Multi-agent approach for enhancing security of protection schemes in cyber-physical energy systems

This paper presents a distributed multi-agent scheme to detect and identify cyber threats on the protection systems of power grids. The integration of information and communication technologies (ICTs) into existing power grids builds critical cyberphysical energy systems CPESs) in which digital relays are networked cyber-physical components subject to various cyber threats. Cyber attacks on protection systems may mimic real faults, cause component failure, and disable the communication links. Agents utilize both cyber and physical properties to reinforce the detection technique and further distinguish cyber attacks from physical faults. This paper also introduces the problem of secure communicationprotocols and highlights the comparative studies for enhancing thesecurity of the protection systems. The proposed scheme is validatedusing a benchmark power system under various fault and cyber attack scenarios.

Rationale for the use of DC microgrids: feasibility, efficiency and protection analysis

Electrical power systems are undergoing highly significant changes in their structures. The emergence of renewable energy units in the power generation sector, the use of high-voltage DC in the power transmission sector, and the prevalence of islanded or integrated microgrids in the distribution sector are the strongest evidence supporting this claim. These changes are mostly the consequences of the increasing energy demand rate, climate change, and environmental challenges, as well as the high investment and maintenance cost of the previous structures. Considering these new conditions and according to the recent development in DC/DC conversion topologies and control techniques, different studies have been conducted on how and why DC microgrids outperform AC microgrids. This study discusses the feasibility of the DC microgrid system according to recent developments in power systems. The efficiency and power loss reduction in DC distribution systems are then analyzed, some of the common strategies and devices for protection systems in such networks are reviewed, and the possible and existing challenges in developing the DC microgrids are highlighted. The mathematical calculations and theories for this evaluation are presented to determine the reliable justification for selecting the appropriate microgrid systems.

The Nitric Oxide (NO)-Sensing Repressor NsrR of Neisseria meningitidis Has a Compact Regulon of Genes Involved in NO Synthesis and Detoxification

We have analyzed the extent of regulation by the nitric oxide (NO)-sensitive repressor NsrR from Neisseria meningitidis MC58, using microarray analysis. Target genes that appeared to be regulated by NsrR, based on a comparison between an nsrR mutant and a wild-type strain, were further investigated by quantitative real-time PCR, revealing a very compact set of genes, as follows: norB (encoding NO reductase), dnrN (encoding a protein putatively involved in the repair of nitrosative damage to iron-sulfur clusters), aniA (encoding nitrite reductase), nirV (a putative nitrite reductase assembly protein), and mobA (a gene associated with molybdenum metabolism in other species but with a frame shift in N. meningitidis). In all cases, NsrR acts as a repressor. The NO protection systems norB and dnrN are regulated by NO in an NsrR-dependent manner, whereas the NO protection system cytochrome c′ (encoded by cycP) is not controlled by NO or NsrR, indicating that N. meningitidis expresses both constitutive and inducible NO protection systems. In addition, we present evidence to show that the anaerobic response regulator FNR is also sensitive to NO but less so than NsrR, resulting in complex regulation of promoters such as aniA, which is controlled by both FNR and NsrR: aniA was found to be maximally induced by intermediate NO concentrations, consistent with a regulatory system that allows expression during denitrification (in which NO accumulates) but is down-regulated as NO approaches toxic concentrations.

Commercial critical systems and critical infrastructure protection : a future research agenda

Secure management of Australia’s commercial critical infrastructure presents ongoing challenges to owners and the government. Although it is currently managed through high-level information sharing via collaboration, but does this suit the commercial sector. One of the issues facing Australia is that the majority of critical infrastructure resides under the control of the business sector and certain aspects such of the critical infrastructure such as Supply Chain Management (SCM) systems are distributed entities and not a single entity. The paper focuses upon the security issues associated with SCM systems and critical infrastructure protection.

Critical supply chain systems and critical infrastructure protection

Secure management of Australia's commercial critical infrastructure presents ongoing challenges to both the owners of this infrastructure as well as to the government. It is currently managed through high-level information sharing via collaboration but does this situation suit the commercial sector? One of the issues facing Australia is that the majority of critical infrastructure resides under the control of the business sector and certain aspects such of the critical infrastructure such as supply chain management (SCM) systems are distributed across a number of entities. The paper focuses upon the security and risk issues associated with SCM systems within the realms of critical infrastructure protection.

Cyber security and protection of ICS systems: An australian example

Many aspects of our modern society now have either a direct or implicit dependence upon information technology. As such, a compromise of the availability or integrity in relation to these systems (which may encompass such diverse domains as banking, government, health care, and law enforcement) could have dramatic consequences from a societal perspective. These key systems are often referred to as critical infrastructure. Critical infrastructure can consist of corporate information systems or systems that control key industrial processes; these specific systems are referred to as ICS (Industry Control Systems) systems. ICS systems have devolved since the 1960s from standalone systems to networked architectures that communicate across large distances, utilise wireless network and can be controlled via the Internet. ICS systems form part of many countries’ key critical infrastructure, including Australia. They are used to remotely monitor and control the delivery of essential services and products, such as electricity, gas, water, waste treatment and transport systems. The need for security measures within these systems was not anticipated in the early development stages as they were designed to be closed systems and not open systems to be accessible via the Internet. We are also seeing these ICS and their supporting systems being integrated into organisational corporate systems.

Defining fraud: issues for organizations from an information systems perspective

Fraud is one of the besetting evils of our time. While less dramatic than crimes of violence like murder or rape, fraud can inflict significant damage at organizational or individual level.

Fraud is a concept that seems to have an obvious meaning until we try to define it. As fraud exists in many different guises, and it is necessary to carefully define what it is and to tailor policies and initiatives accordingly.

Developing a definition of fraud is an early step of a prevention program. In order to be involved in the protection function, people at all levels of an organization must be knowledgeable about fraud. In this paper, we discuss the risk of fraud from an information systems perspective, explain what fraud is and present a range of definitions of fraud and computer fraud. We argue that without clearly defining fraud, organizations will not be able to share information that has the same meaning to everyone, to agree on how to measure the problem, and to know the extent of the problem, in order to decide how much and where to deploy resources to effectively solve it.

A risk analysis approach to critical information infrastructure protection

Critical Information Infrastructure (CII) has become a priority for all levels of management, It is one of the key components of efficient business and business continuity plans. There is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. Critical Information Infrastructure Protection - Risk Analysis Methodology
(ClIP-RAM), is a new security risk analysis method which copes with the shift from computer/information security to critical information infrastructure protection. This type of methodology is the next step toward handling information technology security risk at all levels from upper management information security down to firewall configurations. The paper will present the methodology of the new techniques and their application to critical information infrastructure protection. The associated advantages of this methodology will also be discussed.

Hollow avowals of human rights protection-time for an Australian federal bill of rights?

Unlike the constitutions of many nations, such as the United States of America and the Republic of South Africa, the constitutions of the Australian States and Territories and the Commonwealth Constitution Act 1901 (UK) contain no bill of rights. Australia is the only western democracy without a federal bill of rights. The debate regarding the need for a bill of rights necessitates an understanding of what human rights the people of Australia already enjoy. If sufficient protection can be found in existing sources, does Australia really need a federal bill of rights? Opponents of a bill of rights state that we have sufficient protection from arbitrary government intervention in our personal affairs and thus a bill of rights is unnecessary. There are a number of potential sources of human rights in Australia that might provide the suggested existing protection, including the common law, specific domestic legislation, international law and constitutional law. Each of these sources of human rights has, however, important limitations. The focus of this article is on the inadequacy of the Australian constitutions as a source of purported protection. This in turn suggests that an alternative source of rights is needed - a federal bill of rights? In the course of this analysis the author makes suggestions for reform; specifically how a federal bill of rights may address the paucity of constitutional protection.

Designing information systems which manage or avoid privacy incidents

In this paper, we consider an information system (IS) to be a set of technologies together with a set of rules about those technologies. An IS is considered to be prone to a privacy incident if it does not fully protect the private information of a user or if a dishonest user can take advantage of the privacy protection offered by the IS. This work identifies the potential privacy incidents that may occur in an IS, and proposes a framework, the MAPI Framework (Manage or Avoid Privacy Incidents), which designs IS to manage or avoid privacy incidents. The MAPI Framework can also be used for evaluating IS by identifying the missing or inappropriate technologies which may lead to privacy incidents.

Supply chain management security : the weak link of Australian critical infrastructure protection

Secure management of Australia’s commercial Critical Infrastructure presents ongoing challenges to both the owners of this infrastructure as well as to the Australian Federal government. The security management process is currently managed through high-level information sharing via collaboration, but does this situation suit the commercial sector? One of the issues facing Australia is that the majority of critical infrastructure resides under the control of the business sector and certain aspects such of the critical infrastructure such as Supply Chain Management (SCM) systems are distributed entities that span a number of commercial organisations. Another issue is that these SCM systems can be used for the transportation of varied items, such as retail items or food. This paper will explore the security issue related to food SCM systems and their relationship to critical infrastructure. The paper will focuses upon the security and risk issues associated with SCM system protection within the realms of critical infrastructure protection. The paper will review the security standard ISO 28000 - Supply Chain Security Management Standard. The paper will propose a new conceptual security risk analysis approach that will form the basis of a future Security Risk Analysis approach. This new approach will be aimed at protecting SCM systems.

Australian critical infrastructure protection : a case of two tales

The protection of critical irifrastructures and the choices made in terms of priorities and cost, all impact upon the planning, precautions and security aspects of protecting these important systems. Often the when choices made is difficult to assess at the time the decision is taken and it is only after an incident that the truth of the choices made become fit!ly evident. The paper focllses on two recent examples of Australian Critical Infrastructure protection and the issues that related to those examples.