT management;Defining prerequisites, analysis, design, implementation of IS; Information security management system; aspects regarding IS security policy; Conceptual model of a security system; Auditing information security systems and network infrastructure security.

  19. Waste Receiving and Processing (WRAP) Facility PMS Test Report For Data Management System (DMS) Security Test DMS-Y2K

    Energy Technology Data Exchange (ETDEWEB)

    PALMER, M.E.

    1999-09-21

    Test Plan HNF-4351 defines testing requirements for installation of a new server in the WRAP Facility. This document shows the results of the test reports on the DMS-Y2K and DMS-F81 (Security) systems.

  20. Research on Software Security Testing

    OpenAIRE

    Gu Tian-yang; Shi Yin-sheng; Fang You-yuan

    2010-01-01

    Software security testing is an important means to ensure software security and trustiness. This paper first mainly discusses the definition and classification of software security testing, and investigates methods and tools of software security testing widely. Then it analyzes and concludes the advantages and disadvantages of various methods and the scope of application, presents a taxonomy of security testing tools. Finally, the paper points out future focus and development directions of so...

  1. Combining security risk assessment and security testing

    OpenAIRE

    Großmann, Jürgen; Seehusen, Fredrik

    2014-01-01

    Complex networked systems have become an integral part of our supply infrastructure. Mobile devices, home automation, smart grids and even vehicles are connected via the Internet and becoming accessible and thus vulnerable to hacker attacks. While the number of security incidents drastically increases, we are more than ever dependent on a secure and mature ICT infrastructure. One of the keys to maintain such a secure and dependable infrastructure are mature, systematic and capable proactive m...

  2. A Method to Derive Monitoring Variables for a Cyber Security Test-bed of I and C System

    International Nuclear Information System (INIS)

    Han, Kyung Soo; Song, Jae Gu; Lee, Joung Woon; Lee, Cheol Kwon

    2013-01-01

    In the IT field, monitoring techniques have been developed to protect the systems connected by networks from cyber attacks and incidents. For the development of monitoring systems for I and C cyber security, it is necessary to review the monitoring systems in the IT field and derive cyber security-related monitoring variables among the proprietary operating information about the I and C systems. Tests for the development and application of these monitoring systems may cause adverse effects on the I and C systems. To analyze influences on the system and safely intended variables, the construction of an I and C system Test-bed should be preceded. This article proposes a method of deriving variables that should be monitored through a monitoring system for cyber security as a part of I and C Test-bed. The surveillance features and the monitored variables of NMS(Network Management System), a monitoring technique in the IT field, were reviewed in section 2. In Section 3, the monitoring variables for an I and C cyber security were derived by the of NMS and the investigation for information used for hacking techniques that can be practiced against I and C systems. The monitoring variables of NMS in the IT field and the information about the malicious behaviors used for hacking were derived as expected variables to be monitored for an I and C cyber security research. The derived monitoring variables were classified into the five functions of NMS for efficient management. For the cyber security of I and C systems, the vulnerabilities should be understood through a penetration test etc. and an assessment of influences on the actual system should be carried out. Thus, constructing a test-bed of I and C systems is necessary for the safety system in operation. In the future, it will be necessary to develop a logging and monitoring system for studies on the vulnerabilities of I and C systems with test-beds

  3. The environmental dimension of national security: A test of systems analysis methods

    Science.gov (United States)

    Porfiriev, Boris N.

    1992-11-01

    The systems approach permits us to analyze national security as a cluster of interconnected elements, in which the environmental dimension appears to be the most important one. The environmental problem is divided into two main aspects: environmental security per se and the impact of environment on the overall status of a nation's security. It is argued here that the quality of life and health serve as both the main objective and the principal criterion of environmental security in a social system. Indices of these two factors are used in this article as indicators of the state of this type of security. They confirm that vast areas of Russia, the Ukraine, and Central Asia (especially the Aral Sea region) should be considered as presenting a substantial risk to local people and even producing global impacts on both natural and man-made systems. Environmental factors that destabilize national security are also divided into two groups: those that impact social systems directly and negatively (mainly natural disasters) and technological and sociopolitical agents that cause indirect impacts, in both war and peace time, as well as in the civil and military sectors of the economy. Developments in the former Soviet Union (the Commonwealth of Independent States) are used as an illustration of the consequences that such impacts may have on the status of national security.

  4. Operating System Security

    CERN Document Server

    Jaeger, Trent

    2008-01-01

    Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build "secure" operating systems - operating systems whose mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to

  5. A framework for cyber security test

    Energy Technology Data Exchange (ETDEWEB)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2014-05-15

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done.

  6. A framework for cyber security test

    International Nuclear Information System (INIS)

    Han, Kyungsoo; Song, Jaegu; Jung, Sungmin; Lee, Jungwoon; Lee, Cheolkwon

    2014-01-01

    The person in charge of I and C cyber security must not only perform real-time security inspections but also have the capabilities for performing vulnerability scanning and penetration testing, in order for vulnerability assessment. Vulnerability scanning and penetration testing are intended to find vulnerabilities in a digital system in order to make it more secure, and to determine whether it is vulnerable to attacks. In the IT sector, automated vulnerability scanning and penetration testing tools are being developed and continually researched. However, for a NPP I and C systems in which the method of communication is mixed (TCP/IP and serial), it is difficult to use the existing tools. This paper describes the penetration test framework for the IT sector, which is one of the cyber security test methods available. It concludes by discussing the need to develop a new penetration method for performing cyber security testing for NPP I and C systems, as well as the need for the NPP I and C test-bed. Security vulnerabilities need to be identified and continuously managed through vulnerability scans and assessments. For known vulnerabilities, the vulnerabilities of the target system can be periodically managed via a vulnerability database. These activities such as fuzzing, penetration testing, etc. must not affect the availability or the integrity of the NPP I and C systems. It is desired that a NPP I and C cyber security test-bad environment that exactly models the actual system must be first constructed and then penetration testing done

  7. Security of Dependable Systems

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    Security and dependability are crucial for designing trustworthy systems. The approach “security as an add-on” is not satisfactory, yet the integration of security in the development process is still an open problem. Especially, a common framework for specifying dependability and security is very...... much needed. There are many pressing challenges however; here, we address some of them. Firstly, security for dependable systems is a broad concept and traditional view of security, e.g., in terms of confidentiality, integrity and availability, does not suffice. Secondly, a clear definition of security...... in the dependability context is not agreed upon. Thirdly, security attacks cannot be modeled as a stochastic process, because the adversary’s strategy is often carefully planned. In this chapter, we explore these challenges and provide some directions toward their solutions....

  8. Energy systems security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Energy Systems Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to electricity transmission grids and their protection, risk assessment of energy systems, analysis of interdependent energy networks. Methods to manage electricity transmission disturbances so as to avoid blackouts are discussed, and self-healing energy system and a nano-enabled power source are presented.

  9. A Design Methodology for Computer Security Testing

    OpenAIRE

    Ramilli, Marco

    2013-01-01

    The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. ...

  10. The Immorality of Test Security.

    Science.gov (United States)

    Wiggins, Grant

    1994-01-01

    Argues that test security in student testing is an immoral, inefficient practice rooted in medieval views of the teacher-student relationship. Secrecy practices involving testing should be scrutinized carefully and minimized through the use of explicit principles--an Assessment Bill of Rights--that put students' rights on par with the testmaker's…

  11. Security systems engineering overview

    International Nuclear Information System (INIS)

    Steele, B.J.

    1996-01-01

    Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

  12. A Secure Alert System

    Science.gov (United States)

    2006-12-01

    http://www.cgisecurity.com/ owasp /html/ch10.html, accessed 23 October 2006. [33] Cross Site Scripting by Amit Klein, Former Director of Security...and Research, a whitepaper from Watchfire. [34] CIGSecurity.com, Attacks on the System - Direct SQL Commands, http://www.cgisecurity.com/ owasp ...html/ch11s03.html, accessed 23 October 2006. [35] CIGSecurity.com, Attacks on the System - Direct OS Commands, http://www.cgisecurity.com/ owasp /html

  13. Building a Secure Library System.

    Science.gov (United States)

    Benson, Allen C.

    1998-01-01

    Presents tips for building a secure library system to guard against threats like hackers, viruses, and theft. Topics include: determining what is at risk; recovering from disasters; developing security policies; developing front-end security; securing menu systems; accessing control programs; protecting against damage from viruses; developing…

  14. Almaraz ovation control system security

    Energy Technology Data Exchange (ETDEWEB)

    Madronal Rodriguez, E.; Anderson, E.; Jimenez Diaz, J.; Carrasco Mateos, J. A.

    2013-07-01

    Improving the security of a plant's Distributed Control System (DCS) is an important consideration for plant safety and profitability, as well as the necessity to comply with the regulation. The U.S. Nuclear Regulatory Commission has produced Regulatory Guide (RG) 5.71, and the Nuclear Energy Institute (NEI) has produced NEI 08-09 to assist plants in meeting 10 CFR 73.54, Protection of digital computer and communication systems and networks. These requirements, which address the establishment, implementation and maintenance of a cyber security program, present challenges to ensure that safety, security and emergency preparedness functions of nuclear facilities are not negatively impacted by the vulnerability scanning and testing process.

  15. Kali Linux assuring security by penetration testing

    CERN Document Server

    Ali, Shakeel; Allen, Lee

    2014-01-01

    Written as an interactive tutorial, this book covers the core of Kali Linux with real-world examples and step-by-step instructions to provide professional guidelines and recommendations for you. The book is designed in a simple and intuitive manner that allows you to explore the whole Kali Linux testing process or study parts of it individually.If you are an IT security professional who has a basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and want to use Kali Linux for penetration testing, then this book is for you.

  16. Cyberspace security system

    Science.gov (United States)

    Abercrombie, Robert K; Sheldon, Frederick T; Ferragut, Erik M

    2014-06-24

    A system evaluates reliability, performance and/or safety by automatically assessing the targeted system's requirements. A cost metric quantifies the impact of failures as a function of failure cost per unit of time. The metrics or measurements may render real-time (or near real-time) outcomes by initiating active response against one or more high ranked threats. The system may support or may be executed in many domains including physical domains, cyber security domains, cyber-physical domains, infrastructure domains, etc. or any other domains that are subject to a threat or a loss.

  17. Security Information System Digital Simulation

    OpenAIRE

    Tao Kuang; Shanhong Zhu

    2015-01-01

    The study built a simulation model for the study of food security information system relay protection. MATLAB-based simulation technology can support the analysis and design of food security information systems. As an example, the food security information system fault simulation, zero-sequence current protection simulation and transformer differential protection simulation are presented in this study. The case studies show that the simulation of food security information system relay protect...

  18. Security Testing Handbook for Banking Applications

    CERN Document Server

    Doraiswamy, Arvind; Kapoor, Nilesh

    2009-01-01

    Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.

  19. Defense Security Assistance Management System

    National Research Council Canada - National Science Library

    1998-01-01

    ... $10 billion Foreign Military Sales Program. As envisioned, it will replace 13 automated information systems used by the Military Departments and Defense Security Assistance Agency and will provide standardized and improved security assistance...

  20. Security system signal supervision

    International Nuclear Information System (INIS)

    Chritton, M.R.; Matter, J.C.

    1991-09-01

    This purpose of this NUREG is to present technical information that should be useful to NRC licensees for understanding and applying line supervision techniques to security communication links. A review of security communication links is followed by detailed discussions of link physical protection and DC/AC static supervision and dynamic supervision techniques. Material is also presented on security for atmospheric transmission and video line supervision. A glossary of security communication line supervision terms is appended. 16 figs

  1. Army Secure Operating System: Information Security for Real Time Systems

    National Research Council Canada - National Science Library

    Anderson, Eric

    1984-01-01

    .... ASOS will support real time applications software coded in Ada. In addition, ASOS will incorporate information security technology to protect classified data processed by Army tactical systems...

  2. Teaching RFID Information Systems Security

    Science.gov (United States)

    Thompson, Dale R.; Di, Jia; Daugherty, Michael K.

    2014-01-01

    The future cyber security workforce needs radio frequency identification (RFID) information systems security (INFOSEC) and threat modeling educational materials. A complete RFID security course with new learning materials and teaching strategies is presented here. A new RFID Reference Model is used in the course to organize discussion of RFID,…

  3. Secure Embedded Systems

    Science.gov (United States)

    2016-02-26

    module ( TPM ), an international standard secure processor that facilitates secure cryptographic key generation, remote attestation, encryption...decryption, and sealed storage [5]. Each TPM chip includes a unique secret key, allowing the chip to perform platform and hardware device authentication...When creating the TPM , developers made a number of compromises that addressed cost and privacy concerns to ensure commercial adoptability of the

  4. Nuclear Weapon Testing Limitations and International Security

    Science.gov (United States)

    Corden, Pierce S.

    2017-01-01

    For over 50 years stopping nuclear weapon tests has been sought to support achieving international security without nuclear weapons. Testing is the critical path beyond primitive fission devices, e.g. to develop thermonuclear weapons, reduce weight and volume and increase yield. The 1958 Geneva Conference of Experts considered ways to verify a test ban. With then-limitations on seismology, and lack of in-country monitoring and on-site inspections, the 1963 Limited Test Ban Treaty prohibits testing only in the atmosphere, outer space and under water, and is verified by National Technical Means. The US and USSR agreed to a limit of 150 kilotons on underground explosions in the 1970s-80s. The 1996 Comprehensive Nuclear-Test-Ban Treaty bans all nuclear explosions. Its International Monitoring System - seismic, hydroacoustic, infrasound and radionuclide sensors - is being used, and has easily detected testing by the DPRK. On-site inspections will be available under an in-force Treaty. A 2012 National Academy report concludes that cheating attempts would not undermine U.S. security, and the program for monitoring and extending the life of US weapons has succeeded since US testing ceased in 1992.

  5. INFORMATION SYSTEM SECURITY THREATS CLASSIFICATIONS

    Directory of Open Access Journals (Sweden)

    Sandro Gerić

    2007-06-01

    Full Text Available Information systems are exposed to different types of security risks. Theconsequences of information systems security (ISS breaches can vary from e.g. damaging the data base integrity to physical "destruction" of entire information system facilities, and can result with minor disruptions in less important segments of information systems, or with significant interruptions in information systems functionality. The sources of security risks are different, and can origin from inside or outside of information system facility, and can be intentional or unintentional. The precise calculation of loses caused by such incidents is often not possible because a number of small scale ISS incidents are never detected, or detected with a significant time delay, a part of incidents are interpreted as an accidental mistakes, and all that results with an underestimation of ISS risks. This paper addresses the different types and criteria of information system security risks (threats classification and gives an overview of most common classifications used in literature and in practice. We define a common set of criteria that can be used for information system security threats classification, which will enable the comparison and evaluation of different security threats from different security threats classifications.

  6. Penetration Testing: A Roadmap to Network Security

    OpenAIRE

    Naik, Nitin A.; Kurundkar, Gajanan D.; Khamitkar, Santosh D.; Kalyankar, Namdeo V.

    2009-01-01

    Network penetration testing identifies the exploits and vulnerabilities those exist within computer network infrastructure and help to confirm the security measures. The objective of this paper is to explain methodology and methods behind penetration testing and illustrate remedies over it, which will provide substantial value for network security Penetration testing should model real world attacks as closely as possible. An authorized and scheduled penetration testing will probably detected ...

  7. Algorithms, architectures and information systems security

    CERN Document Server

    Sur-Kolay, Susmita; Nandy, Subhas C; Bagchi, Aditya

    2008-01-01

    This volume contains articles written by leading researchers in the fields of algorithms, architectures, and information systems security. The first five chapters address several challenging geometric problems and related algorithms. These topics have major applications in pattern recognition, image analysis, digital geometry, surface reconstruction, computer vision and in robotics. The next five chapters focus on various optimization issues in VLSI design and test architectures, and in wireless networks. The last six chapters comprise scholarly articles on information systems security coverin

  8. Security considerations and recommendations in computer-based testing.

    Science.gov (United States)

    Al-Saleem, Saleh M; Ullah, Hanif

    2014-01-01

    Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT). However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password) in order to check the identity and authenticity of the examinee.

  9. Security Considerations and Recommendations in Computer-Based Testing

    Directory of Open Access Journals (Sweden)

    Saleh M. Al-Saleem

    2014-01-01

    Full Text Available Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT. However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, and last but not least test security. Security aspects may include but are not limited to the identification and authentication of examinee, the risks that are associated with cheating on the exam, and the procedures related to test delivery to the examinee. This paper will mainly investigate the security considerations associated with CBT and will provide some recommendations for the security of these kinds of tests. We will also propose a palm-based biometric authentication system incorporated with basic authentication system (username/password in order to check the identity and authenticity of the examinee.

  10. Systems analysis of a security alarm system

    International Nuclear Information System (INIS)

    Schiff, A.

    1975-01-01

    When the Lawrence Livermore Laboratory found that its security alarm system was causing more false alarms and maintenance costs than LLL felt was tolerable, a systems analysis was undertaken to determine what should be done about the situation. This report contains an analysis of security alarm systems in general and ends with a review of the existing Security Alarm Control Console (SACC) and recommendations for its improvement, growth and change. (U.S.)

  11. Secure computing on reconfigurable systems

    OpenAIRE

    Fernandes Chaves, R.J.

    2007-01-01

    This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performa...

  12. 12 CFR 652.40 - Stress tests for mortgage securities.

    Science.gov (United States)

    2010-01-01

    ... 12 Banks and Banking 6 2010-01-01 2010-01-01 false Stress tests for mortgage securities. 652.40 Section 652.40 Banks and Banking FARM CREDIT ADMINISTRATION FARM CREDIT SYSTEM FEDERAL AGRICULTURAL... risk policies. The methodology that you use to analyze mortgage securities must be appropriate for the...

  13. INFORMATION SECURITY IN MOBILE MODULAR MEASURING SYSTEMS

    Directory of Open Access Journals (Sweden)

    A. N. Tkhishev

    2017-01-01

    Full Text Available A special aspect of aircraft test is carrying out both flight evaluation and ground operation evaluation in a structure of flying aids and special tools equipment. The specific of flight and sea tests involve metering in offshore zone, which excludes the possibility of fixed geodetically related measuring tools. In this regard, the specific role is acquired by shipbased measurement systems, in particular the mobile modular measuring systems. Information processed in the mobile modular measurement systems is a critical resource having a high level of confidentiality. When carrying out their functions, it should be implemented a proper information control of the mobile modular measurement systems to ensure their protection from the risk of data leakage, modification or loss, i.e. to ensure a certain level of information security. Due to the specific of their application it is difficult to solve the problems of information security in such complexes. The intruder model, the threat model, the security requirements generated for fixed informatization objects are not applicable to mobile systems. It was concluded that the advanced mobile modular measuring systems designed for flight experiments monitoring and control should be created due to necessary information protection measures and means. The article contains a diagram of security requirements formation, starting with the data envelopment analysis and ending with the practical implementation. The information security probabilistic model applied to mobile modular measurement systems is developed. The list of current security threats based on the environment and specific of the mobile measurement system functioning is examined. The probabilistic model of the information security evaluation is given. The problems of vulnerabilities transformation of designed information system into the security targets with the subsequent formation of the functional and trust requirements list are examined.

  14. Cyber Security and Resilient Systems

    International Nuclear Information System (INIS)

    Anderson, Robert S.

    2009-01-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation's cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested - both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  15. Cyber Security and Resilient Systems

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson

    2009-07-01

    The Department of Energy (DOE) Idaho National Laboratory (INL) has become a center of excellence for critical infrastructure protection, particularly in the field of cyber security. It is one of only a few national laboratories that have enhanced the nation’s cyber security posture by performing industrial control system (ICS) vendor assessments as well as user on-site assessments. Not only are vulnerabilities discovered, but described actions for enhancing security are suggested – both on a system-specific basis and from a general perspective of identifying common weaknesses and their corresponding corrective actions. These cyber security programs have performed over 40 assessments to date which have led to more robust, secure, and resilient monitoring and control systems for the US electrical grid, oil and gas, chemical, transportation, and many other sectors. In addition to cyber assessments themselves, the INL has been engaged in outreach to the ICS community through vendor forums, technical conferences, vendor user groups, and other special engagements as requested. Training programs have been created to help educate all levels of management and worker alike with an emphasis towards real everyday cyber hacking methods and techniques including typical exploits that are used. The asset owner or end user has many products available for its use created from these programs. One outstanding product is the US Department of Homeland Security (DHS) Cyber Security Procurement Language for Control Systems document that provides insight to the user when specifying a new monitoring and control system, particularly concerning security requirements. Employing some of the top cyber researchers in the nation, the INL can leverage this talent towards many applications other than critical infrastructure. Monitoring and control systems are used throughout the world to perform simple tasks such as cooking in a microwave to complex ones such as the monitoring and control of the

  16. Security Management – Systems Approach

    Directory of Open Access Journals (Sweden)

    Milan Kný

    2015-12-01

    Full Text Available The aim of the contribution is the use of the systems approach to treat security management as a practical field and new scientific discipline. The philosophy of systems approach to the solution of problems generally is an adequate methodological basis even for the theory of management. The path to the real optimization of security situation leads only through the holistic and solid solution. Applications of systems analysis and synthesis back up the fact, that systems approach and systems thinking should not absent in security objects. The truthfulness of the claim, that security management is a well-established discipline, depends on ongoing discussion that represents useful process of development of new scientific discipline. At the same time the rationality of science and systematism works as a counterbalance to irrational fear of the whole society, too. Which questions of security remain open in relation to „our interests“? Current problems of Europe should be solved systematically. It is necessary to define the space of interest (territorially the border of the EU or the Schengen area, to implement the system to the object with respect to the borders of the space, to specify the structure and subjects of decision making and implementation.

  17. Adaptive security systems -- Combining expert systems with adaptive technologies

    Energy Technology Data Exchange (ETDEWEB)

    Argo, P.; Loveland, R.; Anderson, K. [and others

    1997-09-01

    The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting.

  18. Adaptive security systems -- Combining expert systems with adaptive technologies

    International Nuclear Information System (INIS)

    Argo, P.; Loveland, R.; Anderson, K.

    1997-01-01

    The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting

  19. BackTrack testing wireless network security

    CERN Document Server

    Cardwell, Kevin

    2013-01-01

    Written in an easy-to-follow step-by-step format, you will be able to get started in next to no time with minimal effort and zero fuss.BackTrack: Testing Wireless Network Security is for anyone who has an interest in security and who wants to know more about wireless networks.All you need is some experience with networks and computers and you will be ready to go.

  20. Nuclear Testing and National Security,

    Science.gov (United States)

    1981-01-01

    igned to assist our readers in their use of our monographs. Since the 1950s, the United States has negotiated more than fif- teen arms control agreements...research program cannot replace a program of "full-scale and extensive" testing, which would be needed for a proliferator to perfect its nude - ar

  1. SMS security system for smart home detectors

    OpenAIRE

    Cekova, Katerina; Gelev, Saso

    2016-01-01

    Security has always been an important problem everywhere. Home security has been a major issue where crime is increasing and everybody wants home security to protect the home. Safety from theft and flame are the most important requirements of a home security system for people. A remote home security system offers many benefits from keeping homeowners, and their property safe. This paper present controlling of the home security system remotely from Android Application. Owners can turn on or...

  2. On Building Secure Communication Systems

    DEFF Research Database (Denmark)

    Carvalho Quaresma, Jose Nuno

    This thesis presents the Guided System Development (GSD) framework, which aims at supporting the development of secure communication systems. A communication system is specified in a language similar to the Alice and Bob notation, a simple and intuitive language used to describe the global...... into code that implements the communication skeleton of the system and can then be used by the system designer. New output languages can also easily be added to the GSD framework. Additionally, a prototype of the GSD framework was implemented and an ex-ample of using the GSD framework in a real world system...... perspective of the communications between different principals. The notation used in the GSD framework extends that notation with constructs that allow the security requirements of the messages to be described. From that specification, the developer is guided through a semi-automatic translation that enables...

  3. Biomedical devices and systems security.

    Science.gov (United States)

    Arney, David; Venkatasubramanian, Krishna K; Sokolsky, Oleg; Lee, Insup

    2011-01-01

    Medical devices have been changing in revolutionary ways in recent years. One is in their form-factor. Increasing miniaturization of medical devices has made them wearable, light-weight, and ubiquitous; they are available for continuous care and not restricted to clinical settings. Further, devices are increasingly becoming connected to external entities through both wired and wireless channels. These two developments have tremendous potential to make healthcare accessible to everyone and reduce costs. However, they also provide increased opportunity for technology savvy criminals to exploit them for fun and profit. Consequently, it is essential to consider medical device security issues. In this paper, we focused on the challenges involved in securing networked medical devices. We provide an overview of a generic networked medical device system model, a comprehensive attack and adversary model, and describe some of the challenges present in building security solutions to manage the attacks. Finally, we provide an overview of two areas of research that we believe will be crucial for making medical device system security solutions more viable in the long run: forensic data logging, and building security assurance cases.

  4. SMART SECURITY SYSTEM FOR CARS

    OpenAIRE

    Akshay V. Balki*, Ankit A. Ramteke, Akshay Dhankar, Prof. Nilesh S. Panchbudhe

    2017-01-01

    This propose work is an attempt to model design an smart advance vehicle security system that uses biometric scanner and RFID card reader to give ignition pulse using two main module and to prevent theft. The system contains biometric scanner, RFID card reader, alcohol sensor, vibration sensor, GSM module, microcontroller (8051), relay switch, high voltage mesh..The safety of car is exceptionally essential. It provides pulse to ignition system by synchronizing driver’s data from license and t...

  5. Wireless Network Penetration Testing and Security Auditing

    Directory of Open Access Journals (Sweden)

    Wang Shao-Long

    2016-01-01

    Full Text Available IEEE802.11 wireless wireless networks have security issues that are vulnerable to a variety of attacks. Due to using radio to transport data, attackers can bypass firewalls, sniff sensitive information, intercept packets and send malicious packets. Security auditing and penetration testing is expected to ensure wireless networks security. The contributions of this work are analyzed the vulnerability and types of attacks pertaining to IEEE 802.11 WLAN, performed well known attacks in a laboratory environment to conduct penetration tests to confirm whether our wireless network is hackable or not. WAIDPS is configured as auditing tool to view wireless attacks, such as WEP/WPA/WPA2 cracking, rouge access points, denial of service attack. WAIDPS is designed to detect wireless intrusion with additional features. Penetration testing and auditing will mitigate the risk and threatening to protect WALN.

  6. Secure Embedded Systems

    Science.gov (United States)

    2015-08-24

    lifecycle   efficiency   of   asset   procurements.   DoD   has   thus...application   programming  255   interface   ( API )   provides   application   developers   with   a   simple   and   intuitive...also  grow.  The  use  of  open  system  architecture  (OSA)  can  improve  350   the   development   and   lifecycle

  7. SECURING DIGITIZED LIBRARY CIRCULATORY SYSTEM

    African Journals Online (AJOL)

    user

    In this paper, we improved on these baselines related works by developing a secure system with a large and robust database and ensured privacy of patron's information by encrypting the detail of every registered user alongside sending notifications to patrons specifically for library circulation operations. This was achieved ...

  8. Audit Characteristics for Information System Security

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available The paper presents the main aspects regarding the development of the information security and assurance of their security. The information systems, standards and audit processes definitions are offered. There are presented the most important security standards used in information system security assessment

  9. Audit Characteristics for Information System Security

    OpenAIRE

    Marius POPA; Mihai DOINEA

    2007-01-01

    The paper presents the main aspects regarding the development of the information security and assurance of their security. The information systems, standards and audit processes definitions are offered. There are presented the most important security standards used in information system security assessment

  10. Salsa: Security Application Launcher for System Administrators

    National Research Council Canada - National Science Library

    Derrick, Douglas

    1999-01-01

    .... The need for system and network security is well-documented, and dozens of security "tools" already exist to assist system administrators in analyzing the relative vulnerability of their systems...

  11. Automated Security Testing of Web Widget Interactions

    NARCIS (Netherlands)

    Bezemer, C.P.; Mesbah, A.; Van Deursen, A.

    2009-01-01

    This paper is a pre-print of: Cor-Paul Bezemer, Ali Mesbah, and Arie van Deursen. Automated Security Testing of Web Widget Interactions. In Proceedings of the 7th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering

  12. Infrastructure Plan for Home Security System

    OpenAIRE

    Tong, Yao

    2011-01-01

    Tong, Yao. 2011. Infrastructure Plan for Home Security System. Bachelor’s Thesis. Kemi-Tornio University of Applied Sciences. Business and Culture. Pages 53. Appendix 1. The aims of this research were to design an infrastructure plan for home security system, analyze the most mature and emerging technologies, connect the security services through different types of interfaces, and assign different security levels for home security system based on the user requirements. The whole infrastru...

  13. Information technology security system engineering methodology

    Science.gov (United States)

    Childs, D.

    2003-01-01

    A methodology is described for system engineering security into large information technology systems under development. The methodology is an integration of a risk management process and a generic system development life cycle process. The methodology is to be used by Security System Engineers to effectively engineer and integrate information technology security into a target system as it progresses through the development life cycle. The methodology can also be used to re-engineer security into a legacy system.

  14. Securing the Global Airspace System Via Identity-Based Security

    Science.gov (United States)

    Ivancic, William D.

    2015-01-01

    Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

  15. HITACHI security concept for industrial control systems

    International Nuclear Information System (INIS)

    Endoh, H.; Yamada, T.; Okubo, S.; Nakano, T.

    2012-01-01

    Security is a necessary factor for the safe and efficient operation of today's control systems. To ensure safe operation of control systems throughout their lifetime, security measures must be carefully planned in the development phase and then maintained continuously during the operation phase and other following phases. To ensure operation within the system's safe states, Hitachi proposes security concept processes (1) to derive security measures rationally and (2) to maintain the security model over the system life cycle. Hitachi also proposes security development programs which support the integration of standards-compliant systems and development of robust control equipment. (author)

  16. Security psychology as social systemic phenomenon

    OpenAIRE

    Zinchenko, Yuri

    2011-01-01

    Security psychology is considered through social systemic search for reciprocal contiguity and mutual completion of existing advances of psychology and conceptual security understanding. The ability of systemic vision of security and its cognitive and practical specifics are demonstrated. The possibility to investigate safety psychology as social theoretical construct is suggested. Multi-aspect approach to security is substantiated. Methodological challenges of psychological security are disc...

  17. Control system security in nuclear power plant

    International Nuclear Information System (INIS)

    Li Jianghai; Huang Xiaojin

    2012-01-01

    The digitalization and networking of control systems in nuclear power plants has brought significant improvements in system control, operation and maintenance. However, the highly digitalized control system also introduces additional security vulnerabilities. Moreover, the replacement of conventional proprietary systems with common protocols, software and devices makes these vulnerabilities easy to be exploited. Through the interaction between control systems and the physical world, security issues in control systems impose high risks on health, safety and environment. These security issues may even cause damages of critical infrastructures and threaten national security. The importance of control system security by reviewing several control system security incidents that happened in nuclear power plants was showed in recent years. Several key difficulties in addressing these security issues were described. Finally, existing researches on control system security and propose several promising research directions were reviewed. (authors)

  18. INTERVALS OPTIMIZATION OF SYSTEMS INFORMATION SECURITY INSPECTION

    Directory of Open Access Journals (Sweden)

    V. A. Bogatyrev

    2014-09-01

    Full Text Available A Markov model is suggested for secure information systems, functioning under conditions of destructive impacts, which aftereffects are found by on-line and test control. It is assumed that on-line control, in contrast to the test one, is char- acterized by the limited control completeness, but does not require the stopping of computational process. The aim of re- search is to create models that optimize intervals of test control initialization by the criterion of probability maximization for system stay in the ready state to secure fulfillment of the functional requests and minimization of the dangerous system states in view of the uncertainty and intensity variance of the destructive impacts. Variants of testing intervals optimization are con- sidered depending on the intensity of destructive impacts by the criterion of the maximum system availability for the safe execution of queries. Optimization is carried out with and without adaptation to the actual intensity change of destructive impacts. The efficiency of adaptive change for testing periods is shown depending on the observed activity of destructive impacts. The solution of optimization problem is obtained by built-in tools of computer mathematics Mathcad 15, including symbolic mathematics for solution of systems of algebraic equations. The proposed models and methods of determining the optimal testing intervals can find their application in the system design of computer systems and networks of critical applications, working under conditions of destabilizing actions with the increased requirements for their safety.

  19. Securing military information systems on public infrastructure

    CSIR Research Space (South Africa)

    Botha, P

    2015-03-01

    Full Text Available to private encrypted networks. Several security mechanisms from commercial enterprise and social networking systems were adopted and customised in order to secure Cmore, a Web based real time distributed command and control system developed by the Council...

  20. Process Control Systems in the Chemical Industry: Safety vs. Security

    Energy Technology Data Exchange (ETDEWEB)

    Jeffrey Hahn; Thomas Anderson

    2005-04-01

    Traditionally, the primary focus of the chemical industry has been safety and productivity. However, recent threats to our nation’s critical infrastructure have prompted a tightening of security measures across many different industry sectors. Reducing vulnerabilities of control systems against physical and cyber attack is necessary to ensure the safety, security and effective functioning of these systems. The U.S. Department of Homeland Security has developed a strategy to secure these vulnerabilities. Crucial to this strategy is the Control Systems Security and Test Center (CSSTC) established to test and analyze control systems equipment. In addition, the CSSTC promotes a proactive, collaborative approach to increase industry's awareness of standards, products and processes that can enhance the security of control systems. This paper outlines measures that can be taken to enhance the cybersecurity of process control systems in the chemical sector.

  1. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

    National Research Council Canada - National Science Library

    Ganger, Gregory R

    2007-01-01

    This report summarizes the results of the work on the AFOSR's Critical Infrastructure Protection Program project, entitled Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security...

  2. Threats to financial system security

    Energy Technology Data Exchange (ETDEWEB)

    McGovern, D.E.

    1997-06-01

    The financial system in the United States is slowly migrating from the bricks and mortar of banks on the city square to branch banks, ATM`s, and now direct linkage through computers to the home. Much work has been devoted to the security problems inherent in protecting property and people. The impact of attacks on the information aspects of the financial system has, however, received less attention. Awareness is raised through publicized events such as the junk bond fraud perpetrated by Milken or gross mismanagement in the failure of the Barings Bank through unsupervised trading activities by Leeson in Singapore. These events, although seemingly large (financial losses may be on the order of several billion dollars), are but small contributors to the estimated $114 billion loss to all types of financial fraud in 1993. Most of the losses can be traced to the contribution of many small attacks perpetrated against a variety of vulnerable components and systems. This paper explores the magnitude of these financial system losses and identifies new areas for security to be applied to high consequence events.

  3. Comparison of Routable Control System Security Approaches

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Carroll, Thomas E.; Manz, David O.; Winn, Jennifer D.

    2011-06-01

    This document is an supplement to the 'Secure and Efficient Routable Control Systems.' It addressed security in routable control system communication. The control system environment that monitors and manages the power grid historically has utilized serial communication mechanisms. Leased-line serial communication environments operating at 1200 to 9600 baud rates are common. However, recent trends show that communication media such as fiber, optical carrier 3 (OC-3) speeds, mesh-based high-speed wireless, and the Internet are becoming the media of choice. In addition, a dichotomy has developed between the electrical transmission and distribution environments, with more modern communication infrastructures deployed by transmission utilities. The preceding diagram represents a typical control system. The Communication Links cloud supports all of the communication mechanisms a utility might deploy between the control center and devices in the field. Current methodologies used for security implementations are primarily led by single vendors or standards bodies. However, these entities tend to focus on individual protocols. The result is an environment that contains a mixture of security solutions that may only address some communication protocols at an increasing operational burden for the utility. A single approach is needed that meets operational requirements, is simple to operate, and provides the necessary level of security for all control system communication. The solution should be application independent (e.g., Distributed Network Protocol/Internet Protocol [DNP/IP], International Electrotechnical Commission [IEC] C37.118, Object Linking and Embedding for Process Control [OPC], etc.) and focus on the transport layer. In an ideal setting, a well-designed suite of standards for control system communication will be used for vendor implementation and compliance testing. An expected outcome of this effort is an international standard.

  4. SECURITY SYSTEMS FOR MARITIME HARBOUR

    Directory of Open Access Journals (Sweden)

    Georgică SLĂMNOIU

    2010-11-01

    Full Text Available Infrastructure protection objectives are at the top of the agenda of those responsible in the European Union. Currently Romania is one of the countries on its eastern border of the Union and this has special implications in terms of security measures that are required to be implemented. Ships and harbours are important current conflict stage. An integrated system of protection of harbours must be prepared in advance in order to continuously provide information that will increase the overall performance of the intervention forces.

  5. Developing an Undergraduate Information Systems Security Track

    Science.gov (United States)

    Sharma, Aditya; Murphy, Marianne C.; Rosso, Mark A.; Grant, Donna

    2013-01-01

    Information Systems Security as a specialized area of study has mostly been taught at the graduate level. This paper highlights the efforts of establishing an Information Systems (IS) Security track at the undergraduate level. As there were many unanswered questions and concerns regarding the Security curriculum, focus areas, the benefit of…

  6. Information technology - Security techniques - Information security management systems - Requirements

    CERN Document Server

    International Organization for Standardization. Geneva

    2005-01-01

    ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties. ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following: use within organizations to formulate security requirements and objectives; use within organizations as a way to ensure that security risks are cost effectively managed; use within organizations to ensure comp...

  7. Vendor System Vulnerability Testing Test Plan

    Energy Technology Data Exchange (ETDEWEB)

    James R. Davidson

    2005-01-01

    The Idaho National Laboratory (INL) prepared this generic test plan to provide clients (vendors, end users, program sponsors, etc.) with a sense of the scope and depth of vulnerability testing performed at the INL’s Supervisory Control and Data Acquisition (SCADA) Test Bed and to serve as an example of such a plan. Although this test plan specifically addresses vulnerability testing of systems applied to the energy sector (electric/power transmission and distribution and oil and gas systems), it is generic enough to be applied to control systems used in other critical infrastructures such as the transportation sector, water/waste water sector, or hazardous chemical production facilities. The SCADA Test Bed is established at the INL as a testing environment to evaluate the security vulnerabilities of SCADA systems, energy management systems (EMS), and distributed control systems. It now supports multiple programs sponsored by the U.S. Department of Energy, the U.S. Department of Homeland Security, other government agencies, and private sector clients. This particular test plan applies to testing conducted on a SCADA/EMS provided by a vendor. Before performing detailed vulnerability testing of a SCADA/EMS, an as delivered baseline examination of the system is conducted, to establish a starting point for all-subsequent testing. The series of baseline tests document factory delivered defaults, system configuration, and potential configuration changes to aid in the development of a security plan for in depth vulnerability testing. The baseline test document is provided to the System Provider,a who evaluates the baseline report and provides recommendations to the system configuration to enhance the security profile of the baseline system. Vulnerability testing is then conducted at the SCADA Test Bed, which provides an in-depth security analysis of the Vendor’s system.b a. The term System Provider replaces the name of the company/organization providing the system

  8. A Security Audit Framework to Manage Information System Security

    Science.gov (United States)

    Pereira, Teresa; Santos, Henrique

    The widespread adoption of information and communication technology have promoted an increase dependency of organizations in the performance of their Information Systems. As a result, adequate security procedures to properly manage information security must be established by the organizations, in order to protect their valued or critical resources from accidental or intentional attacks, and ensure their normal activity. A conceptual security framework to manage and audit Information System Security is proposed and discussed. The proposed framework intends to assist organizations firstly to understand what they precisely need to protect assets and what are their weaknesses (vulnerabilities), enabling to perform an adequate security management. Secondly, enabling a security audit framework to support the organization to assess the efficiency of the controls and policy adopted to prevent or mitigate attacks, threats and vulnerabilities, promoted by the advances of new technologies and new Internet-enabled services, that the organizations are subject of. The presented framework is based on a conceptual model approach, which contains the semantic description of the concepts defined in information security domain, based on the ISO/IEC_JCT1 standards.

  9. The Livermore Security Console system

    International Nuclear Information System (INIS)

    Smart, J.A.

    1987-01-01

    The Console system contains multiple, redundant workstations that enable operator to monitor alarms, assess incidents, and dispatch field personnel. Each workstation is heavily computerized and incorporates automatic video switching and recording, integrated radio and telephone communications, and an advanced high-resolution map and incident-display system. Operation of the workstation is closely integrated with the map display system, allowing an operators to readily pan and zoom. Objects of security interest are overlaid on the map using color. Access to alarm sensor information, entry-control device status, and the closed-circuit television system is obtained by zooming into an area and selecting the appropriate icons or symbols on the maps. Control menus are overlaid on the map. Several large databases have been closely integrated with the map display system, providing access to information such as telephone numbers and building or room occupants. An expert system is currently being integrated with the map display system. Object state changes are interpreted by a rule-based inference engine. Incidents are overlaid on the map

  10. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  11. LANSCE radiation security system (RSS)

    International Nuclear Information System (INIS)

    Gallegos, F.R.

    1996-01-01

    The Radiation Security System (RSS) is an engineered safety system which automatically terminates transmission of accelerated ion beams in response to pre-defined abnormal conditions. It is one of the four major mechanisms used to protect people from radiation hazards induced by accelerated pulsed ion beams at the Los Alamos Neutron Science Center (LANSCE). The others are shielding, administrative policies and procedures, and qualified, trained personnel. Prompt radiation hazards at the half-mile long LANSCE accelerator exist due to average beam intensities ranging from 1 milli-amp for H + beam to 100 micro-amps for the high intensity H - beam. Experimental programs are supplied with variable energy (maximum 800 MeV), pulse-width (maximum 1 msec), and pulse frequency (maximum 120 Hz) ion beams. The RSS includes personnel access control systems, beam spill monitoring systems, and beam current level limiting systems. It is a stand-alone system with redundant logic chains. A fault of the RSS will cause the insertion of fusible beam plugs in the accelerator low energy beam transport. The design philosophy, description, and operation of the RSS are described in this paper

  12. Optimum electromagnetic weapons detection system. [Airport security

    Energy Technology Data Exchange (ETDEWEB)

    Capots, L.H.; Gregory, W.D.; George, J.P.

    1973-09-01

    An optimized weapons detection system based on the ''active'' or ''a.c. susceptibility'' principle is described. For such uses as airport security the method should be capable of screening both passengers and hand baggage simultaneously. This detector uses the latest basic research results obtained on studies of a.c. susceptibility of metals, and identifies weapons characteristics using those results obtained from identifying chemical spectra with search routines, employing minicomputers. The detector is capable of characterizing both magnetic and non-magnetic weapons with a precision otherwise presently unavailable. System design and test data are presented.

  13. Secure system design and trustable computing

    CERN Document Server

    Potkonjak, Miodrag

    2016-01-01

    This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade.  Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions, and networking services.  This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

  14. Critically Important Object Security System Element Model

    Directory of Open Access Journals (Sweden)

    I. V. Khomyackov

    2012-03-01

    Full Text Available A stochastic model of critically important object security system element has been developed. The model includes mathematical description of the security system element properties and external influences. The state evolution of the security system element is described by the semi-Markov process with finite states number, the semi-Markov matrix and the initial semi-Markov process states probabilities distribution. External influences are set with the intensity of the Poisson thread.

  15. Distributed security in closed distributed systems

    DEFF Research Database (Denmark)

    Hernandez, Alejandro Mario

    in their design. There should always exist techniques for ensuring that the required security properties are met. This has been thoroughly investigated through the years, and many varied methodologies have come through. In the case of distributed systems, there are even harder issues to deal with. Many approaches...... have been taken towards solving security problems, yet many questions remain unanswered. Most of these problems are related to some of the following facts: distributed systems do not usually have any central controller providing security to the entire system; the system heterogeneity is usually...... reflected in heterogeneous security aims; the software life cycle entails evolution and this includes security expectations; the distribution is useful if the entire system is “open” to new (a priori unknown) interactions; the distribution itself poses intrinsically more complex security-related problems...

  16. INFORMATION SECURITY: IRS Electronic Filing Systems

    National Research Council Canada - National Science Library

    2001-01-01

    ...) computer controls over its external access points and internal networks and systems, we assessed the effectiveness of key computer controls designed to ensure the security, privacy, and reliability...

  17. Information Security Policy Modeling for Network Security Systems

    Directory of Open Access Journals (Sweden)

    Dmitry Sergeevich Chernyavskiy

    2014-12-01

    Full Text Available Policy management for network security systems (NSSs is one of the most topical issues of network security management. Incorrect configurations of NSSs lead to system outages and appearance of vulnerabilities. Moreover, policy management process is a time-consuming task, which includes significant amount of manual work. These factors reduce efficiency of NSSs’ utilization. The paper discusses peculiarities of policy management process and existing approaches to policy modeling, presents a model aimed to formalize policies for NSSs independently on NSSs’ platforms and select the most effective NSSs for implementation of the policies.

  18. Hybrid algorithm for rotor angle security assessment in power systems

    Directory of Open Access Journals (Sweden)

    D. Prasad Wadduwage

    2015-08-01

    Full Text Available Transient rotor angle stability assessment and oscillatory rotor angle stability assessment subsequent to a contingency are integral components of dynamic security assessment (DSA in power systems. This study proposes a hybrid algorithm to determine whether the post-fault power system is secure due to both transient rotor angle stability and oscillatory rotor angle stability subsequent to a set of known contingencies. The hybrid algorithm first uses a new security measure developed based on the concept of Lyapunov exponents (LEs to determine the transient security of the post-fault power system. Later, the transient secure power swing curves are analysed using an improved Prony algorithm which extracts the dominant oscillatory modes and estimates their damping ratios. The damping ratio is a security measure about the oscillatory security of the post-fault power system subsequent to the contingency. The suitability of the proposed hybrid algorithm for DSA in power systems is illustrated using different contingencies of a 16-generator 68-bus test system and a 50-generator 470-bus test system. The accuracy of the stability conclusions and the acceptable computational burden indicate that the proposed hybrid algorithm is suitable for real-time security assessment with respect to both transient rotor angle stability and oscillatory rotor angle stability under multiple contingencies of the power system.

  19. Security Issues in E-learning Systems

    Science.gov (United States)

    Tsiantis, L. E.; Stergiou, E.; Margariti, S. V.

    2007-12-01

    With increasing threats to e-software, security will become a high priority in the systems of the future. What is debatable, however, is how that security will be approached. Current security methods manage potential risks with restrictive, autocratic mechanisms that ignore users, their tasks and the organisational setting. The result is a dramatic decrease in the usability of online programs. Another approach, proposed by this paper, is to develop security and its mechanisms for and with its users. Whichever approach is taken, security is set to be the burning issue of the future as users trust the global online world less and the threats from unauthorised access increase.

  20. Mastering wireless penetration testing for highly secured environments

    CERN Document Server

    Johns, Aaron

    2015-01-01

    This book is intended for security professionals who want to enhance their wireless penetration testing skills and knowledge. Since this book covers advanced techniques, you will need some previous experience in computer security and networking.

  1. A Model Based Security Testing Method for Protocol Implementation

    Directory of Open Access Journals (Sweden)

    Yu Long Fu

    2014-01-01

    Full Text Available The security of protocol implementation is important and hard to be verified. Since the penetration testing is usually based on the experience of the security tester and the specific protocol specifications, a formal and automatic verification method is always required. In this paper, we propose an extended model of IOLTS to describe the legal roles and intruders of security protocol implementations, and then combine them together to generate the suitable test cases to verify the security of protocol implementation.

  2. Analysis of Security Protocols in Embedded Systems

    DEFF Research Database (Denmark)

    Bruni, Alessandro

    .e., protecting the system from the external world). With increased connectivity of these systems to external networks the attack surface has grown, and consequently there is a need for securing the system from external attacks. Introducing security protocols in safety critical systems requires careful......Embedded real-time systems have been adopted in a wide range of safety-critical applications—including automotive, avionics, and train control systems—where the focus has long been on safety (i.e., protecting the external world from the potential damage caused by the system) rather than security (i...... considerations on the available resources, especially in meeting real-time and resource constraints, as well as cost and reliability requirements. For this reason many proposed security protocols in this domain have peculiar features, not present in traditional security literature. In this thesis we tackle...

  3. Applied computation and security systems

    CERN Document Server

    Saeed, Khalid; Choudhury, Sankhayan; Chaki, Nabendu

    2015-01-01

    This book contains the extended version of the works that have been presented and discussed in the First International Doctoral Symposium on Applied Computation and Security Systems (ACSS 2014) held during April 18-20, 2014 in Kolkata, India. The symposium has been jointly organized by the AGH University of Science & Technology, Cracow, Poland and University of Calcutta, India. The Volume I of this double-volume book contains fourteen high quality book chapters in three different parts. Part 1 is on Pattern Recognition and it presents four chapters. Part 2 is on Imaging and Healthcare Applications contains four more book chapters. The Part 3 of this volume is on Wireless Sensor Networking and it includes as many as six chapters. Volume II of the book has three Parts presenting a total of eleven chapters in it. Part 4 consists of five excellent chapters on Software Engineering ranging from cloud service design to transactional memory. Part 5 in Volume II is on Cryptography with two book...

  4. Design Methodologies for Secure Embedded Systems

    CERN Document Server

    Biedermann, Alexander

    2011-01-01

    Embedded systems have been almost invisibly pervading our daily lives for several decades. They facilitate smooth operations in avionics, automotive electronics, or telecommunication. New problems arise by the increasing employment, interconnection, and communication of embedded systems in heterogeneous environments: How secure are these embedded systems against attacks or breakdowns? Therefore, how can embedded systems be designed to be more secure? And how can embedded systems autonomically react to threats? Facing these questions, Sorin A. Huss is significantly involved in the exploration o

  5. Integrated security systems design a complete reference for building enterprise-wide digital security systems

    CERN Document Server

    Norman, Thomas L

    2014-01-01

    Integrated Security Systems Design, 2nd Edition, is recognized as the industry-leading book on the subject of security systems design. It explains how to design a fully integrated security system that ties together numerous subsystems into one complete, highly coordinated, and highly functional system. With a flexible and scalable enterprise-level system, security decision makers can make better informed decisions when incidents occur and improve their operational efficiencies in ways never before possible. The revised edition covers why designing an integrated security system is essential a

  6. Advanced topics in security computer system design

    International Nuclear Information System (INIS)

    Stachniak, D.E.; Lamb, W.R.

    1989-01-01

    The capability, performance, and speed of contemporary computer processors, plus the associated performance capability of the operating systems accommodating the processors, have enormously expanded the scope of possibilities for designers of nuclear power plant security computer systems. This paper addresses the choices that could be made by a designer of security computer systems working with contemporary computers and describes the improvement in functionality of contemporary security computer systems based on an optimally chosen design. Primary initial considerations concern the selection of (a) the computer hardware and (b) the operating system. Considerations for hardware selection concern processor and memory word length, memory capacity, and numerous processor features

  7. Demonstrating end point security in embedded systems

    Science.gov (United States)

    Schaumont, Patrick; Simpson, Eric; Yu, Pengyuan

    This chapter describes a demonstrator for end-point security in a video peripheral. The demonstrator enables a third party to securely display a message, stored on a compact flash card, on a video monitor attached to the system. The message is personalized to a specific instance of the display platform and cannot be copied, modified, or cloned. The message is only decoded just before rendering the message on the video display. The chapter describes architectural enhancements to hardware and software to implement end-point security. The resulting system effectively implements a secure 'tunnel': a trusted path from the compact flash memory up to the pins of the VGA connector. The chapter also presents a suitable security protocol to support end-point security services, and it presents a design methodology to implement this concept.

  8. Sustainable Food Security Measurement: A Systemic Methodology

    Science.gov (United States)

    Findiastuti, W.; Singgih, M. L.; Anityasari, M.

    2017-04-01

    Sustainable food security measures how a region provides food for its people without endangered the environment. In Indonesia, it was legally measured in Food Security and Vulnerability (FSVA). However, regard to sustainable food security policy, the measurement has not encompassed the environmental aspect. This will lead to lack of environmental aspect information for adjusting the next strategy. This study aimed to assess Sustainable Food security by encompassing both food security and environment aspect using systemic eco-efficiency. Given existing indicator of cereal production level, total emission as environment indicator was generated by constructing Causal Loop Diagram (CLD). Then, a stock-flow diagram was used to develop systemic simulation model. This model was demonstrated for Indonesian five provinces. The result showed there was difference between food security order with and without environmental aspect assessment.

  9. Constructing Secure Mobile Agent Systems Using the Agent Operating System

    NARCIS (Netherlands)

    van t Noordende, G.J.; Overeinder, B.J.; Timmer, R.J.; Brazier, F.M.; Tanenbaum, A.S.

    2009-01-01

    Designing a secure and reliable mobile agent system is a difficult task. The agent operating system (AOS) is a building block that simplifies this task. AOS provides common primitives required by most mobile agent middleware systems, such as primitives for secure communication, secure and

  10. Intelligent Model for Video Survillance Security System

    Directory of Open Access Journals (Sweden)

    J. Vidhya

    2013-12-01

    Full Text Available Video surveillance system senses and trails out all the threatening issues in the real time environment. It prevents from security threats with the help of visual devices which gather the information related to videos like CCTV’S and IP (Internet Protocol cameras. Video surveillance system has become a key for addressing problems in the public security. They are mostly deployed on the IP based network. So, all the possible security threats exist in the IP based application might also be the threats available for the reliable application which is available for video surveillance. In result, it may increase cybercrime, illegal video access, mishandling videos and so on. Hence, in this paper an intelligent model is used to propose security for video surveillance system which ensures safety and it provides secured access on video.

  11. High Assurance Models for Secure Systems

    Science.gov (United States)

    Almohri, Hussain M. J.

    2013-01-01

    Despite the recent advances in systems and network security, attacks on large enterprise networks consistently impose serious challenges to maintaining data privacy and software service integrity. We identify two main problems that contribute to increasing the security risk in a networked environment: (i) vulnerable servers, workstations, and…

  12. Secure Automated Microgrid Energy System

    Science.gov (United States)

    2016-12-01

    Environmental Security Technology Certification Program (ESTCP) Committee and the team members, Spirae, Conner Networks , OSI Soft, and Viridity Energy. The...Analytics’ Paladin suite. Paladin suite lays the foundation for SAMES and is the source of the real-time dynamic microgrid network model . Paladin...25 7.1 COST MODEL

  13. Recommended Practice for Securing Control System Modems

    Energy Technology Data Exchange (ETDEWEB)

    James R. Davidson; Jason L. Wright

    2008-01-01

    This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

  14. Lecture 13: Control System Cyber Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Today, the industralized world lives in symbiosis with control systems: it depends on power distribution, oil production, public transport, automatic production lines. While the convenience is at hand, still too many control systems are designed without any security in mind, lack basic security protections, and are not even robust enough to withstand basic attacks. The Stuxnet worm attacking Siemens PLCs in 2010 was another close call. Attackers currently enjoy hacking control systems, and aim to switch lights off. This presentation shall recap the current situation and outline why the presenter is still waiting for a change in paradigm. Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zurich and joined CERN in 2002. Being initially developer of a common safety system used in all four experiments at the Large Hadron Collider, he gathered expertise in cyber-security issues of control systems. Consequently in 2004, he took over responsibilities in securing CERN's accelerator and...

  15. Security analysis of cyber-physical system

    Science.gov (United States)

    Li, Bo; Zhang, Lichen

    2017-05-01

    In recent years, Cyber-Physical System (CPS) has become an important research direction of academic circles and scientific and technological circles at home and abroad, is considered to be following the third wave of world information technology after the computer, the Internet. PS is a multi-dimensional, heterogeneous, deep integration of open systems, Involving the computer, communication, control and other disciplines of knowledge. As the various disciplines in the research theory and methods are significantly different, so the application of CPS has brought great challenges. This paper introduces the definition and characteristics of CPS, analyzes the current situation of CPS, analyzes the security threats faced by CPS, and gives the security solution for security threats. It also discusses CPS-specific security technology, to promote the healthy development of CPS in information security.

  16. Windows XP Operating System Security Analysis

    National Research Council Canada - National Science Library

    Goktepe, Meftun

    2002-01-01

    .... The purpose of this research is to determine if Windows XP, when used as a workstation operating system in domain- based networks, provides adequate security policy enforcement for organizations...

  17. Control Systems Cyber Security Standards Support Activities

    Energy Technology Data Exchange (ETDEWEB)

    Robert Evans

    2009-01-01

    The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

  18. A Multilevel Secure Workflow Management System

    National Research Council Canada - National Science Library

    Kang, Myong H; Froscher, Judith N; Sheth, Amit P; Kochut, Krys J; Miller, John A

    1999-01-01

    The Department of Defense (DoD) needs multilevel secure (MLS) workflow management systems to enable globally distributed users and applications to cooperate across classification levels to achieve mission critical goals...

  19. Security of practical quantum key distribution systems

    Energy Technology Data Exchange (ETDEWEB)

    Jain, Nitin

    2015-02-24

    This thesis deals with practical security aspects of quantum key distribution (QKD) systems. At the heart of the theoretical model of any QKD system lies a quantum-mechanical security proof that guarantees perfect secrecy of messages - based on certain assumptions. However, in practice, deviations between the theoretical model and the physical implementation could be exploited by an attacker to break the security of the system. These deviations may arise from technical limitations and operational imperfections in the physical implementation and/or unrealistic assumptions and insufficient constraints in the theoretical model. In this thesis, we experimentally investigate in depth several such deviations. We demonstrate the resultant vulnerabilities via proof-of-principle attacks on a commercial QKD system from ID Quantique. We also propose countermeasures against the investigated loopholes to secure both existing and future QKD implementations.

  20. Secure and Efficient Routable Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    Edgar, Thomas W.; Hadley, Mark D.; Manz, David O.; Winn, Jennifer D.

    2010-05-01

    This document provides the methods to secure routable control system communication in the electric sector. The approach of this document yields a long-term vision for a future of secure communication, while also providing near term steps and a roadmap. The requirements for the future secure control system environment were spelled out to provide a final target. Additionally a survey and evaluation of current protocols was used to determine if any existing technology could achieve this goal. In the end a four-step path was described that brought about increasing requirement completion and culminates in the realization of the long term vision.

  1. Handbook of SCADA/control systems security

    CERN Document Server

    Radvanovsky, Robert

    2013-01-01

    The availability and security of many services we rely upon-including water treatment, electricity, healthcare, transportation, and financial transactions-are routinely put at risk by cyber threats. The Handbook of SCADA/Control Systems Security is a fundamental outline of security concepts, methodologies, and relevant information pertaining to the supervisory control and data acquisition (SCADA) systems and technology that quietly operate in the background of critical utility and industrial facilities worldwide. Divided into five sections, the book examines topics comprising functions within

  2. Security for safety critical space borne systems

    Science.gov (United States)

    Legrand, Sue

    1987-01-01

    The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

  3. Critical infrastructure system security and resiliency

    CERN Document Server

    Biringer, Betty; Warren, Drake

    2013-01-01

    Security protections for critical infrastructure nodes are intended to minimize the risks resulting from an initiating event, whether it is an intentional malevolent act or a natural hazard. With an emphasis on protecting an infrastructure's ability to perform its mission or function, Critical Infrastructure System Security and Resiliency presents a practical methodology for developing an effective protection system that can either prevent undesired events or mitigate the consequences of such events.Developed at Sandia National Labs, the authors' analytical approach and

  4. Detection and intelligent systems for homeland security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Detection and Intelligent Systems for Homeland Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering advanced technology for image and video interpretation systems used for surveillance, which help in solving such problems as identifying faces from live streaming or stored videos. Biometrics for human identification, including eye retinas and irises, and facial patterns are also presented. The book then provides information on sensors for detection of explosive and radioactive materials and methods for sensing chemical

  5. Security for cloud storage systems

    CERN Document Server

    Yang, Kan

    2014-01-01

    Cloud storage is an important service of cloud computing, which offers service for data owners to host their data in the cloud. This new paradigm of data hosting and data access services introduces two major security concerns. The first is the protection of data integrity. Data owners may not fully trust the cloud server and worry that data stored in the cloud could be corrupted or even removed. The second is data access control. Data owners may worry that some dishonest servers provide data access to users that are not permitted for profit gain and thus they can no longer rely on the servers

  6. Information security in SCADA systems in nuclear power plants

    International Nuclear Information System (INIS)

    Satyamurty, S.A.V.

    2013-01-01

    Few decades back most of the I and C systems are Hardwired based. With the developments in digital electronics, micro processors and micro controllers, the I and C systems are becoming more and more Computer based. Though it brought convenience to the designer, comfort to the operator in the form of better GUI, it also brought many challenges in the form of information security. The talk covers the typical I and C design using SCADA systems, the challenges, typical problems faced and the need for information security. The talk illustrates various security measures to be implemented in the design, development and testing stages. These security measures have to be taken both in the development environment and deployment environment. Verification and validation of computer based system is very important. Configuration change management is very essential for smooth running of the plant. The talk illustrates the various measures need to be taken. (author)

  7. Automated Analysis of Security in Networking Systems

    DEFF Research Database (Denmark)

    Buchholtz, Mikael

    2004-01-01

    It has for a long time been a challenge to built secure networking systems. One way to counter this problem is to provide developers of software applications for networking systems with easy-to-use tools that can check security properties before the applications ever reach the marked. These tools...... will both help raise the general level of awareness of the problems and prevent the most basic flaws from occurring. This thesis contributes to the development of such tools. Networking systems typically try to attain secure communication by applying standard cryptographic techniques. In this thesis...... attacks, and attacks launched by insiders. Finally, the perspectives for the application of the analysis techniques are discussed, thereby, coming a small step closer to providing developers with easy- to-use tools for validating the security of networking applications....

  8. Security alarm communication and display systems development

    International Nuclear Information System (INIS)

    Waddoups, I.G.

    1990-01-01

    Sandia National Laboratories (SNL) has, as lead Department of Energy (DOE) physical security laboratory, developed a variety of alarm communication and display systems for DOE and Department of Defense (DOD) facilities. This paper briefly describes some of the systems developed and concludes with a discussion of technology relevant to those currently designing, developing, implementing, or procuring such a system. Development activities and the rapid evolution of computers over the last decade have resulted in a broad variety of capabilities to support most security system communication and display needs. The major task in selecting a system is becoming familiar with these capabilities and finding the best match to a specific need

  9. A transportation security system applying RFID and GPS

    Directory of Open Access Journals (Sweden)

    Ruijian Zhang

    2013-03-01

    Full Text Available Purpose: This paper is about developing a centralized, internet based security tool which utilizes RFID and GPS technology to identify drivers and track the load integrity. Design/methodology/approach: The system will accomplish the security testing in real-time using the internet and the U.S. Customs’ database (ACE. A central database and the interfaces and communication between the database and ACE will be established. After the vehicle is loaded, all openings of the tanker are sealed with disposable RFID tag seals. Findings/value: An RFID reader and GPS tracker wirelessly connected with the databases will serve as testing grounds for the implementation of security measures that can help prevent future terrorist attacks and help in ensuring that the goods and products are not compromised while in transit. The system will also reduce the labor work of security check to its minimum. 

  10. Computer Security: Protect your plant: a "serious game" about control system cyber-security

    CERN Multimedia

    Stefan Lueders, Computer Security Team

    2015-01-01

    Control system cyber-security is attracting increasing attention: from cybercriminals, from the media and from security researchers.   After the legendary “Stuxnet” attacks of 2010 against an Iranian uranium enrichment plant, the infiltration of Saudi Aramco in 2012, and most recently the hacking of German blast furnaces, we should be prepared. Just imagine what would happen if hackers turned off the lights in Geneva and the Pays-de-Gex for a month? (“Hacking control systems, switching lights off!"). Or if attackers infiltrated CERN’s accelerator or experiment control systems and stopped us from pursuing our core business: delivering beams and recording particle collisions (“Hacking control systems, switching... accelerators off?"). Now you can test your ability to protect an industrial plant against cyber-threats! The Computer Security Team, in collaboration with Kaspersky Lab, is organising a so-...

  11. Security, privacy and trust in cloud systems

    CERN Document Server

    Nepal, Surya

    2013-01-01

    The book compiles technologies for enhancing and provisioning security, privacy and trust in cloud systems based on Quality of Service requirements. It is a timely contribution to a field that is gaining considerable research interest, momentum, and provides a comprehensive coverage of technologies related to cloud security, privacy and trust. In particular, the book includes - Cloud security fundamentals and related technologies to-date, with a comprehensive coverage of evolution, current landscape, and future roadmap. - A smooth organization with introductory, advanced and specialist content

  12. Mixing chaos modulations for secure communications in OFDM systems

    Science.gov (United States)

    Seneviratne, Chatura; Leung, Henry

    2017-12-01

    In this paper, we consider a novel chaotic OFDM communication scheme is to improve the physical layer security. By secure communication we refer to physical layer security that provides low probability of detection (LPD)/low probability of intercept (LPI) transmission. A mixture of chaotic modulation schemes is used to generate chaotically modulated symbols for each subcarrier of the OFDM transmitter. At the receiver, different demodulators are combined together for the different modulation schemes for enhanced security. Time domain, frequency domain and statistical randomness tests show that transmit signals are indistinguishable from background noise. BER performance comparison shows that the physical layer security of the proposed scheme comes with a slight performance degradation compared to conventional OFDM communication systems.

  13. Network model of security system

    Directory of Open Access Journals (Sweden)

    Adamczyk Piotr

    2016-01-01

    Full Text Available The article presents the concept of building a network security model and its application in the process of risk analysis. It indicates the possibility of a new definition of the role of the network models in the safety analysis. Special attention was paid to the development of the use of an algorithm describing the process of identifying the assets, vulnerability and threats in a given context. The aim of the article is to present how this algorithm reduced the complexity of the problem by eliminating from the base model these components that have no links with others component and as a result and it was possible to build a real network model corresponding to reality.

  14. Use of Attack Graphs in Security Systems

    Directory of Open Access Journals (Sweden)

    Vivek Shandilya

    2014-01-01

    Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

  15. Gene expression programming for power system static security ...

    African Journals Online (AJOL)

    user

    methodology has been examined using three IEEE standard test systems, where the input to the neural network is the voltage profile at each bus, the output of the PNN classifies the security of the power system into three classes, normal, alert and emergency. Gene expression programming (GEP) is a new evolutionary ...

  16. Security Sensor System Based on Large Barkhausen Jump of ...

    African Journals Online (AJOL)

    This paper presents and discusses preliminary laboratory results for fabrication and testing of a security sensor system for use in article surveillance in such places as libraries, CD rental shops, and supermarkets, as a crime preventive measure. The system employs the large Barkhausen jump (LBJ) inherent in the ...

  17. Home security system using internet of things

    Science.gov (United States)

    Anitha, A.

    2017-11-01

    IoT refers to the infrastructure of connected physical devices which is growing at a rapid rate as huge number of devices and objects are getting associated to the Internet. Home security is a very useful application of IoT and we are using it to create an inexpensive security system for homes as well as industrial use. The system will inform the owner about any unauthorized entry or whenever the door is opened by sending a notification to the user. After the user gets the notification, he can take the necessary actions. The security system will use a microcontroller known as Arduino Uno to interface between the components, a magnetic Reed sensor to monitor the status, a buzzer for sounding the alarm, and a WiFi module, ESP8266 to connect and communicate using the Internet. The main advantages of such a system includes the ease of setting up, lower costs and low maintenance.

  18. Design tools for complex dynamic security systems.

    Energy Technology Data Exchange (ETDEWEB)

    Byrne, Raymond Harry; Rigdon, James Brian; Rohrer, Brandon Robinson; Laguna, Glenn A.; Robinett, Rush D. III (.; ); Groom, Kenneth Neal; Wilson, David Gerald; Bickerstaff, Robert J.; Harrington, John J.

    2007-01-01

    The development of tools for complex dynamic security systems is not a straight forward engineering task but, rather, a scientific task where discovery of new scientific principles and math is necessary. For years, scientists have observed complex behavior but have had difficulty understanding it. Prominent examples include: insect colony organization, the stock market, molecular interactions, fractals, and emergent behavior. Engineering such systems will be an even greater challenge. This report explores four tools for engineered complex dynamic security systems: Partially Observable Markov Decision Process, Percolation Theory, Graph Theory, and Exergy/Entropy Theory. Additionally, enabling hardware technology for next generation security systems are described: a 100 node wireless sensor network, unmanned ground vehicle and unmanned aerial vehicle.

  19. Selecting RMF Controls for National Security Systems

    Energy Technology Data Exchange (ETDEWEB)

    Witzke, Edward L. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-08-01

    In 2014, the United States Department of Defense started tra nsitioning the way it performs risk management and accreditation of informatio n systems to a process entitled Risk Management Framework for DoD Information Technology or RMF for DoD IT. There are many more security and privacy contro ls (and control enhancements) from which to select in RMF, than there w ere in the previous Information Assurance process. This report is an attempt t o clarify the way security controls and enhancements are selected. After a brief overview and comparison of RMF for DoD I T with the previously used process, this report looks at the determination of systems as National Security Systems (NSS). Once deemed to be an NSS, this report addr esses the categorization of the information system with respect to impact level s of the various security objectives and the selection of an initial baseline o f controls. Next, the report describes tailoring the controls through the use of overl ays and scoping considerations. Finally, the report discusses organizatio n-defined values for tuning the security controls to the needs of the information system.

  20. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Architecture Lab Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; McKim, James H.; Stewart, David H.; Thadhani, Suresh K.; Young, Daniel P.

    2015-01-01

    NASA Glenn Research Center, in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the FAA and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the current GRC prototype CNPC architecture as a demonstration platform. The security controls were integrated into a lab test bed mock-up of the Mobile IPv6 architecture currently being used for NASA flight testing, and a series of network tests were conducted to evaluate the security overhead of the controls compared to the baseline CNPC link without any security. The aim of testing was to evaluate the performance impact of the additional security control overhead when added to the Mobile IPv6 architecture in various modes of operation. The statistics collected included packet captures at points along the path to gauge packet size as the sample data traversed the CNPC network, round trip latency, jitter, and throughput. The effort involved a series of tests of the baseline link, a link with Robust Header Compression (ROHC) and without security controls, a link with security controls and without ROHC, and finally a link with both ROHC and security controls enabled. The effort demonstrated that ROHC is both desirable and necessary to offset the additional expected overhead of applying security controls to the CNPC link.

  1. The Johnson Space Center Management Information Systems (JSCMIS). 1: Requirements Definition and Design Specifications for Versions 2.1 and 2.1.1. 2: Documented Test Scenario Environments. 3: Security Design and Specifications

    Science.gov (United States)

    1986-01-01

    The Johnson Space Center Management Information System (JSCMIS) is an interface to computer data bases at NASA Johnson which allows an authorized user to browse and retrieve information from a variety of sources with minimum effort. This issue gives requirements definition and design specifications for versions 2.1 and 2.1.1, along with documented test scenario environments, and security object design and specifications.

  2. Process Control/SCADA system vendor security awareness and security posture.

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Lüders, S.

    2009-01-01

    A starting point for the adequate security of process control/SCADA systems is the security awareness and security posture by the manufacturers, vendors, system integrators, and service organisations. The results of a short set of questions indicate that major security improvements are required in

  3. Analysis and comparison of transportation security systems

    International Nuclear Information System (INIS)

    Rinne, R.L.

    1976-05-01

    The role of modeling in the analysis of transportation security systems is described. Various modeling approaches are outlined. The conflict model developed in Sandia Laboratories' Transportation Mode Analysis for the NRC Special Safeguards Study is used to demonstrate the capability of models to determine system sensitivities and compare alternatives

  4. Information Systems Security: Whose Responsibility? | Senzige ...

    African Journals Online (AJOL)

    Explosive growth in use of information systems for all manner of applications in all walks of life has made provision of proper security essential. Users must have confidence that information systems will operate as intended without unanticipated failures or problems. Issues concerning privacy, availability, confidentiality and ...

  5. Primer Control System Cyber Security Framework and Technical Metrics

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Miles A. McQueen

    2008-05-01

    The Department of Homeland Security National Cyber Security Division supported development of a control system cyber security framework and a set of technical metrics to aid owner-operators in tracking control systems security. The framework defines seven relevant cyber security dimensions and provides the foundation for thinking about control system security. Based on the developed security framework, a set of ten technical metrics are recommended that allow control systems owner-operators to track improvements or degradations in their individual control systems security posture.

  6. Windows 2012 Server network security securing your Windows network systems and infrastructure

    CERN Document Server

    Rountree, Derrick

    2013-01-01

    Windows 2012 Server Network Security provides the most in-depth guide to deploying and maintaining a secure Windows network. The book drills down into all the new features of Windows 2012 and provides practical, hands-on methods for securing your Windows systems networks, including: Secure remote access Network vulnerabilities and mitigations DHCP installations configuration MAC filtering DNS server security WINS installation configuration Securing wired and wireless connections Windows personal firewall

  7. A Highly Secure Mobile Agent System Architecture

    Science.gov (United States)

    Okataku, Yasukuni; Okutomi, Hidetoshi; Yoshioka, Nobukazu; Ohgishi, Nobuyuki; Honiden, Shinichi

    We propose a system architecture for mobile agents to improve their security in the environments of insecure networks and non-sophisticated terminals such as PDAs. As mobile agents freely migrate onto their favorite terminals through insecure networks or terminals, it is not appropriate for them to store some secret information for authentication and encryption/decryption. We introduce one and more secure nodes(OASIS NODE) for securely generating and verifying authentication codes. The each agent’s data are encrypted by a pseudo-chaos cipher mechanism which doesn’t need any floating processing co-processor. We’ve constructed a prototype system on a Java mobile agent framework, “Bee-gent" which implements the proposed authentication and cipher mechanisms, and evaluated their performances and their applicability to business fields such as an auction system by mobile agents.

  8. Recent advances in systems safety and security

    CERN Document Server

    Stamatescu, Grigore

    2016-01-01

    This book represents a timely overview of advances in systems safety and security, based on selected, revised and extended contributions from the 2nd and 3rd editions of the International Workshop on Systems Safety and Security – IWSSS, held in 2014 and 2015, respectively, in Bucharest, Romania. It includes 14 chapters, co-authored by 34 researchers from 7 countries. The book provides an useful reference from both theoretical and applied perspectives in what concerns recent progress in this area of critical interest. Contributions, broadly grouped by core topic, address challenges related to information theoretic methods for assuring systems safety and security, cloud-based solutions, image processing approaches, distributed sensor networks and legal or risk analysis viewpoints. These are mostly accompanied by associated case studies providing additional practical value and underlying the broad relevance and impact of the field.

  9. Artificial immune system applications in computer security

    CERN Document Server

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  10. A biometric method to secure telemedicine systems.

    Science.gov (United States)

    Zhang, G H; Poon, Carmen C Y; Li, Ye; Zhang, Y T

    2009-01-01

    Security and privacy are among the most crucial issues for data transmission in telemedicine systems. This paper proposes a solution for securing wireless data transmission in telemedicine systems, i.e. within a body sensor network (BSN), between the BSN and server as well as between the server and professionals who have assess to the server. A unique feature of this solution is the generation of random keys by physiological data (i.e. a biometric approach) for securing communication at all 3 levels. In the performance analysis, inter-pulse interval of photoplethysmogram is used as an example to generate these biometric keys to protect wireless data transmission. The results of statistical analysis and computational complexity suggest that this type of key is random enough to make telemedicine systems resistant to attacks.

  11. Securing a medical wireless LAN system

    OpenAIRE

    Owens, TJ; Tachakra, S; Banitsas, KA; Istepanian, RSH

    2001-01-01

    Recently the concept of MedLAN systems dedicated to application scenarios for wireless local area networks (WLAN) in hospital A&E departments has been presented. An essential element in the acceptance of the system will be reassuring all stakeholders in the system that data transmitted using the system is secure. In order for the stakeholders to be reassured technical and managerial issues have to be addressed. Technical issues to be addressed include selection of a suitable encryption algori...

  12. Review on security issues in RFID systems

    Directory of Open Access Journals (Sweden)

    Mohamed El Beqqal

    2017-12-01

    Full Text Available Radio frequency Identification (RFID is currently considered as one of the most used technologies for an automatic identification of objects or people. Based on a combination of tags and readers, RFID technology has widely been applied in various areas including supply chain, production and traffic control systems. However, despite of its numerous advantages, the technology brings out many challenges and concerns still not being attracting more and more researchers especially the security and privacy issues. In this paper, we review some of the recent research works using RFID solutions and dealing with security and privacy issues, we define our specific parameters and requirements allowing us to classify for each work which part of the RFID system is being secured, the solutions and the techniques used besides the conformity to RFID standards. Finally, we present briefly a solution that consists of combining RFID with smartcard based biometric to enhance security especially in access control scenarios. Hence the result of our study aims to give a clear vision of available solutions and techniques used to prevent and secure the RFID system from specific threats and attacks.

  13. Congestion management considering voltage security of power systems

    International Nuclear Information System (INIS)

    Esmaili, Masoud; Shayanfar, Heidar Ali; Amjady, Nima

    2009-01-01

    Congestion in a power network is turned up due to system operating limits. To relieve congestion in a deregulated power market, the system operator pays to market participants, GENCOs and DISCOs, to alter their active powers considering their bids. After performing congestion management, the network may be operated with a low security level because of hitting some flows their upper limit and some voltages their lower limit. In this paper, a novel congestion management method based on the voltage stability margin sensitivities is introduced. Using the proposed method, the system operator so alleviates the congestion that the network can more retain its security. The proposed method not only makes the system more secure after congestion management than other methods already presented for this purpose but also its cost of providing security is lower than the earlier methods. Test results of the proposed method along with the earlier ones on the New-England test system elaborate the efficiency of the proposed method from the viewpoint of providing a better voltage stability margin and voltage profile as well as a lower security cost.

  14. Data security in Intelligent Transport Systems

    Directory of Open Access Journals (Sweden)

    Tomas Zelinka

    2012-10-01

    Full Text Available Intelligent Transport Services expect availability of the secure seamless communications solutions typically covering widely spread areas. Different ITS solutions require different portfolio of telecommunications service quality. These parameters have to correspond with ITS service performance parameters required by specific service. Even though quite extensive range of public wireless data services with reasonable coverage are provided, most of them are provided with no guaranteed quality and security. ITS requirements can be in most parameters easier reached if multi-path communications systems are applied core solution is combined with both public as well as private ones where and when it is needed. Such solution requires implementation of relevant flexible system architecture supported by the efficient decision processes. This paper is concentrated the telecommunications security issues relevant to the ITS wide area networking. Expected level of security varies in dependence on relevant ITS service requirements. Data volumes transferred both in private data vehicle on board networks as well as between vehicles and infrastructure (C2I or other vehicles (C2C progressively grow. Such trend upsurges the fatal problems appearance probability in case security of the wide area networks is not relevantly treated. That is reason why relevant communications security treatment becomes crucial part of the ITS solution. Besides of available "off shelf" security tools we present solution based on non-public universal identifier with dynamical extension (time and position dependency as an autonomous variables and data selection according to actor role or category. Presented results were obtained within projects e-Ident1, DOTEK2 and SRATVU3.

  15. Hardware-Assisted System for Program Execution Security of SOC

    Directory of Open Access Journals (Sweden)

    Wang Xiang

    2016-01-01

    Full Text Available With the rapid development of embedded systems, the systems’ security has become more and more important. Most embedded systems are at the risk of series of software attacks, such as buffer overflow attack, Trojan virus. In addition, with the rapid growth in the number of embedded systems and wide application, followed embedded hardware attacks are also increasing. This paper presents a new hardware assisted security mechanism to protect the program’s code and data, monitoring its normal execution. The mechanism mainly monitors three types of information: the start/end address of the program of basic blocks; the lightweight hash value in basic blocks and address of the next basic block. These parameters are extracted through additional tools running on PC. The information will be stored in the security module. During normal program execution, the security module is designed to compare the real-time state of program with the information in the security module. If abnormal, it will trigger the appropriate security response, suspend the program and jump to the specified location. The module has been tested and validated on the SOPC with OR1200 processor. The experimental analysis shows that the proposed mechanism can defence a wide range of common software and physical attacks with low performance penalties and minimal overheads.

  16. Testing and securing Android Studio applications

    CERN Document Server

    Zapata, Belén Cruz

    2014-01-01

    If you are a developer with some Android knowledge, but you do not know how to test your applications using Android Studio, this book will guide you. It is recommended that you are familiar with Android Studio IDE.

  17. QuickCash: Secure Transfer Payment Systems

    Directory of Open Access Journals (Sweden)

    Abdulrahman Alhothaily

    2017-06-01

    Full Text Available Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users’ needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN. In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

  18. QuickCash: Secure Transfer Payment Systems.

    Science.gov (United States)

    Alhothaily, Abdulrahman; Alrawais, Arwa; Song, Tianyi; Lin, Bin; Cheng, Xiuzhen

    2017-06-13

    Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users' needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

  19. Infrared: A Key Technology for Security Systems

    Directory of Open Access Journals (Sweden)

    Carlo Corsi

    2012-01-01

    Full Text Available Infrared science and technology has been, since the first applications, mainly dedicated to security and surveillance especially in military field, besides specialized techniques in thermal imaging for medical diagnostic and building structures and recently in energy savings and aerospace context. Till recently the security applications were mainly based on thermal imaging as surveillance and warning military systems. In all these applications the advent of room temperature, more reliable due to the coolers avoidance, low cost, and, overall, completely integrable with Silicon technology FPAs, especially designed and tailored for specific applications, smart sensors, has really been impacted with revolutionary and new ideas and system concepts in all the infrared fields, especially for security applications. Lastly, the advent of reliable Infrared Solid State Laser Sources, operating up to the Long Infrared Wavelength Band and the new emerging techniques in Far Infrared Submillimeter Terahertz Bands, has opened wide and new areas for developing new, advanced security systems. A review of all the items with evidence of the weak and the strong points of each item, especially considering possible future developments, will be reported and discussed.

  20. CQR; A hybrid expert system for security assessment

    Energy Technology Data Exchange (ETDEWEB)

    Christie, R.D. (Carnegie-Mellon Univ., Pittsburgh, PA (USA)); Talukdar, S.N. (Carnegie-Mellon Univ., Pittsburgh, PA (USA). Engineering Design Research Center); Nixon, J.C. (Allegheny Power System Corp., New York, NY (USA))

    1990-11-01

    An off-line prototype, called CQR, of a system for on-line security assessment has been built and tested in conjunction with a western Pennsylvania utility. CQR is a hybrid of rule based programs written in OPS5 and numerical tools written in FORTRAN. CQR uses the utility's full power system model, accepts arbitrary operating conditions, evaluates the base case, evaluates a contingency list using distribution factors, selects and evaluates a small number of AC contingencies, makes an explicit assessment of power system security, and presents results to the operator in a compact and understandable report. Security is decomposed into components that are evaluated independently, allowing separate criteria to be applied to the base case and contingencies. Transient stability is dealt with through dynamically imposed operating limits. CQR's strong points are the correctness, consistency and compactness of its reports. Run times are acceptable for real time operation.

  1. A Survey on Password Security Systems

    OpenAIRE

    Ms. A. G. Khairnar; Prof. N. L. Bhale

    2013-01-01

    Password security is essential for user authentication on small networking system as well large networking system. Till today many researchers introduced various methods to protect passwords on network. Passwords are prone to various types of attacks like brute force attack, password reuse attack, password stealing attack, password cracking attack, etc. This paper gives review on different methods which were introduced for protection of password on a network. This paper also includes work don...

  2. Confidentiality and Security in Medical Information Systems

    Directory of Open Access Journals (Sweden)

    Victor Papanaga

    2008-11-01

    Full Text Available Behind the technologies Medical System contains different types of information including patient information also. The patient data is classified as confidential and is one of the patient rights based on World Health Organization declaration. There are several compromises in solutions selection based on hardware and software requirements, performance, usability, portability. This article presents the investigation results and proposes the secured solution principles for the medical system that deal with patient data.

  3. Multibiometric Systems: Fusion Strategies and Template Security

    Science.gov (United States)

    2008-01-01

    same user corresponding to the individual biometric sources. Template security is an important issue in biomet - ric systems because unlike passwords...FTER and FTCR in a biometric system. • Inter-user similarity: Inter-user similarity refers to the overlap of the biomet - ric samples from two different...and right index fingers of a person) and multiple biomet - ric traits (e.g., fingerprint and iris). Towards this end, we have developed a fully

  4. Security Threat Assessment of an Internet Security System Using Attack Tree and Vague Sets

    OpenAIRE

    Kuei-Hu Chang

    2014-01-01

    Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system’s elementary event are incomplete—the traditional approach for ca...

  5. System and method for key generation in security tokens

    Science.gov (United States)

    Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.; Pooser, Raphael C.; Prowell, Stacy J.

    2015-10-27

    Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).

  6. Hacker tracking Security system for HMI

    Science.gov (United States)

    Chauhan, Rajeev Kumar

    2011-12-01

    Conventional Supervisory control and data Acquisition (SCADA) systems use PC, notebook, thin client, and PDA as a Client. Nowadays the Process Industries are following multi shift system that's why multi- client of different category have to work at a single human Machine Interface (HMI). They may hack the HMI Display and change setting of the other client. This paper introduces a Hacker tracking security (HTS) System for HMI. This is developed by using the conventional and Biometric authentication. HTS system is developed by using Numeric passwords, Smart card, biometric, blood flow and Finger temperature. This work is also able to identify the hackers.

  7. Security threat assessment of an Internet security system using attack tree and vague sets.

    Science.gov (United States)

    Chang, Kuei-Hu

    2014-01-01

    Security threat assessment of the Internet security system has become a greater concern in recent years because of the progress and diversification of information technology. Traditionally, the failure probabilities of bottom events of an Internet security system are treated as exact values when the failure probability of the entire system is estimated. However, security threat assessment when the malfunction data of the system's elementary event are incomplete--the traditional approach for calculating reliability--is no longer applicable. Moreover, it does not consider the failure probability of the bottom events suffered in the attack, which may bias conclusions. In order to effectively solve the problem above, this paper proposes a novel technique, integrating attack tree and vague sets for security threat assessment. For verification of the proposed approach, a numerical example of an Internet security system security threat assessment is adopted in this paper. The result of the proposed method is compared with the listing approaches of security threat assessment methods.

  8. Small test SDHW systems

    DEFF Research Database (Denmark)

    Vejen, Niels Kristian

    1999-01-01

    Three small test SDHW systems was tested in a laboratory test facility.The three SDHW systems where all based on the low flow principe and a mantle tank but the design of the systems where different.......Three small test SDHW systems was tested in a laboratory test facility.The three SDHW systems where all based on the low flow principe and a mantle tank but the design of the systems where different....

  9. A Layered Decision Model for Cost-Effective System Security

    Energy Technology Data Exchange (ETDEWEB)

    Wei, Huaqiang; Alves-Foss, James; Soule, Terry; Pforsich, Hugh; Zhang, Du; Frincke, Deborah A.

    2008-10-01

    System security involves decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defence strategies, and implementation of real-time defence tactics. Although choices made in each of these areas affect the others, existing decision models typically handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defence decisions result in cost-effective solutions. To address these problems, this paper introduces a Layered Decision Model (LDM) for use in deciding how to address defence decisions based on their cost-effectiveness. To validate the LDM and illustrate how it is used, we used simulation to test model rationality and applied the LDM to the design of system security for an e-commercial business case.

  10. Control and Non-Payload Communications (CNPC) Prototype Radio - Generation 2 Security Flight Test Report

    Science.gov (United States)

    Iannicca, Dennis C.; Ishac, Joseph A.; Shalkhauser, Kurt A.

    2015-01-01

    NASA Glenn Research Center (GRC), in cooperation with Rockwell Collins, is working to develop a prototype Control and Non-Payload Communications (CNPC) radio platform as part of NASA Integrated Systems Research Program's (ISRP) Unmanned Aircraft Systems (UAS) Integration in the National Airspace System (NAS) project. A primary focus of the project is to work with the Federal Aviation Administration (FAA) and industry standards bodies to build and demonstrate a safe, secure, and efficient CNPC architecture that can be used by industry to evaluate the feasibility of deploying a system using these technologies in an operational capacity. GRC has been working in conjunction with these groups to assess threats, identify security requirements, and to develop a system of standards-based security controls that can be applied to the GRC prototype CNPC architecture as a demonstration platform. The proposed security controls were integrated into the GRC flight test system aboard our S-3B Viking surrogate aircraft and several network tests were conducted during a flight on November 15th, 2014 to determine whether the controls were working properly within the flight environment. The flight test was also the first to integrate Robust Header Compression (ROHC) as a means of reducing the additional overhead introduced by the security controls and Mobile IPv6. The effort demonstrated the complete end-to-end secure CNPC link in a relevant flight environment.

  11. Function allocation in distributed safeguards and security systems

    International Nuclear Information System (INIS)

    Barlich, G.L.

    1991-01-01

    Computerized distributed systems are being used to collect and manage data for activities such as nuclear materials accounting, process control, laboratory coordination, and security. Poor choices made in allocating functions to individual processors can make a system unusable by burdening machines with excessive network retrievals and updates. During system design phases, data allocation algorithms based on operation frequencies, field sizes, security information, and reliability requirements can be applied in sensitivity studies to mathematically ensure processor efficiency. The Los Alamos Network Design System (NDS) implements such an allocation algorithm. The authors analyzed a large, existing distributed system to test the cost functions and to compare actual network problems with NDS results. Several common configurations were also designed and studied using the software. From these studies, some basic principles for allocating functions emerged. In this paper recommendations for function allocation in generic systems and related design options are discussed

  12. Intra-site Secure Transport Vehicle test and evaluation

    International Nuclear Information System (INIS)

    Scott, S.

    1995-01-01

    In the past many DOE and DoD facilities involved in handling nuclear material realized a need to enhance the safely and security for movement of sensitive materials within their facility, or ''intra-site''. There have been prior efforts to improve on-site transportation; however, there remains a requirement for enhanced on-site transportation at a number of facilities. The requirements for on-site transportation are driven by security, safety, and operational concerns. The Intra-site Secure Transport Vehicle (ISTV) was designed to address these concerns specifically for DOE site applications with a standardized vehicle design. This paper briefly reviews the ISTV design features providing significant enhancement of onsite transportation safety and security, and also describes the test and evaluation activities either complete of underway to validate the vehicle design and operation

  13. DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN NUCLEAR FACILITY SAFEGUARDS AND SECURITY

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Many critical infrastructure sectors have been investigating cyber security issues for several years especially with the help of two primary government programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the U.S. Department of Homeland Security (DHS) Control Systems Security Program have both implemented activities aimed at securing the industrial control systems that operate the North American electric grid along with several other critical infrastructure sectors (ICS). These programs have spent the last seven years working with industry including asset owners, educational institutions, standards and regulating bodies, and control system vendors. The programs common mission is to provide outreach, identification of cyber vulnerabilities to ICS and mitigation strategies to enhance security postures. The success of these programs indicates that a similar approach can be successfully translated into other sectors including nuclear operations, safeguards, and security. The industry regulating bodies have included cyber security requirements and in some cases, have incorporated sets of standards with penalties for non-compliance such as the North American Electric Reliability Corporation Critical Infrastructure Protection standards. These DOE and DHS programs that address security improvements by both suppliers and end users provide an excellent model for nuclear facility personnel concerned with safeguards and security cyber vulnerabilities and countermeasures. It is not a stretch to imagine complete surreptitious collapse of protection against the removal of nuclear material or even initiation of a criticality event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS inadequately protected against the cyber threat.

  14. Designing Secure Systems on Reconfigurable Hardware

    OpenAIRE

    Huffmire, Ted; Brotherton, Brett; Callegari, Nick; Valamehr, Jonathan; White, Jeff; Kastner, Ryan; Sherwood, Ted

    2008-01-01

    The extremely high cost of custom ASIC fabrication makes FPGAs an attractive alternative for deployment of custom hardware. Embedded systems based on reconfigurable hardware integrate many functions onto a single device. Since embedded designers often have no choice but to use soft IP cores obtained from third parties, the cores operate at different trust levels, resulting in mixed trust designs. The goal of this project is to evaluate recently proposed security primitives for reconfigurab...

  15. Ultra Safe And Secure Blasting System

    Energy Technology Data Exchange (ETDEWEB)

    Hart, M M

    2009-07-27

    The Ultra is a blasting system that is designed for special applications where the risk and consequences of unauthorized demolition or blasting are so great that the use of an extraordinarily safe and secure blasting system is justified. Such a blasting system would be connected and logically welded together through digital code-linking as part of the blasting system set-up and initialization process. The Ultra's security is so robust that it will defeat the people who designed and built the components in any attempt at unauthorized detonation. Anyone attempting to gain unauthorized control of the system by substituting components or tapping into communications lines will be thwarted in their inability to provide encrypted authentication. Authentication occurs through the use of codes that are generated by the system during initialization code-linking and the codes remain unknown to anyone, including the authorized operator. Once code-linked, a closed system has been created. The system requires all components connected as they were during initialization as well as a unique code entered by the operator for function and blasting.

  16. Assessment And Testing of Industrial Devices Robustness Against Cyber Security Attacks

    CERN Document Server

    Tilaro, F

    2011-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. With this in mind, the ISA-99[0F1] international cyber security standard has been adopted at CERN as a reference model to define a set of guidelines and security robustness criteria applicable to any network device. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. When assessing the cyber security robustness of devices we have singled out control system-relevant attack patterns derived from the well-known CAPEC[1F2] classification. Once a vulnerability is identified, it needs to be documented, prioritized and reproduced at will in a dedicated test environment for debugging purposes. CERN - in collaboration ...

  17. Strengthening the Security of ESA Ground Data Systems

    Science.gov (United States)

    Flentge, Felix; Eggleston, James; Garcia Mateos, Marc

    2013-08-01

    A common approach to address information security has been implemented in ESA's Mission Operations (MOI) Infrastructure during the last years. This paper reports on the specific challenges to the Data Systems domain within the MOI and how security can be properly managed with an Information Security Management System (ISMS) according to ISO 27001. Results of an initial security risk assessment are reported and the different types of security controls that are being implemented in order to reduce the risks are briefly described.

  18. Secure Data Network System (SDNS) network, transport, and message security protocols

    Science.gov (United States)

    Dinkel, C.

    1990-03-01

    The Secure Data Network System (SDNS) project, implements computer to computer communications security for distributed applications. The internationally accepted Open Systems Interconnection (OSI) computer networking architecture provides the framework for SDNS. SDNS uses the layering principles of OSI to implement secure data transfers between computer nodes of local area and wide area networks. Four security protocol documents developed by the National Security Agency (NSA) as output from the SDNS project are included. SDN.301 provides the framework for security at layer 3 of the OSI Model. Cryptographic techniques to provide data protection for transport connections or for connectionless-mode transmission are described in SDN.401. Specifications for message security service and protocol are contained in SDN.701. Directory System Specifications for Message Security Protocol are covered in SDN.702.

  19. Virtual-Reality training system for nuclear security

    International Nuclear Information System (INIS)

    Nonaka, Nobuyuki

    2012-01-01

    At the Integrated Support Center for Nuclear Nonproliferation and Nuclear Security (ISCN) of the Japan Atomic Energy Agency, the virtual reality (VR) training system is under development for providing a practical training environment to implement experience-oriented and interactive lessons on nuclear security for wide range of participants in human resource development assistance program mainly to Asian emerging nuclear-power countries. This system electrically recreates and visualizes nuclear facilities and training conditions in stereoscopic (3D) view on a large-scale display (CAVE system) as virtual reality training facility (VR facility) and it provides training participants with effective environments to learn installation and layout of security equipment in the facility testing and verifying visually the protection performances under various situations such as changes in day-night lighting and weather conditions, which may lead to practical exercise in the design and evaluation of the physical protection system. This paper introduces basic concept of the system and outline of training programs as well as featured aspects in using the VR technology for the nuclear security. (author)

  20. Secure scalable disaster electronic medical record and tracking system.

    Science.gov (United States)

    Demers, Gerard; Kahn, Christopher; Johansson, Per; Buono, Colleen; Chipara, Octav; Griswold, William; Chan, Theodore

    2013-10-01

    Electronic medical records (EMRs) are considered superior in documentation of care for medical practice. Current disaster medical response involves paper tracking systems and radio communication for mass-casualty incidents (MCIs). These systems are prone to errors, may be compromised by local conditions, and are labor intensive. Communication infrastructure may be impacted, overwhelmed by call volume, or destroyed by the disaster, making self-contained and secure EMR response a critical capability. Report As the prehospital disaster EMR allows for more robust content including protected health information (PHI), security measures must be instituted to safeguard these data. The Wireless Internet Information System for medicAl Response in Disasters (WIISARD) Research Group developed a handheld, linked, wireless EMR system utilizing current technology platforms. Smart phones connected to radio frequency identification (RFID) readers may be utilized to efficiently track casualties resulting from the incident. Medical information may be transmitted on an encrypted network to fellow prehospital team members, medical dispatch, and receiving medical centers. This system has been field tested in a number of exercises with excellent results, and future iterations will incorporate robust security measures. A secure prehospital triage EMR improves documentation quality during disaster drills.

  1. Designing a Secure Point-of-Sale System

    DEFF Research Database (Denmark)

    Sharp, Robin; Pedersen, Allan; Hedegaard, Anders

    2006-01-01

    This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described.......This paper describes some experiences with using the ''Common Criteria for Information Security Evaluation'' as the basis for a design methodology when designing secure systems. As an example, the design process for a Point-of-Sale (POS) system is described....

  2. Physical Layer Security for Cooperative NOMA Systems

    KAUST Repository

    Chen, Jianchao

    2018-01-09

    In this correspondence, we investigate the physical layer security for cooperative non-orthogonal multiple access (NOMA) systems, where both amplify-and-forward (AF) and decode-and-forward (DF) protocols are considered. More specifically, some analytical expressions are derived for secrecy outage probability (SOP) and strictly positive secrecy capacity (SPSC). Results show that AF and DF almost achieve the same secrecy performance. Moreover, asymptotic results demonstrate that the SOP tends to a constant at high signal-to-noise ratio (SNR). Finally, our results show that the secrecy performance of considered NOMA systems is independent of the channel conditions between the relay and the poor user.

  3. 75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...

    Science.gov (United States)

    2010-02-23

    ... facilities or information technology systems; and other activities relating to personnel security management... 1974; Department of Homeland Security/ALL--023 Personnel Security Management System of Records AGENCY... Homeland Security/ALL--023 Personnel Security Management System of Records to include record systems within...

  4. Secure Video Surveillance System (SVSS) for unannounced safeguards inspections

    International Nuclear Information System (INIS)

    Galdoz, Erwin G.; Pinkalla, Mark

    2010-01-01

    The Secure Video Surveillance System (SVSS) is a collaborative effort between the U.S. Department of Energy (DOE), Sandia National Laboratories (SNL), and the Brazilian-Argentine Agency for Accounting and Control of Nuclear Materials (ABACC). The joint project addresses specific requirements of redundant surveillance systems installed in two South American nuclear facilities as a tool to support unannounced inspections conducted by ABACC and the International Atomic Energy Agency (IAEA). The surveillance covers the critical time (as much as a few hours) between the notification of an inspection and the access of inspectors to the location in facility where surveillance equipment is installed. ABACC and the IAEA currently use the EURATOM Multiple Optical Surveillance System (EMOSS). This outdated system is no longer available or supported by the manufacturer. The current EMOSS system has met the project objective; however, the lack of available replacement parts and system support has made this system unsustainable and has increased the risk of an inoperable system. A new system that utilizes current technology and is maintainable is required to replace the aging EMOSS system. ABACC intends to replace one of the existing ABACC EMOSS systems by the Secure Video Surveillance System. SVSS utilizes commercial off-the shelf (COTS) technologies for all individual components. Sandia National Laboratories supported the system design for SVSS to meet Safeguards requirements, i.e. tamper indication, data authentication, etc. The SVSS consists of two video surveillance cameras linked securely to a data collection unit. The collection unit is capable of retaining historical surveillance data for at least three hours with picture intervals as short as 1sec. Images in .jpg format are available to inspectors using various software review tools. SNL has delivered two SVSS systems for test and evaluation at the ABACC Safeguards Laboratory. An additional 'proto-type' system remains

  5. 'Lowering the threshold of effective deterrence'-Testing the effect of private security agents in public spaces on crime: A randomized controlled trial in a mass transit system.

    Science.gov (United States)

    Ariel, Barak; Bland, Matthew; Sutherland, Alex

    2017-01-01

    Supplementing local police forces is a burgeoning multibillion-dollar private security industry. Millions of formal surveillance agents in public settings are tasked to act as preventative guardians, as their high visibility presence is hypothesized to create a deterrent threat to potential offenders. Yet, rigorous evidence is lacking. We randomly assigned all train stations in the South West of England that experienced crime into treatment and controls conditions over a six-month period. Treatment consisted of directed patrol by uniformed, unarmed security agents. Hand-held trackers on every agent yielded precise measurements of all patrol time in the stations. Count-based regression models, estimated marginal means and odds-ratios are used to assess the effect of these patrols on crimes reported to the police by victims, as well as new crimes detected by police officers. Outcomes are measured at both specified target locations to which security guards were instructed to attend, as well as at the entire station complexes. Analyses show that 41% more patrol visits and 29% more minutes spent by security agents at treatment compared to control stations led to a significant 16% reduction in victim-generated crimes at the entirety of the stations' complexes, with a 49% increase in police-generated detections at the target locations. The findings illustrate the efficacy of private policing for crime prevention theory.

  6. 'Lowering the threshold of effective deterrence'-Testing the effect of private security agents in public spaces on crime: A randomized controlled trial in a mass transit system.

    Directory of Open Access Journals (Sweden)

    Barak Ariel

    Full Text Available Supplementing local police forces is a burgeoning multibillion-dollar private security industry. Millions of formal surveillance agents in public settings are tasked to act as preventative guardians, as their high visibility presence is hypothesized to create a deterrent threat to potential offenders. Yet, rigorous evidence is lacking. We randomly assigned all train stations in the South West of England that experienced crime into treatment and controls conditions over a six-month period. Treatment consisted of directed patrol by uniformed, unarmed security agents. Hand-held trackers on every agent yielded precise measurements of all patrol time in the stations. Count-based regression models, estimated marginal means and odds-ratios are used to assess the effect of these patrols on crimes reported to the police by victims, as well as new crimes detected by police officers. Outcomes are measured at both specified target locations to which security guards were instructed to attend, as well as at the entire station complexes. Analyses show that 41% more patrol visits and 29% more minutes spent by security agents at treatment compared to control stations led to a significant 16% reduction in victim-generated crimes at the entirety of the stations' complexes, with a 49% increase in police-generated detections at the target locations. The findings illustrate the efficacy of private policing for crime prevention theory.

  7. CC-based Design of Secure Application Systems

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

  8. A secure integrated medical information system.

    Science.gov (United States)

    Hsiao, Tsung-Chih; Wu, Zhen-Yu; Chung, Yu-Fang; Chen, Tzer-Shyong; Horng, Gwo-Boa

    2012-10-01

    The rapid rise and development of the internet has made digitization of our everyday life common. E-medicine, including electronic prescription records, electronic prescriptions, diagnosis information systems, and others are now being regarded as future trends. As development on the structure and format of electronic patient records and prescriptions matures, the implementation of a comprehensive medical information system is imperative, one which is constructed from integrating the various electronic information systems that is being developed. It is important to allow the implementation of such a system applicable to the present medical environment, which facilitates the integration of electronic patient record from all levels of medical centers and clinics, secures the transmission of these integrated patient records between them, enables the combined use of electronic prescriptions with patients' medications, and permits anonymous or confidential transmission of patients' private data. To put the ideas into practice, in this study, we would like to propose an Integrated Medical Information System.

  9. Cyber secure systems approach for NPP digital control systems

    International Nuclear Information System (INIS)

    McCreary, T. J.; Hsu, A.

    2006-01-01

    Whether fossil or nuclear power, the chief operations goal is to generate electricity. The heart of most plant operations is the I and C system. With the march towards open architecture, the I and C system is more vulnerable than ever to system security attacks (denial of service, virus attacks and others), thus jeopardizing plant operations. Plant staff must spend large amounts of time and money setting up and monitoring a variety of security strategies to counter the threats and actual attacks to the system. This time and money is a drain on the financial performance of a plant and distracts valuable operations resources from their real goals: product. The pendulum towards complete open architecture may have swung too far. Not all aspects of proprietary hardware and software are necessarily 'bad'. As the aging U.S. fleet of nuclear power plants starts to engage in replacing legacy control systems, and given the on-going (and legitimate) concern about the security of present digital control systems, decisions about how best to approach cyber security are vital to the specification and selection of control system vendors for these upgrades. The authors maintain that utilizing certain resources available in today's digital technology, plant control systems can be configured from the onset to be inherently safe, so that plant staff can concentrate on the operational issues of the plant. The authors postulate the concept of the plant I and C being bounded in a 'Cyber Security Zone' and present a design approach that can alleviate the concern and cost at the plant level of dealing with system security strategies. Present approaches through various IT cyber strategies, commercial software, and even postulated standards from various industry/trade organizations are almost entirely reactive and simply add to cost and complexity. This Cyber Security Zone design demonstrates protection from the four classes of cyber security attacks: 1)Threat from an intruder attempting to

  10. Business Information Exchange System with Security, Privacy, and Anonymity

    Directory of Open Access Journals (Sweden)

    Sead Muftic

    2016-01-01

    Full Text Available Business Information Exchange is an Internet Secure Portal for secure management, distribution, sharing, and use of business e-mails, documents, and messages. It has three applications supporting three major types of information exchange systems: secure e-mail, secure instant messaging, and secure sharing of business documents. In addition to standard security services for e-mail letters, which are also applied to instant messages and documents, the system provides innovative features of privacy and full anonymity of users and their locations, actions, transactions, and exchanged resources. In this paper we describe design, implementation, and use of the system.

  11. RFID Based Security Access Control System with GSM Technology

    OpenAIRE

    Peter Adole; Joseph M. Môm; Gabriel A. Igwue

    2016-01-01

    The security challenges being encountered in many places today require electronic means of controlling access to secured premises in addition to the available security personnel. Various technologies were used in different forms to solve these challenges. The Radio Frequency Identification (RFID) Based Access Control Security system with GSM technology presented in this work helps to prevent unauthorized access to controlled environments (secured premises). This is achieved mainly...

  12. Security for small computer systems a practical guide for users

    CERN Document Server

    Saddington, Tricia

    1988-01-01

    Security for Small Computer Systems: A Practical Guide for Users is a guidebook for security concerns for small computers. The book provides security advice for the end-users of small computers in different aspects of computing security. Chapter 1 discusses the security and threats, and Chapter 2 covers the physical aspect of computer security. The text also talks about the protection of data, and then deals with the defenses against fraud. Survival planning and risk assessment are also encompassed. The last chapter tackles security management from an organizational perspective. The bo

  13. National security and the comprehensive test ban treaty

    International Nuclear Information System (INIS)

    Landauer, J.K.

    1980-08-01

    For nearly three years now, the US, UK, and USSR have been working on the draft of a treaty that would ban all nuclear explosions (both peaceful applications and weapon tests) and institute verification and monitoring provisions to ensure compliance with the treaty. The status of the draft treaty is summarized. The question, Is a CTBT really in the interest of US national security. is analyzed with arguments used by both proponents and opponents of the CTBT. It is concluded that there are arguments both for and against a CTBT, but, for those whose approach to national security can be expressed as peace through preparedness, the arguments against a CTBT appear persuasive

  14. Security Management in a Multimedia System

    Science.gov (United States)

    Rednic, Emanuil; Toma, Andrei

    2009-01-01

    In database security, the issue of providing a level of security for multimedia information is getting more and more known. For the moment the security of multimedia information is done through the security of the database itself, in the same way, for all classic and multimedia records. So what is the reason for the creation of a security…

  15. Capturing security requirements for software systems

    Science.gov (United States)

    El-Hadary, Hassan; El-Kassas, Sherif

    2014-01-01

    Security is often an afterthought during software development. Realizing security early, especially in the requirement phase, is important so that security problems can be tackled early enough before going further in the process and avoid rework. A more effective approach for security requirement engineering is needed to provide a more systematic way for eliciting adequate security requirements. This paper proposes a methodology for security requirement elicitation based on problem frames. The methodology aims at early integration of security with software development. The main goal of the methodology is to assist developers elicit adequate security requirements in a more systematic way during the requirement engineering process. A security catalog, based on the problem frames, is constructed in order to help identifying security requirements with the aid of previous security knowledge. Abuse frames are used to model threats while security problem frames are used to model security requirements. We have made use of evaluation criteria to evaluate the resulting security requirements concentrating on conflicts identification among requirements. We have shown that more complete security requirements can be elicited by such methodology in addition to the assistance offered to developers to elicit security requirements in a more systematic way. PMID:25685514

  16. Secure electronic commerce communication system based on CA

    Science.gov (United States)

    Chen, Deyun; Zhang, Junfeng; Pei, Shujun

    2001-07-01

    In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

  17. Information systems security policies: a survey in Portuguese public administration

    OpenAIRE

    Lopes, Isabel Maria; Sá-Soares, Filipe de

    2010-01-01

    Information Systems Security is a relevant factor for present organizations. Among the security measures, policies assume a central role in literature. However, there is a reduced number of empirical studies about the adoption of information systems security policies. This paper contributes to mitigate this flaw by presenting the results of a survey in the adoption of Information System Security Policies in Local Public Administration in Portugal. The results are discussed in light of literat...

  18. Information System Security: Government Information Security Reform Act Implementation: Defense Security Assistance Management System

    National Research Council Canada - National Science Library

    Young, Shelton

    2002-01-01

    .... Of the 560 systems, the Office of the Inspector General of the Department of Defense, the Defense Information Systems Agency Inspector General, and Military Department audit agencies assessed a sample of 115 systems...

  19. Security Measures in Automated Assessment System for Programming Courses

    Directory of Open Access Journals (Sweden)

    Jana Šťastná

    2015-12-01

    Full Text Available A desirable characteristic of programming code assessment is to provide the learner the most appropriate information regarding the code functionality as well as a chance to improve. This can be hardly achieved in case the number of learners is high (500 or more. In this paper we address the problem of risky code testing and availability of an assessment platform Arena, dealing with potential security risks when providing an automated assessment for a large set of source code. Looking at students’ programs as if they were potentially malicious inspired us to investigate separated execution environments, used by security experts for secure software analysis. The results also show that availability issues of our assessment platform can be conveniently resolved with task queues. A special attention is paid to Docker, a virtual container ensuring no risky code can affect the assessment system security. The assessment platform Arena enables to regularly, effectively and securely assess students' source code in various programming courses. In addition to that it is a motivating factor and helps students to engage in the educational process.

  20. Nuclear power plant security systems - The need for upgrades

    International Nuclear Information System (INIS)

    Murskyj, M.P.; Furlow, C.H.

    1989-01-01

    Most perimeter security systems for nuclear power plants were designed and installed in the late 1970s or early 1980s. This paper explores the need to regularly evaluate and possibly upgrade a security system in the area of perimeter intrusion detection and surveillance. this paper discusses US Nuclear Regulatory Commission audits and regulatory effectiveness reviews (RERs), which have raised issues regarding the performance of perimeter security systems. The audits and RERs identified various degrees of vulnerability in certain aspects of existing perimeter security systems. In addition to reviewing the regulatory concerns, this paper discusses other reasons to evaluate and/or upgrade a perimeter security system

  1. Security Games for Cyber-Physical Systems

    DEFF Research Database (Denmark)

    Vigo, Roberto; Bruni, Alessandro; Yuksel, Ender

    2013-01-01

    The development of quantitative security analyses that consider both active attackers and reactive defenders is a main challenge in the design of trustworthy Cyber-Physical Systems. We propose a game-theoretic approach where it is natural to model attacker’s and defender’s actions explicitly......, associating costs to attacks and countermeasures. Cost considerations enable to contrast different strategies on the basis of their effectiveness and efficiency, paving the way to a multi-objective notion of optimality. Moreover, the framework allows expressing the probabilistic nature of the environment...

  2. Development of an integrated campus security alerting system ...

    African Journals Online (AJOL)

    Development of an integrated campus security alerting system. ... Nigerian Journal of Technology ... work presents an integrated alerting system which uses both the Internet Protocol (IP) cameras and micro-switches for monitoring security situations thereby providing an immediate alerting signal to the security personnel.

  3. Security Techniques for Sensor Systems and the Internet of Things

    Science.gov (United States)

    Midi, Daniele

    2016-01-01

    Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We…

  4. NOTICE OF ELECTRICAL CUT - TEST OF THE SECURED NETWORK

    CERN Multimedia

    Electrical Service ST/EL

    2001-01-01

    The electrical service ST/EL will test the switching sequence between the secured network and the diesel generators on January 8, 2002. The normal network, general services of the sites Meyrin, Prevessin, SPS, Zone Nord, LHC1 and LHC18 will be cut between 6:00am and 6:10am. The secured network will be resupplied by the diesel generators after approximately 1 minute. The UPS network will not be affected. To facilitate the restart of the electrical network and to minimize the impact of the tests on critical equipment, we would like to ask you to stop any equipment that might suffer major inconveniences during the tests (e.g. computers). For any further information, please do not hesitate to contact the Technical Control Room TCR (72201) or G. Cumer (160592).

  5. Expert systems for on line security assessment

    Energy Technology Data Exchange (ETDEWEB)

    Christie, R.D.; Talukdar, S.N.

    1988-05-01

    This paper argues that automatic security assessment schemes cannot generate information of high quality until their architectures, which are now wholly algorithmic, are changed to hybrids combining algorithms with expert systems. In particular, numerical algorithms should continue to be used for simulating the effects of contingencies, but expert systems should be developed for selecting the contingencies and interpreting the simulation results. These changes will make automatic schemes more closely resemble the manual schemes that are used off line too generate assessment information of high quality. The problems of integrating hybrid software into existing Energy Management Systems (EMSs) are far from trivial. The paper goes on to discuss these problems and suggest a solution, namely the use of a network of workstations tied to existing EMS computers.

  6. A new optical secure communication system

    Science.gov (United States)

    Luo, Fan; Fang, Nian; Huang, Zhaoming; Wang, Chunhua

    2007-11-01

    An optical secure communication system based on digital chaos and Polarization Shift Keying (PolSK) technology is proposed. In several selected PolSK schemes, states of polarization are partially or totally uniform on Poincare sphere. Different PolSK schemes are chosen according to the real-time chaos-based pseudo-random sequences to modulate original information in different periods of clock of the transmitter. In the receiver, according to the synchronous chaotic sequences, corresponding PolSK schemes are used to demodulate the information. Simulation is carried out by using the softwares of OptiSystem and Matlab. Some analysis results are presented. In the conclusion, this system works well in communication and has strong anti-attack capacity.

  7. Design and implementation of modular home security system with short messaging system

    Directory of Open Access Journals (Sweden)

    Budijono Santoso

    2014-03-01

    Full Text Available Today we are living in 21st century where crime become increasing and everyone wants to secure they asset at their home. In that situation user must have system with advance technology so person do not worry when getting away from his home. It is therefore the purpose of this design to provide home security device, which send fast information to user GSM (Global System for Mobile mobile device using SMS (Short Messaging System and also activate - deactivate system by SMS. The Modular design of this Home Security System make expandable their capability by add more sensors on that system. Hardware of this system has been designed using microcontroller AT Mega 328, PIR (Passive Infra Red motion sensor as the primary sensor for motion detection, camera for capturing images, GSM module for sending and receiving SMS and buzzer for alarm. For software this system using Arduino IDE for Arduino and Putty for testing connection programming in GSM module. This Home Security System can monitor home area that surrounding by PIR sensor and sending SMS, save images capture by camera, and make people panic by turn on the buzzer when trespassing surrounding area that detected by PIR sensor. The Modular Home Security System has been tested and succeed detect human movement.

  8. Design and implementation of modular home security system with short messaging system

    Science.gov (United States)

    Budijono, Santoso; Andrianto, Jeffri; Axis Novradin Noor, Muhammad

    2014-03-01

    Today we are living in 21st century where crime become increasing and everyone wants to secure they asset at their home. In that situation user must have system with advance technology so person do not worry when getting away from his home. It is therefore the purpose of this design to provide home security device, which send fast information to user GSM (Global System for Mobile) mobile device using SMS (Short Messaging System) and also activate - deactivate system by SMS. The Modular design of this Home Security System make expandable their capability by add more sensors on that system. Hardware of this system has been designed using microcontroller AT Mega 328, PIR (Passive Infra Red) motion sensor as the primary sensor for motion detection, camera for capturing images, GSM module for sending and receiving SMS and buzzer for alarm. For software this system using Arduino IDE for Arduino and Putty for testing connection programming in GSM module. This Home Security System can monitor home area that surrounding by PIR sensor and sending SMS, save images capture by camera, and make people panic by turn on the buzzer when trespassing surrounding area that detected by PIR sensor. The Modular Home Security System has been tested and succeed detect human movement.

  9. Intrusion detection systems: complement to firewall security system ...

    African Journals Online (AJOL)

    Intrusion detection systems: complement to firewall security system. ... Information Impact: Journal of Information and Knowledge Management. Journal Home ... If you would like more information about how to print, save, and work with PDFs, Highwire Press provides a helpful Frequently Asked Questions about PDFs.

  10. CNSS: Interagency Partnering to Protect Our National Security Systems

    National Research Council Canada - National Science Library

    Grimes, John G

    2008-01-01

    .... The CNSS performs the vital function of mobilizing the full, interagency National Security Community for the protection of telecommunications and information systems that support U.S. national security...

  11. Test and Evaluation for Enhanced Security: A Quantitative Method to Incorporate Expert Knowledge into Test Planning Decisions.

    Energy Technology Data Exchange (ETDEWEB)

    Rizzo, Davinia [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States); Blackburn, Mark [Stevens Inst. of Technology, Hoboken, NJ (United States)

    2017-03-01

    Complex systems are comprised of technical, social, political and environmental factors as well as the programmatic factors of cost, schedule and risk. Testing these systems for enhanced security requires expert knowledge in many different fields. It is important to test these systems to ensure effectiveness, but testing is limited to due cost, schedule, safety, feasibility and a myriad of other reasons. Without an effective decision framework for Test and Evaluation (T&E) planning that can take into consideration technical as well as programmatic factors and leverage expert knowledge, security in complex systems may not be assessed effectively. Therefore, this paper covers the identification of the current T&E planning problem and an approach to include the full variety of factors and leverage expert knowledge in T&E planning through the use of Bayesian Networks (BN).

  12. Effective Methodology for Security Risk Assessment of Computer Systems

    OpenAIRE

    Daniel F. García; Adrián Fernández

    2013-01-01

    Today, computer systems are more and more complex and support growing security risks. The security managers need to find effective security risk assessment methodologies that allow modeling well the increasing complexity of current computer systems but also maintaining low the complexity of the assessment procedure. This paper provides a brief analysis of common security risk assessment methodologies leading to the selection of a proper methodology to fulfill these requirements. Then, a detai...

  13. Designing Fuzzy Rule Based Expert System for Cyber Security

    OpenAIRE

    Goztepe, Kerim

    2016-01-01

    The state of cyber security has begun to attract more attention and interest outside the community of computer security experts. Cyber security is not a single problem, but rather a group of highly different problems involving different sets of threats. Fuzzy Rule based system for cyber security is a system consists of a rule depository and a mechanism for accessing and running the rules. The depository is usually constructed with a collection of related rule sets. The aim of this study is to...

  14. PECULIARITIES OF CONSTRUCTION PROFILES OF SECURITY SYSTEMS OF INFORMATION SYSTEMS

    Directory of Open Access Journals (Sweden)

    Olga V. Lukinova

    2015-01-01

    Full Text Available Examines the specific issues of building functional and technological profiles of the security systems to ensure the safety of information systems in the paradigm of functional standardization; shows a view of the system of protection based on the model of OSE/RM; studied the composition and structure of the concept of "defense mechanism" for the purpose of profiling third instalment correction representation of the system of protection.

  15. SECURING DIGITIZED LIBRARY CIRCULATORY SYSTEM | Olaniyi ...

    African Journals Online (AJOL)

    The results of testing and evaluation of the developed system showed that the surface area and position of the tag from RFID reader affects the response of the RFID system for improved library circulatory service delivery. The widespread application of the developed system on smart library circulation unit would improve the ...

  16. The Exon-Florio National Security Test for Foreign Investment

    Science.gov (United States)

    2010-02-04

    Asia, Latin America, the Carribean , and North America. 24 Peninsular and Oriental Steam Company is a leading ports operator and transport company...CRS Report for Congress Prepared for Members and Committees of Congress The Exon-Florio National Security Test for Foreign Investment...c11173008 Report Documentation Page Form ApprovedOMB No. 0704-0188 Public reporting burden for the collection of information is estimated to average 1 hour

  17. Quantitative Vulnerability Assessment of Cyber Security for Distribution Automation Systems

    Directory of Open Access Journals (Sweden)

    Xiaming Ye

    2015-06-01

    Full Text Available The distribution automation system (DAS is vulnerable to cyber-attacks due to the widespread use of terminal devices and standard communication protocols. On account of the cost of defense, it is impossible to ensure the security of every device in the DAS. Given this background, a novel quantitative vulnerability assessment model of cyber security for DAS is developed in this paper. In the assessment model, the potential physical consequences of cyber-attacks are analyzed from two levels: terminal device level and control center server level. Then, the attack process is modeled based on game theory and the relationships among different vulnerabilities are analyzed by introducing a vulnerability adjacency matrix. Finally, the application process of the proposed methodology is illustrated through a case study based on bus 2 of the Roy Billinton Test System (RBTS. The results demonstrate the reasonability and effectiveness of the proposed methodology.

  18. On-line Dynamic Security Assessment in Power Systems

    DEFF Research Database (Denmark)

    Weckesser, Johannes Tilman Gabriel

    The thesis concerns the development of tools and methods for on-line dynamic security assessment (DSA). In a future power system with low-dependence or even independence of fossil fuels, generation will be based to a large extent on noncontrollable renewable energy sources (RES), such as wind...... tools may no longer be feasible, since they are generally based on extensive off-line studies. A core component of an efficient on-line dynamic security assessment is a fast and reliable contingency screening. As part of this thesis a contingency screening method is developed and its performance...... is assessed on a set of test cases. The developed method reliably assesses first-swing transient angular stability of a power system in its current state with respect to a given set of contingencies. In order to ensure fast performance of the screening method, first a review of existing transient stability...

  19. A Method to Analyze Threats and Vulnerabilities by Using a Cyber Security Test-bed of an Operating NPP

    International Nuclear Information System (INIS)

    Kim, Yong Sik; Son, Choul Woong; Lee, Soo Ill

    2016-01-01

    In order to implement cyber security controls for an Operating NPP, a security assessment should conduct in advance, and it is essential to analyze threats and vulnerabilities for a cyber security risk assessment phase. It might be impossible to perform a penetration test or scanning for a vulnerability analysis because the test may cause adverse effects on the inherent functions of ones. This is the reason why we develop and construct a cyber security test-bed instead of using real I and C systems in the operating NPP. In this paper, we propose a method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. The test-bed is being developed considering essential functions of the selected safety and non-safety system. This paper shows the method to analyze threats and vulnerabilities of a specific target system by using a cyber security test-bed. In order to develop the cyber security test-bed with both safety and non-safety functions, test-bed functions analysis and preliminary threats and vulnerabilities identification have been conducted. We will determine the attack scenarios and conduct the test-bed based vulnerability analysis

  20. The electronic security partnership of safety/security and information systems departments.

    Science.gov (United States)

    Yow, J Art

    2012-01-01

    The ever-changing world of security electronics is reviewed in this article. The author focuses on its usage in a hospital setting and the need for safety/security and information systems departments to work together to protect and get full value from IP systems.

  1. Building the Multi-agent Based Adaptive Security System

    Directory of Open Access Journals (Sweden)

    Sergey Andreevich Petrov

    2013-06-01

    Full Text Available This article is concerned with security of information system. Multi-agent based adaptive security system is offered. Advantages of the system and its potential architecture are presented. The author describes requirements for agents’ functionality and possible variants of agents’ operability. The suggested approach is intended to use for building adaptive security system in accordance with network structure, required safety level and available compute resources.

  2. Examining the Relationship between Organization Systems and Information Security Awareness

    Science.gov (United States)

    Tintamusik, Yanarong

    2010-01-01

    The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

  3. Security administration plan for HANDI 2000 business management system

    Energy Technology Data Exchange (ETDEWEB)

    Wilson, D.

    1998-09-29

    This document encompasses and standardizes the integrated approach for security within the PP and Ps applications, It also identifies the security tools and methods to be used. The Security Administration Plan becomes effective as of this document`s acceptance and will provide guidance through implementation efforts and, as a ``living document`` will support the operations and maintenance of the system.

  4. Mitigations for Security Vulnerabilities Found in Control System Networks

    Energy Technology Data Exchange (ETDEWEB)

    Trent D. Nelson

    2006-05-01

    Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments and suggests mitigation strategies to provide asset owners with the information they need to better protect their systems from common security flows.

  5. Laboratory Information Management System Chain of Custody: Reliability and Security

    Science.gov (United States)

    Tomlinson, J. J.; Elliott-Smith, W.; Radosta, T.

    2006-01-01

    A chain of custody (COC) is required in many laboratories that handle forensics, drugs of abuse, environmental, clinical, and DNA testing, as well as other laboratories that want to assure reliability of reported results. Maintaining a dependable COC can be laborious, but with the recent establishment of the criteria for electronic records and signatures by US regulatory agencies, laboratory information management systems (LIMSs) are now being developed to fully automate COCs. The extent of automation and of data reliability can vary, and FDA- and EPA-compliant electronic signatures and system security are rare. PMID:17671623

  6. Laboratory information management system chain of custody: reliability and security.

    Science.gov (United States)

    Tomlinson, J J; Elliott-Smith, W; Radosta, T

    2006-01-01

    A chain of custody (COC) is required in many laboratories that handle forensics, drugs of abuse, environmental, clinical, and DNA testing, as well as other laboratories that want to assure reliability of reported results. Maintaining a dependable COC can be laborious, but with the recent establishment of the criteria for electronic records and signatures by US regulatory agencies, laboratory information management systems (LIMSs) are now being developed to fully automate COCs. The extent of automation and of data reliability can vary, and FDA- and EPA-compliant electronic signatures and system security are rare.

  7. Research and realization of info-net security controlling system

    Science.gov (United States)

    Xu, Tao; Zhang, Wei; Li, Xuhong; Wang, Xia; Pan, Wenwen

    2017-03-01

    The thesis introduces some relative concepts about Network Cybernetics, and we design and realize a new info-net security controlling system based on Network Cybernetics. The system can control the endpoints, safely save files, encrypt communication, supervise actions of users and show security conditions, in order to realize full-scale security management. At last, we simulate the functions of the system. The results show, the system can ensure the controllability of users and devices, and supervise them real-time. The system can maximize the security of the network and users.

  8. Collaborative Systems Testing

    Science.gov (United States)

    Pocatilu, Paul; Ciurea, Cristian

    2009-01-01

    Collaborative systems are widely used today in various activity fields. Their complexity is high and the development involves numerous resources and costs. Testing collaborative systems has a very important role for the systems' success. In this paper we present taxonomy of collaborative systems. The collaborative systems are classified in many…

  9. Secure wireless embedded systems via component-based design

    DEFF Research Database (Denmark)

    Hjorth, T.; Torbensen, R.

    2010-01-01

    communication component for distributed wireless embedded devices. The components communicate using the Secure Embedded Exchange Protocol (SEEP), which has been designed for flexible trust establishment so that small, resource-constrained, wireless embedded systems are able to communicate short command messages......This paper introduces the method secure-by-design as a way of constructing wireless embedded systems using component-based modeling frameworks. This facilitates design of secure applications through verified, reusable software. Following this method we propose a security framework with a secure...

  10. A Hierarchical Security Architecture for Cyber-Physical Systems

    Energy Technology Data Exchange (ETDEWEB)

    Quanyan Zhu; Tamer Basar

    2011-08-01

    Security of control systems is becoming a pivotal concern in critical national infrastructures such as the power grid and nuclear plants. In this paper, we adopt a hierarchical viewpoint to these security issues, addressing security concerns at each level and emphasizing a holistic cross-layer philosophy for developing security solutions. We propose a bottom-up framework that establishes a model from the physical and control levels to the supervisory level, incorporating concerns from network and communication levels. We show that the game-theoretical approach can yield cross-layer security strategy solutions to the cyber-physical systems.

  11. development of an integrated campus security alerting system

    African Journals Online (AJOL)

    user

    . Students and staff need a safe environment for academic, administrative and social activities. A standard security plan for campuses would include access control system, intrusion detection system, burglar alarm system, fire detection system,.

  12. Help for the Developers of Control System Cyber Security Standards

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2008-05-01

    A Catalog of Control Systems Security: Recommendations for Standards Developers (Catalog), aimed at assisting organizations to facilitate the development and implementation of control system cyber security standards, has been developed. This catalog contains requirements that can help protect control systems from cyber attacks and can be applied to the Critical Infrastructures and Key Resources of the United States and other nations. The requirements contained in the catalog are a compilation of practices or various industry bodies used to increase the security of control systems from both physical and cyber attacks. They should be viewed as a collection of recommendations to be considered and judiciously employed, as appropriate, when reviewing and developing cyber security standards for control systems. The recommendations in the Catalog are intended to be broad enough to provide any industry using control systems the flexibility needed to develop sound cyber security standards specific to their individual security requirements.

  13. Modelling the System of Ensuring the Investment Security

    Directory of Open Access Journals (Sweden)

    Moroz Maxim O.

    2017-11-01

    Full Text Available The article explores approaches to modelling the system of ensuring the investment security. Necessity of observance of investment security of Ukraine has been substantiated. The author’s own vision of the modelling essentials has been provided. The eligibility for consideration of the system of ensuring the investment security of Ukraine in the functional, structural, process, formative, and factor aspects has been proved. The target setting and tasks of a functional model of the system of ensuring the investment security have been defined. The functions, subjects, organizational-economic mechanisms of the system of ensuring the investment security of Ukraine have been characterized. A structural model of the system of ensuring the investment security has been presented. Special attention has been given to the definition of objects of direct and indirect influence, control and controlled subsystems, aggregate of indicators, safe levels, principles of formation of the investment security system. The process and formative models of the system of ensuring the investment security, as well as the algorithm of the complex assessment of the level of investment security, were analyzed in detail. Measures to ensure the investment security of Ukraine have been defined.

  14. THE MODEL FOR RISK ASSESSMENT ERP-SYSTEMS INFORMATION SECURITY

    Directory of Open Access Journals (Sweden)

    V. S. Oladko

    2016-12-01

    Full Text Available The article deals with the problem assessment of information security risks in the ERP-system. ERP-system functions and architecture are studied. The model malicious impacts on levels of ERP-system architecture are composed. Model-based risk assessment, which is the quantitative and qualitative approach to risk assessment, built on the partial unification 3 methods for studying the risks of information security - security models with full overlapping technique CRAMM and FRAP techniques developed.

  15. Asessing ethical severity of e-learning systems security attacks

    OpenAIRE

    Levy, Y; Ramim, MM; Hackney, RA

    2013-01-01

    Security and ethical issues with information systems (IS) are important concerns for most organizations. However, limited attention has been given to unethical behaviors and severity of cyber-security attacks, while these instances appear to be critically important. Although managers have been embracing e-learning systems for training and virtual-team collaborations, little is known about motivations for cyber-security attacks on such systems The JCIS editor-in-chief Dr. Alex Koohang and t...

  16. Considerations When Including Students with Disabilities in Test Security Policies. NCEO Policy Directions. Number 23

    Science.gov (United States)

    Lazarus, Sheryl; Thurlow, Martha

    2015-01-01

    Sound test security policies and procedures are needed to ensure test security and confidentiality, and to help prevent cheating. In this era when cheating on tests draws regular media attention, there is a need for thoughtful consideration of the ways in which possible test security measures may affect accessibility for some students with…

  17. The Effect of a Controlled Perimeter Security System on Crime

    National Research Council Canada - National Science Library

    Rothrock, Martin

    2001-01-01

    The proliferation of gated residential communities in the United States has generated social criticism, but research to assess the expected crime prevention effect of the perimeter security systems...

  18. Managing a major security system installation: Practical lessons learned

    International Nuclear Information System (INIS)

    Roehrig, S.C.

    1986-01-01

    Sandia National Laboratories has been heavily involved for over a decade in aiding a number of DOE facilities in defining and implementing upgraded security safeguards systems. Because security system definition, design, and installation is still a relatively new field to the commercial world, effective project management must pay special attention to first understanding and then interpreting the unique aspects of a security system for all concerned parties. Experiences from an actual security system installation are used to illustrate some project management approaches which have been found to be effective

  19. Analysing Information Systems Security In Higher Learning Institutions Of Uganda

    Directory of Open Access Journals (Sweden)

    Mugyenyi Raymond

    2017-10-01

    Full Text Available Information communication technology has increased globalisation in higher learning institution all over the world. This has been achieved through introduction of systems that ease operations related to information handling in the institutions. The paper assessed and analysed the information systems security performance status in higher learning institutions of Uganda. The existing policies that govern the information security have also been analysed together with the current status of information systems security in Uganda. Citations related management of information systems security and policies have been identified and analysed. A proposed model illustrating the effective management of information in higher learning institutions have been developed. Relevant recommendations and conclusions have also been developed.

  20. Survey of Customers’ Conceptions of Security and Trust in E-Payment System

    OpenAIRE

    Fakhraddin Maroofi; Reza Hashemi; Zohre Nargesi

    2012-01-01

    In this study, we examine issues related to e-payment security from the viewpoint of customers. This study proposes a conceptual model that delineates the determinants of consumers’ observed security and observed trust, as well as the effects of observed security and observed trust on the use of e-payment systems. To test the model, structural equation modeling is employed to analyze data collected from 219 respondents in Iran. This research provides a theoretical foundation for academics and...

  1. Binary Hypothesis Testing With Byzantine Sensors: Fundamental Tradeoff Between Security and Efficiency

    Science.gov (United States)

    Ren, Xiaoqiang; Yan, Jiaqi; Mo, Yilin

    2018-03-01

    This paper studies binary hypothesis testing based on measurements from a set of sensors, a subset of which can be compromised by an attacker. The measurements from a compromised sensor can be manipulated arbitrarily by the adversary. The asymptotic exponential rate, with which the probability of error goes to zero, is adopted to indicate the detection performance of a detector. In practice, we expect the attack on sensors to be sporadic, and therefore the system may operate with all the sensors being benign for extended period of time. This motivates us to consider the trade-off between the detection performance of a detector, i.e., the probability of error, when the attacker is absent (defined as efficiency) and the worst-case detection performance when the attacker is present (defined as security). We first provide the fundamental limits of this trade-off, and then propose a detection strategy that achieves these limits. We then consider a special case, where there is no trade-off between security and efficiency. In other words, our detection strategy can achieve the maximal efficiency and the maximal security simultaneously. Two extensions of the secure hypothesis testing problem are also studied and fundamental limits and achievability results are provided: 1) a subset of sensors, namely "secure" sensors, are assumed to be equipped with better security countermeasures and hence are guaranteed to be benign, 2) detection performance with unknown number of compromised sensors. Numerical examples are given to illustrate the main results.

  2. Evaluating the Security Risks of System Using Hidden Markov Models

    African Journals Online (AJOL)

    System security assessment tools are either restricted to manual risk evaluation methodologies that are not appropriate for real-time application or used to determine the impact of certain events on the security status of networked systems. In this paper, we determine the strength of computer systems from the perspective of ...

  3. Security plan for the Automated Transportation Management System

    Energy Technology Data Exchange (ETDEWEB)

    1994-04-01

    The Automated Transportation Management System (ATMS) is an unclassified non-sensitive system consisting of hardware and software designed to facilitate the shipment of goods for the US Department of Energy (DOE). The system is secured against waste, fraud, abuse, misuse, and programming errors through a series of security measures that are discussed in detail in this document.

  4. System Performance and Testing

    NARCIS (Netherlands)

    Frei, U.; Oversloot, H.

    2004-01-01

    This chapter compares and contrasts the system performance of two widely used solar thermal systems using testing and simulation programs. Solar thermal systems are used in many countries for heating domestically used water. In addition to the simple thermosiphon systems, better designed pumped

  5. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security (Self-Securing Devices)

    Science.gov (United States)

    2007-01-15

    device. However, with rapidly shrinking hardware costs, growing software development costs, and astronomical security costs, it makes no sense to not be...ceptable levels of performance and manageability. After describing our inspiration for this architecture ( medieval siege warfare), this chapter overviews...perimeters. Borrowing from lessons learned in pre-gun warfare, we pro- pose a new network security architecture analogous to medieval defense

  6. The Firewall and Security of Information Systems

    OpenAIRE

    Radut Carmen; Albici Mihaela; Tenovici Cristina Otilia

    2010-01-01

    Information security is a broader concept which refers to ensuring the integrity, confidentiality and availability of information. The dynamics of information technology to induce new risks to which organizations must implement new measures of control. Technological development has been accompanied by security solutions, equipment manufacturers and applications including technical methods of protection performance. However, while in information technology change is exponential, the human comp...

  7. Nuclear Security Objectives of an NMAC System

    Energy Technology Data Exchange (ETDEWEB)

    West, Rebecca Lynn [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2018-01-05

    After completing this module, you should be able to: Describe the role of Nuclear Material Accounting and Control (NMAC) in comprehensive nuclear security at a facility; Describe purpose of NMAC; Identify differences between the use of NMAC for IAEA safeguards and for facility nuclear security; List NMAC elements and measures; and Describe process for resolution of irregularities

  8. Dynamic Security Assessment Of Computer Networks In Siem-Systems

    Directory of Open Access Journals (Sweden)

    Elena Vladimirovna Doynikova

    2015-10-01

    Full Text Available The paper suggests an approach to the security assessment of computer networks. The approach is based on attack graphs and intended for Security Information and Events Management systems (SIEM-systems. Key feature of the approach consists in the application of the multilevel security metrics taxonomy. The taxonomy allows definition of the system profile according to the input data used for the metrics calculation and techniques of security metrics calculation. This allows specification of the security assessment in near real time, identification of previous and future attacker steps, identification of attackers goals and characteristics. A security assessment system prototype is implemented for the suggested approach. Analysis of its operation is conducted for several attack scenarios.

  9. Start up testing for the secure automated fabrication line

    International Nuclear Information System (INIS)

    Gerber, E.W.; Benson, E.M.; Dahl, R.E.

    1986-01-01

    The Secure Automated Fabrication (SAF) Line has been designed and built by Westinghouse Hanford Company for the Department of Energy at the Hanford Site near Richland, Washington. The SAF Line will provide the capability for remote manufacture of fuel for Liquid Metal Reactors, and will supply fuel for the Fast Flux Test Facility (FFTF). The SAF process is highly automated and represents a major advancement in nuclear fuel manufacturing, offering significant improvements in product quality, productivity, safety, and accountability of Special Nuclear Materials. The construction phase of the project is complete, and testing has been initiated to accomplish start up of the plant for manufacture of FFTF fuel. This paper describes the test methodology used for SAF Line start up

  10. TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Hsien-Hsin S

    2010-05-11

    The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

  11. Information security system quality assessment through the intelligent tools

    Science.gov (United States)

    Trapeznikov, E. V.

    2018-04-01

    The technology development has shown the automated system information security comprehensive analysis necessity. The subject area analysis indicates the study relevance. The research objective is to develop the information security system quality assessment methodology based on the intelligent tools. The basis of the methodology is the information security assessment model in the information system through the neural network. The paper presents the security assessment model, its algorithm. The methodology practical implementation results in the form of the software flow diagram are represented. The practical significance of the model being developed is noted in conclusions.

  12. Electronic security systems better ways to crime prevention

    CERN Document Server

    Walker, Philip

    2013-01-01

    Electronic Security Systems: Better Ways to Crime Prevention teaches the reader about the application of electronics for security purposes through the use of case histories, analogies, anecdotes, and other related materials. The book is divided into three parts. Part 1 covers the concepts behind security systems - its objectives, limitations, and components; the fundamentals of space detection; detection of intruder movement indoors and outdoors; surveillance; and alarm communication and control. Part 2 discusses equipments involved in security systems such as the different types of sensors,

  13. System security assessment in real-time using synchrophasor measurements

    DEFF Research Database (Denmark)

    Jóhannsson, Hjörtur; Wache, Markus

    2013-01-01

    measures to ensure stable and secure operation of the system are necessary. Time stamped synchrophasor measurements lay the foundation for development of new real-time applications for security and stability assessment. The paper provides overview of existing solutions for synchrophasor based security...... assessment and sheds light on ongoing research activities that focus on exploiting wide-area synchrophasor measurements for real-time security assessment of sustainable power systems. At last, an mathematical mapping enabling informative visualization of the system state in respect to aperiodic rotor angle...

  14. Perimeter security alarm system based on fiber Bragg grating

    Science.gov (United States)

    Zhang, Cui; Wang, Lixin

    2010-11-01

    With the development of the society and economy and the improvement of living standards, people need more and more pressing security. Perimeter security alarm system is widely regarded as the first line of defense. A highly sensitive Fiber Bragg grating (FBG) vibration sensor based on the theory of the string vibration, combined with neural network adaptive dynamic programming algorithm for the perimeter security alarm system make the detection intelligently. Intelligent information processing unit identify the true cause of the vibration of the invasion or the natural environment by analyzing the frequency of vibration signals, energy, amplitude and duration. Compared with traditional perimeter security alarm systems, such as infrared perimeter security system and electric fence system, FBG perimeter security alarm system takes outdoor passive structures, free of electromagnetic interference, transmission distance through optical fiber can be as long as 20 km It is able to detect the location of event within short period of time (high-speed response, less than 3 second).This system can locate the fiber cable's breaking sites and alarm automatically if the cable were be cut. And the system can prevent effectively the false alarm from small animals, birds, strong wind, scattering things, snowfalls and vibration of sensor line itself. It can also be integrated into other security systems. This system can be widely used in variety fields such as military bases, nuclear sites, airports, warehouses, prisons, residence community etc. It will be a new force of perimeter security technology.

  15. System security in the space flight operations center

    Science.gov (United States)

    Wagner, David A.

    1988-01-01

    The Space Flight Operations Center is a networked system of workstation-class computers that will provide ground support for NASA's next generation of deep-space missions. The author recounts the development of the SFOC system security policy and discusses the various management and technology issues involved. Particular attention is given to risk assessment, security plan development, security implications of design requirements, automatic safeguards, and procedural safeguards.

  16. Study of Security Attributes of Smart Grid Systems- Current Cyber Security Issues

    Energy Technology Data Exchange (ETDEWEB)

    Wayne F. Boyer; Scott A. McBride

    2009-04-01

    This document provides information for a report to congress on Smart Grid security as required by Section 1309 of Title XIII of the Energy Independence and Security Act of 2007. The security of any future Smart Grid is dependent on successfully addressing the cyber security issues associated with the nation’s current power grid. Smart Grid will utilize numerous legacy systems and technologies that are currently installed. Therefore, known vulnerabilities in these legacy systems must be remediated and associated risks mitigated in order to increase the security and success of the Smart Grid. The implementation of Smart Grid will include the deployment of many new technologies and multiple communication infrastructures. This report describes the main technologies that support Smart Grid and summarizes the status of implementation into the existing U.S. electrical infrastructure.

  17. Ideal Based Cyber Security Technical Metrics for Control Systems

    Energy Technology Data Exchange (ETDEWEB)

    W. F. Boyer; M. A. McQueen

    2007-10-01

    Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

  18. A Review of Cyber-Physical Energy System Security Assessment

    DEFF Research Database (Denmark)

    Rasmussen, Theis Bo; Yang, Guangya; Nielsen, Arne Hejde

    2017-01-01

    to the consumption side. This transition entails that the future power system evolves into a complex cyber-physical energy system (CPES) with strong interactions between the power, communication and neighboring energy systems. Current power system security assessment methods are based on centralized computation...... and N-1 contingencies, while these risks should still be considered in the future CPES, additional factors are affecting the system security. This paper serves as a review of the challenges entailed by transforming the power system into a CPES from a security assessment perspective. It gives...

  19. Power system security enhancement with unified power flow controller under multi-event contingency conditions

    Directory of Open Access Journals (Sweden)

    S. Ravindra

    2017-03-01

    Full Text Available Power system security analysis plays key role in enhancing the system security and to avoid the system collapse condition. In this paper, a novel severity function is formulated using transmission line loadings and bus voltage magnitude deviations. The proposed severity function and generation fuel cost objectives are analyzed under transmission line(s and/or generator(s contingency conditions. The system security under contingency conditions is analyzed using optimal power flow problem. An improved teaching learning based optimization (ITLBO algorithm has been presented. To enhance the system security under contingency conditions in the presence of unified power flow controller (UPFC, it is necessary to identify an optimal location to install this device. Voltage source based power injection model of UPFC, incorporation procedure and optimal location identification strategy based on line overload sensitivity indexes are proposed. The entire proposed methodology is tested on standard IEEE-30 bus test system with supporting numerical and graphical results.

  20. Cognitive Security of Wireless Communication Systems in the Physical Layer

    Directory of Open Access Journals (Sweden)

    Mustafa Harun Yılmaz

    2017-01-01

    Full Text Available While the wireless communication systems provide the means of connectivity nearly everywhere and all the time, communication security requires more attention. Even though current efforts provide solutions to specific problems under given circumstances, these methods are neither adaptive nor flexible enough to provide security under the dynamic conditions which make the security breaches an important concern. In this paper, a cognitive security (CS concept for wireless communication systems in the physical layer is proposed with the aim of providing a comprehensive solution to wireless security problems. The proposed method will enable the comprehensive security to ensure a robust and reliable communication in the existence of adversaries by providing adaptive security solutions in the communication systems by exploiting the physical layer security from different perspective. The adaptiveness relies on the fact that radio adapts its propagation characteristics to satisfy secure communication based on specific conditions which are given as user density, application specific adaptation, and location within CS concept. Thus, instead of providing any type of new security mechanism, it is proposed that radio can take the necessary precautions based on these conditions before the attacks occur. Various access scenarios are investigated to enable the CS while considering these conditions.

  1. FREQUENCY OPTIMIZATION FOR SECURITY MONITORING OF COMPUTER SYSTEMS

    Directory of Open Access Journals (Sweden)

    Вogatyrev V.A.

    2015-03-01

    Full Text Available The subject areas of the proposed research are monitoring facilities for protection of computer systems exposed to destructive attacks of accidental and malicious nature. The interval optimization model of test monitoring for the detection of hazardous states of security breach caused by destructive attacks is proposed. Optimization function is to maximize profit in case of requests servicing in conditions of uncertainty, and intensity variance of the destructive attacks including penalties when servicing of requests is in dangerous conditions. The vector task of system availability maximization and minimization of probabilities for its downtime and dangerous conditions is proposed to be reduced to the scalar optimization problem based on the criterion of profit maximization from information services (service of requests that integrates these private criteria. Optimization variants are considered with the definition of the averaged periodic activities of monitoring and adapting of these periods to the changes in the intensity of destructive attacks. Adaptation efficiency of the monitoring frequency to changes in the activity of the destructive attacks is shown. The proposed solutions can find their application for optimization of test monitoring intervals to detect hazardous conditions of security breach that makes it possible to increase the system effectiveness, and specifically, to maximize the expected profit from information services.

  2. Security information and event management systems: benefits and inefficiencies

    OpenAIRE

    Κάτσαρης, Δημήτριος Σ.

    2014-01-01

    In this Master’s thesis, the new trend in computer and information security industry called Security Information and Event Management systems will be covered. The evolution, advantages and weaknesses of these systems will be described, as well as a home-based implementation with open source tools will be proposed and implemented.

  3. Applications for cyber security - System and application monitoring

    International Nuclear Information System (INIS)

    Marron, J. E.

    2006-01-01

    Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

  4. Information security management system planning for CBRN facilities

    Energy Technology Data Exchange (ETDEWEB)

    Lenaeu, Joseph D. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); O' Neil, Lori Ross [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Leitch, Rosalyn M. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Glantz, Clifford S. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Landine, Guy P. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Bryant, Janet L. [Pacific Northwest National Lab. (PNNL), Richland, WA (United States); Lewis, John [National Nuclear Lab., Workington (United Kingdom); Mathers, Gemma [National Nuclear Lab., Workington (United Kingdom); Rodger, Robert [National Nuclear Lab., Workington (United Kingdom); Johnson, Christopher [National Nuclear Lab., Workington (United Kingdom)

    2015-12-01

    The focus of this document is to provide guidance for the development of information security management system planning documents at chemical, biological, radiological, or nuclear (CBRN) facilities. It describes a risk-based approach for planning information security programs based on the sensitivity of the data developed, processed, communicated, and stored on facility information systems.

  5. Gene expression programming for power system static security ...

    African Journals Online (AJOL)

    user

    these computational requirements, application of artificial intelligence based algorithms like decision trees, pattern recognition, fuzzy logic, artificial neural networks and expert systems have been explored for static security assessment problems (Bansal et al.,. 2006; Swarp et al., 2002). Power system security assessment ...

  6. Assessing and managing security risk in IT systems a structured methodology

    CERN Document Server

    McCumber, John

    2004-01-01

    SECURITY CONCEPTSUsing ModelsIntroduction: Understanding, Selecting, and Applying Models Understanding AssetsLayered Security Using Models in Security Security Models for Information Systems Shortcomings of Models in SecuritySecurity in Context Reference Defining Information SecurityConfidentiality, Integrity, and Availability Information AttributesIntrinsic versus Imputed Value Information as an Asset The Elements of Security Security Is Security Only in Context Information as an Asset Introduction Determining Value Managing Information Resources ReferencesUnderstanding Threat and Its Relatio

  7. Future Direction of the Instrumentation and Control System for Security of Nuclear Facilities

    International Nuclear Information System (INIS)

    Kim, Woo Jin; Kim, Jae Kwang

    2014-01-01

    Instrumentation and control systems are pervasively used as a vital component in modern industries. Nuclear facilities, such as nuclear power plants (NPPs), originally use I and C systems for plant status monitoring, processes control, and many other purposes. After some events that raised security concerns, application areas of I and C systems have been expanded to physical protection of nuclear material and facilities. As nuclear policies over the world are strengthening security issues, the future direction of roles and technical requirements of security related I and C systems is described: An introduction of I and C systems, especially digitalized I and C systems, to security of nuclear facilities requires many careful considerations, such as system integration, verification and validation (V/V), etc. Institute of Nuclear Nonproliferation and Control (KINAC) established 'International Nuclear Nonproliferation and Security Academy, INSA' in 2014. One of the main achievements of INSA is test-bed implementation for technical criteria development of nuclear facilities' physical protection systems (PPSs) as well as for education and training of those systems. The test bed was modified and improved more suitably from the previous version to modern PPSs including state-of-the-art I and C technologies. KINAC is confident in the new test bed to become a fundamental technical basis of security related I and C systems in near future

  8. Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

    International Nuclear Information System (INIS)

    Pollet, J.

    2006-01-01

    This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

  9. Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment

    Energy Technology Data Exchange (ETDEWEB)

    Pollet, J. [PlantData Technologies, Inc., 1201 Louisiana Street, Houston, TX 77002 (United States)

    2006-07-01

    This session starts by providing an overview of typical DCS (Distributed Control Systems) and SCADA (Supervisory Control and Data Acquisition) architectures, and exposes cyber security vulnerabilities that vendors never admit, but are found through a comprehensive cyber testing process. A complete assessment process involves testing all of the layers and components of a SCADA or DCS environment, from the perimeter firewall all the way down to the end devices controlling the process, including what to look for when conducting a vulnerability assessment of real-time control systems. The following systems are discussed: 1. Perimeter (isolation from corporate IT or other non-critical networks) 2. Remote Access (third Party access into SCADA or DCS networks) 3. Network Architecture (switch, router, firewalls, access controls, network design) 4. Network Traffic Analysis (what is running on the network) 5. Host Operating Systems Hardening 6. Applications (how they communicate with other applications and end devices) 7. End Device Testing (PLCs, RTUs, DCS Controllers, Smart Transmitters) a. System Discovery b. Functional Discovery c. Attack Methodology i. DoS Tests (at what point does the device fail) ii. Malformed Packet Tests (packets that can cause equipment failure) iii. Session Hijacking (do anything that the operator can do) iv. Packet Injection (code and inject your own SCADA commands) v. Protocol Exploitation (Protocol Reverse Engineering / Fuzzing) This paper will provide information compiled from over five years of conducting cyber security testing on control systems hardware, software, and systems. (authors)

  10. Physical layer approaches for securing wireless communication systems

    CERN Document Server

    Wen, Hong

    2013-01-01

    This book surveys the outstanding work of physical-layer (PHY) security, including  the recent achievements of confidentiality and authentication for wireless communication systems by channel identification. A practical approach to building unconditional confidentiality for Wireless Communication security by feedback and error correcting code is introduced and a framework of PHY security based on space time block code (STBC) MIMO system is demonstrated.  Also discussed is a scheme which combines cryptographic techniques implemented in the higher layer with the physical layer security approach

  11. A security scheme of SMS system

    Science.gov (United States)

    Zhang, Fangzhou; Yang, Hong-Wei; Song, Chuck

    2005-02-01

    With the prosperous development and the use of SMS, more and more important information need to be transferred through the wireless and mobile networks by the users. But in the GSM/GPRS network, the SMS messages are transferred in text mode through the signaling channel and there is no integrality for SMS messages. Because of the speciality of the mobile communications, the security of signaling channel is very weak. So we need to improve and enhance the security and integrality of SMS. At present, developed investigation based on SMS security is still incomplete. The key distribution and management is not perfect to meet the usability in a wide area. This paper introduces a high-level security method to solve this problem. We design the Secure SMS of GSM/GPRS in order to improve the security of the important information that need to be transferred by the mobile networks. Using this method, we can improve the usability of E-payment and other mobile electronic commerce.

  12. Information security requirements in patient-centred healthcare support systems.

    Science.gov (United States)

    Alsalamah, Shada; Gray, W Alex; Hilton, Jeremy; Alsalamah, Hessah

    2013-01-01

    Enabling Patient-Centred (PC) care in modern healthcare requires the flow of medical information with the patient between different healthcare providers as they follow the patient's treatment plan. However, PC care threatens the stability of the balance of information security in the support systems since legacy systems fall short of attaining a security balance when sharing their information due to compromises made between its availability, integrity, and confidentiality. Results show that the main reason for this is that information security implementation in discrete legacy systems focused mainly on information confidentiality and integrity leaving availability a challenge in collaboration. Through an empirical study using domain analysis, observations, and interviews, this paper identifies a need for six information security requirements in legacy systems to cope with this situation in order to attain the security balance in systems supporting PC care implementation in modern healthcare.

  13. Evaluation of the applicability of security testing techniques in continuous integration environments

    OpenAIRE

    Thulin, Pontus

    2015-01-01

    Agile development methodologies are becoming increasingly popular, especially in projects that develop web applications. However, incorporation of software security in lightweight approaches can be difficult. Using security testing techniques throughout a complete agile development process by running automated tests in continuous integration environments is one approach that strives to improve security in agile projects. Instead of performing security testing at the end of the development cyc...

  14. Effective vulnerability assessments for physical security devices, systems, and programs

    International Nuclear Information System (INIS)

    Johnston, R.G.; Garcia, A.R.E.

    2002-01-01

    Full text: The efficacy of devices, systems, and programs used for physical security depend critically on having periodic and effective vulnerability assessments. Effective vulnerability assessments, in turn, require certain conditions and attributes. These include: a proper understanding of their purpose; not confusing vulnerability assessments with other kinds of metrics, analyses, tests, and security exercises; the view that vulnerabilities are inevitable, and that finding them is good news (since they can then be mitigated), not bad news; rejection of findings of no vulnerabilities; avoidance of mere 'compliance mode' rubber stamping; the use of the proper outside, independent, imaginative personnel; psychologically predisposed to finding and demonstrating problems; the absence of conflicts of interest; no unrealistic constraints on the possible attack tools, procedures, personnel, or strategies; efforts to not just find and demonstrate vulnerabilities, but also to suggest possible countermeasures; proper context; input and buy-in from ALL facility security personnel, especially low-level personnel; emphasis on the simplest, most relevant attacks first; no underestimation of potential adversaries; consideration of fault analysis attacks; awareness of Rohrbach's Maxim and Shannon's Maxim. In addition to these factors, we will cover some of the complex issues and problems associated with the design of vulnerability assessments. There will also be suggestions on how to conduct effective vulnerability assessments on a severely limited budget. We will conclude with a discussion of both conventional and unconventional ways of reporting results. (author)

  15. Department of Energy security program needs effective information systems

    International Nuclear Information System (INIS)

    1991-10-01

    Although security is an important, nearly billion-dollar-a-year function in the Department of Energy (DOE), key information systems that hold important data about security weaknesses and incidents have limited analytical capabilities and contain unreliable information. The resultant difficulty in identifying patterns and trends reduces managers' ability to ensure the effectiveness of the security program. Resources are also wasted because DOE has deployed incompatible systems that are unable to electronically share or transfer data, often forcing employees to manually re-enter data that are already stored in computers elsewhere. Finally, continuing data problems with other important security information systems, such as those used to track security clearances and classified documents, indicate that information system deficiencies are extensive. A major reason for these problems is that DOE has not done a comprehensive, strategic assessment of its information and information technology needs of the security program. DOE's efforts are fragmented because it has not assigned to any organization the leadership responsibility to determine security information needs and to plan and manage security information resources Department-wide. This paper reports that a number of changes are needed to correct these problems and take advantage of information technology to help strengthen the security program

  16. COLLABORATIVE NETWORK SECURITY MANAGEMENT SYSTEM BASED ON ASSOCIATION MINING RULE

    Directory of Open Access Journals (Sweden)

    Nisha Mariam Varughese

    2014-07-01

    Full Text Available Security is one of the major challenges in open network. There are so many types of attacks which follow fixed patterns or frequently change their patterns. It is difficult to find the malicious attack which does not have any fixed patterns. The Distributed Denial of Service (DDoS attacks like Botnets are used to slow down the system performance. To address such problems Collaborative Network Security Management System (CNSMS is proposed along with the association mining rule. CNSMS system is consists of collaborative Unified Threat Management (UTM, cloud based security centre and traffic prober. The traffic prober captures the internet traffic and given to the collaborative UTM. Traffic is analysed by the Collaborative UTM, to determine whether it contains any malicious attack or not. If any security event occurs, it will reports to the cloud based security centre. The security centre generates security rules based on association mining rule and distributes to the network. The cloud based security centre is used to store the huge amount of tragic, their logs and the security rule generated. The feedback is evaluated and the invalid rules are eliminated to improve the system efficiency.

  17. Evaluation of a Cyber Security System for Hospital Network.

    Science.gov (United States)

    Faysel, Mohammad A

    2015-01-01

    Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

  18. Automatic Test Systems Aquisition

    National Research Council Canada - National Science Library

    1994-01-01

    We are providing this final memorandum report for your information and use. This report discusses the efforts to achieve commonality in standards among the Military Departments as part of the DoD policy for automatic test systems (ATS...

  19. ELECTROFORCE 3330 TEST SYSTEM

    Data.gov (United States)

    Federal Laboratory Consortium — The Bose Electroforce 3330 is a test system with an axial electromagnetic linear motor, a torsional motor, and an environmental chamber for high and low temperature...

  20. Securing Information Systems in an Uncertain World Enterprise Level Security (Invited Paper

    Directory of Open Access Journals (Sweden)

    William R. Simpson

    2016-04-01

    Full Text Available Increasing threat intrusions to enterprise computing systems have led to a formulation of guarded enterprise systems. The approach was to put in place steel gates and prevent hostile entities from entering the enterprise domain. The current complexity level has made the fortress approach to security implemented throughout the defense, banking, and other high trust industries unworkable. The alternative security approach presented in this paper is the result of a concentrated fourteen year program of pilots and research. Its distributed approach has no need for passwords or accounts and derives from a set of tenets that form the basic security model requirements. At each step in the process it determines identities and claims for access and privileges. These techniques are resilient, secure, extensible, and scalable. They are currently being implemented for a major enterprise, and are a candidate for other enterprise security approaches. This paper discusses the Enterprise Level Security architecture, a web-based security architecture designed to select and incorporate technology into a cohesive set of policies and rules for an enterprise information system. The paper discusses the history, theoretical underpinnings, implementation decisions, current status, and future plans for expansion of capabilities and scale.

  1. Privacy and Security Research Group workshop on network and distributed system security: Proceedings

    Energy Technology Data Exchange (ETDEWEB)

    1993-05-01

    This report contains papers on the following topics: NREN Security Issues: Policies and Technologies; Layer Wars: Protect the Internet with Network Layer Security; Electronic Commission Management; Workflow 2000 - Electronic Document Authorization in Practice; Security Issues of a UNIX PEM Implementation; Implementing Privacy Enhanced Mail on VMS; Distributed Public Key Certificate Management; Protecting the Integrity of Privacy-enhanced Electronic Mail; Practical Authorization in Large Heterogeneous Distributed Systems; Security Issues in the Truffles File System; Issues surrounding the use of Cryptographic Algorithms and Smart Card Applications; Smart Card Augmentation of Kerberos; and An Overview of the Advanced Smart Card Access Control System. Selected papers were processed separately for inclusion in the Energy Science and Technology Database.

  2. Evaluation on Electronic Securities Settlements Systems by AHP Methods

    Science.gov (United States)

    Fukaya, Kiyoyuki; Komoda, Norihisa

    Accompanying the spread of Internet and the change of business models, electronic commerce expands buisness areas. Electronic finance commerce becomes popular and especially online security tradings becoome very popular in this area. This online securitiy tradings have some good points such as less mistakes than telephone calls. In order to expand this online security tradings, the transfer of the security paper is one the largest problems to be solved. Because it takes a few days to transfer the security paper from a seller to a buyer. So the dematerialization of security papers is one of the solutions. The demterilization needs the information systems for setteling security. Some countries such as France, German, United Kingdom and U.S.A. have been strating the dematerialization projects. The legacy assesments on these projects focus from the viewpoint of the legal schemes only and there is no assessment from system architectures. This paper focuses on the information system scheme and valuates these dematerlization projects by AHP methods from the viewpoints of “dematerializaion of security papers", “speed of transfer", “usefulness on the system" and “accumulation of risks". This is the first case of valuations on security settlements systems by AHP methods, especially four counties’ systems.

  3. A Survey on the Security of Blockchain Systems

    OpenAIRE

    Li, Xiaoqi; Jiang, Peng; Chen, Ting; Luo, Xiapu; Wen, Qiaoyan

    2018-01-01

    Since its inception, the blockchain technology has shown promising application prospects. From the initial cryptocurrency to the current smart contract, blockchain has been applied to many fields. Although there are some studies on the security and privacy issues of blockchain, there lacks a systematic examination on the security of blockchain systems. In this paper, we conduct a systematic study on the security threats to blockchain and survey the corresponding real attacks by examining popu...

  4. Information Security Management - Part Of The Integrated Management System

    Science.gov (United States)

    Manea, Constantin Adrian

    2015-07-01

    The international management standards allow their integrated approach, thereby combining aspects of particular importance to the activity of any organization, from the quality management systems or the environmental management of the information security systems or the business continuity management systems. Although there is no national or international regulation, nor a defined standard for the Integrated Management System, the need to implement an integrated system occurs within the organization, which feels the opportunity to integrate the management components into a cohesive system, in agreement with the purpose and mission publicly stated. The issues relating to information security in the organization, from the perspective of the management system, raise serious questions to any organization in the current context of electronic information, reason for which we consider not only appropriate but necessary to promote and implement an Integrated Management System Quality - Environment - Health and Operational Security - Information Security

  5. Informatics Systems of Decision Support and Analysis of Their Security

    Directory of Open Access Journals (Sweden)

    Tadeusz Galanc

    2016-01-01

    Full Text Available A new approach to security issues associated with the use of teleinformatics systems in the decision-making process has been presented. There is a discussion of the relationship between the security of informatics systems and the security of the decision-making process in which they are used, in particular regarding the threats resulting from the use of informatics systems and modern teleinformatics technologies. In addition, an overview of the dangers that could have a significant impact on appropriate decision-making has been performed. The paper points out the possible ways to ensure security de-pending on the type of threats encountered. In particular, threats particularly linked with the security of informatics systems supporting decision-making have been identified. (original abstract

  6. Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

    CERN Document Server

    Erdogan, Gencer

    2010-01-01

    There is a need for improved security testing methodologies specialized for Web applications and their agile development environment. The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority. In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security testing, and then present an extension of this methodology. We present a case study showing how our Extended Agile Security Testing (EAST) performs compared to a more ad hoc approach used within an organization. Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests. Our results show a clear indication that our hypothesis is on the right track.

  7. Bearing/Bypass Material-Testing System

    Science.gov (United States)

    Crews, John H., Jr.

    1988-01-01

    System developed to test specimens in compression as well as tension while maintaining constant bearing/bypass ration. Test specimen with centrally located hole is clamped between two bearing-guide plates using one bolt. Bearing-guide plates then secured to two bearing-load cells. Test specimen independently loaded at both ends, using two separate control systems identified as applied and bypass. If two end loads unequal, difference between them reacted as bolt-bearing load on specimen. Throughout test, two control systems synchronized by common input signal (increasing voltage). As result, loads remain proportional as they increase.

  8. Implementation of a RPS Cyber Security Test-bed with Two PLCs

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Heo, Gyunyoung; Son, Hanseong; An, Yongkyu; Rizwan, Uddin

    2015-01-01

    Our research team proposed the methodology to evaluate cyber security with Bayesian network (BN) as a cyber security evaluation model and help operator, licensee, licensor or regulator in granting evaluation priorities. The methodology allowed for overall evaluation of cyber security by considering architectural aspect of facility and management aspect of cyber security at the same time. In order to emphasize reality of this model by inserting true data, it is necessary to conduct a penetration test that pretends an actual cyber-attack. Through the collaboration with University of Illinois at Urbana-Champaign, which possesses the Tricon a safety programmable logic controller (PLC) used at nuclear power plants and develops a test-bed for nuclear power plant, a test-bed for reactor protection system (RPS) is being developed with the PLCs. Two PLCs are used to construct a simple test-bed for RPS, bi-stable processor (BP) and coincidence processor (CP). By using two PLCs, it is possible to examine cyber-attack against devices such as PLC, cyber-attack against communication between devices, and the effects of a PLC on the other PLC. Two PLCs were used to construct a test-bed for penetration test in this study. Advantages of using two or more PLCs instead of single PLC are as follows. 1) Results of cyber-attack reflecting characteristics among PLCs can be obtained. 2) Cyber-attack can be attempted using a method of attacking communication between PLCs. True data obtained can be applied to existing cyber security evaluation model to emphasize reality of the model

  9. Improving Control System Security through the Evaluation of Current Trends in Computer Security Research

    Energy Technology Data Exchange (ETDEWEB)

    Rolston

    2005-03-01

    At present, control system security efforts are primarily technical and reactive in nature. What has been overlooked is the need for proactive efforts, focused on the IT security research community from which new threats might emerge. Evaluating cutting edge IT security research and how it is evolving can provide defenders with valuable information regarding what new threats and tools they can anticipate in the future. Only known attack methodologies can be blocked, and there is a gap between what is known to the general security community and what is being done by cutting edge researchers --both those trying to protect systems and those trying to compromise them. The best security researchers communicate with others in their field; they know what cutting edge research is being done; what software can be penetrated via this research; and what new attack techniques and methodologies are being circulated in the black hat community. Standardization of control system applications, operating systems, and networking protocols is occurring at a rapid rate, following a path similar to the standardization of modern IT networks. Many attack methodologies used on IT systems can be ported over to the control system environment with little difficulty. It is extremely important to take advantage of the lag time between new research, its use on traditional IT networks, and the time it takes to port the research over for use on a control system network. Analyzing nascent trends in IT security and determining their applicability to control system networks provides significant information regarding defense mechanisms needed to secure critical infrastructure more effectively. This work provides the critical infrastructure community with a better understanding of how new attacks might be launched, what layers of defense will be needed to deter them, how the attacks could be detected, and how their impact could be limited.

  10. Research on information security system of waste terminal disposal process

    Science.gov (United States)

    Zhou, Chao; Wang, Ziying; Guo, Jing; Guo, Yajuan; Huang, Wei

    2017-05-01

    Informatization has penetrated the whole process of production and operation of electric power enterprises. It not only improves the level of lean management and quality service, but also faces severe security risks. The internal network terminal is the outermost layer and the most vulnerable node of the inner network boundary. It has the characteristics of wide distribution, long depth and large quantity. The user and operation and maintenance personnel technical level and security awareness is uneven, which led to the internal network terminal is the weakest link in information security. Through the implementation of security of management, technology and physics, we should establish an internal network terminal security protection system, so as to fully protect the internal network terminal information security.

  11. Information Security System and Development of a Modern Organization

    OpenAIRE

    Wawak, Slawomir

    2009-01-01

    Information security management systems are increasingly applied in a number of sectors of the new, global, interconnected economy. They are used by production and service companies, businesses that provide information technology and telecom services, state administration authorities and local governments. Specifically, they are used in case of crime groups or as a means of securing illegal transactions.

  12. Social security systems in Uganda | Kasente | Journal of Social ...

    African Journals Online (AJOL)

    The following social security systems exist in Uganda: formal social security schemes targeting the employed, community groups that serve only group members, kinship-based solidarity groups that serve the extended family and village residents' mutual assistance groups, which are compulsory for all adults in the villages ...

  13. Security analysis - from analytical methods to intelligent systems

    Energy Technology Data Exchange (ETDEWEB)

    Lambert-Torres, G.; Silva, A.P. Alves da; Ferreira, C. [Escola Federal de Engenharia de Itajuba, MG (Brazil); Mattos dos Reis, L.O. [Taubate Univ., SP (Brazil)

    1994-12-31

    This paper presents an alternative approach to Security Analysis based on Artificial Neural Network (ANN) techniques. This new technique tries to imitate the human brain and is based on neurons and synopses. A critical review of the ANN used in Power System Operation problem solving is made, while structures to solve the Security Analysis problems are proposed. (author) 7 refs., 4 figs.

  14. Security and Privacy in Cyber-Physical Systems

    Energy Technology Data Exchange (ETDEWEB)

    Fink, Glenn A.; Edgar, Thomas W.; Rice, Theora R.; MacDonald, Douglas G.; Crawford, Cary E.

    2016-08-30

    As you have seen from the previous chapters, cyber-physical systems (CPS) are broadly used across technology and industrial domains. While these systems enable process optimization and efficiency and allow previously impossible functionality, security and privacy are key concerns for their design, development, and operation. CPS have been key components utilized in some of the highest publicized security breaches over the last decade. In this chapter, we will look over the CPS described in the previous chapters from a security perspective. In this chapter, we explain classical information and physical security fundamentals in the context of CPS and contextualize them across application domains. We give examples where the interplay of functionality and diverse communication can introduce unexpected vulnerabilities and produce larger impacts. We will discuss how CPS security and privacy is inherently different from that of pure cyber or physical systems and what may be done to secure these systems, considering their emergent cyber-physical properties. Finally, we will discuss security and privacy implications of merging infrastructural and personal CPS. Our hope is to impart the knowledge of what CPS security and privacy are, why they are important, and explain existing processes and challenges.

  15. Method for secure electronic voting system: face recognition based approach

    Science.gov (United States)

    Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

    2017-06-01

    In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

  16. Globally reasoning about localised security policies in distributed systems

    DEFF Research Database (Denmark)

    Hernandez, Alejandro Mario

    In this report, we aim at establishing proper ways for model checking the global security of distributed systems, which are designed consisting of set of localised security policies that enforce specific issues about the security expected. The systems are formally specified following a syntax......, defined in detail in this report, and their behaviour is clearly established by the Semantics, also defined in detail in this report. The systems include the formal attachment of security policies into their locations, whose intended interactions are trapped by the policies, aiming at taking access...... control decisions of the system, and the Semantics also takes care of this. Using the Semantics, a Labelled Transition System (LTS) can be induced for every particular system, and over this LTS some model checking tasks could be done. We identify how this LTS is indeed obtained, and propose an alternative...

  17. Engineering secure Internet of Things systems

    CERN Document Server

    Aziz, Benjamin; Crispo, Bruno

    2016-01-01

    This book examines important security considerations for the Internet of Things (IoT). IoT is collecting a growing amount of private and sensitive data about our lives, and requires increasing degrees of reliability and trustworthiness in terms of the levels of assurance provided with respect to confidentiality, integrity and availability.

  18. DESIGN AND RESEARCH OF MATHEMATICAL MODEL FOR INFORMATION SECURITY SYSTEM IN COMPUTER NETWORK

    OpenAIRE

    Корнієнко, Б.Я.; кафедра комп`ютеризованих систем захисту інформації, Національний авіаційний університет; Галата, Л.П.; кафедра комп`ютеризованих систем захисту інформації, Національний авіаційний університет

    2017-01-01

    This article presents simulation modeling process as the way to study the behavior of the Information Security system. Graphical Network Simulator is used for modeling such system and Kali Linux is used for penetration testing and security audit. The main approaches to simulation of computer networks are considered. The functional capabilities of the GNS3 package are explored. When building an imitation model, the main components of information protection were used. The Kali Linux package imp...

  19. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans

    2006-05-01

    The use of cyber security standards can greatly assist in the protection of process control systems by providing guidelines and requirements for the implementation of computer-controlled systems. These standards are most effective when the engineers and operators, using the standards, understand what each standard addresses. This paper provides an overview of several standards that deal with the cyber security of process measurements and control systems.

  20. The Design and Realization of Household Intelligent Security System

    Directory of Open Access Journals (Sweden)

    Huang Sheng-Bo

    2016-01-01

    Full Text Available It is known that Smart home has brought great convenience to the lives of humans. However, we have attached quantities of interest in its security as the development of technology goes on. According to the security requirements at the moment, we introduce the scheme of smart home security system based on ZigBee, and design system hardware and software process. By applying a STC89C52 microcontroller, our system is able to accurately detect and give alarms automatically to house fire, harmful gases and thefts.

  1. Applying New Network Security Technologies to SCADA Systems.

    Energy Technology Data Exchange (ETDEWEB)

    Hurd, Steven A; Stamp, Jason Edwin; Duggan, David P; Chavez, Adrian R.

    2006-11-01

    Supervisory Control and Data Acquisition (SCADA) systems for automation are very important for critical infrastructure and manufacturing operations. They have been implemented to work in a number of physical environments using a variety of hardware, software, networking protocols, and communications technologies, often before security issues became of paramount concern. To offer solutions to security shortcomings in the short/medium term, this project was to identify technologies used to secure "traditional" IT networks and systems, and then assess their efficacy with respect to SCADA systems. These proposed solutions must be relatively simple to implement, reliable, and acceptable to SCADA owners and operators. 4This page intentionally left blank.

  2. Testing on novel neutron detectors as alternative to 3He for security applications

    Science.gov (United States)

    Peerani, Paolo; Tomanin, Alice; Pozzi, Sara; Dolan, Jennifer; Miller, Eric; Flaska, Marek; Battaglieri, Marco; De Vita, Raffaella; Ficini, Luisa; Ottonello, Giacomo; Ricco, Giovanni; Dermody, Geraint; Giles, Calvin

    2012-12-01

    Detection of illicit trafficking of nuclear material relies on the detection of the radiation emitted. In the case of plutonium, one of the characteristic signatures derives from neutron emission. For this reason, neutron detectors cover an important role in detection systems. Most current neutron detection systems used for nuclear security are based on the 3He technology. Unfortunately, in the last few years the market of 3He has encountered huge problems in matching the supply and the demand. The need has grown significantly due to the increasing demand of instrumentation for security. This has caused an exponential increase of the price from one side and on the other side a serious strategic problem of resources. In order to guarantee the availability of detection systems for nuclear security, it is necessary to develop alternative detection systems based on technologies different from 3He. Many research projects have been devoted for the development of novel neutron detectors both by research organisations and by industries. Scientists from the PERLA laboratory of the Joint Research Centre (JRC) in Ispra, Italy, and their collaborators have tested several of these novel concepts in the last couple of years. This paper describes the detector systems tested at JRC and preliminary results on detectors that can be considered as promising alternatives to 3He.

  3. Measurable Control System Security through Ideal Driven Technical Metrics

    Energy Technology Data Exchange (ETDEWEB)

    Miles McQueen; Wayne Boyer; Sean McBride; Marie Farrar; Zachary Tudor

    2008-01-01

    The Department of Homeland Security National Cyber Security Division supported development of a small set of security ideals as a framework to establish measurable control systems security. Based on these ideals, a draft set of proposed technical metrics was developed to allow control systems owner-operators to track improvements or degradations in their individual control systems security posture. The technical metrics development effort included review and evaluation of over thirty metrics-related documents. On the bases of complexity, ambiguity, or misleading and distorting effects the metrics identified during the reviews were determined to be weaker than necessary to aid defense against the myriad threats posed by cyber-terrorism to human safety, as well as to economic prosperity. Using the results of our metrics review and the set of security ideals as a starting point for metrics development, we identified thirteen potential technical metrics - with at least one metric supporting each ideal. Two case study applications of the ideals and thirteen metrics to control systems were then performed to establish potential difficulties in applying both the ideals and the metrics. The case studies resulted in no changes to the ideals, and only a few deletions and refinements to the thirteen potential metrics. This led to a final proposed set of ten core technical metrics. To further validate the security ideals, the modifications made to the original thirteen potential metrics, and the final proposed set of ten core metrics, seven separate control systems security assessments performed over the past three years were reviewed for findings and recommended mitigations. These findings and mitigations were then mapped to the security ideals and metrics to assess gaps in their coverage. The mappings indicated that there are no gaps in the security ideals and that the ten core technical metrics provide significant coverage of standard security issues with 87% coverage. Based

  4. Computer security engineering management

    International Nuclear Information System (INIS)

    McDonald, G.W.

    1988-01-01

    For best results, computer security should be engineered into a system during its development rather than being appended later on. This paper addresses the implementation of computer security in eight stages through the life cycle of the system; starting with the definition of security policies and ending with continuing support for the security aspects of the system throughout its operational life cycle. Security policy is addressed relative to successive decomposition of security objectives (through policy, standard, and control stages) into system security requirements. This is followed by a discussion of computer security organization and responsibilities. Next the paper directs itself to analysis and management of security-related risks, followed by discussion of design and development of the system itself. Discussion of security test and evaluation preparations, and approval to operate (certification and accreditation), is followed by discussion of computer security training for users is followed by coverage of life cycle support for the security of the system

  5. Security credentials management system (SCMS) design and analysis for the connected vehicle system : draft.

    Science.gov (United States)

    2013-12-27

    This report presents an analysis by Booz Allen Hamilton (Booz Allen) of the technical design for the Security Credentials Management System (SCMS) intended to support communications security for the connected vehicle system. The SCMS technical design...

  6. Secure wireless embedded systems via component-based design

    DEFF Research Database (Denmark)

    Hjorth, T.; Torbensen, R.

    2010-01-01

    This paper introduces the method secure-by-design as a way of constructing wireless embedded systems using component-based modeling frameworks. This facilitates design of secure applications through verified, reusable software. Following this method we propose a security framework with a secure...... communication component for distributed wireless embedded devices. The components communicate using the Secure Embedded Exchange Protocol (SEEP), which has been designed for flexible trust establishment so that small, resource-constrained, wireless embedded systems are able to communicate short command messages......, with full support for confidentiality, authentication, and integrity using keypairs. The approach has been demonstrated in a multi-platform home automation prototype that can remotely unlock a door using a PDA over the Internet....

  7. Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

    Science.gov (United States)

    Muller, George; Perkins, Casey J.; Lancaster, Mary J.; MacDonald, Douglas G.; Clements, Samuel L.; Hutton, William J.; Patrick, Scott W.; Key, Bradley Robert

    2015-07-28

    Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversing at least one of the areas in the physical domain and at least one of the areas in the cyber domain, and using results of the executing, providing information regarding a security risk of the facility with respect to the target.

  8. CS651 Computer Systems Security Foundations 3d Imagination Cyber Security Management Plan

    Energy Technology Data Exchange (ETDEWEB)

    Nielsen, Roy S. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2015-03-02

    3d Imagination is a new company that bases its business on selling and improving 3d open source related hardware. The devices that they sell include 3d imagers, 3d printers, pick and place machines and laser etchers. They have a fast company intranet for ease in sharing, storing and printing large, complex 3d designs. They have an employee set that requires a variety of operating systems including Windows, Mac and a variety of Linux both for running business services as well as design and test machines. There are a wide variety of private networks for testing transfer rates to and from the 3d devices, without interference with other network tra c. They do video conferencing conferencing with customers and other designers. One of their machines is based on the project found at delta.firepick.org(Krassenstein, 2014; Biggs, 2014), which in future, will perform most of those functions. Their devices all include embedded systems, that may have full blown operating systems. Most of their systems are designed to have swappable parts, so when a new technology is born, it can be quickly adopted by people with 3d Imagination hardware. This company is producing a fair number of systems and components, however to get the funding they need to mass produce quality parts, so they are preparing for an IPO to raise the funds they need. They would like to have a cyber-security audit performed so they can give their investors con dence that they are protecting their data, customers information and printers in a proactive manner.

  9. Civitas: Toward a Secure Voting System

    Science.gov (United States)

    2008-05-01

    Amartya K. Sen, and Kotaro Suzumura, editors, Handbook of Social Choice and Welfare, volume 1, chapter 4. Elsevier, 2002. [11] Felix Brandt ...Dingledine, Nick Mathewson, and Paul F. Syverson. Tor: The second-generation onion router. In Proc. of USENIX Security Symposium, pages 303–320, Aug...Jakobsson [84]; and distributed, Brandt [11]. ALGORITHM: El Gamal Parameter Generation Due to: Our adaptation of the DSA parameter generation algorithm [71

  10. Intrinsic information Security: Embedding security issues in the design process of telematics systems

    NARCIS (Netherlands)

    Tettero, Olaf; Tettero, O.

    This book presents a systematic approach to embed information security issues in the design process of telematics systems. The approach supports both designers and user organisations. We elaborate on the activities that designers should perform to design telematics systems in which information

  11. Cybernetic Security and Business Intelligence in the System of Diagnostics of Economic Security of the Enterprise

    Directory of Open Access Journals (Sweden)

    Ruslan Skrynkovskyy

    2017-10-01

    Full Text Available The purpose of the article is to determine the place, the role and features of cybernetic security and improve the business intelligence scheme in the system of diagnosing economic security of the enterprise. It had been found out that: 1 the term “cybernetic security of an enterprise” should be understood as the state of the protection of the cybernetic space of the whole enterprise or individual objects of its information infrastructure (computer system, computer data, etc. from the risk of external cybernetic influence, which ensures their sustainable development and the formation of prospects, as well as timely detection, prevention and neutralization of real and potential cybernetic interruptions and threats to the interests of the enterprise; 2 the main components of cybernetic security in the system of diagnostics of economic security of the enterprise are: investigation of information and telecommunication systems and cryptosystems of the opposing sides; cybernetic effects; protection of information sphere. It was established that the main task of business intelligence in the system of diagnosing economic security of the enterprise is the verification of the reliability of business information, the provision of cybernetic protection of information resources, information and communication technologies and systems and the elimination of the possibility of misinformation of senior management by the managers of the middle level, suppliers, marketing intermediaries, clientele, competitors or contact audiences of the enterprise. The prospect of further research in this direction is the development of a system of goals of the polycriterial diagnostics of the activity (economic diagnostics of the enterprise (on the basis of the isolation and systematization of its diagnostic purposes, taking into account the presented results of the study.

  12. The public transportation system security and emergency preparedness planning guide

    Science.gov (United States)

    2003-01-01

    Recent events have focused renewed attention on the vulnerability of the nation's critical infrastructure to major events, including terrorism. The Public Transportation System Security and Emergency Preparedness Planning Guide has been prepared to s...

  13. Optical Imaging Sensors and Systems for Homeland Security Applications

    CERN Document Server

    Javidi, Bahram

    2006-01-01

    Optical and photonic systems and devices have significant potential for homeland security. Optical Imaging Sensors and Systems for Homeland Security Applications presents original and significant technical contributions from leaders of industry, government, and academia in the field of optical and photonic sensors, systems and devices for detection, identification, prevention, sensing, security, verification and anti-counterfeiting. The chapters have recent and technically significant results, ample illustrations, figures, and key references. This book is intended for engineers and scientists in the relevant fields, graduate students, industry managers, university professors, government managers, and policy makers. Advanced Sciences and Technologies for Security Applications focuses on research monographs in the areas of -Recognition and identification (including optical imaging, biometrics, authentication, verification, and smart surveillance systems) -Biological and chemical threat detection (including bios...

  14. Reactive In-flight Multisensor Security System (RIMSS), Phase II

    Data.gov (United States)

    National Aeronautics and Space Administration — The need for in-flight event detection and monitoring systems is clear. To address this and other safety and security needs, IEM proposed the Reactive In-flight...

  15. Insights on the Security and Dependability of Industrial Control Systems

    NARCIS (Netherlands)

    Kargl, Frank; van der Heijden, R.; van der Heijden, Rens W.; König, Hartmut; Valdes, Alfonso; Dacier, Marc C.

    2014-01-01

    The authors discuss the findings of a recent research seminar on the security and dependability of industrial control systems and provide an overview of major challenges in the field and areas where current research should focus.

  16. APPROACHES TO THE SECURITY SYSTEM AT THE MS SHAREPOINT

    Directory of Open Access Journals (Sweden)

    Iryna V. Zolotarenko

    2010-10-01

    Full Text Available Relevance of the material contained in the article is conditioned by pressing needs of society in creating secure information systems, facilitating the introduction of advanced information technologies in the education department. Security is important for the reliability and efficiency of such systems. One way of solving the security problem is the distribution of categories of users and granting their rights at different levels. The paper analyzes general approaches to organize groups and permission levels of users in information systems developed based on MS SharePoint. The main design decisions on security in information system planning research at the National Academy of Pedagogical Sciences of Ukraine based on the Internet use the conceptual results of this article.

  17. Agency Secure Image And Storage Tracking System (ASIST)

    Data.gov (United States)

    US Agency for International Development — Agency Secure Image and Storage Tracking System (Missions): is a Documentum-based user interface developed and maintained by the USAID OCIO (formerly IRM) to improve...

  18. Security features of a nuclear material accounting system

    International Nuclear Information System (INIS)

    Erkkila, B.H.

    1988-01-01

    The Los Alamos Nuclear Material Accounting and Safeguards System (MASS) is a near-real-time accountability system for bulk materials, discrete items, and materials undergoing dynamic processing. MASS has evolved from a 80-column, card-based process control system to a very sophisticated computer system. Recently, the computer hardware was upgraded to a modern transaction oriented central computer system designed to accommodate extensive growth in the foreseeable future. The security of the MASS computer system is provided through various access controls. There are two kinds of access controls to be addressed. They are physical access control to the hardware which make up the system and access control to the software. There are many features which provide a measure of security to the hardware that are discussed. Access to the software is controlled by a security password. Access to various transaction activities in the system is controlled through the level of MASS under privilege. Details of MASS user privilege are discussed

  19. 78 FR 73993 - Special Conditions: Cessna Model 680 Series Airplanes; Aircraft Electronic System Security...

    Science.gov (United States)

    2013-12-10

    ... systems and networks. Connectivity to, or access by, external systems and networks may result in security... and network configuration may allow the exploitation of network security vulnerabilities resulting in... Electronic System Security Protection From Unauthorized External Access AGENCY: Federal Aviation...

  20. 78 FR 75451 - Special Conditions: Cessna Model 750 Series Airplanes; Aircraft Electronic System Security...

    Science.gov (United States)

    2013-12-12

    ... systems and networks. Connectivity to, or access by, external systems and networks may result in security... and network configuration may allow the exploitation of network security vulnerabilities resulting in... Electronic System Security Protection From Unauthorized External Access AGENCY: Federal Aviation...

  1. Analysing Information Systems Security In Higher Learning Institutions Of Uganda

    OpenAIRE

    Mugyenyi Raymond

    2017-01-01

    Information communication technology has increased globalisation in higher learning institution all over the world. This has been achieved through introduction of systems that ease operations related to information handling in the institutions. The paper assessed and analysed the information systems security performance status in higher learning institutions of Uganda. The existing policies that govern the information security have also been analysed together with the current status of inform...

  2. Automatic Learning of Fine Operating Rules for Online Power System Security Control.

    Science.gov (United States)

    Sun, Hongbin; Zhao, Feng; Wang, Hao; Wang, Kang; Jiang, Weiyong; Guo, Qinglai; Zhang, Boming; Wehenkel, Louis

    2016-08-01

    Fine operating rules for security control and an automatic system for their online discovery were developed to adapt to the development of smart grids. The automatic system uses the real-time system state to determine critical flowgates, and then a continuation power flow-based security analysis is used to compute the initial transfer capability of critical flowgates. Next, the system applies the Monte Carlo simulations to expected short-term operating condition changes, feature selection, and a linear least squares fitting of the fine operating rules. The proposed system was validated both on an academic test system and on a provincial power system in China. The results indicated that the derived rules provide accuracy and good interpretability and are suitable for real-time power system security control. The use of high-performance computing systems enables these fine operating rules to be refreshed online every 15 min.

  3. Data acquisition and test system software

    International Nuclear Information System (INIS)

    Bourgeois, N.A. Jr.

    1979-03-01

    Sandia Laboratories has been assigned the task by the Base and Installation Security Systems (BISS) Program Office to develop various aspects of perimeter security systems. One part of this effort involves the development of advanced signal processing techniques to reduce the false and nuisance alarms from sensor systems while improving the probability of intrusion detection. The need existed for both data acquisition hardware and software. Also, the hardware is used to implement and test the signal processing algorithms in real time. The hardware developed for this signal processing task is the Data Acquisition and Test System (DATS). The programs developed for use on DATS are described. The descriptions are taken directly from the documentation included within the source programs themselves

  4. Proposal of Secure VoIP System Using Attribute Certificate

    Science.gov (United States)

    Kim, Jin-Mook; Jeong, Young-Ae; Hong, Seong-Sik

    VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

  5. Security Concerns and Countermeasures in Network Coding Based Communications Systems

    DEFF Research Database (Denmark)

    Talooki, Vahid; Bassoli, Riccardo; Roetter, Daniel Enrique Lucani

    2015-01-01

    This survey paper shows the state of the art in security mechanisms, where a deep review of the current research and the status of this topic is carried out. We start by introducing network coding and its variety applications in enhancing current traditional networks. In particular, we analyze two...... key protocol types, namely, state-aware and stateless protocols, specifying the benefits and disadvantages of each one of them. We also present the key security assumptions of network coding (NC) systems as well as a detailed analysis of the security goals and threats, both passive and active....... This paper also presents a detailed taxonomy and a timeline of the different NC security mechanisms and schemes reported in the literature. Current proposed security mechanisms and schemes for NC in the literature are classified later. Finally a timeline of these mechanism and schemes is presented....

  6. POLICE OFFICE MODEL IMPROVEMENT FOR SECURITY OF SWARM ROBOTIC SYSTEMS

    Directory of Open Access Journals (Sweden)

    I. A. Zikratov

    2014-09-01

    Full Text Available This paper focuses on aspects of information security for group of mobile robotic systems with swarm intellect. The ways for hidden attacks realization by the opposing party on swarm algorithm are discussed. We have fulfilled numerical modeling of potentially destructive information influence on the ant shortest path algorithm. We have demonstrated the consequences of attacks on the ant algorithm with different concentration in a swarm of subversive robots. Approaches are suggested for information security mechanisms in swarm robotic systems, based on the principles of centralized security management for mobile agents. We have developed the method of forming a self-organizing information security management system for robotic agents in swarm groups implementing POM (Police Office Model – a security model based on police offices, to provide information security in multi-agent systems. The method is based on the usage of police station network in the graph nodes, which have functions of identification and authentication of agents, identifying subversive robots by both their formal characteristics and their behavior in the swarm. We have suggested a list of software and hardware components for police stations, consisting of: communication channels between the robots in police office, nodes register, a database of robotic agents, a database of encryption and decryption module. We have suggested the variants of logic for the mechanism of information security in swarm systems with different temporary diagrams of data communication between police stations. We present comparative analysis of implementation of protected swarm systems depending on the functioning logic of police offices, integrated in swarm system. It is shown that the security model saves the ability to operate in noisy environments, when the duration of the interference is comparable to the time necessary for the agent to overcome the path between police stations.

  7. Security of the data transmission in the industrial control system

    Directory of Open Access Journals (Sweden)

    Marcin Bednarek

    2015-12-01

    Full Text Available The theme of this paper is to present the data transmission security system between the stations of the industrial control system. The possible options for secure communications between process stations, as well as between process and operator station are described. Transmission security mechanism is based on algorithms for symmetric and asymmetric encryption. The authentication process uses a software token algorithm and a one-way hash function. The algorithm for establishing a secured connection between the stations, including the authentication process and encryption of data transmission is given. The process of securing the transmission consists of 4 sub-processes: (I authentication; (II asymmetric, public keys transmission; (III symmetric key transmission; (IV data transmission. The presented process of securing the transmission was realized in the industrial controller and emulator. For this purpose, programming languages in accordance with EN 61131 were used. The functions were implemented as user function blocks. This allows us to include a mixed code in the structure of the block (both: ST and FBD. Available function categories: support of the asymmetric encryption; asymmetric encryption utility functions; support of the symmetric encryption; symmetric encryption utility functions; support of the hash value calculations; utility functions of conversion.[b]Keywords[/b]: transmission security, encryption, authentication, industrial control system

  8. Economic foundation and importance of non-state security sector within the national security system

    Directory of Open Access Journals (Sweden)

    Anđelković Slobodan

    2016-01-01

    Full Text Available The main purpose of this paper was to present the causes (for, role (played by and the growing importance of the non-state actors within the national security sector, while analyzing the economic interest of individuals, organizations and the state itself that were favoring such a development. In the course of our research we established how, as the state narrowed its activities down to more vital and more dangerous fields of work, this opened up space for independent contractors to enter those fields which carried less systemic risk. Such change was made possible in the post-Cold War context, when many of the former service members were hired by private companies. The economic motive had a role to play as well, given the need for additional security going beyond what state offered to its citizens, as many doubted the ability (efficiency of state to provide it in the first place; and private sector's willingness to provide it for a price. In Serbia, position of non-state security sector is still very much limited by the traditional notion of security as well as the division of competences, both left-overs from socialist times. This goes against positive tendencies within the sector itself (improvement of types and specialization of the security as service; strengthening of legal regulation; flexibility of services being offered. By conducting its basic service and improving the security of its clients, representatives of non-state security sector are - indirectly - improving the security of society as a whole, ensuring economic stability, which presents one of key national interests.

  9. Flexible Material Systems Testing

    Science.gov (United States)

    Lin, John K.; Shook, Lauren S.; Ware, Joanne S.; Welch, Joseph V.

    2010-01-01

    An experimental program has been undertaken to better characterize the stress-strain characteristics of flexible material systems to support a NASA ground test program for inflatable decelerator material technology. A goal of the current study is to investigate experimental methods for the characterization of coated woven material stiffness. This type of experimental mechanics data would eventually be used to define the material inputs of fluid-structure interaction simulation models. The test methodologies chosen for this stress-strain characterization are presented along with the experimental results.

  10. A review of the security of insulin pump infusion systems.

    Science.gov (United States)

    Paul, Nathanael; Kohno, Tadayoshi; Klonoff, David C

    2011-11-01

    Insulin therapy has enabled patients with diabetes to maintain blood glucose control to lead healthier lives. Today, rather than injecting insulin manually using syringes, a patient can use a device such as an insulin pump to deliver insulin programmatically. This allows for more granular insulin delivery while attaining blood glucose control. Insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result, security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this article, we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components, which include the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues. © 2011 Diabetes Technology Society.

  11. A Review of the Security of Insulin Pump Infusion Systems

    Energy Technology Data Exchange (ETDEWEB)

    Klonoff, David C. [Mills-Peninsula Health Services; Paul, Nathanael R [ORNL; Kohno, Tadayoshi [University of Washington, Seattle

    2011-01-01

    Insulin therapy has enabled diabetic patients to maintain blood glucose control to lead healthier lives. Today, rather than manually injecting insulin using syringes, a patient can use a device, such as an insulin pump, to programmatically deliver insulin. This allows for more granular insulin delivery while attaining blood glucose control. The insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this paper we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components including the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but we also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues both for now and in the future.

  12. A Review of the Security of Insulin Pump Infusion Systems

    Science.gov (United States)

    Paul, Nathanael; Kohno, Tadayoshi; Klonoff, David C

    2011-01-01

    Insulin therapy has enabled patients with diabetes to maintain blood glucose control to lead healthier lives. Today, rather than injecting insulin manually using syringes, a patient can use a device such as an insulin pump to deliver insulin programmatically. This allows for more granular insulin delivery while attaining blood glucose control. Insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result, security breaches that can negatively affect patient health are now possible. Rather than focus on the security of a single device, we concentrate on protecting the security of the entire system. In this article, we describe the security issues as they pertain to an insulin pump system that includes an embedded system of components, which include the insulin pump, continuous glucose management system, blood glucose monitor, and other associated devices (e.g., a mobile phone or personal computer). We detail not only the growing wireless communication threat in each system component, but also describe additional threats to the system (e.g., availability and integrity). Our goal is to help create a trustworthy infusion pump system that will ultimately strengthen pump safety, and we describe mitigating solutions to address identified security issues. PMID:22226278

  13. Establishing an Information Security System related to Physical Protection

    International Nuclear Information System (INIS)

    Jang, Sung Soon; Yoo, Ho Sik

    2009-01-01

    A physical protection system (PPS) integrates people, procedures and equipment for the protection of assets or facilities against theft, sabotage or other malevolent attacks. In the physical protection field, it is important the maintain confidentiality of PPS related information, such as the alarm system layout, detailed maps of buildings, and guard schedules. In this abstract, we suggest establishing a methodology for an information security system. The first step in this methodology is to determine the information to protect and possible adversaries. Next, system designers should draw all possible paths to the information and arrange appropriate protection elements. Finally he/she should analyze and upgrade their information security system

  14. New technology for food systems and security.

    Science.gov (United States)

    Yau, N J Newton

    2009-01-01

    In addition to product trade, technology trade has become one of the alternatives for globalization action around the world. Although not all technologies employed on the technology trade platform are innovative technologies, the data base of international technology trade still is a good indicator for observing innovative technologies around world. The technology trade data base from Sinew Consulting Group (SCG) Ltd. was employed as an example to lead the discussion on security or safety issues that may be caused by these innovative technologies. More technologies related to processing, functional ingredients and quality control technology of food were found in the data base of international technology trade platform. The review was conducted by categorizing technologies into the following subcategories in terms of safety and security issues: (1) agricultural materials/ingredients, (2) processing/engineering, (3) additives, (4) packaging/logistics, (5) functional ingredients, (6) miscellaneous (include detection technology). The author discusses examples listed for each subcategory, including GMO technology, nanotechnology, Chinese medicine based functional ingredients, as well as several innovative technologies. Currently, generation of innovative technology advance at a greater pace due to cross-area research and development activities. At the same time, more attention needs to be placed on the employment of these innovative technologies.

  15. The Development Of An Independent Locking Securement System For Mobility Aids In Public Transportation Vehicles: Volume 2

    Science.gov (United States)

    1992-12-01

    The Quality Functional Deployment (QFD) method was used for the design of the Independent Locking Securement (ILS) System, developed by the Oregon State University. The project entailed the design, construction, and testing of the ILS system prototyp...

  16. Design and Implementation of GSM Based Automated Home Security System

    Directory of Open Access Journals (Sweden)

    Love Aggarwal

    2014-05-01

    Full Text Available The Automated Home Security System aims at building a security system for common households using GSM modem, sensors and microcontroller. Since many years, impeccable security system has been the prime need of every man who owns a house. The increasing crime rate has further pressed the need for it. Our system is an initiative in this direction. The system provides security function by monitoring the surroundings at home for intruders, fire, gas leakages etc. using sensors and issue alerts to the owners and local authorities by using GSM via SMS. It provides the automation function as it can control (On/Off the various home appliances while the owners are away via SMS. Thus the Automated Home Security System is self-sufficient and can be relied upon undoubtedly. Also, it is capable of establishing two way communication with its owner so that he/she can keep a watch on his/her home via sensor information or live video streaming. A camera can be installed for continuous monitoring of the system and its surroundings. The system consists of two main parts: hardware and software. Hardware consists of Microcontroller, Sensors, Buzzer and GSM modem while software is implemented by tools using Embedded ‘C’.

  17. Security assessment for intentional island operation in modern power system

    DEFF Research Database (Denmark)

    Chen, Yu; Xu, Zhao; Østergaard, Jacob

    2011-01-01

    There has been a high penetration level of Distributed Generations (DGs) in distribution systems in Denmark. Even more DGs are expected to be installed in the coming years. With that, to utilize them in maintaining the security of power supply is of great concern for Danish utilities. During...... the emergency in the power system, some distribution networks may be intentionally separated from the main grid to avoid complete system collapse. If DGs in those networks could continuously run instead of immediately being shut down, the blackout could be avoided and the reliability of supply could...... be increased. However, when to island or how to ensure the islanded systems can survive the islanding transition is uncertain. This article proposes an Islanding Security Region (ISR) concept to provide security assessment of island operation. By comparing the system operating state with the ISR, the system...

  18. Simulator testing system (STS)

    International Nuclear Information System (INIS)

    Miller, V.N.

    1990-01-01

    In recent years there has been a greater demand placed on the capabilities and time usage of real-time nuclear plant simulators due to NRC, INPO and utilities requirements. The requirements applied to certification, new simulators, upgrades, modifications, and maintenance of the simulators vary; however, they all require the capabilities of the simulator to be tested whether it is for NRC 10CFR55.45b requirements, ATP testing of new simulators, ATP testing of upgrades with or without panels, adding software/hardware due to plant modifications, or analyzing software/hardware problems on the simulator. This paper describes the Simulator Testing System (STS) which addresses each one of these requirements placed on simulators. Special attention will be given to ATP testing of upgrades without the use of control room panels. The capabilities and applications of the four parts of STS which are the Display Control Software (DCS), Procedure Control Software (PCS), Display Generator Software (DGS) and the Procedure Generator Software (PGS) will be reviewed

  19. System Security And Monitoring On Smart Home Using Android

    Science.gov (United States)

    Romadhon, A. S.

    2018-01-01

    Home security system is needed for homeowners who have a lot of activities, as a result, they often leave the house without locking the door and even leave the house in a state of lights that are not lit. In order to overcome this case, a system that can control and can monitor the state of the various devices contained in the house or smart home system is urgently required. The working principle of this smart home using android is when the homeowner sends a certain command using android, the command will be forwarded to the microcontroller and then it will be executed based on the parameters that have been determined. For example, it can turn off and on the light using android app. In this study, testing was conducted to a smart home prototype which is equipped with light bulbs, odour sensors, heat sensors, ultrasonic sensors, LDR, buzzer and camera. The test results indicate that the application has been able to control all the sensors of home appliances well.

  20. Fiber optic perimeter system for security in smart city

    Science.gov (United States)

    Cubik, Jakub; Kepak, Stanislav; Nedoma, Jan; Fajkus, Marcel; Zboril, Ondrej; Novak, Martin; Jargus, Jan; Vasinek, Vladimir

    2017-10-01

    Protection of persons and assets is the key challenge of Smart City safeguards technologies. Conventional security technologies are often outdated and easy to breach. Therefore, new technologies that could complement existing systems or replace them are developed. The use of optical fibers and their subsequent application in sensing is a trend of recent years. This article discusses the use of fiber-optic sensors in perimeter protection. The sensor consists of optical fibers and couplers only and being constructed without wires and metal parts bring many advantages. These include an absence of interference with electromagnetic waves, system presence can be difficult to detect as well as affect its operation. Testing installation of perimeter system was carried out under reinforced concrete structure. Subjects walked over the bridge at different speeds and over the different routes. The task for the system was an absolute detection of all subjects. The proposed system should find application mainly in areas with the presence of volatile substances, strong electromagnetic fields, or in explosive areas.

  1. Spent fuel reprocessing system security engineering capability maturity model

    International Nuclear Information System (INIS)

    Liu Yachun; Zou Shuliang; Yang Xiaohua; Ouyang Zigen; Dai Jianyong

    2011-01-01

    In the field of nuclear safety, traditional work places extra emphasis on risk assessment related to technical skills, production operations, accident consequences through deterministic or probabilistic analysis, and on the basis of which risk management and control are implemented. However, high quality of product does not necessarily mean good safety quality, which implies a predictable degree of uniformity and dependability suited to the specific security needs. In this paper, we make use of the system security engineering - capability maturity model (SSE-CMM) in the field of spent fuel reprocessing, establish a spent fuel reprocessing systems security engineering capability maturity model (SFR-SSE-CMM). The base practices in the model are collected from the materials of the practice of the nuclear safety engineering, which represent the best security implementation activities, reflect the regular and basic work of the implementation of the security engineering in the spent fuel reprocessing plant, the general practices reveal the management, measurement and institutional characteristics of all process activities. The basic principles that should be followed in the course of implementation of safety engineering activities are indicated from 'what' and 'how' aspects. The model provides a standardized framework and evaluation system for the safety engineering of the spent fuel reprocessing system. As a supplement to traditional methods, this new assessment technique with property of repeatability and predictability with respect to cost, procedure and quality control, can make or improve the activities of security engineering to become a serial of mature, measurable and standard activities. (author)

  2. Nightly Test system migration

    CERN Document Server

    Win-Lime, Kevin

    2013-01-01

    The summer student program allows students to participate to the Cern adventure. They can follow several interesting lectures about particle science and participate to the experiment work. As a summer student, I had worked for LHCb experiment. LHCb uses a lot of software to analyze its data. All this software is organized in packages and projects. They are built and tested during the night using an automated system and the results are displayed on a web interface. Actually, LHCb is changing this system. It is looking for a replacement candidate. So I was charged to unify some internal interfaces to permit a swift migration. In this document, I will describe shortly the system used by LHCb, then I will explain what I have done in detail.

  3. Use of computer programs to evaluate effectiveness of security systems

    International Nuclear Information System (INIS)

    Harris, L. Jr.; Goldman, L.A.; Mc Daniel, T.L.

    1987-01-01

    Thirty or more computer programs for security vulnerability analysis were developed from 1975 through 1980. Most of these programs are intended for evaluating security system effectiveness against outsider threats, but at least six programs are primarily oriented to insider threats. Some strengths and weaknesses of these programs are described. Six of these programs, four for outsider threats and two for insider threats, have been revised and adapted for use with IBM personal computers. The vulnerability analysis process is discussed with emphasis on data collection. The difference between design data and operational data is described. For performance-type operational data, such as detection probabilities and barrier delay times, the difference between unstressed and stressed performance data is discussed. Stressed performance data correspond to situations where an adversary attempts to weaken a security system by mitigating certain security measures. Suggestions are made on the combined use of manual analysis and computer analysis

  4. Use of computer programs to evaluate effectiveness of security systems

    Energy Technology Data Exchange (ETDEWEB)

    Harris, L. Jr.; Goldman, L.A.; Mc Daniel, T.L.

    1987-07-01

    Thirty or more computer programs for security vulnerability analysis were developed from 1975 through 1980. Most of these programs are intended for evaluating security system effectiveness against outsider threats, but at least six programs are primarily oriented to insider threats. Some strengths and weaknesses of these programs are described. Six of these programs, four for outsider threats and two for insider threats, have been revised and adapted for use with IBM personal computers. The vulnerability analysis process is discussed with emphasis on data collection. The difference between design data and operational data is described. For performance-type operational data, such as detection probabilities and barrier delay times, the difference between unstressed and stressed performance data is discussed. Stressed performance data correspond to situations where an adversary attempts to weaken a security system by mitigating certain security measures. Suggestions are made on the combined use of manual analysis and computer analysis.

  5. Homeland Security, Medical, Pharmaceutical and Non-destructive Testing Applications of Terahertz Radiation

    Science.gov (United States)

    Kemp, Michael

    2005-03-01

    The terahertz region of the electromagnetic spectrum (300GHz-10THz) spans the region between radio and light. Recent advances in terahertz source, detector and systems technology are enabling new applications across a number of fields, based on both terahertz imaging and spectroscopy. This paper reviews our recent work on the development of practical systems and applications in security screening for the detection of explosives and non-metallic weapons; in medical imaging for cancer detection; as well as applications in non-destructive testing and the pharmaceutical industry.

  6. Application of smart cards in physical and information security systems

    International Nuclear Information System (INIS)

    Dreifus, H.N.

    1988-01-01

    Smart Cards, integrated circuits embedded into credit cards, have been proposed for many computer and physical security applications. The cards have shown promise in improving both the security and monitoring of systems ranging from computer network identification through physical protection and access control. With the increasing computational power embedded within these cards, advanced encryption techniques such as public key cryptography can now be realized, enabling more sophisticated uses

  7. Mobile Connectivity and Security Issues for Cloud Informatic Systems

    OpenAIRE

    Cosmin Cătălin Olteanu

    2015-01-01

    The main purpose of the paper is to illustrate the importance of new software tools that can be used with mobile devices to make them more secure for the use of day to day business software. Many companies are using mobile applications to access some components to ERP’s or CRM’s remotely. Even the new come, cloud Informatic Systems are using more remote devices than ever. This is why we need to secure somehow these mobile applications.

  8. Mobile Connectivity and Security Issues for Cloud Informatic Systems

    Directory of Open Access Journals (Sweden)

    Cosmin Cătălin Olteanu

    2015-05-01

    Full Text Available The main purpose of the paper is to illustrate the importance of new software tools that can be used with mobile devices to make them more secure for the use of day to day business software. Many companies are using mobile applications to access some components to ERP’s or CRM’s remotely. Even the new come, cloud Informatic Systems are using more remote devices than ever. This is why we need to secure somehow these mobile applications.

  9. Study on Cyber Security and Threat Evaluation in SCADA Systems

    Science.gov (United States)

    2012-03-01

    http://www.isa.org/Template.cfm?Section=Shop_ISA&Template=/ Ecommerce /ProductDisplay.cfm&Produ ctid=9665 • Integrating Electronic Security into...the Manufacturing and Control Systems Environment, ISA, 2004 - http://www.isa.org/Template.cfm?Section=books&template= Ecommerce /FileDisplay.cfm...template= Ecommerce /FileDisplay.cfm&ProductID=738 0&file=Preview.pdf • Peterson, D. and Howard, D. "Cyber Security for the Electric Sector," September 12

  10. IT Security Aspects of Industrial Control Systems

    Directory of Open Access Journals (Sweden)

    Peter Holecko

    2006-01-01

    Full Text Available This paper discusses a set of general network system architectures for industrial process control systems as well as vulnerabilities related to these systems and the IT threats these systems are exposed to from the point of view of Common Criteria methodology and ITU-T recommendation X.805.

  11. Nuclear material safeguards and security system analysis based on measurement

    International Nuclear Information System (INIS)

    Ign Djoko Irianto

    2007-01-01

    Nuclear material safeguards and security are the important aspect in the nuclear facility management due to the nuclear material could be terrorisms object. The two aspect of nuclear material security are nuclear material safeguards system and physical protection system. The most important in safeguards system is how to report the existence of nuclear material and the quantity of nuclear material. To perform the safeguards system the data of nuclear material are needed. The data of quality and quantity of nuclear material could be found by destructive analysis (DA) technique and non destructive analysis (NDA) technique. The DA technique are used to analysis the nuclear material that forming in powder, the NDA technique are used to analysis the nuclear material in spent fuel. In BATAN, the technique of measurement of nuclear material weight is more dominant than the other technique to be used in nuclear material safeguards and security systems. (author)

  12. Safeguards and security considerations for automated and robotic systems

    International Nuclear Information System (INIS)

    Jordan, S.E.; Jaeger, C.D.

    1994-01-01

    Within the reconfigured Nuclear Weapons Complex there will be a large number of automated and robotic (A ampersand R) systems because of the many benefits derived from their use. To meet the overall security requirements of a facility, consideration must be given to those systems that handle and process nuclear material. Since automation and robotics is a relatively new technology, not widely applied to the Nuclear Weapons Complex, safeguards and security (S ampersand S) issues related to these systems have not been extensively explored, and no guidance presently exists. The goal of this effort is to help integrate S ampersand S into the design of future A ampersand R systems. Towards this, the authors first examined existing A and R systems from a security perspective to identify areas of concern and possible solutions of these problems. They then were able to develop generalized S ampersand S guidance and design considerations for automation and robotics

  13. Culturing Security System of Chemical Laboratory in Indonesia

    Directory of Open Access Journals (Sweden)

    Eka Dian Pusfitasari

    2017-04-01

    Full Text Available Indonesia has experiences on the lack of chemical security such as: a number of bombing terrors and hazardous chemicals found in food. Bomb used in terror is a homemade bomb made from chemicals which are widely spread in the research laboratories such as a mixture of pottasium chlorate, sulphur, and alumunium. Therefore, security of chemicals should be implemented to avoid the misused of the chemicals. Although it has experienced many cases of the misuse of chemicals, and many regulations and seminars related to chemical security have been held, but the implementation of chemical security is still a new thing for Indonesian citizens. The evident is coming from the interviews conducted in this study. Questions asked in this interview/survey included: the implementation of chemical safety and chemical security in laboratory; chemical inventory system and its regulation; and training needed for chemical security implementation. Respondents were basically a researcher from Government Research Institutes, University laboratories, senior high school laboratories, and service laboratories were still ambiguous in distinguishing chemical safety and chemical security. Because of this condition, most Indonesia chemical laboratories did not totally apply chemical security system. Education is very important step to raise people awareness and address this problem. Law and regulations should be sustained by all laboratory personnel activities to avoid chemical diversion to be used for harming people and environment. The Indonesia Government could also develop practical guidelines and standards to be applied to all chemical laboratories in Indonesia. These acts can help Government’s efforts to promote chemical security best practices which usually conducted by doing seminars and workshop.

  14. Tritium Systems Test Facility

    International Nuclear Information System (INIS)

    Cafasso, F.A.; Maroni, V.A.; Smith, W.H.; Wilkes, W.R.; Wittenberg, L.J.

    1978-01-01

    This TSTF proposal has two principal objectives. The first objective is to provide by mid-FY 1981 a demonstration of the fuel cycle and tritium containment systems which could be used in a Tokamak Experimental Power Reactor for operation in the mid-1980's. The second objective is to provide a capability for further optimization of tritium fuel cycle and environmental control systems beyond that which is required for the EPR. The scale and flow rates in TSTF are close to those which have been projected for a prototype experimental power reactor (PEPR/ITR) and will permit reliable extrapolation to the conditions found in an EPR. The fuel concentrations will be the same as in an EPR. Demonstrations of individual components of the deuterium-tritium fuel cycle and of monitoring, accountability and containment systems and of a maintenance methodology will be achieved at various times in the FY 1979-80 time span. Subsequent to the individual component demonstrations--which will proceed from tests with hydrogen (and/or deuterium) through tracer levels of tritium to full operational concentrations--a complete test and demonstration of the integrated fuel processing and tritium containment facility will be performed. This will occur near the middle of FY 1981. Two options were considered for the TSTF: (1) The modification of an existing building and (2) the construction of a new facility

  15. INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

    Energy Technology Data Exchange (ETDEWEB)

    Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

    2011-07-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  16. Industrial Control System Cyber Security: Questions And Answers Relevant To Nuclear Facilities, Safeguards And Security

    International Nuclear Information System (INIS)

    Anderson, Robert S.; Schanfein, Mark; Bjornard, Trond; Moskowitz, Paul

    2011-01-01

    Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

  17. Improving Security in the ATLAS PanDA System

    International Nuclear Information System (INIS)

    Caballero, J; Maeno, T; Potekhin, M; Wenaus, T; Nilsson, P; Stewart, G

    2011-01-01

    The security challenges faced by users of the grid are considerably different to those faced in previous environments. The adoption of pilot jobs systems by LHC experiments has mitigated many of the problems associated with the inhomogeneities found on the grid and has greatly improved job reliability; however, pilot jobs systems themselves must then address many security issues, including the execution of multiple users' code under a common 'grid' identity. In this paper we describe the improvements and evolution of the security model in the ATLAS PanDA (Production and Distributed Analysis) system. We describe the security in the PanDA server which is in place to ensure that only authorized members of the VO are allowed to submit work into the system and that jobs are properly audited and monitored. We discuss the security in place between the pilot code itself and the PanDA server, ensuring that only properly authenticated workload is delivered to the pilot for execution. When the code to be executed is from a 'normal' ATLAS user, as opposed to the production system or other privileged actor, then the pilot may use an EGEE developed identity switching tool called gLExec. This changes the grid proxy available to the job and also switches the UNIX user identity to protect the privileges of the pilot code proxy. We describe the problems in using this system and how they are overcome. Finally, we discuss security drills which have been run using PanDA and show how these improved our operational security procedures.

  18. Security Aspects in Resource Management Systems in Distributed Computing Environments

    Directory of Open Access Journals (Sweden)

    Adamski Marcin

    2017-12-01

    Full Text Available In many distributed computing systems, aspects related to security are getting more and more relevant. Security is ubiquitous and could not be treated as a separated problem or a challenge. In our opinion it should be considered in the context of resource management in distributed computing environments like Grids and Clouds, e.g. scheduled computations can be much delayed because of cyber-attacks, inefficient infrastructure or users valuable and sensitive data can be stolen even in the process of correct computation. To prevent such cases there is a need to introduce new evaluation metrics for resource management that will represent the level of security of computing resources and more broadly distributed computing infrastructures. In our approach, we have introduced a new metric called reputation, which simply determines the level of reliability of computing resources from the security perspective and could be taken into account during scheduling procedures. The new reputation metric is based on various relevant parameters regarding cyber-attacks (also energy attacks, administrative activities such as security updates, bug fixes and security patches. Moreover, we have conducted various computational experiments within the Grid Scheduling Simulator environment (GSSIM inspired by real application scenarios. Finally, our experimental studies of new resource management approaches taking into account critical security aspects are also discussed in this paper.

  19. Design of security scheme of the radiotherapy planning administration system based on the hospital information system

    International Nuclear Information System (INIS)

    Zhuang Yongzhi; Zhao Jinzao

    2010-01-01

    Objective: To design a security scheme of radiotherapy planning administration system. Methods: Power Builder 9i language was used to program the system through the model of client-server machine. Oracle 9i was used as the database server. Results In this system, user registration management, user login management, application-level functions of control, database access control, and audit trail were designed to provide system security. Conclusions: As a prototype for the security analysis and protection of this scheme provides security of the system, application system, important data and message, which ensures the system work normally. (authors)

  20. Resonance test system

    Science.gov (United States)

    Musial, Walter [Boulder, CO; White, Darris [Superior, CO

    2011-05-31

    An apparatus (10) for applying at least one load to a specimen (12) according to one embodiment of the invention may comprise a mass (18). An actuator (20) mounted to the specimen (12) and operatively associated with the mass (18) moves the mass (18) along a linear displacement path (22) that is perpendicular to a longitudinal axis of the specimen (12). A control system (26) operatively associated with the actuator (20) operates the actuator (20) to reciprocate the mass (18) along the linear displacement path (22) at a reciprocating frequency, the reciprocating frequency being about equal to a resonance frequency of the specimen (12) in a test configuration.

  1. Data survivability vs. security in information systems

    International Nuclear Information System (INIS)

    Levitin, Gregory; Hausken, Kjell; Taboada, Heidi A.; Coit, David W.

    2012-01-01

    A multiple objective problem formulation and solution methodology is presented to select optimal information and data storage configurations considering both data survivability and data security, as well as cost. This paper considers a situation where the information is divided into several separately stored blocks in order to mitigate the risk of unauthorized access or theft. The information can be used only if all of the blocks are accessed. To impede the information theft, the defender prefers to maximize the number of blocks. On the other hand the destruction of any block destroys the integrity of information and makes it impossible to use. To impede the information destruction, the defender prefers to maximize the number of parallel (reserve) copies of each block, regardless how many blocks in series there are. Given the set of available information storage resources, the defender must consider a multi-objective optimization problem to determine how many blocks and their copies to create, and how to distribute them among available resources in order to minimize information vulnerability, insecurity, and storage cost. Non-dominated solutions to this problem are determined using a multiple objective genetic algorithm (MOGA). This methodology is demonstrated with two general examples.

  2. A Multifactor Secure Authentication System for Wireless Payment

    Science.gov (United States)

    Sanyal, Sugata; Tiwari, Ayu; Sanyal, Sudip

    Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, there is a need of multifactor authentication. This paper proposes a new protocol based on multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce another security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy with in a limited resources that does not require any change in infrastructure or underline protocol of wireless network. This Protocol for Wireless Payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2B communication which increases faith of the user and business organizations on wireless financial transaction using mobile devices.

  3. Using Multiple Unmanned Systems for a Site Security Task

    Energy Technology Data Exchange (ETDEWEB)

    Matthew O. Anderson; Curtis W. Nielsen; Mark D. McKay; Derek C. Wadsworth; Ryan C. Hruska; John A. Koudelka

    2009-04-01

    Unmanned systems are often used to augment the ability of humans to perform challenging tasks. While the value of individual unmanned vehicles have been proven for a variety of tasks, it is less understood how multiple unmanned systems should be used together to accomplish larger missions such as site security. The purpose of this paper is to discuss efforts by researchers at the Idaho National Laboratory (INL) to explore the utility and practicality of operating multiple unmanned systems for a site security mission. This paper reviews the technology developed for a multi-agent mission and summarizes the lessons-learned from a technology demonstration.

  4. Secure physical layer using dynamic permutations in cognitive OFDMA systems

    DEFF Research Database (Denmark)

    Meucci, F.; Wardana, Satya Ardhy; Prasad, Neeli R.

    2009-01-01

    of the permutations are analyzed for several DSA patterns. Simulations are performed according to the parameters of the IEEE 802.16e system model. The securing mechanism proposed provides intrinsic PHY layer security and it can be easily implemented in the current IEEE 802.16 standard applying almost negligible......This paper proposes a novel lightweight mechanism for a secure Physical (PHY) layer in Cognitive Radio Network (CRN) using Orthogonal Frequency Division Multiplexing (OFDM). User's data symbols are mapped over the physical subcarriers with a permutation formula. The PHY layer is secured...... with a random and dynamic subcarrier permutation which is based on a single pre-shared information and depends on Dynamic Spectrum Access (DSA). The dynamic subcarrier permutation is varying over time, geographical location and environment status, resulting in a very robust protection that ensures...

  5. SecureCPS: Defending a nanosatellite cyber-physical system

    Science.gov (United States)

    Forbes, Lance; Vu, Huy; Udrea, Bogdan; Hagar, Hamilton; Koutsoukos, Xenofon D.; Yampolskiy, Mark

    2014-06-01

    Recent inexpensive nanosatellite designs employ maneuvering thrusters, much as large satellites have done for decades. However, because a maneuvering nanosatellite can threaten HVAs on-­orbit, it must provide a level of security typically reserved for HVAs. Securing nanosatellites with maneuvering capability is challenging due to extreme cost, size, and power constraints. While still in the design process, our low-­cost SecureCPS architecture promises to dramatically improve security, to include preempting unknown binaries and detecting abnormal behavior. SecureCPS also applies to a broad class of cyber-­physical systems (CPS), such as aircraft, cars, and trains. This paper focuses on Embry-­Riddle's ARAPAIMA nanosatellite architecture, where we assume any off-­the-­shelf component could be compromised by a supply chain attack.1 Based on these assumptions, we have used Vanderbilt's Cyber Physical -­ Attack Description Language (CP-­ADL) to represent realistic attacks, analyze how these attacks propagate in the ARAPAIMA architecture, and how to defeat them using the combination of a low-­cost Root of Trust (RoT) Module, Global InfoTek's Advanced Malware Analysis System (GAMAS), and Anomaly Detection by Machine Learning (ADML).2 Our most recent efforts focus on refining and validating the design of SecureCPS.

  6. Secure Automated Microgrid Energy System (SAMES)

    Science.gov (United States)

    2016-12-01

    types of DER include, but are not limited to, solar photovoltaic ( PV ), energy storage (ES), and combined heat and power (CHP). Solar PV Systems The...Energy Commission CHP Combined Heat and Power CIO Chief Information Officer DCS Distributed Control System DER Distributed Energy Resources...Short circuit 69 • Arc Heat (arc flash) • Power Systems Optimization (optimal power flow) Six scenarios were evaluated against the power analysis

  7. IT Security Support for Spaceport Command and Control System

    Science.gov (United States)

    McLain, Jeffrey

    2013-01-01

    During the fall 2013 semester, I worked at the Kennedy Space Center as an IT Security Intern in support of the Spaceport Command and Control System under the guidance of the IT Security Lead Engineer. Some of my responsibilities included assisting with security plan documentation collection, system hardware and software inventory, and malicious code and malware scanning. Throughout the semester, I had the opportunity to work on a wide range of security related projects. However, there are three projects in particular that stand out. The first project I completed was updating a large interactive spreadsheet that details the SANS Institutes Top 20 Critical Security Controls. My task was to add in all of the new commercial of the shelf (COTS) software listed on the SANS website that can be used to meet their Top 20 controls. In total, there are 153 unique security tools listed by SANS that meet one or more of their 20 controls. My second project was the creation of a database that will allow my mentor to keep track of the work done by the contractors that report to him in a more efficient manner by recording events as they occur throughout the quarter. Lastly, I expanded upon a security assessment of the Linux machines being used on center that I began last semester. To do this, I used a vulnerability and configuration tool that scans hosts remotely through the network and presents the user with an abundance of information detailing each machines configuration. The experience I gained from working on each of these projects has been invaluable, and I look forward to returning in the spring semester to continue working with the IT Security team.

  8. The threat nets approach to information system security risk analysis

    NARCIS (Netherlands)

    Mirembe, Drake

    2015-01-01

    The growing demand for healthcare services is motivating hospitals to strengthen outpatient case management using information systems in order to serve more patients using the available resources. Though the use of information systems in outpatient case management raises patient data security

  9. Improving Reliability, Security, and Efficiency of Reconfigurable Hardware Systems (Habilitation)

    NARCIS (Netherlands)

    Ziener, Daniel

    2017-01-01

    In this treatise,  my research on methods to improve efficiency, reliability, and security of reconfigurable hardware systems, i.e., FPGAs, through partial dynamic reconfiguration is outlined. The efficiency of reconfigurable systems can be improved by loading optimized data paths on-the-fly on an

  10. 49 CFR 659.21 - System security plan: general requirements.

    Science.gov (United States)

    2010-10-01

    ... 49 Transportation 7 2010-10-01 2010-10-01 false System security plan: general requirements. 659.21 Section 659.21 Transportation Other Regulations Relating to Transportation (Continued) FEDERAL TRANSIT ADMINISTRATION, DEPARTMENT OF TRANSPORTATION RAIL FIXED GUIDEWAY SYSTEMS; STATE SAFETY OVERSIGHT Role of the...

  11. Security analysis of electronic voting and online banking systems

    OpenAIRE

    Tjøstheim, Thomas

    2007-01-01

    The main focus of this dissertation is on security analysis of electronic voting and online banking systems. Six papers form the basis of the thesis and include the following topics: a model for analysis of voting systems, a case study where we apply the proposed model, a new scheme for remote electronic voting, and three case studies of commercial online banking solutions in Norway.

  12. From control system security indices to attack identifiability

    NARCIS (Netherlands)

    Herdeiro Teixeira, A.M.; Sandberg, H

    2016-01-01

    In this paper, we investigate detectability and identifiability of attacks on linear dynamical systems that are subjected to external disturbances. We generalize a concept for a security index, which was previously introduced for static systems. The index exactly quantifies the resources

  13. Assessment and testing of industrial devices robustness against cyber security attacks

    International Nuclear Information System (INIS)

    Tilaro, F.; Copy, B.

    2012-01-01

    CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. CERN - in collaboration with Siemens - has designed and implemented a dedicated working environment, the Test-bench for Robustness of Industrial Equipment. Such tests attempt to detect possible anomalies by exploiting corrupt communication channels and manipulating the normal behavior of the communication protocols, in the same way as a cyber attacker would proceed. Our approach consists of analyzing protocol implementations by injecting malformed PDUs (Protocol Data Unit) to corrupt the normal behaviour of the system. As a PDU typically has many fields, the number of possible syntactically faulty PDUs grows exponentially with the number of fields. In this document, we proposed a strategy to explore this huge test domain using a hybrid approach of fuzzing and syntax techniques, specifically developed to evaluate industrial device communication robustness. So far, not all the tests can be integrated into automatic tools, human analysis and management is necessary to discover and investigate specific possible failures

  14. Training programs for the systems approach to nuclear security

    International Nuclear Information System (INIS)

    Ellis, D.

    2005-01-01

    Full text: In support of United States Government (USG) and International Atomic Energy Agency (IAEA) nuclear security programs, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been developed and implemented as the basis for a performance-based methodology for the design and evaluation of physical protection systems against a design basis threat (DBT) for theft and sabotage of nuclear and/or radiological materials. Integrated systems must include technology, people, and the man-machine interface. A critical aspect of the human element is training on the systems-approach for all the stakeholders in nuclear security. Current training courses and workshops have been very beneficial but are still rather limited in scope. SNL has developed two primary international classes - the international training course on the physical protection of nuclear facilities and materials, and the design basis threat methodology workshop. SNL is also completing the development of three new courses that will be offered and presented in the near term. They are vital area identification methodology focused on nuclear power plants to aid in their protection against radiological sabotage, insider threat analysis methodology and protection schemes, and security foundations for competent authority and facility operator stakeholders who are not security professionals. In the long term, we envision a comprehensive nuclear security curriculum that spans policy and technology, regulators and operators, introductory and expert levels, classroom and laboratory/field, and local and offsite training options. This training curriculum will be developed in concert with a nuclear security series of guidance documents that is expected to be forthcoming from the IAEA. It is important to note that while appropriate implementation of systems based on such training and documentation can improve the risk reduction, such a

  15. SPECTR System Operational Test Report

    International Nuclear Information System (INIS)

    Landman, W.H. Jr.

    2011-01-01

    This report overviews installation of the Small Pressure Cycling Test Rig (SPECTR) and documents the system operational testing performed to demonstrate that it meets the requirements for operations. The system operational testing involved operation of the furnace system to the design conditions and demonstration of the test article gas supply system using a simulated test article. The furnace and test article systems were demonstrated to meet the design requirements for the Next Generation Nuclear Plant. Therefore, the system is deemed acceptable and is ready for actual test article testing.

  16. Practical and secure telemedicine systems for user mobility.

    Science.gov (United States)

    Rezaeibagha, Fatemeh; Mu, Yi

    2018-02-01

    The application of wireless devices has led to a significant improvement in the quality delivery of care in telemedicine systems. Patients who live in a remote area are able to communicate with the healthcare provider and benefit from the doctor consultations. However, it has been a challenge to provide a secure telemedicine system, which captures users (patients and doctors) mobility and patient privacy. In this work, we present several secure protocols for telemedicine systems, which ensure the secure communication between patients and doctors who are located in different geographical locations. Our protocols are the first of this kind featured with confidentiality of patient information, mutual authentication, patient anonymity, data integrity, freshness of communication, and mobility. Our protocols are based on symmetric-key schemes and capture all desirable security requirements in order to better serve our objectives of research for secure telemedicine services; therefore, they are very efficient in implementation. A comparison with related works shows that our work contributes first comprehensive solution to capture user mobility and patient privacy for telemedicine systems. Copyright © 2018 Elsevier Inc. All rights reserved.

  17. IT Security Support for the Spaceport Command Control System Development

    Science.gov (United States)

    Varise, Brian

    2014-01-01

    My job title is IT Security support for the Spaceport Command & Control System Development. As a cyber-security analyst it is my job to ensure NASA's information stays safe from cyber threats, such as, viruses, malware and denial-of-service attacks by establishing and enforcing system access controls. Security is very important in the world of technology and it is used everywhere from personal computers to giant networks ran by Government agencies worldwide. Without constant monitoring analysis, businesses, public organizations and government agencies are vulnerable to potential harmful infiltration of their computer information system. It is my responsibility to ensure authorized access by examining improper access, reporting violations, revoke access, monitor information request by new programming and recommend improvements. My department oversees the Launch Control System and networks. An audit will be conducted for the LCS based on compliance with the Federal Information Security Management Act (FISMA) and The National Institute of Standards and Technology (NIST). I recently finished analyzing the SANS top 20 critical controls to give cost effective recommendations on various software and hardware products for compliance. Upon my completion of this internship, I will have successfully completed my duties as well as gain knowledge that will be helpful to my career in the future as a Cyber Security Analyst.

  18. Cold Vacuum Dryer (CVD) Facility Security System Design Description. System 54

    International Nuclear Information System (INIS)

    WHITEHURST, R.

    2000-01-01

    This system design description (SDD) addresses the Cold Vacuum Drying (CVD) Facility security system. The system's primary purpose is to provide reasonable assurance that breaches of security boundaries are detected and assessment information is provided to protective force personnel. In addition, the system is utilized by Operations to support reduced personnel radiation goals and to provide reasonable assurance that only authorized personnel are allowed to enter designated security areas

  19. Microcontroller Based Home Automation System with Security

    OpenAIRE

    Inderpreet Kaur

    2011-01-01

    With advancement of technology things are becoming simpler and easier for us. Automatic systems are being preferred over manual system. This unit talks about the basic definitions needed to understand the Project better and further defines the technical criteria to be implemented as a part of this project

  20. Cyber Security Risk Assessment for the KNICS Safety Systems

    International Nuclear Information System (INIS)

    Lee, C. K.; Park, G. Y.; Lee, Y. J.; Choi, J. G.; Kim, D. H.; Lee, D. Y.; Kwon, K. C.

    2008-01-01

    In the Korea Nuclear I and C Systems Development (KNICS) project the platforms for plant protection systems are developed, which function as a reactor shutdown, actuation of engineered safety features and a control of the related equipment. Those are fully digitalized through the use of safety-grade programmable logic controllers (PLCs) and communication networks. In 2006 the Regulatory Guide 1.152 (Rev. 02) was published by the U.S. NRC and it describes the application of a cyber security to the safety systems in the Nuclear Power Plant (NPP). Therefore it is required that the new requirements are incorporated into the developed platforms to apply to NPP, and a cyber security risk assessment is performed. The results of the assessment were input for establishing the cyber security policies and planning the work breakdown to incorporate them

  1. Verification of Security Policy Enforcement in Enterprise Systems

    Science.gov (United States)

    Gupta, Puneet; Stoller, Scott D.

    Many security requirements for enterprise systems can be expressed in a natural way as high-level access control policies. A high-level policy may refer to abstract information resources, independent of where the information is stored; it controls both direct and indirect accesses to the information; it may refer to the context of a request, i.e., the request’s path through the system; and its enforcement point and enforcement mechanism may be unspecified. Enforcement of a high-level policy may depend on the system architecture and the configurations of a variety of security mechanisms, such as firewalls, host login permissions, file permissions, DBMS access control, and application-specific security mechanisms. This paper presents a framework in which all of these can be conveniently and formally expressed, a method to verify that a high-level policy is enforced, and an algorithm to determine a trusted computing base for each resource.

  2. UN Security Council decision-making: testing the bribery hypothesis

    Directory of Open Access Journals (Sweden)

    Eugenio Pacelli Lazzarotti Diniz Costa

    2014-12-01

    Full Text Available Liberal-Institutionalism and Structural Realism expectations about international organizations are confronted by looking at if and how US-controlled international aid is granted, and particularly if it is related or not to political affinity and to United Nations Security Council (UNSC non-permanent membership. A preliminary assessment suggests that these relations only hold for the period of the Cold War, and, even then, only when UNSC non-permanent membership is in years in which the Security Council was deemed very important.

  3. Efficient Enforcement of Security Policies in Distributed Systems

    OpenAIRE

    Alzahrani, Ali Mousa G.

    2013-01-01

    Policy-based management (PBM) is an adaptable security policy mechanism in information systems (IS) that confirm only authorised users can access resources. A few decades ago, the traditional PBM has focused on closed systems, where enforcement mechanisms are trusted by system administrators who define access control policies. Most of current work on the PBM systems focuses on designing a centralised policy decision point (PDP), the component that evaluates an access request against a poli...

  4. Hazardous material transportation safety and security field operational test final evaluation plan : executive summary

    Science.gov (United States)

    2003-03-17

    The purpose of this effort is to independently evaluate the Battelle Operational Test Team to test methods for leveraging technology and operations to improve HAZMAT transport security, safety, and operational efficiency. As such, the preceding techn...

  5. Secure Data Transfer Guidance for Industrial Control and SCADA Systems

    Energy Technology Data Exchange (ETDEWEB)

    Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

    2011-09-01

    This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

  6. Network Basic Language Translation System: Security Infrastructure

    National Research Council Canada - National Science Library

    Mittrick, Mark R

    2007-01-01

    .... The Network Basic Language Translation System (NetBLTS) was proposed and accepted as part of the U.S. Army Research Laboratory's offering of initiatives within the Horizontal Fusion portfolio in 2003...

  7. 49 CFR 659.25 - Annual review of system safety program plan and system security plan.

    Science.gov (United States)

    2010-10-01

    ... annual review of its system safety program plan and system security plan. (b) In the event the rail... 49 Transportation 7 2010-10-01 2010-10-01 false Annual review of system safety program plan and system security plan. 659.25 Section 659.25 Transportation Other Regulations Relating to Transportation...

  8. Integrating security in a group oriented distributed system

    Science.gov (United States)

    Reiter, Michael; Birman, Kenneth; Gong, LI

    1992-01-01

    A distributed security architecture is proposed for incorporation into group oriented distributed systems, and in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to make common group oriented abstractions robust in hostile settings, in order to facilitate the construction of high performance distributed applications that can tolerate both component failures and malicious attacks. These abstractions include process groups and causal group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus is the security architecture; particular cryptosystems and key exchange protocols are not emphasized.

  9. Extending AADL for Security Design Assurance of Cyber Physical Systems

    Science.gov (United States)

    2015-12-16

    Resolute: An AADL Analysis Tool 13 3.1.1 Developing Assurance Cases for Security 13 4 STRIDE Analysis of the Infotainment System 16 4.1 Spoofing 16...AADL Description 23 5.2 Security Analysis for the Infotainment Example in AADL 24 5.3 Architectural Models in the Design Process 27 5.3.1 Focus...page 8. Instead, the attacks created a new connection. Add-ons such as an infotain - ment system extend the attack surface and provide an opportunity

  10. Process Control System Cyber Security Standards - An Overview

    Energy Technology Data Exchange (ETDEWEB)

    Robert P. Evans; V Stanley Scown; Rolf Carlson; Shabbir Shamsuddin; George Shaw; Jeff Dagle; Paul W Oman; Jeannine Schmidt

    2005-10-01

    The use of cyber security standards can greatly assist in the protection of critical infrastructure by providing guidelines and requisite imperatives in the implementation of computer-controlled systems. These standards are most effective when the engineers and operators using the standards understand what each of the standards addresses and does not address. This paper provides a review and comparison of ten documents dealing with control system cyber security. It is not meant to be a complete treatment of all applicable standards; rather, this is an exemplary analysis showing the benefits of comparing and contrasting differing documents.

  11. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  12. Security analysis of interconnected AC/DC systems

    DEFF Research Database (Denmark)

    Eriksson, Robert

    2015-01-01

    This paper analyses N-1 security in an interconnected ac/dc transmission system using power transfer distribution factors (PTDFs). In the case of a dc converter outage the power needs to be redistributed among the remaining converter to maintain power balance and operation of the dc grid. The red......This paper analyses N-1 security in an interconnected ac/dc transmission system using power transfer distribution factors (PTDFs). In the case of a dc converter outage the power needs to be redistributed among the remaining converter to maintain power balance and operation of the dc grid...... voltage control design consider the power distribution for a converter outage. By proper design and utilizing the proposed method increases the N-1 security and the secure transfer limits. This article proposes a method which minimizes the 2-norm of the sum of the PTDFs with constraints of not violating...... any line or transformer limits. Simulations were performed in a model of the Nordic power system where a dc grid is placed on top. The simulation supports the method as a tool to consider transfer limits in the grid to avoid violate the same and increase the security after a converter outage....

  13. SCPR: Secure Crowdsourcing-Based Parking Reservation System

    Directory of Open Access Journals (Sweden)

    Changsheng Wan

    2017-01-01

    Full Text Available The crowdsourcing-based parking reservation system is a new computing paradigm, where private owners can rent their parking spots out. Security is the main concern for parking reservation systems. However, current schemes cannot provide user privacy protection for drivers and have no key agreement functions, resulting in a lot of security problems. Moreover, current schemes are typically based on the time-consuming bilinear pairing and not suitable for real-time applications. To solve these security and efficiency problems, we present a novel security protocol with user privacy called SCPR. Similar to protocols of this field, SCPR can authenticate drivers involved in the parking reservation system. However, different from other well-known approaches, SCPR uses pseudonyms instead of real identities for providing user privacy protection for drivers and designs a novel pseudonym-based key agreement protocol. Finally, to reduce the time cost, SCPR designs several novel cryptographic algorithms based on the algebraic signature technique. By doing so, SCPR can satisfy a number of security requirements and enjoy high efficiency. Experimental results show SCPR is feasible for real world applications.

  14. Shared Electronic Health Record Systems: Key Legal and Security Challenges.

    Science.gov (United States)

    Christiansen, Ellen K; Skipenes, Eva; Hausken, Marie F; Skeie, Svein; Østbye, Truls; Iversen, Marjolein M

    2017-11-01

    Use of shared electronic health records opens a whole range of new possibilities for flexible and fruitful cooperation among health personnel in different health institutions, to the benefit of the patients. There are, however, unsolved legal and security challenges. The overall aim of this article is to highlight legal and security challenges that should be considered before using shared electronic cooperation platforms and health record systems to avoid legal and security "surprises" subsequent to the implementation. Practical lessons learned from the use of a web-based ulcer record system involving patients, community nurses, GPs, and hospital nurses and doctors in specialist health care are used to illustrate challenges we faced. Discussion of possible legal and security challenges is critical for successful implementation of shared electronic collaboration systems. Key challenges include (1) allocation of responsibility, (2) documentation routines, (3) and integrated or federated access control. We discuss and suggest how challenges of legal and security aspects can be handled. This discussion may be useful for both current and future users, as well as policy makers.

  15. Training programs for the systems approach to nuclear security

    International Nuclear Information System (INIS)

    Ellis, Doris E.

    2005-01-01

    In support of the US Government and the International Atomic Energy Agency (IAEA) Nuclear Security Programmes, Sandia National Laboratories (SNL) has advocated and practiced a risk-based, systematic approach to nuclear security. The risk equation has been implemented as the basis for a performance methodology for the design and evaluation of Physical Protection Systems against a Design Basis Threat (DBT) for theft or sabotage of nuclear and/or radiological materials. Since integrated systems must include people as well as technology and the man-machine interface, a critical aspect of the human element is to train all stakeholders in nuclear security on the systems approach. Current training courses have been beneficial but are still limited in scope. SNL has developed two primary international courses and is completing development of three new courses that will be offered and presented in the near term. In the long-term, SNL envisions establishing a comprehensive nuclear security training curriculum that will be developed along with a series of forthcoming IAEA Nuclear Security Series guidance documents.

  16. Security model for picture archiving and communication systems.

    Science.gov (United States)

    Harding, D B; Gac, R J; Reynolds, C T; Romlein, J; Chacko, A K

    2000-05-01

    The modern information revolution has facilitated a metamorphosis of health care delivery wrought with the challenges of securing patient sensitive data. To accommodate this reality, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). While final guidance has not fully been resolved at this time, it is up to the health care community to develop and implement comprehensive security strategies founded on procedural, hardware and software solutions in preparation for future controls. The Virtual Radiology Environment (VRE) Project, a landmark US Army picture archiving and communications system (PACS) implemented across 10 geographically dispersed medical facilities, has addressed that challenge by planning for the secure transmission of medical images and reports over their local (LAN) and wide area network (WAN) infrastructure. Their model, which is transferable to general PACS implementations, encompasses a strategy of application risk and dataflow identification, data auditing, security policy definition, and procedural controls. When combined with hardware and software solutions that are both non-performance limiting and scalable, the comprehensive approach will not only sufficiently address the current security requirements, but also accommodate the natural evolution of the enterprise security model.

  17. Penetration testing protecting networks and systems

    CERN Document Server

    Henry, Kevin M

    2012-01-01

    This book is a preparation guide for the CPTE examination, yet is also a general reference for experienced penetration testers, ethical hackers, auditors, security personnel and anyone else involved in the security of an organization's computer systems.

  18. Cyber Security of Industrial Control Systems

    NARCIS (Netherlands)

    Luiijf, H.A.M.; Paske, B.J. te

    2015-01-01

    Our society and its citizens depend on the undisturbed functioning of (critical) infrastructures and their services. Crucial processes in most critical infrastructures, and in many other organisations, rely on the correct and undisturbed functioning of Industrial Control Systems (ICS). A failure of

  19. The application of algorithm in taxi security system

    Science.gov (United States)

    Luo, Chengyu

    2017-08-01

    With the booming of the society and economy today, Taxis and private cars have gradually become one of the most popular tools in transportation for their low price and convenience. However, because of the breakdown in the security system, a few accidents occurred due to the illegal taxi. The unreliable security management has attributed to the lack of trust in taxi companies and relevant regulatory authorities, which considered to be the reason why people are worried about it. Accordingly, we put forward a design for a taxi security system, making use of modern technology such as NFC, iBeacon, GPS combined with algorithms, automatically recognize the taxi we take, and reflecting basic information of taxi and driver on our mobile phone.

  20. Distributed Secure Coordinated Control for Multiagent Systems Under Strategic Attacks.

    Science.gov (United States)

    Feng, Zhi; Wen, Guanghui; Hu, Guoqiang

    2017-05-01

    This paper studies a distributed secure consensus tracking control problem for multiagent systems subject to strategic cyber attacks modeled by a random Markov process. A hybrid stochastic secure control framework is established for designing a distributed secure control law such that mean-square exponential consensus tracking is achieved. A connectivity restoration mechanism is considered and the properties on attack frequency and attack length rate are investigated, respectively. Based on the solutions of an algebraic Riccati equation and an algebraic Riccati inequality, a procedure to select the control gains is provided and stability analysis is studied by using Lyapunov's method.. The effect of strategic attacks on discrete-time systems is also investigated. Finally, numerical examples are provided to illustrate the effectiveness of theoretical analysis.

  1. Method for Determining the Sensitivity of a Physical Security System.

    Energy Technology Data Exchange (ETDEWEB)

    Speed, Ann [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Gauthier, John H. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Hoffman, Matthew John [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Wachtel, Amanda [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Kittinger, Robert Scott [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Munoz-Ramos, Karina [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-05-23

    Modern systems, such as physical security systems, are often designed to involve complex interactions of technological and human elements. Evaluation of the performance of these systems often overlooks the human element. A method is proposed here to expand the concept of sensitivity—as denoted by d’—from signal detection theory (Green & Swets 1966; Macmillan & Creelman 2005), which came out of the field of psychophysics, to cover not only human threat detection but also other human functions plus the performance of technical systems in a physical security system, thereby including humans in the overall evaluation of system performance. New in this method is the idea that probabilities of hits (accurate identification of threats) and false alarms (saying “threat” when there is not one), which are used to calculate d’ of the system, can be applied to technologies and, furthermore, to different functions in the system beyond simple yes-no threat detection. At the most succinct level, the method returns a single number that represents the effectiveness of a physical security system; specifically, the balance between the handling of actual threats and the distraction of false alarms. The method can be automated, and the constituent parts revealed, such that given an interaction graph that indicates the functional associations of system elements and the individual probabilities of hits and false alarms for those elements, it will return the d’ of the entire system as well as d’ values for individual parts. The method can also return a measure of the response bias* of the system. One finding of this work is that the d’ for a physical security system can be relatively poor in spite of having excellent d’s for each of its individual functional elements.

  2. A Socio-technical Analysis of Information Systems Security Assurance : A Case Study for Effective Assurance

    OpenAIRE

    Chaula, Job Asheri

    2006-01-01

    This thesis examines the concepts of Information System (IS) security assurance using a socio-technical framework. IS security assurance deals with the problem of estimating how well a particular security system will function efficiently and effectively in a specific operational environment. In such environments, the IS interact with other systems such as ethical, legal, operational and administrative. Security failure in any of these systems may result in security failure of the whole system...

  3. Secure Control Systems for the Energy Sector

    Energy Technology Data Exchange (ETDEWEB)

    Smith, Rhett [Schweitzer Engineering Lab., Inc., Alpharetta, GA (United States); Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2014-10-22

    The Padlock Project is an alliance between Tennessee Valley Authority (TVA), Sandia National Laboratories (SNL), and Schweitzer Engineering Laboratories Inc. (SEL). SEL is the prime contractor on the Padlock project. Rhett Smith (SEL) is the project director and Adrian Chaves (SNL) and John Stewart (TVA) are principle investigators. SEL is the world’s leader in microprocessor-based electronic equipment for protecting electric power systems. The Tennessee Valley Authority, a corporation owned by the U.S. government, provides electricity for 9 million people in parts of seven southeastern states at prices below the national average. TVA, which receives no taxpayer money and makes no profits, also provides flood control, navigation and land management for the Tennessee River system and assists utilities, and state and local governments with economic development.

  4. Towards a Secure Federated Information System

    Science.gov (United States)

    2012-08-01

    Saikat Guha, Oliver Kennedy, and Alan Shieh. They were invariably a good avenue of procrastination , be it through random discussions, movies, video...semination node to which dissemination-layer requests are directed; with this configuration, the size of the dissemination layer scales in the number of...David Mazières. Shark: Scaling file servers via cooperative caching. In Proc. 2nd USENIX Symposium on Networked Systems Design and Implementation

  5. Audit program for physical security systems at nuclear power plants

    International Nuclear Information System (INIS)

    Minichino, C.

    1982-01-01

    Licensees of nuclear power plants conduct audits of their physical security systems to meet the requirements of 10 CFR 73, Physical Protection of Plants and Materials. Section 73.55, Requirements for physical Protection of Licensed Activities in Nuclear Power Reactors Against Radiological Sabotage, requires that the security programs be reviewed at least every 12 months, that the audit be conducted by individuals independent of both security management and security supervision, and that the audit program review all aspects of the physical security system: hardware, personnel, and operational and maintenance procedures. This report contains information for the Nuclear Regulatory Commission (NRC) and for the licensees of nuclear power reactors who carry out these comprehensive audits. Guidance on the overall management of the audit function includes organizational structure and issues concerning the auditors who perform the review: qualifications, independence, due professional care, and standards. Guidance in the audit program includes purpose and scope of the audit, planning, techniques, post-audit procedures, reporting, and follow-up

  6. Emerging Security Mechanisms for Medical Cyber Physical Systems.

    Science.gov (United States)

    Kocabas, Ovunc; Soyata, Tolga; Aktas, Mehmet K

    2016-01-01

    The following decade will witness a surge in remote health-monitoring systems that are based on body-worn monitoring devices. These Medical Cyber Physical Systems (MCPS) will be capable of transmitting the acquired data to a private or public cloud for storage and processing. Machine learning algorithms running in the cloud and processing this data can provide decision support to healthcare professionals. There is no doubt that the security and privacy of the medical data is one of the most important concerns in designing an MCPS. In this paper, we depict the general architecture of an MCPS consisting of four layers: data acquisition, data aggregation, cloud processing, and action. Due to the differences in hardware and communication capabilities of each layer, different encryption schemes must be used to guarantee data privacy within that layer. We survey conventional and emerging encryption schemes based on their ability to provide secure storage, data sharing, and secure computation. Our detailed experimental evaluation of each scheme shows that while the emerging encryption schemes enable exciting new features such as secure sharing and secure computation, they introduce several orders-of-magnitude computational and storage overhead. We conclude our paper by outlining future research directions to improve the usability of the emerging encryption schemes in an MCPS.

  7. Secure authentication system that generates seed from biometric information.

    Science.gov (United States)

    Kim, Yeojin; Ahn, Jung-Ho; Byun, Hyeran

    2005-02-10

    As biometric recognition techniques are gradually improved, the stability of biometric authentication systems are enhanced. Although bioinformation has properties that make it resistant to fraud, biometric authentication systems are not immune to hacking. We show a secure biometric authentication system (1) to guarantee the integrity of biometric information by mixing data by use of a biometric key and (2) to raise recognition rates by use of bimodal biometrics.

  8. Ship Systems Survivability Test Site

    Data.gov (United States)

    Federal Laboratory Consortium — Area for testing survivability of shipboard systems to include electrical, communications, and fire suppression. Multipurpose test range for supporting gun firing,...

  9. Development of Food Security Information System Based on Business Intelligence in Food Security Agency, Ministry of Agriculture, Indonesia

    OpenAIRE

    Hendrawaty, Manise; Harisno, Harisno

    2014-01-01

    Food is the main basic need of human, because of that fulfillment of human need of food has to be fulfilled. So it can fulfill that need, then government institution, Food Security Agency (BKP) is formed so it can monitor fulfillment of food need of society. The goals of this writing are to develop food security information system that provides dashboard facility based on business intelligence, to develop food security information system that can give fast, precise and real time information a...

  10. Agricultural biogas systems. Quality and security

    International Nuclear Information System (INIS)

    Serafimova, K.

    2007-01-01

    This article takes a look at agricultural biogas installations and how improved basic conditions and incentives offered by industry and commerce are showing initial effects. The author is of the opinion that more dynamics in the market are necessary in order to allow contributions to be made to the protection of the climate whilst creating value locally at the same time. The article reviews the current market situation and examines questions which are to be answered in the quality assurance area for agricultural biogas systems in Switzerland. Co-fermentation is proposed as a standard technology. Market development, plant locations and plant management aspects are discussed.

  11. Security

    Science.gov (United States)

    Technology & Learning, 2008

    2008-01-01

    Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

  12. Cyber Security in Industrial Control Systems and SCADA Applications: Modbus TCP Protocol Example

    Directory of Open Access Journals (Sweden)

    Erdal IRMAK

    2017-12-01

    Full Text Available Electrical energy generation, transmission and distribution systems are evaluated in terms of national security dimension and defined as critical infrastructures. Monitoring and controlling of these systems is provided by Industrial Control Systems (ICS or Supervisory Control and Data Acquisition (SCADA systems. According to the latest advances in communication and internet technology, ICS/SCADA systems have started to become integrated with these systems. As a result of this situation, current or existing vulnerabilities in information and communication technology affect to SCADA systems directly. Therefore, this paper focuses on the cyber security of ICS/SCADA systems. It has been proved that the lack of authentication detected in Modbus TCP protocol, one of the most used in ICS/SCADA systems, can be exploited. In order to solve this security issue, a software is developed using the Python programming language for blocking or mitigating the cyber attacks. The proposed solution is subjected to several tests and results show that the attacks can be prevented successfully. Thus, it is considered that the proposed work will contribute to the security of ICS/SCADA systems and the industrial protocols using for communicating these systems.

  13. Construction of energy security system: analysis of levels,elements and their links

    OpenAIRE

    Česnakas, Giedrius

    2009-01-01

    In contemporary international security system new elements of security appears on the stage and energy security is this kind of element. The importance of energy security grows along with the growing dependency of states on the energy resources, and also by growing rivalry in international system for control of the resources. Energy resources are becoming part of economy, foreign policy and as well as various security elements. Analyzing states through prism of energy security it is possible ...

  14. Supervision functions - Secure operation of sustainable power systems

    DEFF Research Database (Denmark)

    Morais, Hugo; Zhang, Xinxin; Lind, Morten

    2013-01-01

    The globalization of use of Distributed Generation (DG) and other distributed energy resources in recent years have strongly influenced the power systems operation changes. The growing use of new technologies such as Phasor Measurements Units (PMUs) increases the possibilities and the efficiency...... of power systems operation control. The use of PMUs allows more penetration of DG mainly, with technologies based on renewable resources with intermittent and unpredictable operation such a wind power. This paper introduces the Secure Operation of Sustainable Power Systems (SOSPO) project. The SOSPO...... project tries to respond to the question "How to ensure a secure operation of the future power system where the operating point is heavily is fluctuating?" focusing in the Supervision module architecture and in the power system operation states. The main goal of Supervision module is to determine...

  15. Evaluation of security availability of data components for a renewable energy micro Smart Grid system

    Science.gov (United States)

    Aguilera Zambrano, Leonel

    In this thesis, we study the development and security testing of photovoltaic data collection system. With the introduction of the smart grid concept, a lot of research has been done on the communication aspect of energy production and distribution throughout the power network. For Smart Grid, Internet is used as the communication medium for specific required services and for data collection. Despite all the advantages of the Smart Grid infrastructure, there is also some security concern regarding the vulnerabilities associated with internet access. In this thesis, we consider security testing of the two most popular and globally deployed web server platforms Apache running on Red Had Linux 5 and IIS on Windows Server 2008, and their performance under Distributed Denial of Service Attacks. Furthermore we stress test the data collection services provided by MySQL running on both Windows and Linux Servers when it is also under DDoS attacks.

  16. Security challenges for cooperative and interconnected mobility systems

    NARCIS (Netherlands)

    Bijlsma, T.; Kievit, S. de; Sluis, H.J.D. van de; Nunen, E. van; Passchier, I.; Luiijf, H.A.M.

    2013-01-01

    Software is becoming an important part of the innovation for vehicles. In addition, the systems in vehicles become interconnected and also get external connections, to the internet and Vehicular Ad hoc NETworks (VANETs). These trends form a combined security and safety threat, because recent

  17. Operating Systems-Functions, Protection and Security Mechanisms

    Indian Academy of Sciences (India)

    Home; Journals; Resonance – Journal of Science Education; Volume 7; Issue 4. Operating Systems - Functions, Protection and Security Mechanisms. M Suresh Babu. General Article Volume 7 Issue 4 April 2002 pp 60-66. Fulltext. Click here to view fulltext PDF. Permanent link:

  18. ASLan++ — A Formal Security Specification Language for Distributed Systems

    DEFF Research Database (Denmark)

    Von Oheimb, David; Mödersheim, Sebastian Alexander

    2010-01-01

    credentialsbased authentication mechanism, dynamic access control policies, and the related security goals. This demonstrates the flexibility and expressiveness of the language, and that the resulting models are logically adequate, while on the other hand they are clear to read and feasible to construct for system...

  19. Securing a control system: experiences from ISO 27001 implementation

    International Nuclear Information System (INIS)

    Vuppala, V.; Vincent, J.; Kusler, J.; Davidson, K.

    2012-01-01

    Recent incidents of breaches, in control systems in specific and information systems in general, have emphasized the importance of security and operational continuity in achieving the quality objectives of an organization, and the safety of its personnel and infrastructure. However, security and disaster recovery are either completely ignored or given a low priority during the design and development of an accelerator control system, the underlying technologies, and the overlaid applications. This leads to an operational facility that is easy to breach, and difficult to recover. Retrofitting security into a control system becomes much more difficult during operations. In this paper we describe our experiences with implementing ISO/IEC 27001 Standard for information security at the Electronics Department of the National Superconducting Cyclotron Laboratory (NSCL) located on the campus of Michigan State University. We describe our risk assessment methodology, the identified risks, the selected controls, their implementation, and our documentation structure. We also report the current status of the project. We conclude with the challenges faced and the lessons learnt. (authors)

  20. Gene expression programming for power system static security ...

    African Journals Online (AJOL)

    In this paper, a novel gene expression programming (GEP) algorithm is presented for power system static security assessment. The GEP algorithms as evolutionary algorithms for pattern classification have recently received attention for classification problems because they can perform global searches and achieve high ...

  1. Reforming the South African Social Security Adjudication System ...

    African Journals Online (AJOL)

    There is currently no uniform social security dispute resolution system in South Africa due to the piecemeal fashion in which schemes were established or protection against individual risks regulated. The result is that each statute provides for its own dispute resolution institution(s) and processes. There are also various ...

  2. Design of an Internet Based Security System | David | Nigerian ...

    African Journals Online (AJOL)

    The system has a way of monitoring requests for access to the secured areas as well as reacting to intruder attempts. To achieve this, a successful hardware data acquisition unit based on a microcontroller is designed. The data from the hardware unit is connected to the PC via the parallel port interface so as to monitor all ...

  3. A security analysis of the Dutch electronic patient record system

    NARCIS (Netherlands)

    van 't Noordende, G.

    2010-01-01

    In this article, we analyze the security architecture of the Dutch Electronic Patient Dossier (EPD) system. Intended as a national infrastructure for exchanging medical patient records among authorized parties (particularly, physicians), the EPD has to address a number of requirements, ranging from

  4. Security in the Dutch electronic patient record system

    NARCIS (Netherlands)

    van 't Noordende, G.

    2010-01-01

    In this article, we analyze the security architecture of the Dutch Electronic Patient Dossier (EPD) system. Intended as a mandatory infrastructure for exchanging medical records of most if not all patients in the Netherlands among authorized parties (particularly, physicians), the EPD has to address

  5. The Economic Security of Bank: Theoretical Basis and Systemic Approach

    Directory of Open Access Journals (Sweden)

    Gavlovska Nataliia I.

    2017-07-01

    Full Text Available The article analyzes the existing approaches to interpreting the category of «economic security of bank». A author’s own definition of the concept of «economic security of bank» has been proposed, which should be understood as condition of protecting the vital interests of bank, achieved by harmonizing relationships with the entities of external influence and optimizing the internal system processes, thus enabling efficient function as well as development by means of an adaptation mechanism. A number of approaches to understanding the substance of the above concept has been allocated and their main characteristics have been provided. The need to study the specifics of interaction of banking institutions with the external environment in the context of interaction between the State agents and market actors has been underlined. Features of formation of the term of «system» have been defined, three main groups of approaches to interpretation of the term have been provided. A author’s own definition of the concept of «economic security system of bank» has been proposed. A concrete definition of principles for building an economic security system of bank has been provided.

  6. A Security Level Classification Method for Power Systems under N-1 Contingency

    Directory of Open Access Journals (Sweden)

    Zhigang Lu

    2017-12-01

    Full Text Available Security assessment is crucial for the reliable and secure operation of power systems. This paper proposes a security level classification (SLC method to analyze the security level of power systems both qualitatively and quantitatively. In this SLC method, security levels are graded according to a comprehensive safety index (CSI, which is defined by integrating the system margin index (SMI and load entropy. The SMI depends on the operating load and the total supply capacity (TSC under N-1 contingency, and the load entropy reflects the heterogeneity of load distribution calculated from entropy theory. In order to calculate the TSC under N-1 contingency considering both of the computational accuracy and speed, the TSC is converted into an extended conic quadratic programming (ECQP model. In addition, the load boundary vector (LBV model is established to obtain the capacity limit of each load bus, and thus detect potential risks of power systems. Finally, two modified practical power systems and the IEEE 118-bus test system are studied to validate the feasibility of the proposed SLC method.

  7. Radiological protection national system. Basic security rules

    International Nuclear Information System (INIS)

    1981-01-01

    This work has been prepared as the first one of a set of standards and regulations that will be enforced to provide the protection of men and the environment against the undesirable effects of ionizing radiations. It establishes, in the first place, the system of dose limits for the country and the principles of its utilization. It takes into account the CIPR's recommendations in this area and the mentioned frame of reference, it establishes further the necessary restrictions for the application of the limits to the professionally exposed workers, as well as to the isolated members of the public and the population in general. In addition it establishes the general conditions to be met for the implementation of radiological protection, among them, the classification of working areas and working conditions as well as the compulsory periodical medical surveillance. (H.D.N.)

  8. Testing microelectronic biofluidic systems

    NARCIS (Netherlands)

    Kerkhoff, Hans G.

    2007-01-01

    According to the 2005 International Technology Roadmap for Semiconductors, the integration of emerging nondigital CMOS technologies will require radically different test methods, posing a major challenge for designers and test engineers. One such technology is microelectronic fluidic (MEF) arrays,

  9. The Multimodal Assessment of Adult Attachment Security: Developing the Biometric Attachment Test.

    Science.gov (United States)

    Parra, Federico; Miljkovitch, Raphaële; Persiaux, Gwenaelle; Morales, Michelle; Scherer, Stefan

    2017-04-06

    Attachment theory has been proven essential for mental health, including psychopathology, development, and interpersonal relationships. Validated psychometric instruments to measure attachment abound but suffer from shortcomings common to traditional psychometrics. Recent developments in multimodal fusion and machine learning pave the way for new automated and objective psychometric instruments for adult attachment that combine psychophysiological, linguistic, and behavioral analyses in the assessment of the construct. The aim of this study was to present a new exposure-based, automatic, and objective adult-attachment assessment, the Biometric Attachment Test (BAT), which exposes participants to a short standardized set of visual and music stimuli, whereas their immediate reactions and verbal responses, captured by several computer sense modalities, are automatically analyzed for scoring and classification. We also aimed to empirically validate two of its assumptions: its capacity to measure attachment security and the viability of using themes as placeholders for rotating stimuli. A total of 59 French participants from the general population were assessed using the Adult Attachment Questionnaire (AAQ), the Adult Attachment Projective Picture System (AAP), and the Attachment Multiple Model Interview (AMMI) as ground truth for attachment security. They were then exposed to three different BAT stimuli sets, whereas their faces, voices, heart rate (HR), and electrodermal activity (EDA) were recorded. Psychophysiological features, such as skin-conductance response (SCR) and Bayevsky stress index; behavioral features, such as gaze and facial expressions; as well as linguistic and paralinguistic features, were automatically extracted. An exploratory analysis was conducted using correlation matrices to uncover the features that are most associated with attachment security. A confirmatory analysis was conducted by creating a single composite effects index and by testing it

  10. A SCHEME FOR TEMPLATE SECURITY AT FEATURE FUSION LEVEL IN MULTIMODAL BIOMETRIC SYSTEM

    Directory of Open Access Journals (Sweden)

    Arvind Selwal

    2016-09-01

    Full Text Available Biometric is the science of human recognition based upon using their biological, chemical or behavioural traits. These systems are used in many real life applications simply from biometric based attendance system to providing security at very sophisticated level. A biometric system deals with raw data captured using a sensor and feature template extracted from raw image. One of the challenges being faced by designers of these systems is to secure template data extracted from the biometric modalities of the user and protect the raw images. To minimize spoof attacks on biometric systems by unauthorised users one of the solutions is to use multi-biometric systems. Multi-modal biometric system works by using fusion technique to merge feature templates generated from different modalities of the human. In this work a new scheme is proposed to secure template during feature fusion level. Scheme is based on union operation of fuzzy relations of templates of modalities during fusion process of multimodal biometric systems. This approach serves dual purpose of feature fusion as well as transformation of templates into a single secured non invertible template. The proposed technique is cancelable and experimentally tested on a bimodal biometric system comprising of fingerprint and hand geometry. Developed scheme removes the problem of an attacker learning the original minutia position in fingerprint and various measurements of hand geometry. Given scheme provides improved performance of the system with reduction in false accept rate and improvement in genuine accept rate.

  11. Security Analysis System to Detect Threats on a SIP VoIP Infrasctructure Elements

    Directory of Open Access Journals (Sweden)

    Filip Rezac

    2011-01-01

    Full Text Available SIP PBX is definitely the alpha and omega of any IP telephony infrastructure and frequently also provides other services than those related to VoIP traffic. These exchanges are, however, very often the target of attacks by external actors. The article describes a system that was developed on VSB-TU Ostrava as a testing tool to verify if the target VoIP PBX is adequately secured and protected against any real threats. The system tests the SIP element for several usually occurring attacks and it compiles evaluation of its overall security on the basis of successfully or unsuccessfully penetrations. The article describes the applications and algorithms that are used by system and the conclusion consists recommendations and guidelines to ensure effective protection against VoIP PBX threats. The system is designed as an open-source web application, thus allowing independent access and is fully extensible to other test modules.

  12. SECURE personnel screening system: field trials and new developments

    Science.gov (United States)

    Smith, Steven W.

    1997-01-01

    Many different techniques have been investigated for detecting weapons, explosives, and contraband concealed under a person's clothing. Most of these are based on imaging the concealed object by using some sort of penetrating radiation, such as microwaves, ultrasound or electromagnetic fields.In spite of this effort by dozens of research groups, the only technique that has resulted in a commercially viable product is back-scatter x-ray imaging, as embodied in the SECURE 1000 personnel screening systems. The SECURE technology uses radiation levels that are insignificant compared to natural background values, being viewed as 'trivial' and 'completely insignificant' under established radiation safety standards. In the five years since the SECURE 1000 was developed, more than a dozen field trials and initial placements have been completed. This paper describes both the capabilities and limitations of the technology in these real-world applications.

  13. A cyber security risk assessment for the design of I and C system in nuclear power plants

    International Nuclear Information System (INIS)

    Song, Jae Gu; Lee, Jung Woon; Lee, Cheal Kwon; Kwon, Kee Choon; Lee, Dong Young

    2012-01-01

    The applications of computers and communication system and network technologies in nuclear power plants have expanded recently. This application of digital technologies to the instrumentation and control systems of nuclear power plants brings with it the cyber security concerns similar to other critical infrastructures. Cyber security risk assessments for digital instrumentation and control systems have become more crucial in the development of new systems and in the operation of existing systems. Although the instrumentation and control systems of nuclear power plants are similar to industrial control systems, the former have specifications that differ from the latter in terms of architecture and function, in order to satisfy nuclear safety requirements, which need different methods for the application of cyber security risk assessment. In this paper, the characteristics of nuclear power plant instrumentation and control systems are described, and the considerations needed when conducting cyber security risk assessments in accordance with the life cycle process of instrumentation and control systems are discussed. For cyber security risk assessments of instrumentation and control systems, the activities and considerations necessary for assessments during the system design phase or component design and equipment supply phase are presented in the following 6 steps: 1) System Identification and Cyber Security Modeling, 2) Asset and Impact Analysis, 3) Threat Analysis, 4) Vulnerability Analysis, 5) Security Control Design, and 6) Penetration test. The results from an application of the method to a digital reactor protection system are described.

  14. Security Challenges in Smart-Grid Metering and Control Systems

    Directory of Open Access Journals (Sweden)

    Xinxin Fan

    2013-07-01

    Full Text Available The smart grid is a next-generation power system that is increasingly attracting the attention of government, industry, and academia. It is an upgraded electricity network that depends on two-way digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems. Considering that energy utilities play an increasingly important role in our daily life, smart-grid technology introduces new security challenges that must be addressed. Deploying a smart grid without adequate security might result in serious consequences such as grid instability, utility fraud, and loss of user information and energy-consumption data. Due to the heterogeneous communication architecture of smart grids, it is quite a challenge to design sophisticated and robust security mechanisms that can be easily deployed to protect communications among different layers of the smart grid-infrastructure. In this article, we focus on the communication-security aspect of a smart-grid metering and control system from the perspective of cryptographic techniques, and we discuss different mechanisms to enhance cybersecurity of the emerging smart grid. We aim to provide a comprehensive vulnerability analysis as well as novel insights on the cybersecurity of a smart grid.

  15. AUDITING THE SECURITY OF INFORMATION SYSTEMS WITHIN AN ORGANIZATION

    Directory of Open Access Journals (Sweden)

    STEGĂROIU CARINA-ELENA

    2013-02-01

    Full Text Available The safety provided by a well configured firewall is no excuse for neglecting the standard security procedures;setting up and installing a firewall is the first line of defense and not a full proof solution, auditing being only onecomponent of the system, whilst the other is protecting the resources and when we consider auditing as being theprocess of recording certain events that take place on a computer or within a network, we must come to the conclusionthat this is the only technique that allows us to identify the source of a possible issue within the network.Information security is used as a means to protect the intellectual property rights, whilst the main objective insetting up an information security system is to enlist the confidence of prospective business partners. In accordancewith the legal requisites and the principle of maximizing one’s investment, regardless of the many forms it could take,or the means through which it is stored, transmitted or distributed, information must be protected.Information security is not only a technical problem, but mainly a managerial issue, as the security standard,ISO/IEC 17799 meets the needs of any type of organization, be it public or private, through a series of practices relatedto the management of information security.This paper aims to present the process of taking entry data from a plethora of programs and storing it in acentral location. Due to its flexibility, this process can be a useful auditing instrument, as long as we are familiar withthe way it works and how the events are recorded.

  16. Fairtrade, Food Security and Globalization: Building Alternative Food Systems

    Directory of Open Access Journals (Sweden)

    Martin Calisto Friant

    2016-05-01

    Full Text Available This article examines the politics and practices of Fairtrade certification in order to assess whether this alternative trading system could contribute to innovative solutions for global food security. The analysis begins by assessing the main challenges and problems characterizing the contemporary global food system. It then explores the history, vision and certification standards of the Fairtrade label. In the third section, the results of the impact studies of Fairtrade certification on producer livelihoods are discussed, analyzing the various strengths and weaknesses. Finally the article analyzes whether, and how, the Fairtrade system could positively contribute to improving global food security. To conclude this paper argues that the greatest strength of Fairtrate is not the certification mechanism itself but rather the social and environmental principles it represents. Fairtrade standards could serve to inform broader international policies, which could lead to a sustainable transformation of the global food system.

  17. Selected Methods For Increases Reliability The Of Electronic Systems Security

    Directory of Open Access Journals (Sweden)

    Paś Jacek

    2015-11-01

    Full Text Available The article presents the issues related to the different methods to increase the reliability of electronic security systems (ESS for example, a fire alarm system (SSP. Reliability of the SSP in the descriptive sense is a property preservation capacity to implement the preset function (e.g. protection: fire airport, the port, logistics base, etc., at a certain time and under certain conditions, e.g. Environmental, despite the possible non-compliance by a specific subset of elements this system. Analyzing the available literature on the ESS-SSP is not available studies on methods to increase the reliability (several works similar topics but moving with respect to the burglary and robbery (Intrusion. Based on the analysis of the set of all paths in the system suitability of the SSP for the scenario mentioned elements fire events (device critical because of security.

  18. Security

    OpenAIRE

    Leander, Anna

    2009-01-01

    This paper argues that security belongs to a specific category of commodities: “contested commodities” around which there is an ongoing and unsettled symbolic struggle over whether or not they can and should be though of as commodities (section 1). The contested nature of commodification has implications for how markets function; market practices tend to be defined and organized in ways that minimize their contentiousness and obfuscate their expansion. The paper looks at the implications of t...

  19. The enhancement of security in healthcare information systems.

    Science.gov (United States)

    Liu, Chia-Hui; Chung, Yu-Fang; Chen, Tzer-Shyong; Wang, Sheng-De

    2012-06-01

    With the progress and the development of information technology, the internal data in medical organizations have become computerized and are further established the medical information system. Moreover, the use of the Internet enhances the information communication as well as affects the development of the medical information system that a lot of medical information is transmitted with the Internet. Since there is a network within another network, when all networks are connected together, they will form the "Internet". For this reason, the Internet is considered as a high-risk and public environment which is easily destroyed and invaded so that a relevant protection is acquired. Besides, the data in the medical network system are confidential that it is necessary to protect the personal privacy, such as electronic patient records, medical confidential information, and authorization-controlled data in the hospital. As a consequence, a medical network system is considered as a network requiring high security that excellent protections and managerial strategies are inevitable to prevent illegal events and external attacks from happening. This study proposes secure medical managerial strategies being applied to the network environment of the medical organization information system so as to avoid the external or internal information security events, allow the medical system to work smoothly and safely that not only benefits the patients, but also allows the doctors to use it more conveniently, and further promote the overall medical quality. The objectives could be achieved by preventing from illegal invasion or medical information being stolen, protecting the completeness and security of medical information, avoiding the managerial mistakes of the internal information system in medical organizations, and providing the highly-reliable medical information system.

  20. A Review of the Security of Insulin Pump Infusion Systems

    OpenAIRE

    Paul, Nathanael; Kohno, Tadayoshi; Klonoff, David C

    2011-01-01

    Insulin therapy has enabled patients with diabetes to maintain blood glucose control to lead healthier lives. Today, rather than injecting insulin manually using syringes, a patient can use a device such as an insulin pump to deliver insulin programmatically. This allows for more granular insulin delivery while attaining blood glucose control. Insulin pump system features have increasingly benefited patients, but the complexity of the resulting system has grown in parallel. As a result, secur...

  1. Development of information security and vulnerability risk management system for J-PARC

    International Nuclear Information System (INIS)

    Ishikawa, Hiroyuki; Tate, Akihiro; Murakami, Tadashi

    2012-02-01

    In J-PARC (Japan Proton Accelerator Research Complex) we have set up intra-network (internal network, we will abbreviate it as JLAN, below) to support research activity and communication among users. In JLAN, we set up various kinds of security devices to keep JLAN secure. However, the servers which provide information or service to public are still in danger of being accessed illegally. If there is an illegal access, that may cause defacement of data or information leak. Furthermore, the victim servers are manipulated by the malicious attackers, and they themselves attack the external information equipments. Vulnerability of servers enables unauthorized access. So, vulnerability test with use of a vulnerability tool is one of the most effective ways to take measures for vulnerability of the equipments. However, it is not enough to just conduct a vulnerability test. It is also essential for information security to take measures to cover constantly for the vulnerability of servers. We focused on the points above, and developed the vulnerability testing system for security. It is not only a testing tool for the vulnerability of servers, but also management system which enables the server administrators in charge of taking measures for vulnerabilities to manage risks and handles PDCA (Plan-Do-Check-Action) cycles as countermeasure for vulnerability. In this paper, we report the technologies and ingenuities for the development of the above system. (author)

  2. Cost and performance analysis of physical security systems

    Energy Technology Data Exchange (ETDEWEB)

    Hicks, M.J. [Sandia National Lab., Albuquerque, NM (United States); Yates, D.; Jago, W.H. [Tecolote Research, Inc., Santa Barbara, CA (United States)] [and others

    1997-06-01

    CPA - Cost and Performance Analysis - is a prototype integration of existing PC-based cost and performance analysis tools: ACEIT (Automated Cost Estimating Integrated Tools) and ASSESS (Analytic System and Software for Evaluating Safeguards and Security). ACE is an existing DOD PC-based tool that supports cost analysis over the full life cycle of a system; that is, the cost to procure, operate, maintain and retire the system and all of its components. ASSESS is an existing DOE PC-based tool for analysis of performance of physical protection systems. Through CPA, the cost and performance data are collected into Excel workbooks, making the data readily available to analysts and decision makers in both tabular and graphical formats and at both the system and subsystem levels. The structure of the cost spreadsheets incorporates an activity-based approach to cost estimation. Activity-based costing (ABC) is an accounting philosophy used by industry to trace direct and indirect costs to the products or services of a business unit. By tracing costs through security sensors and procedures and then mapping the contributions of the various sensors and procedures to system effectiveness, the CPA architecture can provide security managers with information critical for both operational and strategic decisions. The architecture, features and applications of the CPA prototype are presented. 5 refs., 3 figs.

  3. Cyber security consideration on I and C system development process

    International Nuclear Information System (INIS)

    Park, Jaek Wan; Park, Jeyun; Kim, Young Ki

    2012-01-01

    Instrumentation and control (I and C) systems in nuclear power plants collect sensor signals installed in plant fields, monitor plant performance and status, and generate signals to control instruments for plant operation and protection. Recently, digital systems of I and C are required to be protected from cyber threats. It has been reported that several plants have been attacked and malfunctioned by outside intruders. To cope with cyber attacks, various studies have been proposed in IT and plant industries. From 2006, regulatory guides and industry standards for cyber security have been published. Therefore, these guides should be strongly considered in the development process of a digital system. Our framework refers to the system development life cycle described in RG 1.152. The main activities of RG 5.71 are included in the framework appropriately. This approach supports the consistent application of system features for cyber security by incorporating the security requirements required in the operation and maintenance phases into the initial phase of development process. It is expected that the application of the framework to a new plant system design may comply with both RG 1.152 and 5.71

  4. Cost and performance analysis of physical security systems

    International Nuclear Information System (INIS)

    Hicks, M.J.; Yates, D.; Jago, W.H.

    1997-01-01

    CPA - Cost and Performance Analysis - is a prototype integration of existing PC-based cost and performance analysis tools: ACEIT (Automated Cost Estimating Integrated Tools) and ASSESS (Analytic System and Software for Evaluating Safeguards and Security). ACE is an existing DOD PC-based tool that supports cost analysis over the full life cycle of a system; that is, the cost to procure, operate, maintain and retire the system and all of its components. ASSESS is an existing DOE PC-based tool for analysis of performance of physical protection systems. Through CPA, the cost and performance data are collected into Excel workbooks, making the data readily available to analysts and decision makers in both tabular and graphical formats and at both the system and subsystem levels. The structure of the cost spreadsheets incorporates an activity-based approach to cost estimation. Activity-based costing (ABC) is an accounting philosophy used by industry to trace direct and indirect costs to the products or services of a business unit. By tracing costs through security sensors and procedures and then mapping the contributions of the various sensors and procedures to system effectiveness, the CPA architecture can provide security managers with information critical for both operational and strategic decisions. The architecture, features and applications of the CPA prototype are presented. 5 refs., 3 figs

  5. Intrusion detection systems: complement to firewall security system ...

    African Journals Online (AJOL)

    The main purpose with firewall is to protect against unauthorized external attacks but it will normally leave the network unprotected from internal attacks or intrusions. Fire walls and access control have been the most important components used in order to secure network and its resources. They work to prevent attacks from ...

  6. Modeling and Security Threat Assessments of Data Processed in Cloud Based Information Systems

    Directory of Open Access Journals (Sweden)

    Darya Sergeevna Simonenkova

    2016-03-01

    Full Text Available The subject of the research is modeling and security threat assessments of data processed in cloud based information systems (CBIS. This method allow to determine the current security threats of CBIS, state of the system in which vulnerabilities exists, level of possible violators, security properties and to generate recommendations for neutralizing security threats of CBIS.

  7. Authentication Test-Based the RFID Authentication Protocol with Security Analysis

    Directory of Open Access Journals (Sweden)

    Minghui Wang

    2014-08-01

    Full Text Available To the problem of many recently proposed RFID authentication protocol was soon find security holes, we analyzed the main reason, which is that protocol design is not rigorous, and the correctness of the protocol cannot be guaranteed. To this end, authentication test method was adopted in the process of the formal analysis and strict proof to the proposed RFID protocol in this paper. Authentication Test is a new type of analysis and design method of security protocols based on Strand space model, and it can be used for most types of the security protocols. After analysis the security, the proposed protocol can meet the RFID security demand: information confidentiality, data integrity and identity authentication.

  8. PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

    International Nuclear Information System (INIS)

    Castro, R.; Vega, J.; Portas, A.; Lopez, D.R.; Balme, S.; Theis, J.M.; Lebourg, P.; Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F.; Purahoo, K.; Thomsen, K.; Schiller, W.; Kadlecsik, J.

    2008-01-01

    Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well

  9. A real-time voltage security assessment system (VSAS) at Alberta Electric System Operator

    Energy Technology Data Exchange (ETDEWEB)

    Wang, L.; Howell, R.; Moshref, A. [Powertech Labs Inc., Surrey, BC (Canada); Mueller, M.; Viray, E.; Yang, C.; Qiu, J. [Alberta Electric System Operator, Calgary, AB (Canada)

    2008-07-01

    A fundamental requirement for a power system involves its secure and reliable operation. The diversity of operating conditions that exist in a system create a high degree of uncertainty with regard to the scenarios and contingencies that need to be examined to ensure system security. The Alberta Electric System Operator (AESO) is responsible for the safe, reliable and economic planning and operation of the Alberta interconnected electric system (AIES). Voltage stability is an issue due to transmission constraints in the AIES. This paper discussed AESO's implementation of an online voltage security assessment system (VSAS) using Powertech's voltage security assessment tool (VSAT) software at their system control center. Voltage security assessment at AESO and the performance requirements for VSAS were first described. The paper described the features of VSAS which included compliance with Western Electricity Coordinating Council voltage security criteria; real-time security monitoring and alarms; and suggestions of remedial actions when security violations were identified. The paper also detailed the development of the model, including contingencies; transfers; interfaces; monitored buses; special protection schemes; remedial action schemes; as well as other models applicable to voltage stability analysis. Computational scenarios that were included and analysed in VSAS for each real-time snapshot were also presented. Last, the paper described the system architecture and features and provided examples and operational experiences as well as future development plans. 11 refs., 6 figs.

  10. Application of the Quality Functional Deployment Method in Mobility Aid Securement System Design

    Science.gov (United States)

    1992-12-01

    The Independent Locking Securement System Project (ILS System Project) is a : successful attempt to respond to the transportation community's need for a : "universal" securement/restraint system that will accommodate most wheeled : mobility aids, inc...

  11. Towards a Standard for Highly Secure SCADA Systems

    Energy Technology Data Exchange (ETDEWEB)

    Carlson, R.

    1998-09-25

    The critical energy inkstructures include gas, OL and electric power. These Mrastructures are complex and interdependent nmvorks that are vital to the national secwiy and social well being of our nation. Many electric power systems depend upon gas and oil, while fossil energy delive~ systems depend upon elecnic power. The control mechanisms for these Mrastructures are often referred to as SCADA (Supmivry CkmdandDaU Ac@itz&z) systems. SCADA systems provide remote monitoring and centralized control for a distributed tmnsportation infmsmucture in order to facilitate delivery of a commodi~. AIthough many of the SCADA concepts developed in this paper can be applied to automotive mmsponation systems, we will use transportation to refer to the movement of electrici~, gas, and oil. \\ Recently, there have been seveml reports suggesting that the widespread and increasing use of SCADA for control of energy systems provides an increasing opportuni~ for an advers~ to cause serious darnage to the energy inbstmcturei~. This damage could arise through cyber infiltration of the SCADA networks, by physically tampering with the control networks, or through a combination of both means. SCADA system threats decompose into cyber and physical threats. One solution to the SCADA security problem is to design a standard for a highly secure KA.DA system that is both cyber, and physdly secure. Not all-physical threats are possible to guard again% but of those threats that are, high security SCADA provides confidence that the system will continue to operate in their presence. One of the most important problems in SCADA securi~ is the relationship between the cyber and physical vulnerabilities. Cyber intrusion increases physical Vulnerabilities, while in the dual problem physical tampering increases cyber vulnerabilit.ies. There is potential for feedback and the precise dynamics need to be understood. As a first step towards a stan~ the goal of this paper is to facilitate a discussion of the

  12. Towards a Scalable Group Vehicle-based Security System

    Energy Technology Data Exchange (ETDEWEB)

    Carter, Jason M [ORNL

    2016-01-01

    In August 2014, the National Highway Traffic Safety Administration (NHTSA) proposed new rulemaking to require V2V communication in light vehicles. To establish trust in the basic safety messages (BSMs) that are exchanged by vehicles to improve driver safety, a vehicle public key infrastructure (VPKI) is required. We outline a system where a group or groups of vehicles manage and generate their own BSM signing keys and authenticating certificates -- a Vehicle-Based Security System (VBSS). Based on our preliminary examination, we assert the mechanisms exist to implement a VBSS that supports V2V communications; however, maintaining uniform trust throughout the system while protecting individual privacy does require reliance on nascent group signature technology which may require a significant amount of communication overhead for trust maintenance. To better evaluate the VBSS approach, we compare it to the proposed Security Credential Management System (SCMS) in four major areas including bootstrapping, pseudonym provisioning, BSM signing and authentication, and revocation. System scale, driver privacy, and the distribution and dynamics of participants make designing an effective VPKI an interesting and challenging problem; no clear-cut strategy exists to satisfy the security and privacy expectations in a highly efficient way. More work is needed in VPKI research, so the life-saving promise of V2V technology can be achieved.

  13. Safe and secure South Africa. Vehicle landmine protection validation testing

    CSIR Research Space (South Africa)

    Reinecke, JD

    2008-11-01

    Full Text Available The objective of this paper is to provide an overview of vehicle landmine protection validation testing in South Africa. A short history of validation test standards is given, followed by a summary of current open test standards in general use...

  14. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    International Nuclear Information System (INIS)

    Lee, Chanyoung; Seong, Poong Hyun

    2016-01-01

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

  15. Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

    2016-10-15

    One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

  16. The Application of Islamic Economic Security System for a Better Human Security in Indonesia

    OpenAIRE

    Dewi, Gemala

    2013-01-01

    As the 2010 Indonesian demographic Statistic data predicted that in the year 2020-2030 Indonesia will have overpopulation of young people at the productive age (18-50 years old) in about 69%. So there is a need to find solution on jobs and welfare for those segments of people. Islam as the religion of majority people of Indonesia has a teaching regarding this matter that has been known as Islamic economic security system, by means of zakat, waqf, trading and business manner that could give so...

  17. Security issues of quantum cryptographic systems with imperfect detectors

    Science.gov (United States)

    Burenkov, Viacheslav

    The laws of quantum physics can be used to secure communications between two distant parties in a scheme called quantum key distribution (QKD), even against a technologically unlimited eavesdropper. While the theoretical security of QKD has been proved rigorously, current implementations of QKD are generally insecure. In particular, mathematical models of devices, such as detectors, do not accurately describe their real-life behaviour. Such seemingly insignificant discrepancies can compromise the security of the entire scheme, especially as novel detector technologies are being developed with little regard for potential vulnerabilities. In this thesis, we study how detector imperfections can impact the security of QKD and how to overcome such technological limitations. We first analyze the security of a high-speed QKD system with finite detector dead time tau. We show that the previously reported sifting approaches are not guaranteed to be secure in this regime. More specifically, Eve can induce a basis-dependent detection efficiency at the receiver's end. Modified key sifting schemes that are basis-independent, and thus secure in the presence of dead time and an active eavesdropper, are discussed and compared. It is shown that the maximum key generation rate is 1/(2tau) for passive basis selection, and 1/tau for active basis selection. The security analysis is also extended to the decoy state BB84 protocol. We then study a relatively new type of single-photon detector called the superconducting nanowire single-photon detector (SNSPD), and discover some unexpected behaviour. We report an afterpulsing effect present when the SNSPD is operated in the high bias current regime. In our standard set-up, the afterpulsing is most likely to occur at around 180 ns following a detection event, for both real counts and dark counts. We characterize the afterpulsing behaviour and speculate that it is not due to the SNSPD itself but rather the associated read-out circuit. We also

  18. TECHNIQUE OF OPTIMAL AUDIT PLANNING FOR INFORMATION SECURITY MANAGEMENT SYSTEM

    Directory of Open Access Journals (Sweden)

    F. N. Shago

    2014-03-01

    Full Text Available Complication of information security management systems leads to the necessity of improving the scientific and methodological apparatus for these systems auditing. Planning is an important and determining part of information security management systems auditing. Efficiency of audit will be defined by the relation of the reached quality indicators to the spent resources. Thus, there is an important and urgent task of developing methods and techniques for optimization of the audit planning, making it possible to increase its effectiveness. The proposed technique gives the possibility to implement optimal distribution for planning time and material resources on audit stages on the basis of dynamics model for the ISMS quality. Special feature of the proposed approach is the usage of a priori data as well as a posteriori data for the initial audit planning, and also the plan adjustment after each audit event. This gives the possibility to optimize the usage of audit resources in accordance with the selected criteria. Application examples of the technique are given while planning audit information security management system of the organization. The result of computational experiment based on the proposed technique showed that the time (cost audit costs can be reduced by 10-15% and, consequently, quality assessments obtained through audit resources allocation can be improved with respect to well-known methods of audit planning.

  19. Test system and method

    DEFF Research Database (Denmark)

    2012-01-01

    at a second distance from the centre, the second distance being larger than the first distance, one or more sensors arranged at each fluid channel, wherein the sensors each comprise at least one optical detectable member, the test apparatus further comprising one or more optical sensing devices arranged...... larger than the first distance, one or more sensors arranged at each fluid channel, wherein the sensors each comprise at least one optical detectable member, the test apparatus further comprising one or more optical sensing devices arranged for sensing the at least one optical detectable member...

  20. CAMAC system test module

    International Nuclear Information System (INIS)

    Dawson, W.K.; Gjovig, A.; Naivar, F.; Potter, J.; Smith, W.

    1981-01-01

    Since the CAMAC Branch Highway is used to both send information to and receive information from a CAMAC crate, faults in this highway can be difficult to recognize and diagnose. Similarly faults caused by a Crate Controller corrupting either instructions or data are difficult to distinguish from faults caused by the modules themselves. The CLIVIT (CAMAC Logic Integrity Via Interactive Testing) module is designed to largely eliminate such difficulties and ambiguities by allowing the verification of Branch Highway and Dataway transactions via an independent data communication path. The principle of operation of the CLIVIT is explained. Described are the prototype construction, testing and use

  1. Safety and security analysis for distributed control system in nuclear power plants

    International Nuclear Information System (INIS)

    Lu Zhigang; Liu Baoxu

    2011-01-01

    The Digital Distributed Control System (DCS) is the core that manages all monitoring and operation tasks in a Nuclear Power Plant (NPP). So, Digital Distributed Control System in Nuclear Power Plant has strict requirements for control and automation device safety and security due to many factors. In this article, factors of safety are analyzed firstly, while placing top priority on reliability, quality of supply and stability have also been carefully considered. In particular, advanced digital and electronic technologies are adopted to maintain sufficient reliability and supervisory capabilities in nuclear power plants. Then, security of networking and information technology have been remarked, several design methodologies considering the security characteristics are suggested. Methods and technologies of this article are being used in testing and evaluation for a real implement of a nuclear power plant in China. (author)

  2. Optical Verification Laboratory Demonstration System for High Security Identification Cards

    Science.gov (United States)

    Javidi, Bahram

    1997-01-01

    Document fraud including unauthorized duplication of identification cards and credit cards is a serious problem facing the government, banks, businesses, and consumers. In addition, counterfeit products such as computer chips, and compact discs, are arriving on our shores in great numbers. With the rapid advances in computers, CCD technology, image processing hardware and software, printers, scanners, and copiers, it is becoming increasingly easy to reproduce pictures, logos, symbols, paper currency, or patterns. These problems have stimulated an interest in research, development and publications in security technology. Some ID cards, credit cards and passports currently use holograms as a security measure to thwart copying. The holograms are inspected by the human eye. In theory, the hologram cannot be reproduced by an unauthorized person using commercially-available optical components; in practice, however, technology has advanced to the point where the holographic image can be acquired from a credit card-photographed or captured with by a CCD camera-and a new hologram synthesized using commercially-available optical components or hologram-producing equipment. Therefore, a pattern that can be read by a conventional light source and a CCD camera can be reproduced. An optical security and anti-copying device that provides significant security improvements over existing security technology was demonstrated. The system can be applied for security verification of credit cards, passports, and other IDs so that they cannot easily be reproduced. We have used a new scheme of complex phase/amplitude patterns that cannot be seen and cannot be copied by an intensity-sensitive detector such as a CCD camera. A random phase mask is bonded to a primary identification pattern which could also be phase encoded. The pattern could be a fingerprint, a picture of a face, or a signature. The proposed optical processing device is designed to identify both the random phase mask and the

  3. The security system analyzer: An application of the Prolog language

    International Nuclear Information System (INIS)

    Zimmerman, B.D.; Seeman, S.E.

    1986-01-01

    The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner to provide descriptive information about sensors, to dynamically update the knowledge base to provide on-line recording of changes in detector status or maintenance history, and to analyze the configuration of the building, surrounding area, and intrusion detector layout and current operability status in order to determine all the pathways from one specified point to another specified point which result in the detection probability being less than some specified value (i.e., find the ''weakest paths''). This ''search'' capability, which is the heart of the SECURITY program, allows the program to perform a CAD (computer aided design) function, and to provide a real-time security degradation analysis if intrusion detectors become inoperable. 2 refs., 3 figs

  4. Physical security system effectiveness evaluation, a status report

    International Nuclear Information System (INIS)

    Todd, J.L. Jr.; Nickell, W.C.

    1975-07-01

    A method to permit objective comparisons of physical security is under development and is expected to be useful in the optimization of system design and in cost benefit analysis. The procedure involves identifying the possible or potential characteristics of a postulated adversary, the countermeasures to deny or diminish adversary success, and the response capabilities of the defender. These, in conjunction with system definition information, are evaluated by the use of analytical models which provide a means of ranking systems against threats. This paper describes the status of this effort and includes an overview of the methodology with a brief description of various models being considered for use in effectiveness evaluation. (U.S.)

  5. Security Enhancement Using Mutual Authentication in Existing CDMA Systems

    OpenAIRE

    L. Krishna Bharathi; Gnanou Florence Sudha

    2010-01-01

    Even though CDMA2000 wireless networks are being widely deployed as a cellular digital standard around the world, it has some hidden vulnerabilities concerned with security issues. The existing CDMA systems use authentication mechanism by CAVE (Cellular Authentication and Voice Encryption) algorithm. This authentication method has several disadvantages. Only one way authentication is provided, that is, only a base station authenticates a subscriber. And, CAVE algorithm is prone to cryptograph...

  6. Software Defined Networking with Pseudonym Systems for Secure Vehicular Clouds

    OpenAIRE

    Huang, X; Yu, R; Kang, J; Wang, N; Maharjan, S; Zhang, Y

    2016-01-01

    The vehicular cloud is a promising new paradigm where vehicular networking and mobile cloud computing are elaborately integrated to enhance the quality of vehicular information services. Pseudonym is a resource for vehicles to protect their location privacy, which should be efficiently utilized to secure vehicular clouds. However, only a few existing architectures of pseudonym systems take flexibility and efficiency into consideration, thus leading to potential threats to location privacy. In...

  7. Marketing and reputation aspects of neonatal safeguards and hospital-security systems.

    Science.gov (United States)

    Smith, Alan D

    2009-01-01

    Technological advancements have migrated from personal-use electronics into the healthcare setting for security enhancements. Within maternity wards and nurseries, technology was seen as one of best way to protect newborns from abduction. The present study is a focus on what systems and methods are used in neonatal security, the security arrangements, staff training, and impacts outside the control of the hospital, customer satisfaction and customer relations management. Through hypothesis-testing and exploratory analysis, gender biases and extremely high levels of security were found within a web-enabled and professional sample of 200 respondents. The factor-based constructs were found to be, in order of the greatest explained variance: security concerns, personal technology usage, work technology applications, and demographic maturity concerns, resulting in four factor-based scores with significant combined variance of 61.5%. It was found that through a better understanding on the importance and vital need for hospitals to continue to improve on their technology-based security policies significantly enhanced their reputation in the highly competitive local healthcare industry.

  8. Security analysis of communication system based on the synchronization of different order chaotic systems

    International Nuclear Information System (INIS)

    Alvarez, Gonzalo; Hernandez, Luis; Munoz, Jaime; Montoya, Fausto; Li Shujun

    2005-01-01

    This Letter analyzes the security weakness of a recently proposed communication method based on chaotic modulation and masking using synchronization of two chaotic systems with different orders. It is shown that its application to secure communication is unsafe, because it can be broken in two different ways, by high-pass filtering and by reduced order system synchronization, without knowing neither the system parameter values nor the system key

  9. Hybrid optical security system using photonic crystals and MEMS devices

    Science.gov (United States)

    Ciosek, Jerzy; Ostrowski, Roman

    2017-10-01

    An important issue in security systems is that of selection of the appropriate detectors or sensors, whose sensitivity guarantees functional reliability whilst avoiding false alarms. Modern technology enables the optimization of sensor systems, tailored to specific risk factors. In optical security systems, one of the safety parameters considered is the spectral range in which the excitation signal is associated with a risk factor. Advanced safety systems should be designed taking into consideration the possible occurrence of, often multiple, complex risk factors, which can be identified individually. The hazards of concern in this work are chemical warfare agents and toxic industrial compounds present in the forms of gases and aerosols. The proposed sensor solution is a hybrid optical system consisting of a multi-spectral structure of photonic crystals associated with a MEMS (Micro Electro-Mechanical System) resonator. The crystallographic structures of carbon present in graphene rings and graphenecarbon nanotube nanocomposites have properties which make them desirable for use in detectors. The advantage of this system is a multi-spectral sensitivity at the same time as narrow-band selectivity for the identification of risk factors. It is possible to design a system optimized for detecting specified types of risk factor from very complex signals.

  10. Nuclear system test simulator

    International Nuclear Information System (INIS)

    Sawyer, S.D.; Hill, W.D.; Wilson, P.A.; Steiner, W.M.

    1987-01-01

    A transportable test simulator is described for a nuclear power plant. The nuclear power plant includes a control panel, a reactor having actuated rods for moving into and out of a reactor for causing the plant to operate, and a control rod network extending between the control panel and the reactor rods. The network serially transmits command words between the panel and rods, and has connecting interfaces at preselected points remote from the control panel between the control panel and rods. The test simulator comprises: a test simulator input for transport to and connection into the network at at least one interface for receiving the serial command words from the network. Each serial command includes an identifier portion and a command portion; means for processing interior of the simulator for the serial command words for identifying that portion of the power plant designated in the identifier portion and processing the word responsive to the command portion of the word after the identification; means for generating a response word responsive to the command portion; and output means for sending and transmitting the response word to the nuclear power plant at the interface whereby the control panel responds to the response word

  11. Carboy Security Risk Analysis Model of I and C System Using Bayesian Network

    International Nuclear Information System (INIS)

    Shin, Jinsoo; Heo, Gyunyoung; Son, Hanseong; Park, Jaekwan

    2013-01-01

    The Korea Institute of Nuclear Safety (KINS) as a regulatory agency declares the R. G 8.22 for applying cyber security in Korea in 2011. In nuclear power industrial, ShinUljin 1, 2 unit and Shingori 3, 4 unit are demonstrating the cyber security for the first time. And in terms of research, the National Security Research Institute and the Korea Atomic Energy Research Institute are developing the nuclear power plant cyber security system in Korean. Currently, these cyber securities like regulation, demonstration and research are focused on nuclear power plant. However, cyber security is also important for the nuclear research reactor like a HANARO which is in Daejeon, primarily due to its characteristic as research reactor since since people access more than power plant. Analysis of the key elements of cyber security is possible to study through the activity-quality and architecture analysis model of cyber security. It is possible to analyze the extent reflected final risk by evaluating input score for each checklist. In this way, you can see an important checklist. Further, if the cyber-attack occurs, it is possible to provide an evidentiary material that is able to determine the key check element corresponding to each situation via a reverse calculation of BN. Finally, Utilization is possible to create a simulated penetratio test scenario according to each situation. Analysis of the key elements of cyber security is possible to study through the activity-quality and architecture analysis model of cyber security. It is possible to analyze the extent reflected in the final risk by evaluating input score for each checklist, in this way, you can see an important checklist. Furthermore, if the cyber-attack occurs, it is possible to provide an evidentiary material that enables to determine the key check element corresponding to each situation via a reverse calculation of BN. Finally, Utilization is possible to create a simulated penetration test scenario according to

  12. 5 CFR 930.301 - Information systems security awareness training program.

    Science.gov (United States)

    2010-01-01

    ....g., system and network administrators, and system/application security officers) must receive... 5 Administrative Personnel 2 2010-01-01 2010-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems...

  13. Moving ERP Systems to the Cloud - Data Security Issues

    Directory of Open Access Journals (Sweden)

    Pablo Saa

    2017-08-01

    Full Text Available This paper brings to light data security issues and concerns for organizations by moving their Enterprise Resource Planning (ERP systems to the cloud. Cloud computing has become the new trend of how organizations conduct business and has enabled them to innovate and compete in a dynamic environment through new and innovative business models. The growing popularity and success of the cloud has led to the emergence of cloud-based Software-as-a-Service (SaaS ERP systems, a new alternative approach to traditional on-premise ERP systems. Cloud-based ERP has a myriad of benefits for organizations. However, infrastructure engineers need to address data security issues before moving their enterprise applications to the cloud. Cloud-based ERP raises specific concerns about the confidentiality and integrity of the data stored in the cloud. Such concerns that affect the adoption of cloud-based ERP are based on the size of the organization. Small to medium enterprises (SMEs gain the maximum benefits from cloud-based ERP as many of the concerns around data security are not relevant to them. On the contrary, larger organizations are more cautious in moving their mission critical enterprise applications to the cloud. A hybrid solution where organizations can choose to keep their sensitive applications on-premise while leveraging the benefits of the cloud is proposed in this paper as an effective solution that is gaining momentum and popularity for large organizations.

  14. Smart security system for Indian rail wagons using IOT

    Science.gov (United States)

    Bhanuteja, S.; Shilpi, S.; Pragna, K.; Arun, M.

    2017-11-01

    The objective of this project is to create a Security System for the goods that are carried in open top freight trains. The most efficient way to secure anything from thieves is to have a continuous observation. So for continuous observation of the open top freight train, Camera module2 has been used. Passive Infrared Sensor (PIR) 1 has been used to detect the motion or to sense movement of people, animals, or any object. So whenever a motion is detected by the PIR sensor, the Camera takes a picture of that particular instance. That picture will be send to the Raspberry PI which does Skin Detection Algorithm and specifies whether that motion was created by a human or not. If a human makes it, then that picture will send to the drop box. Any Official can have a look at the same. The existing system has a CCTV installed at various critical locations like bridges, railway stations etc. but they does not provide a continuous observation. This paper describes about the Security System that provides continuous observation for open top freight trains so that goods can be carried safely to its destination.

  15. Power Systems Voltage Security Assessment and Optimal Load Shedding by CBR Approach

    Science.gov (United States)

    Patidar, N. P.; Sharma, Jaydev

    This paper presents a case-based reasoning (CBR) technique, a novel approach for voltage security assessment and optimal load shedding in real-time environment. The CBR extracts the information of voltage security from large sets of possible operating conditions of the power system, which are screened off-line by randomly varying the real and reactive loads at PQ buses. The severity of contingency is then assessed by the number of insecure operating states, which are predicted by the CBR system under that contingency. Security classes are defined by threshold value of maximum loadability margins (MLM), calculated using continuation power flow (CPF) method. For insecure states, the presented technique also gives optimal load shedding plan to bring the system from insecure to secure region. Decision trees (DT) are used for case indexing to reduce the search time to obtain the set of relevant cases, which are in thousands of numbers. In addition, decision trees also provide the information about those case features, which mostly influence the severity of a given contingency of the power system. Unlike other non-deterministic approaches, the proposed method is easy to understand for operators, easy to modify under the change of topology of the power system and has continuous learning capability. The effectiveness of the proposed approach is tested on IEEE test systems. The proposed CBR approach provides a fast and accurate voltage security assessment for unknown load patterns and a load shedding plan for insecure cases to mitigate the voltage collapse. Hence it found to be suitable for on-line applications of energy management systems.

  16. Security Policy and Infrastructure in the Context of a Multi-Centeric Information System Dedicated to Autism Spectrum Disorder.

    Science.gov (United States)

    Ben Said, Mohamed; Robel, Laurence; Golse, Bernard; Jais, Jean Philippe

    2017-01-01

    Autism spectrum disorders (ASD) are complex neuro-developmental disorders affecting children in their early age. The diagnosis of ASD relies on multidisciplinary investigations, in psychiatry, neurology, genetics, electrophysiology, neuro-imagery, audiology and ophthalmology. In order to support clinicians, researchers and public health decision makers, we designed an information system dedicated to ASD, called TEDIS. TEDIS was designed to manage systematic, exhaustive and continuous multi-centric patient data collection via secured Internet connections. In this paper, we present the security policy and security infrastructure we developed to protect ASD' patients' clinical data and patients' privacy. We tested our system on 359 ASD patient records in a local secured intranet environment and showed that the security system is functional, with a consistent, transparent and safe encrypting-decrypting behavior. It is ready for deployment in the nine ASD expert assessment centers in the Ile de France district.

  17. Cracking ShadowCrypt: Exploring the Limitations of Secure I/O Systems in Internet Browsers

    Directory of Open Access Journals (Sweden)

    Freyberger Michael

    2018-04-01

    Full Text Available An important line of privacy research is investigating the design of systems for secure input and output (I/O within Internet browsers. These systems would allow for users’ information to be encrypted and decrypted by the browser, and the specific web applications will only have access to the users’ information in encrypted form. The state-of-the-art approach for a secure I/O system within Internet browsers is a system called ShadowCrypt created by UC Berkeley researchers [23]. This paper will explore the limitations of ShadowCrypt in order to provide a foundation for the general principles that must be followed when designing a secure I/O system within Internet browsers. First, we developed a comprehensive UI attack that cannot be mitigated with popular UI defenses, and tested the efficacy of the attack through a user study administered on Amazon Mechanical Turk. Only 1 of the 59 participants who were under attack successfully noticed the UI attack, which validates the stealthiness of the attack. Second, we present multiple attack vectors against Shadow-Crypt that do not rely upon UI deception. These attack vectors expose the privacy weaknesses of Shadow DOM—the key browser primitive leveraged by ShadowCrypt. Finally, we present a sketch of potential countermeasures that can enable the design of future secure I/O systems within Internet browsers.

  18. Control Systems Cyber Security:Defense in Depth Strategies

    Energy Technology Data Exchange (ETDEWEB)

    David Kuipers; Mark Fabro

    2006-05-01

    Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

  19. Intelligent Facial Recognition Systems: Technology advancements for security applications

    Energy Technology Data Exchange (ETDEWEB)

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  20. Federal Government Information Systems Security Management and Governance Are Pacing Factors for Innovation

    Science.gov (United States)

    Edwards, Gregory

    2011-01-01

    Security incidents resulting from human error or subversive actions have caused major financial losses, reduced business productivity or efficiency, and threatened national security. Some research suggests that information system security frameworks lack emphasis on human involvement as a significant cause for security problems in a rapidly…

  1. 75 FR 3948 - Big Sky Energy Corp., Biomedical Waste Systems, Inc., Biometrics Security Technology, Inc...

    Science.gov (United States)

    2010-01-25

    ... SECURITIES AND EXCHANGE COMMISSION [File No. 500-1] Big Sky Energy Corp., Biomedical Waste Systems, Inc., Biometrics Security Technology, Inc., Biosys, Inc., Bolder Technologies Corp., Boyds Wheels, Inc... securities of Biometrics Security Technology, Inc. because it has not filed any periodic reports since...

  2. a new test system

    OpenAIRE

    Pauli, Viktoria

    2013-01-01

    Protozoa not only play an important ecological role in the self-purification and matter cycling of natural aquatic ecosystems, but also in the artificial system of sewage treatment plants. Especially the feeding of ciliates on bacteria improves the treatment, resulting in higher transparency, i.e. lower organic load in the output water of the treated wastes. Although vital for the functioning of sewage treatment plants, protozoa are presently not covered by the currently standardized ecotoxic...

  3. Enabling Dynamic Security Management of Networked Systems via Device-Embedded Security

    National Research Council Canada - National Science Library

    Ganger, Gregory

    2000-01-01

    This report contains the technical content of a recent funding proposal. In it, we propose a new approach to network security in which each individual device erects its own security perimeter and defends its own critical resources...

  4. Report: Information Security Series: Security Practices Comprehensive Environmental Response, Compensation, and Liability Information System

    Science.gov (United States)

    Report #2006-P-00019, March 28, 2006. OSWER’s implemented practices to ensure production servers were being monitored for known vulnerabilities and personnel with significant security responsibility completed the Agency’s recommended security training.

  5. Portable Health Algorithms Test System

    Science.gov (United States)

    Melcher, Kevin J.; Wong, Edmond; Fulton, Christopher E.; Sowers, Thomas S.; Maul, William A.

    2010-01-01

    A document discusses the Portable Health Algorithms Test (PHALT) System, which has been designed as a means for evolving the maturity and credibility of algorithms developed to assess the health of aerospace systems. Comprising an integrated hardware-software environment, the PHALT system allows systems health management algorithms to be developed in a graphical programming environment, to be tested and refined using system simulation or test data playback, and to be evaluated in a real-time hardware-in-the-loop mode with a live test article. The integrated hardware and software development environment provides a seamless transition from algorithm development to real-time implementation. The portability of the hardware makes it quick and easy to transport between test facilities. This hard ware/software architecture is flexible enough to support a variety of diagnostic applications and test hardware, and the GUI-based rapid prototyping capability is sufficient to support development execution, and testing of custom diagnostic algorithms. The PHALT operating system supports execution of diagnostic algorithms under real-time constraints. PHALT can perform real-time capture and playback of test rig data with the ability to augment/ modify the data stream (e.g. inject simulated faults). It performs algorithm testing using a variety of data input sources, including real-time data acquisition, test data playback, and system simulations, and also provides system feedback to evaluate closed-loop diagnostic response and mitigation control.

  6. InkTag: Secure Applications on an Untrusted Operating System

    Science.gov (United States)

    Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

    2014-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

  7. InkTag: Secure Applications on an Untrusted Operating System.

    Science.gov (United States)

    Hofmann, Owen S; Kim, Sangman; Dunn, Alan M; Lee, Michael Z; Witchel, Emmett

    2013-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification , a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes.

  8. A novel anti-theft security system for photovoltaic modules

    Science.gov (United States)

    Khan, Wasif Ali; Lim, Boon-Han; Lai, An-Chow; Chong, Kok-Keong

    2017-04-01

    Solar farms are considered as easy target for thieves because of insufficient protection measures. Existing anti-theft approaches are based on system level and are not very preventive and efficient because these can be bypassed with some technical knowledge. Additionally, it is difficult for security guards to tackle them as robbers come in a form of a gang equipped with heavy weapons. In this paper, a low power auto shut-off and non-destructive system is proposed for photovoltaic (PV) modules to achieve better level of security at module level. In proposed method, the power generation function of the PV module will be shut-off internally and cannot be re-activated by unauthorized personnel, in the case of theft. Hence, the PV module will not be functional even sold to new customers. The system comprises of a microcontroller, a low power position sensor, a controllable semiconductor switch and a wireless reactive-able system. The anti-theft system is developed to be laminated inside PV module and will be interconnected with solar cells so it becomes difficult for thieves to temper. The position of PV module is retrieved by position sensor and stored in a microcontroller as an initial reference value. Microcontroller uses this stored reference value to control power supply of PV module via power switch. The stored reference value can be altered using wireless circuitry by following authentication protocol. It makes the system non-destructive as anti-theft function can be reset again by authorized personnel, if it is recovered after theft or moved for maintenance purposes. The research component includes the design of a position sensing circuit, an auto shut-off circuit, a reactive-able wireless security protection algorithm and finally the integration of the multiple circuits.

  9. Optimizing man-machine performance of a personnel access restriction security system

    International Nuclear Information System (INIS)

    Banks, W.W.; Moore, J.W.

    1988-01-01

    This paper describes a human engineering design and analysis effort for a major security system upgrade at a DOE facility. This upgrade was accomplished by replacing an obsolete and poorly human engineered security screening both the with a new, user oriented, semiautomated, computer-based access control system. Human factors engineers assisted the designer staff in specifying a security access interface to physically and cognitively accommodate all employees which included handicapped individuals in wheel chairs, and several employees who were severely disabled, both visually and aurally. The new access system was intended to control entry into sensitive exclusion areas by requiring personnel to enter a security screening booth and interact with card reader devices and a-simple-to-operate access control panel system. Extensive man-machine testing with prototype mock-ups was conducted to assess human engineered design features and to illuminate potentially confusing or difficult-to-operated hardware placement, layout, and operation sequencing. These evaluations, along with the prototype mock-ups, provided input which resulted in a prototype which was easy to enter, operate, and understand by end users. This prototype later served as the design basis for the final systems design

  10. A mobile agent approach for secure integrated medical information systems.

    Science.gov (United States)

    Liu, Chia-Hui; Chung, Yu-Fang; Chiang, Te-Wei; Chen, Tzer-Shyong; Wang, Sheng-De

    2012-10-01

    Different patient-related information in medical organizations is the primary reference for medical personnel diagnosing, treating, and caring patients. With the rapid development of information technology, paper-based medical records have gradually been changed to electronic forms. However, different medical organizations present individual system specifications and data-saving formats so that the medical information of the same patient cannot be exchanged, shared, and securely accessed. In order not to largely change the present medical information systems as well as not to increase abundant costs, Virtual Integrated Medical-information Systems (VIMS) is proposed to assist various hospitals in information exchange. Furthermore, with Mobile Agent, the dispersed medical information can be securely integrated. It presents confidentiality, non-repudiation, source authentication, and integrity in network transmission. Virtual Integrated Medical-information Systems (VIMS) is a virtual electronic integration system combined with Mobile Agent technology. With the features of independence, adaptability, mobility, objectives, and autonomy, Mobile Agent is applied to overcome the problems from heterogeneous systems. With the features, the over-dispersed medical records can be integrated. Moreover, Mobile Agent can ensure the instantaneity and usability of medical records from which doctors can make the most appropriate evaluation and diagnoses. It will avoid the waste of medical resources, such as repetition medication, as well as become the reference of further consultation or health check. Not only can it improve the medical care quality, but it can be provided for medical research.

  11. A secure and synthesis tele-ophthalmology system.

    Science.gov (United States)

    Wei, Zhuo; Wu, Yongdong; Deng, Robert H; Yu, Shengsheng; Yao, Haixia; Zhao, Zhigang; Ngoh, Lek Heng; Han, Lim Tock; Poh, Eugenie W T

    2008-10-01

    This paper describes a secure and synthesis ophthalmology telemedicine system, referred to as TeleOph. Under a Secure Socket Layer (SSL) channel, patient prerecorded data can be safely transferred via the Internet. With encrypted videoconference and white-board, the system not only supports hospital-to-clinic consultation, but also supplies hospital-tohospital joint discussion. Based on Directshow technology (Microsoft Corporation, Redmond, WA), video cameras connected to the computer by firewire can be captured and controlled to sample video data. By using TWAIN technology, the system automatically identifies networked still cameras (on fundus and slitlamp devices) and retrieves images. All the images are stored in a selected format (such as JPEG, DICOM, BMP). Besides offline-transferring prerecorded data, the system also supplies online sampling of patient data (real-time capturing from remote places). The system was deployed at Tan Tock Seng Hospital, Singapore and Ang Mo Kio, Singapore, where 100 patients were enrolled in the system for examination. TeleOph can be successfully used for patient consultation, and hospital joint discussion. Meanwhile, TeleOph can supply both offline and online sampling of patient data.

  12. Analysis of costs-benefits tradeoffs of complex security systems

    Energy Technology Data Exchange (ETDEWEB)

    Hicks, M.J. [Sandia National Labs., Albuquerque, NM (United States). Security Systems Analysis and Development Dept.

    1996-12-31

    Essential to a systems approach to design of security systems is an analysis of the cost effectiveness of alternative designs. While the concept of analysis of costs and benefits is straightforward, implementation can be at the least tedious and, for complex designs and alternatives, can become nearly intractable without the help of structured analysis tools. PACAIT--Performance and Cost Analysis Integrated Tools--is a prototype tool. The performance side of the analysis collates and reduces data from ASSESS, and existing DOE PC-based security systems performance analysis tool. The costs side of the analysis uses ACE, an existing DOD PC-based costs analysis tool. Costs are reported over the full life-cycle of the system, that is, the costs to procure, operate, maintain and retire the system and all of its components. Results are collected in Microsoft{reg_sign} Excel workbooks and are readily available to analysts and decision makers in both tabular and graphical formats and at both the system and path-element levels.

  13. Analysis of costs-benefits tradeoffs of complex security systems

    International Nuclear Information System (INIS)

    Hicks, M.J.

    1996-01-01

    Essential to a systems approach to design of security systems is an analysis of the cost effectiveness of alternative designs. While the concept of analysis of costs and benefits is straightforward, implementation can be at the least tedious and, for complex designs and alternatives, can become nearly intractable without the help of structured analysis tools. PACAIT--Performance and Cost Analysis Integrated Tools--is a prototype tool. The performance side of the analysis collates and reduces data from ASSESS, and existing DOE PC-based security systems performance analysis tool. The costs side of the analysis uses ACE, an existing DOD PC-based costs analysis tool. Costs are reported over the full life-cycle of the system, that is, the costs to procure, operate, maintain and retire the system and all of its components. Results are collected in Microsoft reg-sign Excel workbooks and are readily available to analysts and decision makers in both tabular and graphical formats and at both the system and path-element levels

  14. Test System Impact on System Availability

    DEFF Research Database (Denmark)

    Pau, L. F.

    1987-01-01

    The specifications are presented for an imperfect automatic test system (ATS) (test frequency distribution, reliability, false alarm rate, nondetection rate) in order to account for the availability, readiness, mean time between unscheduled repairs (MTBUR), reliability, and maintenance of the sys......The specifications are presented for an imperfect automatic test system (ATS) (test frequency distribution, reliability, false alarm rate, nondetection rate) in order to account for the availability, readiness, mean time between unscheduled repairs (MTBUR), reliability, and maintenance...... of the system subject to monitoring and test. A time-dependent Markov model is presented, and applied in three cases, with examples of numerical results provided for preventive maintenance decisions, design of an automatic test system, buffer testing in computers, and data communications....

  15. Using TPM Secure Storage in Trusted High Availability Systems

    OpenAIRE

    Hell, Martin; Karlsson, Linus; Smeets, Ben; Mirosavljevic, Jelena

    2014-01-01

    We consider the problem of providing trusted computing functionality in high availability systems. We consider the case where data is required to be encrypted with a TPM protected key. For redundancy, and to facilitate high availability, the same TPM key is stored in multiple computational units, each one ready to take over if the main unit breaks down. This requires the TPM key to be migratable. We show how such systems can be realized using the secure storage of the TPM. Hundreds of million...

  16. System Health Monitoring Using a Novel Method: Security Unified Process

    Directory of Open Access Journals (Sweden)

    Alireza Shameli-Sendi

    2012-01-01

    and change management, and project management. The dynamic dimension, or phases, contains inception, analysis and design, construction, and monitoring. Risk assessment is a major part of the ISMS process. In SUP, we present a risk assessment model, which uses a fuzzy expert system to assess risks in organization. Since, the classification of assets is an important aspect of risk management and ensures that effective protection occurs, a Security Cube is proposed to identify organization assets as an asset classification model. The proposed model leads us to have an offline system health monitoring tool that is really a critical need in any organization.

  17. Model Based Cyber Security Analysis for Research Reactor Protection System

    International Nuclear Information System (INIS)

    Sho, Jinsoo; Rahman, Khalil Ur; Heo, Gyunyoung; Son, Hanseong

    2013-01-01

    The study on the qualitative risk due to cyber-attacks into research reactors was performed using bayesian Network (BN). This was motivated to solve the issues of cyber security raised due to digitalization of instrumentation and control (I and C) system. As a demonstrative example, we chose the reactor protection system (RPS) of research reactors. Two scenarios of cyber-attacks on RPS were analyzed to develop mitigation measures against vulnerabilities. The one is the 'insertion of reactor trip' and the other is the 'scram halt'. The six mitigation measures are developed for five vulnerability for these scenarios by getting the risk information from BN

  18. Secure alignment of coordinate systems using quantum correlation

    Science.gov (United States)

    Rezazadeh, F.; Mani, A.; Karimipour, V.

    2017-08-01

    We show that two parties far apart can use shared entangled states and classical communication to align their coordinate systems with a very high fidelity. Moreover, compared with previous methods proposed for such a task, i.e., sending parallel or antiparallel pairs or groups of spin states, our method has the extra advantages of using single-qubit measurements and also being secure, so that third parties do not extract any information about the aligned coordinate system established between the two parties. The latter property is important in many other quantum information protocols in which measurements inevitably play a significant role.

  19. 75 FR 80886 - Third Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2010-12-23

    ... 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held January 13, 2011...

  20. 76 FR 38742 - Seventh Meeting: RTCA Special Committee 224: Airport Security Access Control Systems

    Science.gov (United States)

    2011-07-01

    ... Committee 224: Airport Security Access Control Systems AGENCY: Federal Aviation Administration (FAA), DOT. ACTION: Notice of RTCA Special Committee 224 meeting: Airport Security Access Control Systems (Update to... Committee 224: Airport Security Access Control Systems. DATES: The meeting will be held July 15, 2011, from...