996 resultados para critical infrastructures
Resumo:
The vision of volunteer computing is to provide large scale computational infrastructure by using dynamic collections of donated desktop computers. There have been many works that highlighted the significant benefits of volunteer computing but little on the security and privacy threats associated with its exploitation. However, volunteer computing is vulnerable to a variety of attacks and presents numerous significant security threats to the stakeholders. This paper presents security and privacy threat taxonomy along with the security features developed to cope with such threats.
Resumo:
Steel pipelines, buried under the soil and protected by the combination of protective coatings and cathodic protection (CP), are used for oil and gas transportation. These pipelines are one of the critical infrastructures for energy transportation and therefore became lifelines of modern society. The deterioration of the external surfaces of transmission pipelines is a serious problem and is caused mainly by coating and/or CP failure leading to the loss of integrity of pipelines. To avoid such damage, there is a need of techniques which are able to locate active corrosion sites, monitor corrosion, and evaluate corrosion damage. Fundamental understanding of such processes occurring on coated pipelines (with various types of defects in coatings as well as pipe) in complex soil environment is necessary for the development of such techniques. Numerous laboratory techniques, i.e., electrochemical impedance spectroscopy based, polarisation measurements based, mathematical simulations, direct observation etc. have been used to develop fundamental understanding, simulate and evaluate corrosion occurring in oil and gas pipelines under various operating conditions. Given the complex nature of the pipeline corrosion, application of these laboratory techniques in field measurements as well as in understanding the corrosion mechanisms is lacking. This paper presents an overview of investigations, based on electrochemical techniques, for simulation and evaluation of pipeline corrosion in laboratory.
Resumo:
There is a growing need to develop new tools to help end users in tasks related to the design, monitoring, maintenance and commissioning of critical infrastructures. The complexity of the industrial environment, for example, requires that these tools have flexible features in order to provide valuable data for the designers at the design phases. Furthermore, it is known that industrial processes have stringent requirements for dependability, since failures can cause economic losses, environmental damages and danger to people. The lack of tools that enable the evaluation of faults in critical infrastructures could mitigate these problems. Accordingly, the said work presents developing a framework for analyzing of dependability for critical infrastructures. The proposal allows the modeling of critical infrastructure, mapping its components to a Fault Tree. Then the mathematical model generated is used for dependability analysis of infrastructure, relying on the equipment and its interconnections failures. Finally, typical scenarios of industrial environments are used to validate the proposal
Resumo:
Public health efforts were initiated in the United States with legislative actions for enhancing food safety and ensuring pure drinking water. Some additional policy initiatives during the early 20th century helped organize and coordinate relief efforts for victims of natural disasters. By 1950's the federal government expanded its role for providing better health and safety to the communities, and its disaster relief activities became more structured. A rise in terrorism related incidents during the late 1990's prompted new proactive policy directions. The traditional policy and program efforts for rescue, recovery, and relief measures changed focus to include disaster preparedness and countermeasures against terrorism.^ The study took a holistic approach by analyzing all major disaster related policies and programs, in regard to their structure, process, and outcome. Study determined that United States has a strong disaster preparedness agenda and appropriate programs are in place with adequate policy support, and the country is prepared to meet all possible security challenges that may arise in the future. The man-made disaster of September 11th gave a major thrust to improve security and enhance preparedness of the country. These new efforts required large additional funding from the federal government. Most existing preparedness programs at the local and national levels are run with federal funds which is insufficient in some cases. This discrepancy arises from the fact that federal funding for disaster preparedness programs at present are not allocated by the level of risks to individual states or according to the risks that can be assigned to critical infrastructures across the country. However, the increased role of the federal government in public health affairs of the states is unusual, and opposed to the spirit of our constitution where sovereignty is equally divided between the federal government and the states. There is also shortage of manpower in public health to engage in disaster preparedness activities, despite some remarkable progress following the September 11th disaster.^ Study found that there was a significant improvement in knowledge and limited number of studies showed improvement of skills, increase in confidence and improvement in message-mapping. Among healthcare and allied healthcare professionals, short-term training on disaster preparedness increased knowledge and improved personal protective equipment use with some limited improvement in confidence and skills. However, due to the heterogeneity of these studies, the results and interpretation of this systematic review may be interpreted with caution.^
Resumo:
Critical infrastructures support everyday activities in modern societies, facilitating the exchange of services and quantities of various nature. Their functioning is the result of the integration of diverse technologies, systems and organizations into a complex network of interconnections. Benefits from networking are accompanied by new threats and risks. In particular, because of the increased interdependency, disturbances and failures may propagate and render unstable the whole infrastructure network. This paper presents a methodology of resilience analysis of networked systems of systems. Resilience generalizes the concept of stability of a system around a state of equilibrium, with respect to a disturbance and its ability of preventing, resisting and recovery. The methodology provides a tool for the analysis of off-equilibrium conditions that may occur in a single system and propagate through the network of dependencies. The analysis is conducted in two stages. The first stage of the analysis is qualitative. It identifies the resilience scenarios, i.e. the sequence of events, triggered by an initial disturbance, which include failures and the system response. The second stage is quantitative. The most critical scenarios can be simulated, for the desired parameter settings, in order to check if they are successfully handled, i.e recovered to nominal conditions, or they end into the network failure. The proposed methodology aims at providing an effective support to resilience-informed design.
Resumo:
La expansión de las tecnologías de la información y las comunicaciones (TIC) ha traído muchas ventajas, pero también algunos peligros. Son frecuentes hoy en día las noticias sobre delitos relacionados con las TIC. Se usa a menudo el término cibercrimen y el de ciberterrorismo pero, ¿realmente son una amenaza para la sociedad?. Este trabajo realiza un análisis del cibercrimen y el ciberterrorismo. Para ello se hace un estudio en profundidad desde distintos puntos de vista. En primer lugar se analizan varios aspectos básicos de la materia: el contexto en el que se desarrollan estas actividades, el ciberespacio y sus características, las ventajas que tiene el cibercrimen respecto a la delincuencia tradicional, características y ejemplos de ciberterrorismo y la importancia de la protección de las infraestructuras críticas. Luego se realiza un estudio del mundo del cibercrimen, en el cual se muestran los distintos tipos de cibercriminales, los actos delictivos, herramientas y técnicas más habituales usadas por el cibercrimen, la web profunda y la criptomoneda; se indican asimismo varios de los grupos criminales más conocidos y algunas de sus acciones, y se realiza un estudio de las consecuencias económicas del cibercrimen. Finalmente se hace un repaso a los medios legales que distintos países y organizaciones han establecido para combatir estos hechos delictivos. Para ello se analizan estrategias de seguridad de distinto tipo aprobadas en multitud de países de todo el mundo y los grupos operativos de respuesta (tanto los de tipo policial como los CSIRT/CERT), además de la legislación publicada para poder perseguir el cibercrimen y el ciberterrorismo, con especial atención a la legislación española. De esta manera, tras la lectura de este Proyecto se puede tener una visión global completa del mundo de la ciberdelincuencia y el ciberterrorismo. ABSTRACT. The expansion of Information and Communications Technology (ITC) has brought many benefits, but also some dangers. It is very usual nowadays to see news about ITC-related crimes. Terms like cyber crime and cyber terrorism are usually used but, are they really a big threat for our society?. This work analyzes cyber crime and cyber terrorism. To achieve it, a deep research under different points of view is made. First, basic aspects of the topic are analyzed: the context where these activities are carried out, cyber space and its features, benefits for cyber criminals with respect to traditional crime, characteristics and relevant examples of cyber terrorism, and importance of critical infrastructures protection. Then, a study about the world of cyber crime is made, analyzing the typology of different kinds of cyber criminals, the most common criminal acts, tools and techniques used by cyber crime, and the deep web and cryptocurrency. Some of the most known criminal groups and their activities are also explored, and the economic consequences of cyber crime are assessed. Finally, there is a review of the legal means used by countries and organizations to fight against these unlawful acts; this includes the analysis of several types of security strategies approved by countries all around the world, operational response groups (including law enforcement and CSIRT/CERT) and legislation to fight cyber crime and cyber terrorism, with special emphasis on Spanish legal rules. This way, a global, complete view of the world around cyber crime and cyber terrorism can be obtained after reading this work.
Resumo:
Stream-mining approach is defined as a set of cutting-edge techniques designed to process streams of data in real time, in order to extract knowledge. In the particular case of classification, stream-mining has to adapt its behaviour to the volatile underlying data distributions, what has been called concept drift. Moreover, it is important to note that concept drift may lead to situations where predictive models become invalid and have therefore to be updated to represent the actual concepts that data poses. In this context, there is a specific type of concept drift, known as recurrent concept drift, where the concepts represented by data have already appeared in the past. In those cases the learning process could be saved or at least minimized by applying a previously trained model. This could be extremely useful in ubiquitous environments that are characterized by the existence of resource constrained devices. To deal with the aforementioned scenario, meta-models can be used in the process of enhancing the drift detection mechanisms used by data stream algorithms, by representing and predicting when the change will occur. There are some real-world situations where a concept reappears, as in the case of intrusion detection systems (IDS), where the same incidents or an adaptation of them usually reappear over time. In these environments the early prediction of drift by means of a better knowledge of past models can help to anticipate to the change, thus improving efficiency of the model regarding the training instances needed. By means of using meta-models as a recurrent drift detection mechanism, the ability to share concepts representations among different data mining processes is open. That kind of exchanges could improve the accuracy of the resultant local model as such model may benefit from patterns similar to the local concept that were observed in other scenarios, but not yet locally. This would also improve the efficiency of training instances used during the classification process, as long as the exchange of models would aid in the application of already trained recurrent models, that have been previously seen by any of the collaborative devices. Which it is to say that the scope of recurrence detection and representation is broaden. In fact the detection, representation and exchange of concept drift patterns would be extremely useful for the law enforcement activities fighting against cyber crime. Being the information exchange one of the main pillars of cooperation, national units would benefit from the experience and knowledge gained by third parties. Moreover, in the specific scope of critical infrastructures protection it is crucial to count with information exchange mechanisms, both from a strategical and technical scope. The exchange of concept drift detection schemes in cyber security environments would aid in the process of preventing, detecting and effectively responding to threads in cyber space. Furthermore, as a complement of meta-models, a mechanism to assess the similarity between classification models is also needed when dealing with recurrent concepts. In this context, when reusing a previously trained model a rough comparison between concepts is usually made, applying boolean logic. The introduction of fuzzy logic comparisons between models could lead to a better efficient reuse of previously seen concepts, by applying not just equal models, but also similar ones. This work faces the aforementioned open issues by means of: the MMPRec system, that integrates a meta-model mechanism and a fuzzy similarity function; a collaborative environment to share meta-models between different devices; a recurrent drift generator that allows to test the usefulness of recurrent drift systems, as it is the case of MMPRec. Moreover, this thesis presents an experimental validation of the proposed contributions using synthetic and real datasets.
Resumo:
Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.
Resumo:
The BlackEnergy malware targeting critical infrastructures has a long history. It evolved over time from a simple DDoS platform to a quite sophisticated plug-in based malware. The plug-in architecture has a persistent malware core with easily installable attack specific modules for DDoS, spamming, info-stealing, remote access, boot-sector formatting etc. BlackEnergy has been involved in several high profile cyber physical attacks including the recent Ukraine power grid attack in December 2015. This paper investigates the evolution of BlackEnergy and its cyber attack capabilities. It presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems. In particular, the paper analyzes cyber threats of BlackEnergy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid. Several BlackEnergy based attack scenarios have been investigated by exploiting the vulnerabilities in two widely used synchrophasor communication standards: (i) IEEE C37.118 and (ii) IEC 61850-90-5. Specifically, the paper addresses reconnaissance, DDoS, man-in-the-middle and replay/reflection attacks on IEEE C37.118 and IEC 61850-90-5. Further, the paper also investigates protection strategies for detection and prevention of BlackEnergy based cyber physical attacks.
Resumo:
Thesis (Ph.D.)--University of Washington, 2016-08
Resumo:
Critical infrastructures are based on complex systems that provide vital services to the nation. The complexities of the interconnected networks, each managed by individual organisations, if not properly secured, could offer vulnerabilities that threaten other organisations’ systems that depend on their services. This thesis argues that the awareness of interdependencies among critical sectors needs to be increased. Managing and securing critical infrastructure is not isolated responsibility of a government or an individual organisation. There is a need for a strong collaboration among critical service providers of public and private organisations in protecting critical information infrastructure. Cyber exercises have been incorporated in national cyber security strategies as part of critical information infrastructure protection. However, organising a cyber exercise involved multi sectors is challenging due to the diversity of participants’ background, working environments and incidents response policies. How well the lessons learned from the cyber exercise and how it can be transferred to the participating organisations is still a looming question. In order to understand the implications of cyber exercises on what participants have learnt and how it benefits participants’ organisation, a Cyber Exercise Post Assessment (CEPA) framework was proposed in this research. The CEPA framework consists of two parts. The first part aims to investigate the lessons learnt by participants from a cyber exercise using the four levels of the Kirkpatrick Training Model to identify their perceptions on reaction, learning, behaviour and results of the exercise. The second part investigates the Organisation Cyber Resilience (OCR) of participating sectors. The framework was used to study the impact of the cyber exercise called X Maya in Malaysia. Data collected through interviews with X Maya 5 participants were coded and categorised based on four levels according to the Kirkpatrick Training Model, while online surveys distributed to ten Critical National Information Infrastructure (CNII) sectors participated in the exercise. The survey used the C-Suite Executive Checklist developed by World Economic Forum in 2012. To ensure the suitability of the tool used to investigate the OCR, a reliability test conducted on the survey items showed high internal consistency results. Finally, individual OCR scores were used to develop the OCR Maturity Model to provide the organisation cyber resilience perspectives of the ten CNII sectors.
Resumo:
Nowadays, Power grids are critical infrastructures on which everything else relies, and their correct behavior is of the highest priority. New smart devices are being deployed to be able to manage and control power grids more efficiently and avoid instability. However, the deployment of such smart devices like Phasor Measurement Units (PMU) and Phasor Data Concentrators (PDC), open new opportunities for cyber attackers to exploit network vulnerabilities. If a PDC is compromised, all data coming from PMUs to that PDC is lost, reducing network observability. Our approach to solve this problem is to develop an Intrusion detection System (IDS) in a Software-defined network (SDN). allowing the IDS system to detect compromised devices and use that information as an input for a self-healing SDN controller, which redirects the data of the PMUs to a new, uncompromised PDC, maintaining the maximum possible network observability at every moment. During this research, we have successfully implemented Self-healing in an example network with an SDN controller based on Ryu controller. We have also assessed intrinsic vulnerabilities of Wide Area Management Systems (WAMS) and SCADA networks, and developed some rules for the Intrusion Detection system which specifically protect vulnerabilities of these networks. The integration of the IDS and the SDN controller was also successful. \\To achieve this goal, the first steps will be to implement an existing Self-healing SDN controller and assess intrinsic vulnerabilities of Wide Area Measurement Systems (WAMS) and SCADA networks. After that, we will integrate the Ryu controller with Snort, and create the Snort rules that are specific for SCADA or WAMS systems and protocols.
Resumo:
A proteção das Infraestruturas Críticas tornou-se numa questão essencial no sistema internacional e nos Estados. Mais recentemente, Portugal começou a acompanhar esta tendência. Neste debate, torna-se de crucial importância, a identificação das infraestruturas que devem ser consideradas como críticas. Esta identificação terá como principal objetivo a redução das suas vulnerabilidades e a eficiência no emprego de recursos para a proteção das mesmas. Mas que critérios e indicadores, em cada setor/subsetor, possibilitam uma adequada metodologia para a identificação e caraterização das Infraestruturas Críticas em Portugal? Com vista a responder a esta problemática será analisada a metodologia adotada por Portugal, bem como as componentes da metodologia de identificação e caraterização de Infraestruturas Críticas utilizadas em países e organizações de referência. Esta investigação tem como objetivo geral identificar de áreas de melhoria na metodologia adotada pela Autoridade Nacional de Proteção Civil e, com base na análise da metodologia usada em organizações e países de referência, contribuir para a identificação e caraterização das IC em Portugal. Conclui-se que a Identificação e Caraterização de Infraestruturas Críticas nacionais deve ser aplicada na primeira fase do processo de elaboração do Programa Nacional de Proteção de Infraestruturas Críticas, apresentando, simultaneamente, uma definição de Infraestrutura Crítica, através de possíveis agrupamentos em setores, critérios e indicadores a adotar. Abstract: Critical infrastructure protection has become a key issue for states in the international system. Recently, Portugal has joined this trend. In this debate, the identification of structures to be considered critical infrastructure becomes crucial. This process of identification should have as key purpose the reduction of these infrastructures, and an efficient use of resources in protecting them. However, which criteria and indicators, for each sector/ sub-sector, allow for an adequate methodology for identifying and characterizing critical infrastructures in Portugal? In order to answer this, this research will analyse the methodology adopted by the National Civil Protection Authority, as well as some methodology components for identifying and characterizing critical infrastructure used by reference countries and organizations. The main purpose of this research is thus to contribute to the development of a methodology to be used in Portugal, through the development of criteria and indicators that prove adequate to identifying and characterizing Portuguese critical infrastructure. It concludes that the identification and characterization of national critical infrastructures should be applied in the first phase of elaborating a national program for the protection of critical infrastructures, while simultaneously presenting a definition of critical infrastructure, through possible grouping in sectors, criteria and indicators to adopt.
Resumo:
Transportation system resilience has been the subject of several recent studies. To assess the resilience of a transportation network, however, it is essential to model its interactions with and reliance on other lifelines. In this work, a bi-level, mixed-integer, stochastic program is presented for quantifying the resilience of a coupled traffic-power network under a host of potential natural or anthropogenic hazard-impact scenarios. A two-layer network representation is employed that includes details of both systems. Interdependencies between the urban traffic and electric power distribution systems are captured through linking variables and logical constraints. The modeling approach was applied on a case study developed on a portion of the signalized traffic-power distribution system in southern Minneapolis. The results of the case study show the importance of explicitly considering interdependencies between critical infrastructures in transportation resilience estimation. The results also provide insights on lifeline performance from an alternative power perspective.
Resumo:
The EU-funded project UAN - Underwater Acoustic Network aims at conceiving, developing and testing at sea an innovative and operational concept for integrating in a unique communication system submerged, surface and aerial sensors with the objective of protecting off-shore and coastline critical infrastructures. A crucial aspect of the project consisted in the use of autonomous underwater vehicles (AUVs) as mobile nodes in the underwater acoustic communication network. In particular, AUVs have the role of adapting the network geometry to the variation of the acoustic channel. This paper reports on the project concept and vision as well as on the progress of its various development phases. The recent at-sea successes that have been demonstrated within the UAN framework are detailed and results of the final UAN project demonstration, UAN11, held in the May of 2011, are reported. The UAN network was in operation for five continuous days with up to five nodes, of which three of them were mobile nodes. © IFAC.
