996 resultados para critical infrastructures
Resumo:
Secure management of Australia's commercial critical infrastructure presents ongoing challenges to both the owners of this infrastructure as well as to the government. It is currently managed through high-level information sharing via collaboration but does this situation suit the commercial sector? One of the issues facing Australia is that the majority of critical infrastructure resides under the control of the business sector and certain aspects such of the critical infrastructure such as supply chain management (SCM) systems are distributed across a number of entities. The paper focuses upon the security and risk issues associated with SCM systems within the realms of critical infrastructure protection.
Resumo:
The modelling of critical infrastructures (CIs) is an important issue that needs to be properly addressed, for several reasons. It is a basic support for making decisions about operation and risk reduction. It might help in understanding high-level states at the system-of-systems layer, which are not ready evident to the organisations that manage the lower level technical systems. Moreover, it is also indispensable for setting a common reference between operator and authorities, for agreeing on the incident scenarios that might affect those infrastructures. So far, critical infrastructures have been modelled ad-hoc, on the basis of knowledge and practice derived from less complex systems. As there is no theoretical framework, most of these efforts proceed without clear guides and goals and using informally defined schemas based mostly on boxes and arrows. Different CIs (electricity grid, telecommunications networks, emergency support, etc) have been modelled using particular schemas that were not directly translatable from one CI to another. If there is a desire to build a science of CIs it is because there are some observable commonalities that different CIs share. Up until now, however, those commonalities were not adequately compiled or categorized, so building models of CIs that are rooted on such commonalities was not possible. This report explores the issue of which elements underlie every CI and how those elements can be used to develop a modelling language that will enable CI modelling and, subsequently, analysis of CI interactions, with a special focus on resilience
Resumo:
El principio de Teoría de Juegos permite desarrollar modelos estocásticos de patrullaje multi-robot para proteger infraestructuras criticas. La protección de infraestructuras criticas representa un gran reto para los países al rededor del mundo, principalmente después de los ataques terroristas llevados a cabo la década pasada. En este documento el termino infraestructura hace referencia a aeropuertos, plantas nucleares u otros instalaciones. El problema de patrullaje se define como la actividad de patrullar un entorno determinado para monitorear cualquier actividad o sensar algunas variables ambientales. En esta actividad, un grupo de robots debe visitar un conjunto de puntos de interés definidos en un entorno en intervalos de tiempo irregulares con propósitos de seguridad. Los modelos de partullaje multi-robot son utilizados para resolver este problema. Hasta el momento existen trabajos que resuelven este problema utilizando diversos principios matemáticos. Los modelos de patrullaje multi-robot desarrollados en esos trabajos representan un gran avance en este campo de investigación. Sin embargo, los modelos con los mejores resultados no son viables para aplicaciones de seguridad debido a su naturaleza centralizada y determinista. Esta tesis presenta cinco modelos de patrullaje multi-robot distribuidos e impredecibles basados en modelos matemáticos de aprendizaje de Teoría de Juegos. El objetivo del desarrollo de estos modelos está en resolver los inconvenientes presentes en trabajos preliminares. Con esta finalidad, el problema de patrullaje multi-robot se formuló utilizando conceptos de Teoría de Grafos, en la cual se definieron varios juegos en cada vértice de un grafo. Los modelos de patrullaje multi-robot desarrollados en este trabajo de investigación se han validado y comparado con los mejores modelos disponibles en la literatura. Para llevar a cabo tanto la validación como la comparación se ha utilizado un simulador de patrullaje y un grupo de robots reales. Los resultados experimentales muestran que los modelos de patrullaje desarrollados en este trabajo de investigación trabajan mejor que modelos de trabajos previos en el 80% de 150 casos de estudio. Además de esto, estos modelos cuentan con varias características importantes tales como distribución, robustez, escalabilidad y dinamismo. Los avances logrados con este trabajo de investigación dan evidencia del potencial de Teoría de Juegos para desarrollar modelos de patrullaje útiles para proteger infraestructuras. ABSTRACT Game theory principle allows to developing stochastic multi-robot patrolling models to protect critical infrastructures. Critical infrastructures protection is a great concern for countries around the world, mainly due to terrorist attacks in the last decade. In this document, the term infrastructures includes airports, nuclear power plants, and many other facilities. The patrolling problem is defined as the activity of traversing a given environment to monitoring any activity or sensing some environmental variables If this activity were performed by a fleet of robots, they would have to visit some places of interest of an environment at irregular intervals of time for security purposes. This problem is solved using multi-robot patrolling models. To date, literature works have been solved this problem applying various mathematical principles.The multi-robot patrolling models developed in those works represent great advances in this field. However, the models that obtain the best results are unfeasible for security applications due to their centralized and predictable nature. This thesis presents five distributed and unpredictable multi-robot patrolling models based on mathematical learning models derived from Game Theory. These multi-robot patrolling models aim at overcoming the disadvantages of previous work. To this end, the multi-robot patrolling problem was formulated using concepts of Graph Theory to represent the environment. Several normal-form games were defined at each vertex of a graph in this formulation. The multi-robot patrolling models developed in this research work have been validated and compared with best ranked multi-robot patrolling models in the literature. Both validation and comparison were preformed by using both a patrolling simulator and real robots. Experimental results show that the multirobot patrolling models developed in this research work improve previous ones in as many as 80% of 150 cases of study. Moreover, these multi-robot patrolling models rely on several features to highlight in security applications such as distribution, robustness, scalability, and dynamism. The achievements obtained in this research work validate the potential of Game Theory to develop patrolling models to protect infrastructures.
Resumo:
Airports worldwide represent key forms of critical infrastructure in addition to serving as nodes in the international aviation network. While the continued operation of airports is critical to the functioning of reliable air passenger and freight transportation, these infrastructure systems face a number of sources of disturbance that threaten their operational viability. Recent examples of high magnitude events include the eruption of Iceland’s Eyjafjallajokull volcano eruption (Folattau and Schofield 2010), the failure of multiple systems at the opening of Heathrow’s Terminal 5 (Brady and Davies 2010) and the Glasgow airport 2007 terrorist attack (Crichton 2008). While these newsworthy events do occur, a multitude of lower-level more common disturbances also have the potential to cause significant discontinuity to airport operations. Regional airports face a unique set of challenges, particularly in a nation like Australia where they serve to link otherwise remote and isolated communities to metropolitan hubs (Wheeler 2005), often without the resources and political attention received by larger capital city airports. This paper discusses conceptual relationships between Business Continuity Management (BCM) and High Reliability Theory, and proposes BCM as an appropriate risk-based management process to ensure continued airport operation in the face of uncertainty. In addition, it argues that that correctly implemented BCM can lead to highly reliable organisations. This is framed within the broader context of critical infrastructures and the need for adequate crisis management approaches suited to their unique requirements (Boin and McConnell 2007).
Resumo:
Physical access control systems play a central role in the protection of critical infrastructures, where both the provision of timely access and preserving the security of sensitive areas are paramount. In this paper we discuss the shortcomings of existing approaches to the administration of physical access control in complex environments. At the heart of the problem is the current dependency on human administrators to reason about the implications of the provision or the revocation of staff access to an area within these facilities. We demonstrate how utilising Building Information Models (BIMs) and the capabilities they provide, including 3D representation of a facility and path-finding can reduce possible intentional or accidental errors made by security administrators.
Resumo:
This thesis investigates the use of building information models for access control and security applications in critical infrastructures and complex building environments. It examines current problems in security management for physical and logical access control and proposes novel solutions that exploit the detailed information available in building information models. The project was carried out as part of the Airports of the Future Project and the research was modelled based on real-world problems identified in collaboration with our industry partners in the project.
Resumo:
Building information models are increasingly being utilised for facility management of large facilities such as critical infrastructures. In such environments, it is valuable to utilise the vast amount of data contained within the building information models to improve access control administration. The use of building information models in access control scenarios can provide 3D visualisation of buildings as well as many other advantages such as automation of essential tasks including path finding, consistency detection, and accessibility verification. However, there is no mathematical model for building information models that can be used to describe and compute these functions. In this paper, we show how graph theory can be utilised as a representation language of building information models and the proposed security related functions. This graph-theoretic representation allows for mathematically representing building information models and performing computations using these functions.
Resumo:
Concrete-filled steel tubular (CFST) columns have shown great potential as axial load carrying member and used widely in many mission critical infrastructures. However, attention is needed to strengthen these members where transverse impact force is expected to occur due to vehicle collisions. In this work, finite element (FE) model of carbon fibre reinforced polymer (CFRP) strengthened CFST columns are developed and the effect of CFRP bond length is investigated under transverse impact loading. Initially the numerical models have been validated by comparing impact test results from literature. The validated models are then used for detail parametric studies by varying the length of externally bonded CFRP composites. The parameters considered for this research are impact velocity, impact mass, CFRP modulus, adhesive type, and axial static loading. It has been observed that the effect of CFRP strengthening is consistent after an optimum effective bond length of CFRP wrapping. The effect of effective bond length has been studied for above parameters. The results show that, under combined axial static and transverse impact loads CFST columns can successfully prevent global buckling failure by strengthening only 34% of column length. Therefore, estimation of effective bond length is essential to utilise the CFRP composites cost effectively.
Resumo:
During post-disaster recovery, an infrastructure system may be subject to a number of disturbances originating from several other interdependent infrastructures. These disturbances might result in a series of system failures, thereby having immediate impact on societal living conditions. The inability to detect signs of disturbance from one infrastructure during recovery might cause significant disruptive effects on other infrastructure via the interconnection that exist among them. In such circumstances, it clearly appears that critical infrastructures' interdependencies affect the recovery of each individual infrastructure, as well as those of other interdependent infrastructure systems. This is why infrastructure resilience needs to be improved in function of those interdependencies, particularly during the recovery period to avoid the occurrence of a ‘disaster of disaster’ scenario. Viewed from this perspective, resilience is achieved through an inter-organisational collaboration between the different organisations involved in the reconstruction of interdependent infrastructure systems. This paper suggests that to some extent, the existing degree of interconnectedness between these infrastructure systems can also be found in their resilience ability during post-disaster recovery. For instance, without a resilient energy system, a large-scale power outage could affect simultaneously all the interdependent infrastructures after a disaster. Thus, breaking down the silos of resilience would be the first step in minimizing the risks of disaster failures from one infrastructure to cascade or escalate to other interconnected systems.
Resumo:
This thesis evaluates the security of Supervisory Control and Data Acquisition (SCADA) systems, which are one of the key foundations of many critical infrastructures. Specifically, it examines one of the standardised SCADA protocols called the Distributed Network Protocol Version 3, which attempts to provide a security mechanism to ensure that messages transmitted between devices, are adequately secured from rogue applications. To achieve this, the thesis applies formal methods from theoretical computer science to formally analyse the correctness of the protocol.
Resumo:
4 p.
Resumo:
In this short paper, we present an integrated approach to detecting and mitigating cyber-attacks to modern interconnected industrial control systems. One of the primary goals of this approach is that it is cost effective, and thus whenever possible it builds on open-source security technologies and open standards, which are complemented with novel security solutions that address the specific challenges of securing critical infrastructures.
Resumo:
The availability of electricity is fundamental to modern society. It is at the top of the list of critical infrastructures and its interruption can have severe consequences. This highly important system is now evolving to become more reliable, efficient, and clean. This evolving infrastructure has become known as the smart grid; and these future smart grid systems will rely heavily on ICT. This infrastructure will require many servers and due to the nature of the grid, many of these systems will be geographically diverse requiring communication links. At the heart of this ICT infrastructure will be security. At each level of the smart grid from smart metering right through to remote sensing and control networks, security will be a key factor for system design consideration. With an increased number of ICT systems in place the security risk also increases. In this paper the authors discuss the changing nature of security in relation to the smart grid by looking at the move from legacy systems to more modern smart grid systems. The potential planes of attack for future smart grid systems are identified, and the general anatomy of a cyber-attack is presented. The authors then introduce the various threat levels of different types of attack and the mitigation techniques that could be put in place for each. Finally, the authors' introduce a Phasor Measurement Unit (PMU) communication system (operated by the authors) that can be used as a test-bed for some of the proposed future security research.
Resumo:
Portugal, having responsibilities at European level, needs to ensure compliance with European standards, particularly with regard to the European Security Plan for Critical Infrastructures. National critical infrastructures should be a focus of attention with regard to the management of public risks, since these represent "a set of services that are essential to the functioning of the country and the functioning of the forces that ensure national defense." (Soares, 2008) This contribution on national critical infrastructures (CI) has the essential objective of clarifying the development of the strategy adopted by Portugal in pursuit of the security of these fundamental infrastructures. The goal lies not only through producing a descriptive document, but also carry a brief confrontation between the legal framework related to these subjects and the reality in which the Critical Infrastructure Operators and the National Civil Protection Authority (ANPC) operate. It is intended, in this sense, to understand the development of the project for the national security program of critical infrastructures and what effects of its measures on operators. As for the methodology, we followed a methodological strategy, where we combine the literature with data obtained through semi-structured interviews. Portugal, being a geographically peripheral country and having no record of incidents capable of causing major contingencies in key services for the normal development of society, does not have a structured and regulator plan that substantiates the need for operators responsible for CI to invest in security. This same approach is expected at the State level, believing that even though this theme has be widely explored by international institutions, Portugal has not yet tried to give the attention it deserves. Without the existence of an institution and a regulatory system, CI operators can become less available to comply with the legal framework.
Resumo:
Wireless video sensor networks have been a hot topic in recent years; the monitoring capability is the central feature of the services offered by a wireless video sensor network can be classified into three major categories: monitoring, alerting, and information on-demand. These features have been applied to a large number of applications related to the environment (agriculture, water, forest and fire detection), military, buildings, health (elderly people and home monitoring), disaster relief, area and industrial monitoring. Security applications oriented toward critical infrastructures and disaster relief are very important applications that many countries have identified as critical in the near future. This paper aims to design a cross layer based protocol to provide the required quality of services for security related applications using wireless video sensor networks. Energy saving, delay and reliability for the delivered data are crucial in the proposed application. Simulation results show that the proposed cross layer based protocol offers a good performance in term of providing the required quality of services for the proposed application.
