Freedom of information implications of information sharing networks for critical infrastructure protection

Protection of “critical infrastructure” has become a major issue for govern- ments worldwide. Yet in Australia, as in many other countries, including the United States, an estimated 90% of critical infrastructure is privately owned or operated commercially – in other words, critical infrastructure protection is not the exclusive domain of government. As a result, information sharing between government and the private sector has become a vitally important component of effective risk management. However, establishing effective arrangements of this kind between the public and private sector needs to take account of existing regimes of access and public disclosure which relate to government-held documents; in particular, that which is established by freedom of information (FOI) legislation. This article examines the extent to which the current Commonwealth FOI regime is likely to act as an impediment to the private sector operators of critical infrastructure participat- ing in government-operated information sharing arrangements. By examining developments in other jurisdictions, principally the United States, the article considers whether amendments to the current Australian FOI regime are necessary to ensure effective participation, consistent with the underlying object and purpose of FOI.

An extensible simulation framework for critical infrastructure security

We introduce the Network Security Simulator (NeSSi2), an open source discrete event-based network simulator. It incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Compared to the predecessor NeSSi, it was extended with a three-tier plugin architecture and a generic network model to shift its focus towards simulation framework for critical infrastructures. We demonstrate the gained adaptability by different use cases

Real-time and interactive attacks on DNP3 critical infrastructure using Scapy

The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols, to control national infrastructure. Widely used interactive packet manipulation tools, such as Scapy, have not yet been augmented to parse and create DNP3 frames (Biondi 2014). In this paper we extend Scapy to include DNP3, thus allowing us to perform attacks on DNP3 in real-time. Our contribution builds on East et al. (2009), who proposed a range of possible attacks on DNP3. We implement several of these attacks to validate our DNP3 extension to Scapy, then executed the attacks on real world equipment. We present our results, showing that many of these theoretical attacks would be unsuccessful in an Ethernet-based network.

Framework for assessing the influence of critical infrastructure interdependencies in post-disaster reconstruction management

Due to ever increasing climate instability, the number of natural disasters affecting society and communities is expected to increase globally in the future, which will result in a growing number of casualties and damage to property and infrastructure. Such damage poses crucial challenges for recovery of interdependent critical infrastructures. Post-disaster reconstruction is a complex undertaking as it is not only closely linked to the well-being and essential functioning of society, but also requires a large financial commitment. Management of critical infrastructure during post-disaster recovery needs to be underpinned by a holistic recognition that the recovery of each individual infrastructure system (e.g. energy, water, transport and information and communication technology) can be affected by the interdependencies that exist between these different systems. A fundamental characteristic of these interdependencies is that failure of one critical infrastructure system can result in the failure of other interdependent infrastructures, leading to a cascade of failures, which can impede post-disaster recovery and delay the subsequent reconstruction process. Consequently, there is a critical need for developing a holistic strategy to assess the influence of infrastructure interdependencies, and for incorporating these interdependencies into a post-disaster recovery strategy. This paper discusses four key dimensions of interdependencies that need to be considered in a post-disaster reconstruction planning. Using key concepts and sub-concepts derived from the notion of interdependency, the paper examines how critical infrastructure interdependencies affect the recovery processes of damaged infrastructures.

The influence of critical infrastructure interdependencies on post-disaster reconstruction: Elements of infrastructure interdependency that impede the post-disaster recovery effort

The importance of developing effective disaster management strategies has significantly grown as the world continues to be confronted with unprecedented disastrous events. Factors such as climate instability, recent urbanization along with rapid population growth in many cities around the world have unwittingly exacerbated the risks of potential disasters, leaving a large number of people and infrastructure exposed to new forms of threats from natural disasters such as flooding, cyclones, and earthquakes. With disasters on the rise, effective recovery planning of the built environment is becoming imperative as it is not only closely related to the well-being and essential functioning of society, but it also requires significant financial commitment. In the built environment context, post-disaster reconstruction focuses essentially on the repair and reconstruction of physical infrastructures. The reconstruction and rehabilitation efforts are generally performed in the form of collaborative partnerships that involve multiple organisations, enabling the restoration of interdependencies that exist between infrastructure systems such as energy, water (including wastewater), transport, and telecommunication systems. These interdependencies are major determinants of vulnerabilities and risks encountered by critical infrastructures and therefore have significant implications for post-disaster recovery. When disrupted by natural disasters, such interdependencies have the potential to promote the propagation of failures between critical infrastructures at various levels, and thus can have dire consequences on reconstruction activities. This paper outlines the results of a pilot study on how elements of infrastructure interdependencies have the potential to impede the post-disaster recovery effort. Using a set of unstructured interview questionnaires, plausible arguments provided by seven respondents revealed that during post-disaster recovery, critical infrastructures are mutually dependent on each other’s uninterrupted availability, both physically and through a host of information and communication technologies. Major disruption to their physical and cyber interdependencies could lead to cascading failures, which could delay the recovery effort. Thus, the existing interrelationship between critical infrastructures requires that the entire interconnected network be considered when managing reconstruction activities during the post-disaster recovery period.

DNP3 network scanning and reconnaissance for critical infrastructure

The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols to control national infrastructure. The move from point-to-point serial connections to Ethernet-based network architectures, allowing for large and complex critical infrastructure networks. However, networks and con- figurations change, thus auditing tools are needed to aid in critical infrastructure network discovery. In this paper we present a series of intrusive techniques used for reconnaissance on DNP3 critical infrastructure. Our algorithms will discover DNP3 outstation slaves along with their DNP3 addresses, their corresponding master, and class object configurations. To validate our presented DNP3 reconnaissance algorithms and demonstrate it’s practicality, we present an implementation of a software tool using a DNP3 plug-in for Scapy. Our implementation validates the utility of our DNP3 reconnaissance technique. Our presented techniques will be useful for penetration testing, vulnerability assessments and DNP3 network discovery.

Preparing for disaster: a comparative analysis of education for critical infrastructure collapse

This article explores policy approaches to educating populations for potential critical infrastructure collapse in five different countries: the UK, the US, Germany, Japan and New Zealand. ‘Critical infrastructure’ is not always easy to define, and indeed is defined slightly differently across countries – it includes entities vital to life, such as utilities (water, energy), transportation systems and communications, and may also include social and cultural infrastructure. The article is a mapping exercise of different approaches to critical infrastructure protection and preparedness education by the five countries. The exercise facilitates a comparison of the countries and enables us to identify distinctive characteristics of each country’s approach. We argue that contrary to what most scholars of security have argued, these national approaches diverge greatly, suggesting that they are shaped more by internal politics and culture than by global approaches.

Security management : modelling critical infrastructure

Secure management of Australia's commercial critical infrastructure presents ongoing challenges to owners and the government. Currently a high-level iriformation sharing collaboration between the government and business manages complex security issues, but critical irifrastructure protection also lacks a scalable model exhibiting the overall structure of critical infrastructure at various levels, sectors and sub-sectors. This research builds on the work of Marasea and Warren (2003) to establish a representative model of Australia's critical irifrastructure; discusses the boundaries between critical infrastructures, and considers the existence andpotential irifluence ofcritical irifrastructure relationships.

Australian commercial-critical infrastructure management protection

Secure management of Australia's commercial critical infrastructure presents ongoing challenges to owners and the government. Although managed via a high-level information sharing collaboration of government and business, critical infrastructure protection is further complicated by the lack of a lower-level scalable model exhibiting its various levels, sectors and sub-sectors. This research builds on the work of Marasea (2003) to establish a descriptive critical infrastructure model and also considers the influence and proposed modelling of critical infrastructure dependency inter-relationships.

Responding to terrorism through networks at sites of critical infrastructure : a case study of Australian airport security networks

The importance of effective multilateral security networks is widely recognised in Australia and internationally as being essential to facilitate the large-scale sharing of information required to respond to the threat of terrorism. Australian national security agencies are currently constructing networks in order to bring the diverse national and international security agencies together to achieve this. This paper examines this process of security network formation in the area of critical infrastructure protection, with particular emphasis on airport security. We address the key issues and factors shaping network formation and the dynamics involved in network practice. These include the need for the networks to extend membership beyond the strictly defined elements of national security; the integration of public and private ‘nodes’ in counter-terrorism ‘networks’; and the broader ‘responsibilisation’ of the private sector and the challenges with ‘enabling’ them in counter-terrorism networks. We argue that the need to integrate public and private agencies in counter-terrorism networks is necessary but faces considerable organisational, cultural, and legal barriers.