154 resultados para foo
Resumo:
This paper presents a vulnerability within the generic object oriented substation event (GOOSE) communication protocol. It describes an exploit of the vulnerability and proposes a number of attack variants. The attacks sends GOOSE frames containing higher status numbers to the receiving intelligent electronic device (IED). This prevents legitimate GOOSE frames from being processed and effectively causes a hijacking of the communication channel, which can be used to implement a denial–of–service (DoS) or manipulate the subscriber (unless a status number roll-over occurs). The authors refer to this attack as a poisoning of the subscriber. A number of GOOSE poisoning attacks are evaluated experimentally on a test bed and demonstrated to be successful.
Resumo:
The Modicon Communication Bus (Modbus) protocol is one of the most commonly used protocols in industrial control systems. Modbus was not designed to provide security. This paper confirms that the Modbus protocol is vulnerable to flooding attacks. These attacks involve injection of commands that result in disrupting the normal operation of the control system. This paper describes a set of experiments that shows that an anomaly-based change detection algorithm and signature-based Snort threshold module are capable of detecting Modbus flooding attacks. In comparing these intrusion detection techniques, we find that the signature-based detection requires a carefully selected threshold value, and that the anomaly-based change detection algorithm may have a short delay before detecting the attacks depending on the parameters used. In addition, we also generate a network traffic dataset of flooding attacks on the Modbus control system protocol.
Resumo:
For decades Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) have used computers to monitor and control physical processes in many critical industries, including electricity generation, gas pipelines, water distribution, waste treatment, communications and transportation. Increasingly these systems are interconnected with corporate networks via the Internet, making them vulnerable and exposed to the same risks as those experiencing cyber-attacks on a conventional network. Very often SCADA networks services are viewed as a specialty subject, more relevant to engineers than standard IT personnel. Educators from two Australian universities have recognised these cultural issues and highlighted the gap between specialists with SCADA systems engineering skills and the specialists in network security with IT background. This paper describes a learning approach designed to help students to bridge this gap, gain theoretical knowledge of SCADA systems' vulnerabilities to cyber-attacks via experiential learning and acquire practical skills through actively participating in hands-on exercises.
Resumo:
A victim of phishing emails could be subjected to money loss and identity theft. This paper investigates the different types of phishing email victims, with the goal of increasing such victims' defences. To obtain this kind of information, an experiment which involves sending a phishing email to participants is conducted. Quantitative and qualitative methods are also used to collect users' information. A model for detecting deception has been employed to understand victims' behaviour. This paper reports the qualitative results. The findings suggest that victims of phishing emails do not always exhibit the same vulnerability. The cause of being a victim is a result of three weaknesses in the detection process: (1) lack of knowledge; (2) weak confirmation channel, and; (3) victims' high propensity towards risk-taking. Therefore, it is suggested that users be provided with suitable confirmation channels and be more risk averse in their behaviour so that they would not fall victim to phishing emails.
Resumo:
A new era of cyber warfare has appeared on the horizon with the discovery and detection of Stuxnet. Allegedly planned, designed, and created by the United States and Israel, Stuxnet is considered the first known cyber weapon to attack an adversary state. Stuxnet's discovery put a lot of attention on the outdated and obsolete security of critical infrastructure. It became very apparent that electronic devices that are used to control and operate critical infrastructure like programmable logic controllers (PLCs) or supervisory control and data acquisition (SCADA) systems lack very basic security and protection measures. Part of that is due to the fact that when these devices were designed, the idea of exposing them to the Internet was not in mind. However, now with this exposure, these devices and systems are considered easy prey to adversaries.
Resumo:
In a conventional ac motor drive using field-oriented control, a dc-link voltage, speed, and at least two current sensors are required. Hence, in the event of sensor failure, the performance of the drive system can be severely compromised. This paper presents a sensor fault-tolerant control strategy for interior permanent-magnet synchronous motor (IPMSM) drives. Three independent observers are proposed to estimate the speed, dc-link voltage, and currents of the machine. If a sensor fault is detected, the drive system isolates the faulty sensor while retaining the remaining functional ones. The signal is then acquired from the corresponding observer in order to maintain the operation of the drive system. The experimental results provided verify the effectiveness of the proposed approach.
Resumo:
Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient
Resumo:
This paper presents the modeling and motion-sensorless direct torque and flux control of a novel dual-airgap axial-flux permanent-magnet machine optimized for use in flywheel energy storage system (FESS) applications. Independent closed-loop torque and stator flux regulation are performed in the stator flux ( x-y) reference frame via two PI controllers. This facilitates fast torque dynamics, which is critical as far as energy charging/discharging in the FESS is concerned. As FESS applications demand high-speed operation, a new field-weakening algorithm is proposed in this paper. Flux weakening is achieved autonomously once the y-axis voltage exceeds the available inverter voltage. An inherently speed sensorless stator flux observer immune to stator resistance variations and dc-offset effects is also proposed for accurate flux and speed estimation. The proposed observer eliminates the rotary encoder, which in turn reduces the overall weight and cost of the system while improving its reliability. The effectiveness of the proposed control scheme has been verified by simulations and experiments on a machine prototype.
Resumo:
Interior permanent-magnet synchronous motors (IPMSMs) become attractive candidates in modern hybrid electric vehicles and industrial applications. Usually, to obtain good control performance, the electric drives of this kind of motor require one position, one dc link, and at least two current sensors. Failure of any of these sensors might lead to degraded system performance or even instability. As such, sensor fault resilient control becomes a very important issue in modern drive systems. This paper proposes a novel sensor fault detection and isolation algorithm based on an extended Kalman filter. It is robust to system random noise and efficient in real-time implementation. Moreover, the proposed algorithm is compact and can detect and isolate all the sensor faults for IPMSM drives. Thorough theoretical analysis is provided, and the effectiveness of the proposed approach is proven by extensive experimental results.
Resumo:
This paper presents the modeling and position-sensorless vector control of a dual-airgap axial flux permanent magnet (AFPM) machine optimized for use in flywheel energy storage system (FESS) applications. The proposed AFPM machine has two sets of three-phase stator windings but requires only a single power converter to control both the electromagnetic torque and the axial levitation force. The proper controllability of the latter is crucial as it can be utilized to minimize the vertical bearing stress to improve the efficiency of the FESS. The method for controlling both the speed and axial displacement of the machine is discussed. An inherent speed sensorless observer is also proposed for speed estimation. The proposed observer eliminates the rotary encoder, which in turn reduces the overall weight and cost of the system while improving its reliability. The effectiveness of the proposed control scheme has been verified by simulations and experiments on a prototype machine.
Resumo:
Distributed Network Protocol Version 3 (DNP3) is the de-facto communication protocol for power grids. Standard-based interoperability among devices has made the protocol useful to other infrastructures such as water, sewage, oil and gas. DNP3 is designed to facilitate interaction between master stations and outstations. In this paper, we apply a formal modelling methodology called Coloured Petri Nets (CPN) to create an executable model representation of DNP3 protocol. The model facilitates the analysis of the protocol to ensure that the protocol will behave as expected. Also, we illustrate how to verify and validate the behaviour of the protocol, using the CPN model and the corresponding state space tool to determine if there are insecure states. With this approach, we were able to identify a Denial of Service (DoS) attack against the DNP3 protocol.
Resumo:
Optical emission of reactive plasma species during the synthesis of functionally graded calcium phosphate-based bioactive films has been investigated. The coatings have been deposited on Ti-6Al-4V orthopedic alloy by co-sputtering of hydroxyapatite (HA) and titanium targets in reactive plasmas of Ar + H2O gas mixtures. The species, responsible for the Ca-P-Ti film growth have been non-intrusively monitored in situ by a high-resolution optical emission spectroscopy (OES). It is revealed that the optical emission originating from CaO species dominates throughout the deposition process. The intensities of CaO, PO and CaPO species are strongly affected by variations of the operating pressure, applied RF power, and DC substrate bias. The optical emission intensity (OEI) of reaction species can efficiently be controlled by addition of H2O reactant.
Resumo:
To prevent unauthorized access to protected trusted platform module (TPM) objects, authorization protocols, such as the object-specific authorization protocol (OSAP), have been introduced by the trusted computing group (TCG). By using OSAP, processes trying to gain access to the protected TPM objects need to prove their knowledge of relevant authorization data before access to the objects can be granted. Chen and Ryan’s 2009 analysis has demonstrated OSAP’s authentication vulnerability in sessions with shared authorization data. They also proposed the Session Key Authorization Protocol (SKAP) with fewer stages as an alternative to OSAP. Chen and Ryan’s analysis of SKAP using ProVerif proves the authentication property. The purpose of this paper was to examine the usefulness of Colored Petri Nets (CPN) and CPN Tools for security analysis. Using OSAP and SKAP as case studies, we construct intruder and authentication property models in CPN. CPN Tools is used to verify the authentication property using a Dolev–Yao-based model. Verification of the authentication property in both models using the state space tool produces results consistent with those of Chen and Ryan.
Resumo:
Compared with unidirectional inductive power transfer (UIPT) systems which are suitable for passive loads, bidirectional IPT (BIPT) systems can be used for active loads with power regenerative capability. There are numerous BIPT systems that have been proposed previously to achieve improved performance. However, typical BIPT systems are controlled through modulation of phase-shift of each converter while keeping the relative phase angle between voltages produced by two converters at ± 90 degrees. This paper presents theoretical analysis to show that there is a unique phase shift for each converter at which the inductive coils losses of the system is minimized for a given load. Simulated results of a BIPT system, compensated by CLCL resonant networks, are presented to demonstrate the applicability of the proposed concept and the validity of the mathematical model.
Resumo:
A typical low power IPT system employs an H-Bridge converter with a simple control strategy to generate a high frequency current from DC power supply. This paper proposes a cascaded multilevel converter for bidirectional IPT (BIPT) systems, which is suitable for low to medium power applications as well as for situations such as PV cells where several individual DC sources are to be utilized. A novel modulation strategy is proposed for the multilevel converter with the aim of minimizing switching losses. Series - Series (SS) compensation circuit is adopted for the IPT system and a mathematical model is presented to minimize the coil losses of the system under varying output power. Theoretical results presented in comparison to the simulations to demonstrate the applicability of the proposed concept and the validity of the developed model. The experimental results show the feasibility of the proposed phase shift modulation.
