893 resultados para Critical infrastructures. Fault Tree. Dependability. Framework. Industrialenvironments
Resumo:
The purpose of this case study was to examine the why the English language learners (ELLs) in the Beaufort County, South Carolina school system have been so successful. This school system has recently experienced a boom in its ESL student population, and this population has performed very well on standardized tests. This study used critical theory as its theoretical framework and examined why the students have been successful rather than marginalized in Beaufort County schools. This phenomenon was investigated using semi-structured interviews with the ESOL Coordinator for Beaufort County, 4 ESL-lead teachers, and 6 mainstream teachers.^ Data were collected using semi-structured interviews with Sarah Owen, the Beaufort County ESOL, Gifted and Talented, and World Languages coordinator. Based on the results of her interview, 4 themes emerged that were used for the semi-structured interviews with ESOL and mainstream teachers. The interviews centered on the themes of ESL policy, ESL leadership, and teacher training. The ESL and mainstream teacher interviews also revealed several subthemes that included teacher attitude, why Beaufort County has been successful with the ELLs, and the teachers' recommendations for other schools systems trying to successfully accommodate a large ESL student population in mainstream classrooms. ^ The findings from the teachers' interviews revealed that additional training for the teachers without ESL experience helped them become comfortable instructing ELLs. This training should be conducted by the ESOL teachers for those without ESOL certification or endorsement. As the teachers had more training, they had better attitudes about teaching ESOL students in their classes. Finally, those who utilized the additional ESOL training and ESOL accommodations saw better student achievement in their classes.^ Based on the finding of this study, the researcher proposed a model for other school systems to follow in order to replicate the success of Beaufort County's ELLs. The implications of this study focus on other schools systems and why ELLs are not obtaining the same level of success as those in Beaufort County's schools. Finally, recommendations for further research are provided.^
Resumo:
The purpose of this case study was to examine the why the English language learners (ELLs) in the Beaufort County, South Carolina school system have been so successful. This school system has recently experienced a boom in its ESL student population, and this population has performed very well on standardized tests. This study used critical theory as its theoretical framework and examined why the students have been successful rather than marginalized in Beaufort County schools. This phenomenon was investigated using semi-structured interviews with the ESOL Coordinator for Beaufort County, 4 ESL-lead teachers, and 6 mainstream teachers. Data were collected using semi-structured interviews with Sarah Owen, the Beaufort County ESOL, Gifted and Talented, and World Languages coordinator. Based on the results of her interview, 4 themes emerged that were used for the semi-structured interviews with ESOL and mainstream teachers. The interviews centered on the themes of ESL policy, ESL leadership, and teacher training. The ESL and mainstream teacher interviews also revealed several subthemes that included teacher attitude, why Beaufort County has been successful with the ELLs, and the teachers’ recommendations for other schools systems trying to successfully accommodate a large ESL student population in mainstream classrooms. The findings from the teachers’ interviews revealed that additional training for the teachers without ESL experience helped them become comfortable instructing ELLs. This training should be conducted by the ESOL teachers for those without ESOL certification or endorsement. As the teachers had more training, they had better attitudes about teaching ESOL students in their classes. Finally, those who utilized the additional ESOL training and ESOL accommodations saw better student achievement in their classes. Based on the finding of this study, the researcher proposed a model for other school systems to follow in order to replicate the success of Beaufort County’s ELLs. The implications of this study focus on other schools systems and why ELLs are not obtaining the same level of success as those in Beaufort County’s schools. Finally, recommendations for further research are provided.
Resumo:
Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.
Resumo:
The BlackEnergy malware targeting critical infrastructures has a long history. It evolved over time from a simple DDoS platform to a quite sophisticated plug-in based malware. The plug-in architecture has a persistent malware core with easily installable attack specific modules for DDoS, spamming, info-stealing, remote access, boot-sector formatting etc. BlackEnergy has been involved in several high profile cyber physical attacks including the recent Ukraine power grid attack in December 2015. This paper investigates the evolution of BlackEnergy and its cyber attack capabilities. It presents a basic cyber attack model used by BlackEnergy for targeting industrial control systems. In particular, the paper analyzes cyber threats of BlackEnergy for synchrophasor based systems which are used for real-time control and monitoring functionalities in smart grid. Several BlackEnergy based attack scenarios have been investigated by exploiting the vulnerabilities in two widely used synchrophasor communication standards: (i) IEEE C37.118 and (ii) IEC 61850-90-5. Specifically, the paper addresses reconnaissance, DDoS, man-in-the-middle and replay/reflection attacks on IEEE C37.118 and IEC 61850-90-5. Further, the paper also investigates protection strategies for detection and prevention of BlackEnergy based cyber physical attacks.
Resumo:
This study explores the origins and development of honors education at a Historically Black College and University (HBCU), Morgan State University, within the context of the Maryland higher education system. During the last decades, public and private institutions have invested in honors experiences for their high-ability students. These programs have become recruitment magnets while also raising institutional academic profiles, justifying additional campus resources. The history of higher education reveals simultaneous narratives such as the tension of post-desegregated Black colleges facing uncertain futures; and the progress of the rise and popularity of collegiate honors programs. Both accounts contribute to tracing seemingly parallel histories in higher education that speaks to the development of honors education at HBCUs. While the extant literature on honors development at Historically White Institutions (HWIs) of higher education has gradually emerged, our understanding of activity at HBCUs is spotty at best. One connection of these two phenomena is the development of honors programs at HBCUs. Using Morgan State University, I examine the role and purpose of honors education at a public HBCU through archival materials and oral histories. Major unexpected findings that constructed this historical narrative beyond its original scope were the impact of the 1935/6 Murray v Pearson, the first higher education desegregation case. Other emerging themes were Morgan’s decades-long efforts to resist state control of its governance, Maryland’s misuse of Morrill Act funds, and the border state’s resistance to desegregation. Also, the broader histories of Black education, racism, and Black citizenship from Dred Scott and Plessy, the 1863 Emancipation Proclamation to Brown, inform this study. As themes are threaded together, Critical Race Theory provides the framework for understanding the emerging themes. In the immediate wake of the post-desegregation era, HBCUs had to address future challenges such as purpose and mission. Competing with HWIs for high-achieving Black students was one of the unanticipated consequences of the Brown decision. Often marginalized from higher education research literature, this study will broaden the research repository of honors education by documenting HBCU contributions despite a challenging landscape.
Resumo:
Nowadays, Power grids are critical infrastructures on which everything else relies, and their correct behavior is of the highest priority. New smart devices are being deployed to be able to manage and control power grids more efficiently and avoid instability. However, the deployment of such smart devices like Phasor Measurement Units (PMU) and Phasor Data Concentrators (PDC), open new opportunities for cyber attackers to exploit network vulnerabilities. If a PDC is compromised, all data coming from PMUs to that PDC is lost, reducing network observability. Our approach to solve this problem is to develop an Intrusion detection System (IDS) in a Software-defined network (SDN). allowing the IDS system to detect compromised devices and use that information as an input for a self-healing SDN controller, which redirects the data of the PMUs to a new, uncompromised PDC, maintaining the maximum possible network observability at every moment. During this research, we have successfully implemented Self-healing in an example network with an SDN controller based on Ryu controller. We have also assessed intrinsic vulnerabilities of Wide Area Management Systems (WAMS) and SCADA networks, and developed some rules for the Intrusion Detection system which specifically protect vulnerabilities of these networks. The integration of the IDS and the SDN controller was also successful. \\To achieve this goal, the first steps will be to implement an existing Self-healing SDN controller and assess intrinsic vulnerabilities of Wide Area Measurement Systems (WAMS) and SCADA networks. After that, we will integrate the Ryu controller with Snort, and create the Snort rules that are specific for SCADA or WAMS systems and protocols.
Resumo:
A proteção das Infraestruturas Críticas tornou-se numa questão essencial no sistema internacional e nos Estados. Mais recentemente, Portugal começou a acompanhar esta tendência. Neste debate, torna-se de crucial importância, a identificação das infraestruturas que devem ser consideradas como críticas. Esta identificação terá como principal objetivo a redução das suas vulnerabilidades e a eficiência no emprego de recursos para a proteção das mesmas. Mas que critérios e indicadores, em cada setor/subsetor, possibilitam uma adequada metodologia para a identificação e caraterização das Infraestruturas Críticas em Portugal? Com vista a responder a esta problemática será analisada a metodologia adotada por Portugal, bem como as componentes da metodologia de identificação e caraterização de Infraestruturas Críticas utilizadas em países e organizações de referência. Esta investigação tem como objetivo geral identificar de áreas de melhoria na metodologia adotada pela Autoridade Nacional de Proteção Civil e, com base na análise da metodologia usada em organizações e países de referência, contribuir para a identificação e caraterização das IC em Portugal. Conclui-se que a Identificação e Caraterização de Infraestruturas Críticas nacionais deve ser aplicada na primeira fase do processo de elaboração do Programa Nacional de Proteção de Infraestruturas Críticas, apresentando, simultaneamente, uma definição de Infraestrutura Crítica, através de possíveis agrupamentos em setores, critérios e indicadores a adotar. Abstract: Critical infrastructure protection has become a key issue for states in the international system. Recently, Portugal has joined this trend. In this debate, the identification of structures to be considered critical infrastructure becomes crucial. This process of identification should have as key purpose the reduction of these infrastructures, and an efficient use of resources in protecting them. However, which criteria and indicators, for each sector/ sub-sector, allow for an adequate methodology for identifying and characterizing critical infrastructures in Portugal? In order to answer this, this research will analyse the methodology adopted by the National Civil Protection Authority, as well as some methodology components for identifying and characterizing critical infrastructure used by reference countries and organizations. The main purpose of this research is thus to contribute to the development of a methodology to be used in Portugal, through the development of criteria and indicators that prove adequate to identifying and characterizing Portuguese critical infrastructure. It concludes that the identification and characterization of national critical infrastructures should be applied in the first phase of elaborating a national program for the protection of critical infrastructures, while simultaneously presenting a definition of critical infrastructure, through possible grouping in sectors, criteria and indicators to adopt.
Resumo:
Transportation system resilience has been the subject of several recent studies. To assess the resilience of a transportation network, however, it is essential to model its interactions with and reliance on other lifelines. In this work, a bi-level, mixed-integer, stochastic program is presented for quantifying the resilience of a coupled traffic-power network under a host of potential natural or anthropogenic hazard-impact scenarios. A two-layer network representation is employed that includes details of both systems. Interdependencies between the urban traffic and electric power distribution systems are captured through linking variables and logical constraints. The modeling approach was applied on a case study developed on a portion of the signalized traffic-power distribution system in southern Minneapolis. The results of the case study show the importance of explicitly considering interdependencies between critical infrastructures in transportation resilience estimation. The results also provide insights on lifeline performance from an alternative power perspective.
Resumo:
Gli investimenti alle infrastrutture di trasporto sono stati per lungo tempo considerati misure di politica generale di competenza esclusiva degli Stati membri, nonostante il generale divieto di misure di sostegno pubblico a favore delle imprese ai sensi dell’art. 107 TFUE. Le sentenze rese dalle corti eurounitarie in relazione agli aeroporti di Parigi e di Lipsia Halle hanno dato avvio ad un vero e proprio revirement giurisprudenziale, in considerazione delle trasformazioni economiche internazionali, rimettendo in discussione il concetto di impresa, nonché la ferma interpretazione secondo cui il finanziamento alle infrastrutture – in quanto beni pubblici intesi a soddisfare i bisogni di mobilità dei cittadini – sfuggirebbe all’applicazione della disciplina degli aiuti di Stato. Nonostante le esigenze di costante ammodernamento e sviluppo delle infrastrutture, il nuovo quadro regolatorio adottato dall’Unione europea a seguire ha condotto inevitabilmente gli Stati membri a dover sottoporre al vaglio preventivo della Commissione ogni nuovo investimento infrastrutturale. La presente trattazione, muovendo dall’analisi della disciplina degli aiuti di Stato di cui agli artt. 107 e ss. TFUE, analizza i principi di creazione giurisprudenziale e dottrinale che derivano dall’interpretazione delle fonti primarie, mettendo in evidenza le principali problematiche giuridiche sottese, anche in considerazione delle peculiarità delle infrastrutture in questione, dei modelli proprietari e di governance, delle competenze e dei poteri decisionali in merito a nuovi progetti di investimento. Infine, la trattazione si concentra sui grandi progetti infrastrutturali a livello europeo e internazionale che interessano le reti di trasporto, analizzando le nuove sfide, pur considerando la necessità di assicurare, anche rispetto ad essi, la salvaguardia del cd. level playing field e l’osservanza sostanziale delle norme sugli aiuti di Stato.
Resumo:
The rapid increase in the use of microprocessor-based systems in critical areas, where failures imply risks to human lives, to the environment or to expensive equipment, significantly increased the need for dependable systems, able to detect, tolerate and eventually correct faults. The verification and validation of such systems is frequently performed via fault injection, using various forms and techniques. However, as electronic devices get smaller and more complex, controllability and observability issues, and sometimes real time constraints, make it harder to apply most conventional fault injection techniques. This paper proposes a fault injection environment and a scalable methodology to assist the execution of real-time fault injection campaigns, providing enhanced performance and capabilities. Our proposed solutions are based on the use of common and customized on-chip debug (OCD) mechanisms, present in many modern electronic devices, with the main objective of enabling the insertion of faults in microprocessor memory elements with minimum delay and intrusiveness. Different configurations were implemented starting from basic Components Off-The-Shelf (COTS) microprocessors, equipped with real-time OCD infrastructures, to improved solutions based on modified interfaces, and dedicated OCD circuitry that enhance fault injection capabilities and performance. All methodologies and configurations were evaluated and compared concerning performance gain and silicon overhead.
Resumo:
On-chip debug (OCD) features are frequently available in modern microprocessors. Their contribution to shorten the time-to-market justifies the industry investment in this area, where a number of competing or complementary proposals are available or under development, e.g. NEXUS, CJTAG, IJTAG. The controllability and observability features provided by OCD infrastructures provide a valuable toolbox that can be used well beyond the debugging arena, improving the return on investment rate by diluting its cost across a wider spectrum of application areas. This paper discusses the use of OCD features for validating fault tolerant architectures, and in particular the efficiency of various fault injection methods provided by enhanced OCD infrastructures. The reference data for our comparative study was captured on a workbench comprising the 32-bit Freescale MPC-565 microprocessor, an iSYSTEM IC3000 debugger (iTracePro version) and the Winidea 2005 debugging package. All enhanced OCD infrastructures were implemented in VHDL and the results were obtained by simulation within the same fault injection environment. The focus of this paper is on the comparative analysis of the experimental results obtained for various OCD configurations and debugging scenarios.
Resumo:
As electronic devices get smaller and more complex, dependability assurance is becoming fundamental for many mission critical computer based systems. This paper presents a case study on the possibility of using the on-chip debug infrastructures present in most current microprocessors to execute real time fault injection campaigns. The proposed methodology is based on a debugger customized for fault injection and designed for maximum flexibility, and consists of injecting bit-flip type faults on memory elements without modifying or halting the target application. The debugger design is easily portable and applicable to different architectures, providing a flexible and efficient mechanism for verifying and validating fault tolerant components.
Resumo:
Presented at SEMINAR "ACTION TEMPS RÉEL:INFRASTRUCTURES ET SERVICES SYSTÉMES". 10, Apr, 2015. Brussels, Belgium.
Resumo:
La informática se está convirtiendo en la quinta utilidad (gas, agua, luz, teléfono) en parte debido al impacto de Cloud Computing en las mayorías de las organizaciones. Este uso de informática es usada por cada vez más tipos de sistemas, incluidos Sistemas Críticos. Esto tiene un impacto en la complejidad internad y la fiabilidad de los sistemas de la organización y los que se ofrecen a los clientes. Este trabajo investiga el uso de Cloud Computing por sistemas críticos, centrándose en las dependencias y especialmente en la fiabilidad de estos sistemas. Se han presentado algunos ejemplos de su uso, y aunque su utilización en sistemas críticos no está extendido, se presenta cual puede llegar a ser su impacto. El objetivo de este trabajo es primero definir un modelo que pueda representar de una forma cuantitativa las interdependencias en fiabilidad y interdependencia para las organizaciones que utilicen estos sistemas, y aplicar este modelo en un sistema crítico del campo de sanidad y mostrar sus resultados. Los conceptos de “macro-dependability y “micro-dependability son introducidos en el modelo para la definición de interdependencia y para analizar la fiabilidad de sistemas que dependen de otros sistemas. ABSTRACT With the increasing utilization of Internet services and cloud computing by most organizations (both private and public), it is clear that computing is becoming the 5th utility (along with water, electricity, telephony and gas). These technologies are used for almost all types of systems, and the number is increasing, including Critical Infrastructure systems. Even if Critical Infrastructure systems appear not to rely directly on cloud services, there may be hidden inter-dependencies. This is true even for private cloud computing, which seems more secure and reliable. The critical systems can began in some cases with a clear and simple design, but evolved as described by Egan to "rafted" networks. Because they are usually controlled by one or few organizations, even when they are complex systems, their dependencies can be understood. The organization oversees and manages changes. These CI systems have been affected by the introduction of new ICT models like global communications, PCs and the Internet. Even virtualization took more time to be adopted by Critical systems, due to their strategic nature, but once that these technologies have been proven in other areas, at the end they are adopted as well, for different reasons such as costs. A new technology model is happening now based on some previous technologies (virtualization, distributing and utility computing, web and software services) that are offered in new ways and is called cloud computing. The organizations are migrating more services to the cloud; this will have impact in their internal complexity and in the reliability of the systems they are offering to the organization itself and their clients. Not always this added complexity and associated risks to their reliability are seen. As well, when two or more CI systems are interacting, the risks of one can affect the rest, sharing the risks. This work investigates the use of cloud computing by critical systems, and is focused in the dependencies and reliability of these systems. Some examples are presented together with the associated risks. A framework is introduced for analysing the dependability and resilience of a system that relies on cloud services and how to improve them. As part of the framework, the concepts of micro and macro dependability are introduced to explain the internal and external dependability on services supplied by an external cloud. A pharmacovigilance model system has been used for framework validation.
