PRECYSE: Cyber-attack Detection and Response for Industrial Control Systems

In this short paper, we present an integrated approach to detecting and mitigating cyber-attacks to modern interconnected industrial control systems. One of the primary goals of this approach is that it is cost effective, and thus whenever possible it builds on open-source security technologies and open standards, which are complemented with novel security solutions that address the specific challenges of securing critical infrastructures.

Securing the smart grid

The availability of electricity is fundamental to modern society. It is at the top of the list of critical infrastructures and its interruption can have severe consequences. This highly important system is now evolving to become more reliable, efficient, and clean. This evolving infrastructure has become known as the smart grid; and these future smart grid systems will rely heavily on ICT. This infrastructure will require many servers and due to the nature of the grid, many of these systems will be geographically diverse requiring communication links. At the heart of this ICT infrastructure will be security. At each level of the smart grid from smart metering right through to remote sensing and control networks, security will be a key factor for system design consideration. With an increased number of ICT systems in place the security risk also increases. In this paper the authors discuss the changing nature of security in relation to the smart grid by looking at the move from legacy systems to more modern smart grid systems. The potential planes of attack for future smart grid systems are identified, and the general anatomy of a cyber-attack is presented. The authors then introduce the various threat levels of different types of attack and the mitigation techniques that could be put in place for each. Finally, the authors' introduce a Phasor Measurement Unit (PMU) communication system (operated by the authors) that can be used as a test-bed for some of the proposed future security research.

STPA-SafeSec: Safety and Security Analysis for Cyber-Physical Systems

Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.

Threat Analysis of BlackEnergy Malware for Synchrophasor based Real-time Control and Monitoring in Smart Grid

The BlackEnergy malware targeting critical infrastructures has a long history. It evolved over time from a simple DDoS platform to a quite sophisticated plug-in based malware. The plug-in architecture has a persistent malware core with easily installable attack specific modules for DDoS, spamming, info-stealing, remote access, boot-sector formatting etc. BlackEnergy has been involved in several high profile cyber physical attacks including the recent Ukraine power grid attack in December 2015. This paper investigates the evolution of BlackEnergy and its cyber attack capabilities. It presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems. In particular, the paper analyzes cyber threats of BlackEnergy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid. Several BlackEnergy based attack scenarios have been investigated by exploiting the vulnerabilities in two widely used synchrophasor communication standards: (i) IEEE C37.118 and (ii) IEC 61850-90-5. Specifically, the paper addresses reconnaissance, DDoS, man-in-the-middle and replay/reflection attacks on IEEE C37.118 and IEC 61850-90-5. Further, the paper also investigates protection strategies for detection and prevention of BlackEnergy based cyber physical attacks.

Asset Tracking in Critical Power Communications Infrastructures using Passive Techniques

Active network scanning injects traffic into a network and observes responses to draw conclusions about the network. Passive network analysis works by looking at network meta data or by analyzing traffic as it traverses a fixed point on the network. It may be infeasible or inappropriate to scan critical infrastructure networks. Techniques exist to uniquely map assets without resorting to active scanning. In many cases, it is possible to characterize and identify network nodes by passively analyzing traffic flows. These techniques are considered in particular with respect to their application to power industry critical infrastructure.

Sex Education in Northern Ireland Schools: a Critical Evaluation.

To date there has been little research on young people and sexuality in Northern Ireland. This paper draws on the first major study in this area to analyse the delivery of formal sex education in schools. Both quantitative and qualitative methods were used to access young people's opinions about the quality of the sex education they had received at school. Overall, they reported high levels of dissatisfaction, with notable variations in relation to both gender and religious affiliation. In one sense their opinions mesh well with those of young people in other parts of these islands. At the same time the specificity of sexuality in Ireland plays a key role in producing the moral system that underlies much of formal sex education in schools. Underpinned by a particularly traditional and conservative strain of Christian morality, sex education in Northern Ireland schools is marked by conservatism and silence and by the avoidance of opportunities for informed choice in relation to sexuality on the part of young people.