Component modeling for SCADA network mapping

Supervisory Control and Data Acquisition systems (SCADA) are widely used to control critical infrastructure automatically. Capturing and analyzing packet-level traffic flowing through such a network is an essential requirement for problems such as legacy network mapping and fault detection. Within the framework of captured network traffic, we present a simple modeling technique, which supports the mapping of the SCADA network topology via traffic monitoring. By characterizing atomic network components in terms of their input-output topology and the relationship between their data traffic logs, we show that these modeling primitives have good compositional behaviour, which allows complex networks to be modeled. Finally, the predictions generated by our model are found to be in good agreement with experimentally obtained traffic.

Second ESMO consensus conference on lung cancer : pathology and molecular biomarkers for non-small-cell lung cancer

To complement the existing treatment guidelines for all tumour types, ESMO organises consensus conferences to focus on specific issues in each type of tumour. The Second ESMO Consensus Conference on Lung Cancer was held on 11-12 May 2013 in Lugano. A total of 35 experts met to address several questions on management of patients with nonsmall- cell lung cancer (NSCLC) in each of four areas: pathology and molecular biomarkers, early stage disease, locally advanced disease and advanced (metastatic) disease. For each question, recommendations were made including reference to the grade of recommendation and level of evidence. This consensus paper focuses on recommendations for pathology and molecular biomarkers in relation to the diagnosis of lung cancer, primarily non-small-cell carcinomas.

The stewardship performance of forms of privatised water infrastructure

In this research Agency Theory and Stewardship Theory are used to analyse the relative performance of different forms of privitisation of water infrastructure and in doing so enriches understanding of previously underdeveloped aspects of both theories. The prior Agency Theory literature had established assumptions about the behaviour of principals and agents in contracts and these were found not to be correct in the context of contracts between modern government and private organisations. Agency theory was extended to include steward-like behaviour of an agent and Stewardship Theory was developed by the identification of factors within the contractual relationship which promote the sense of responsibility to the principal. The alliance, joint venture and Build Own Operate Transfer (BOOT) forms of privatisation were found to achieve stewardship of the infrastructure.

A new approach to spatial data interpolation using higher-order statistics

Interpolation techniques for spatial data have been applied frequently in various fields of geosciences. Although most conventional interpolation methods assume that it is sufficient to use first- and second-order statistics to characterize random fields, researchers have now realized that these methods cannot always provide reliable interpolation results, since geological and environmental phenomena tend to be very complex, presenting non-Gaussian distribution and/or non-linear inter-variable relationship. This paper proposes a new approach to the interpolation of spatial data, which can be applied with great flexibility. Suitable cross-variable higher-order spatial statistics are developed to measure the spatial relationship between the random variable at an unsampled location and those in its neighbourhood. Given the computed cross-variable higher-order spatial statistics, the conditional probability density function (CPDF) is approximated via polynomial expansions, which is then utilized to determine the interpolated value at the unsampled location as an expectation. In addition, the uncertainty associated with the interpolation is quantified by constructing prediction intervals of interpolated values. The proposed method is applied to a mineral deposit dataset, and the results demonstrate that it outperforms kriging methods in uncertainty quantification. The introduction of the cross-variable higher-order spatial statistics noticeably improves the quality of the interpolation since it enriches the information that can be extracted from the observed data, and this benefit is substantial when working with data that are sparse or have non-trivial dependence structures.

Wolf Creek, rurality and the Australian gothic

As with Crocodile Dundee before it, the recent Australian film Wolf Creek promotes a specific and arguably urban-centric understanding of rural Australia. However, whilst the former film is couched in mythologized notions of the rural idyll, Wolf Creek is based firmly around the concept of rural horror. Wolf Creek is both a horror movie and a road movie, one which relies heavily upon landscape in order to tell its story. Here we argue that the film continues a tradition in the New Australian Cinema of depicting the outback and its inhabitants as something the country's mostly coastal population do not understand. Wolf Creek skilfully plays on popular conceptions of inland Australia as empty and harsh. But more than this, the film brings to the fore tensions in the rural idyll associated with the ownership and use of rural space. As an object of urban consumption, rural space may appear passive and familiar, but in the context of rural horror iconic aspects of the Australian landscape become a source of fear – a space of abjection.

Real-time and interactive attacks on DNP3 critical infrastructure using Scapy

The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols, to control national infrastructure. Widely used interactive packet manipulation tools, such as Scapy, have not yet been augmented to parse and create DNP3 frames (Biondi 2014). In this paper we extend Scapy to include DNP3, thus allowing us to perform attacks on DNP3 in real-time. Our contribution builds on East et al. (2009), who proposed a range of possible attacks on DNP3. We implement several of these attacks to validate our DNP3 extension to Scapy, then executed the attacks on real world equipment. We present our results, showing that many of these theoretical attacks would be unsuccessful in an Ethernet-based network.

Internet-wide scanning taxonomy and framework

Industrial control systems (ICS) have been moving from dedicated communications to switched and routed corporate networks, making it probable that these devices are being exposed to the Internet. Many ICS have been designed with poor or little security features, making them vulnerable to potential attack. Recently, several tools have been developed that can scan the internet, including ZMap, Masscan and Shodan. However, little in-depth analysis has been done to compare these Internet-wide scanning techniques, and few Internet-wide scans have been conducted targeting ICS and protocols. In this paper we present a Taxonomy of Internet-wide scanning with a comparison of three popular network scanning tools, and a framework for conducting Internet-wide scans.

Dietary intake in Australian children aged 4–24 months: Consumption of meat and meat alternatives

Meat/meat alternatives (M/MA) are key sources of Fe, Zn and protein, but intake tends to be low in young children. Australian recommendations state that Fe-rich foods, including M/MA, should be the first complementary foods offered to infants. The present paper reports M/MA consumption of Australian infants and toddlers, compares intake with guidelines, and suggests strategies to enhance adherence to those guidelines. Mother–infant dyads recruited as part of the NOURISH and South Australian Infants Dietary Intake studies provided 3 d of intake data at three time points: Time 1 (T1) (n 482, mean age 5·5 (SD 1·1) months), Time 2 (T2) (n 600, mean age 14·0 (SD 1·2) months) and Time 3 (T3) (n 533, mean age 24 (SD 0·7) months). Of 170 infants consuming solids and aged greater than 6 months at T1, 50 (29 %) consumed beef, lamb, veal (BLV) or pork on at least one of 3 d. Commercial infant foods containing BLV or poultry were the most common form of M/MA consumed at T1, whilst by T2 BLV mixed dishes (including pasta bolognaise) became more popular and remained so at T3. The processed M/MA increased in popularity over time, led by pork (including ham). The present study shows that M/MA are not being eaten by Australian infants or toddlers regularly enough; or in adequate quantities to meet recommendations; and that the form in which these foods are eaten can lead to smaller M/MA serve sizes and greater Na intake. Parents should be encouraged to offer M/MA in a recognisable form, as one of the first complementary foods, in order to increase acceptance at a later age.

BP-XACML: An authorisation policy language for business processes

XACML has become the defacto standard for enterprise- wide, policy-based access control. It is a structured, extensible language that can express and enforce complex access control policies. There have been several efforts to extend XACML to support specific authorisation models, such as the OASIS RBAC profile to support Role Based Access Control. A number of proposals for authorisation models that support business processes and workflow systems have also appeared in the literature. However, there is no published work describing an extension to allow XACML to be used as a policy language with these models. This paper analyses the specific requirements of a policy language to express and enforce business process authorisation policies. It then introduces BP-XACML, a new profile that extends the RBAC profile for XACML so it can support business process authorisation policies. In particular, BP-XACML supports the notion of tasks, and constraints at the level of a task instance, which are important requirements in enforcing business process authorisation policies.

Formal modelling and analysis of DNP3 secure authentication

Supervisory Control and Data Acquisition (SCADA) systems are one of the key foundations of smart grids. The Distributed Network Protocol version 3 (DNP3) is a standard SCADA protocol designed to facilitate communications in substations and smart grid nodes. The protocol is embedded with a security mechanism called Secure Authentication (DNP3-SA). This mechanism ensures that end-to-end communication security is provided in substations. This paper presents a formal model for the behavioural analysis of DNP3-SA using Coloured Petri Nets (CPN). Our DNP3-SA CPN model is capable of testing and verifying various attack scenarios: modification, replay and spoofing, combined complex attack and mitigation strategies. Using the model has revealed a previously unidentified flaw in the DNP3-SA protocol that can be exploited by an attacker that has access to the network interconnecting DNP3 devices. An attacker can launch a successful attack on an outstation without possessing the pre-shared keys by replaying a previously authenticated command with arbitrary parameters. We propose an update to the DNP3-SA protocol that removes the flaw and prevents such attacks. The update is validated and verified using our CPN model proving the effectiveness of the model and importance of the formal protocol analysis.

Modelling ciphersuite and version negotiation in the TLS protocol

Real-world cryptographic protocols such as the widely used Transport Layer Security (TLS) protocol support many different combinations of cryptographic algorithms (called ciphersuites) and simultaneously support different versions. Recent advances in provable security have shown that most modern TLS ciphersuites are secure authenticated and confidential channel establishment (ACCE) protocols, but these analyses generally focus on single ciphersuites in isolation. In this paper we extend the ACCE model to cover protocols with many different sub-protocols, capturing both multiple ciphersuites and multiple versions, and define a security notion for secure negotiation of the optimal sub-protocol. We give a generic theorem that shows how secure negotiation follows, with some additional conditions, from the authentication property of secure ACCE protocols. Using this framework, we analyse the security of ciphersuite and three variants of version negotiation in TLS, including a recently proposed mechanism for detecting fallback attacks.

Impulsivity-related cognition in alcohol dependence: Is it moderated by DRD2/ANKK1 gene status and executive dysfunction?

Perceived impaired control over alcohol use is a key cognitive construct in alcohol dependence that has been related prospectively to treatment outcome and may mediate the risk for problem drinking conveyed by impulsivity in non-dependent drinkers. The aim of the current study was to investigate whether perceived impaired control may mediate the association between impulsivity-related measures (derived from the Short-form Eysenck Personality Questionnaire-Revised) and alcohol-dependence severity in alcohol-dependent drinkers. Furthermore, the extent to which this hypothesized relationship was moderated by genetic risk (Taq1A polymorphism in the DRD2/ANKK1 gene cluster) and verbal fluency as an indicator of executive cognitive ability (Controlled Oral Word Association Test) was also examined. A sample of 143 alcohol-dependent inpatients provided an extensive clinical history of their alcohol use, gave 10ml of blood for DNA analysis, and completed self-report measures relating to impulsivity, impaired control and severity of dependence. As hypothesized, perceived impaired control (partially) mediated the association between impulsivity-related measures and alcohol-dependence severity. This relationship was not moderated by the DRD2/ANKK1 polymorphism or verbal fluency. These results suggest that, in alcohol dependence, perceived impaired control is a cognitive mediator of impulsivity-related constructs that may be unaffected by DRD2/ANKK1 and neurocognitive processes underlying the retrieval of verbal information

Security issues for future intelligent transport systems

Cooperative Intelligent Transportation Systems (C-ITS) allow in-vehicle systems, and ultimately the driver, to enhance their awareness of their surroundings by enabling communication between vehicles and road infrastructure. C-ITS are widely considered as the next major step in driving assistance systems, aiming at increasing safety, comfort and mobility for drivers. However, any communicating systems are subjected to security threats. A key component for providing secure communications at a large scale is a Public Key Infrastructure (PKI). Due to the safety-critical nature of Vehicle-to-Vehicle (V2V) communications, a C-ITS PKI has functional, performance and scalability requirements that differ from traditional non-automotive environments. This paper identifies and defines the key functional and security requirements for C-ITS PKI systems and analyses proposed C-ITS PKI standards against these requirements. In particular, the proposed US and European C-ITS PKI systems are identified as being too complex and not scalable. The paper also highlights various privacy, security and scalability concerns that should be considered for a secure C-ITS PKI solution in the Australian transport landscape.

Reduction in arterial wall strain with aggressive lipid-lowering therapy in patients with carotid artery disease

Background: Inflammation and biomechanical factors have been associated with the development of vulnerable atherosclerotic plaques. Lipid-lowering therapy has been shown to be effective in stabilizing them by reducing plaque inflammation. Its effect on arterial wall strain, however, remains unknown. The aim of the present study was to investigate the role of high- and low-dose lipid-lowering therapy using an HMG-CoA reductase inhibitor, atorvastatin, on arterial wall strain. Methods and Results: Forty patients with carotid stenosis >40% were successfully followed up during the Atorvastatin Therapy: Effects on Reduction Of Macrophage Activity (ATHEROMA; ISRCTN64894118) Trial. All patients had plaque inflammation as shown by intraplaque accumulation of ultrasmall super paramagnetic particles of iron oxide on magnetic resonance imaging at baseline. Structural analysis was performed and change of strain was compared between high- and low-dose statin at 0 and 12 weeks. There was no significant difference in strain between the 2 groups at baseline (P=0.6). At 12 weeks, the maximum strain was significantly lower in the 80-mg group than in the 10-mg group (0.085±0.033 vs. 0.169±0.084; P=0.001). A significant reduction (26%) of maximum strain was observed in the 80-mg group at 12 weeks (0.018±0.02; P=0.01). Conclusions: Aggressive lipid-lowering therapy is associated with a significant reduction in arterial wall strain. The reduction in biomechanical strain may be associated with reductions in plaque inflammatory burden.