Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations

Cyber-attacks against Smart Grids have been found in the real world. Malware such as Havex and BlackEnergy have been found targeting industrial control systems (ICS) and researchers have shown that cyber-attacks can exploit vulnerabilities in widely used Smart Grid communication standards. This paper addresses a deep investigation of attacks against the manufacturing message specification of IEC 61850, which is expected to become one of the most widely used communication services in Smart Grids. We investigate how an attacker can build a custom tool to execute man-in-the-middle attacks, manipulate data, and affect the physical system. Attack capabilities are demonstrated based on NESCOR scenarios to make it possible to thoroughly test these scenarios in a real system. The goal is to help understand the potential for such attacks, and to aid the development and testing of cyber security solutions. An attack use-case is presented that focuses on the standard for power utility automation, IEC 61850 in the context of inverter-based distributed energy resource devices; especially photovoltaic (PV) generators.

Can Leakage Models Be More Efficient? Non-Linear Models in Side Channel Attacks

In the last decade, many side channel attacks have been published in academic literature detailing how to efficiently extract secret keys by mounting various attacks, such as differential or correlation power analysis, on cryptosystems. Among the most efficient and widely utilized leakage models involved in these attacks are the Hamming weight and distance models which give a simple, yet effective, approximation of the power consumption for many real-world systems. These leakage models reflect the number of bits switching, which is assumed proportional to the power consumption. However, the actual power consumption changing in the circuits is unlikely to be directly of that form. We, therefore, propose a non-linear leakage model by mapping the existing leakage model via a transform function, by which the changing power consumption is depicted more precisely, hence the attack efficiency can be improved considerably. This has the advantage of utilising a non-linear power model while retaining the simplicity of the Hamming weight or distance models. A modified attack architecture is then suggested to yield the correct key efficiently in practice. Finally, an empirical comparison of the attack results is presented.

Gramsci, austerity common sense and the attacks on the welfare state: The need to understand and resist the imposition of the global neoliberal agenda and the role of the social work profession.

During the last 30 years governments almost everywhere in the world are furthering a global neoliberal agenda by withdrawing the state from the delivery of services, decreasing social spending and lowering corporate taxation etc. This restructuring has led to a massive transfer of wealth from the welfare state and working class people into capital. In order to legitimize this restructuring conservative governments engage in collective blaming towards their denizens. This presentation will examine some of the well circulated phrases that have been used by the dominant elite in some countries during the last year to legitimize the imposition of austerity measures. Phrases such as, ‘We all partied’ used by the Irish finance minister, Brian Lenihan, to explain the Irish crisis and collectively blame all Irish people, ‘We must all share the pain’, deployed by another Irish Minister Gilmore and the UK coalition administration’s sound bite ‘We are all in this together’, legitimize the imposition of austerity measures. Utilizing the Gramscian concept of common sense (Gramsci, 1971), I call these phrases ‘austerity common sense’. They are austerity common sense because they both reflect and legitimate the austerity agenda. By deploying these phrases, the ruling economic and political elite seek to influence the perception of the people and pre-empt any intention of resistance. The dominant theme of these phrases is that there is no alternative and that austerity measures are somehow self-inflicted and, as such, should not be challenged because we are all to blame. The purpose of this presentation is to explore the “austerity common sense” theme from a Gramscian approach, focus on its implications for the social work profession and discuss the ways to resist the imposition of the global neoliberal agenda.

History of biological warfare and bioterrorism.

Bioterrorism literally means using microorganisms or infected samples to cause terror and panic in populations. Bioterrorism had already started 14 centuries before Christ, when the Hittites sent infected rams to their enemies. However, apart from some rare well-documented events, it is often very difficult for historians and microbiologists to differentiate natural epidemics from alleged biological attacks, because: (i) little information is available for times before the advent of modern microbiology; (ii) truth may be manipulated for political reasons, especially for a hot topic such as a biological attack; and (iii) the passage of time may also have distorted the reality of the past. Nevertheless, we have tried to provide to clinical microbiologists an overview of some likely biological warfare that occurred before the 18th century and that included the intentional spread of epidemic diseases such as tularaemia, plague, malaria, smallpox, yellow fever, and leprosy. We also summarize the main events that occurred during the modern microbiology era, from World War I to the recent 'anthrax letters' that followed the World Trade Center attack of September 2001. Again, the political polemic surrounding the use of infectious agents as a weapon may distort the truth. This is nicely exemplified by the Sverdlovsk accident, which was initially attributed by the authorities to a natural foodborne outbreak, and was officially recognized as having a military cause only 13 years later.

Computer "Insecurity" and Viral Attacks : Liability Issues Regarding Unsafe Computer Systems Under Quebec Law

Un résumé en français est également disponible.

"Computer ""Insecurity"" and Viral Attacks:Liability Issues Regarding Unsafe Computer Systems Under Quebec Law"

Dans un contexte où les virus informatiques présentent un risque sérieux pour les réseaux à travers le globe, il est impératif de retenir la responsabilité des compagnies qui n’y maintiennent pas une sécurité adéquate. À ce jour, les tribunaux québécois n’ont pas encore été saisis d’affaires en responsabilité pour des virus informatiques. Cet article brosse un portrait général de la responsabilité entourant les virus informatiques en fonction des principes généraux de responsabilité civile en vigueur au Québec. L’auteur propose des solutions pour interpréter les trois critères traditionnels ­ la faute, le dommage et le lien causal ­ en mettant l’accent sur l’obligation de précaution qui repose sur les épaules de l’administrateur de réseau. Ce joueur clé pourrait bénéficier de l’adoption de dispositions générales afin de limiter sa responsabilité. De plus, les manufacturiers et les distributeurs peuvent également partager une partie de la responsabilité en proportion de la gravité de leur faute. Les entreprises ont un devoir légal de s’assurer que leurs systèmes sont sécuritaires afin de protéger les intérêts de leurs clients et des tiers.

Influence of vulnerability factors in panic disorder severity

Resumen tomado de la publicaci??n

Aphidius ervi preferentially attacks the green morph of the pea aphid, Acyrthosiphon pisum

The pea aphid, Acyrthosiphon pisum Harris (Hemiptera: Aphididae) is found in red and green color morphs. Previous work has suggested that the aphidiine parasitoid Aphidius ervi Haliday preferentially attacks green pea aphids in the field. It is not clear whether these results reflect a real preference, or some unknown clonal difference, such as in immunity, between the aphids used in the previous studies. We used three susceptibility-matched pairs of red and green morph pea aphid clones to test for preferences. In a no-choice situation, the parasitoids attacked equal proportions of each color morph. When provided with a choice, A. ervi was significantly more likely to oviposit into colonies formed from green morphs when the neighboring colony was formed from red morph aphids. In contrast, red morphs were less likely to be attacked when their neighboring colony was of the green morph. By preferentially attacking green colonies, A. ervi may reduce the likelihood of intraguild predation, as it is suggested that visually foraging predators preferentially attack red aphid colonies. Furthermore, if this host choice behavior is replicated in the field, we speculate that color morphs of the pea aphid may interact indirectly through their shared natural enemies, leading to intraspecific apparent competition.

Increasing detection rate of user-to-root attacks using genetic algorithms

An extensive set of machine learning and pattern classification techniques trained and tested on KDD dataset failed in detecting most of the user-to-root attacks. This paper aims to provide an approach for mitigating negative aspects of the mentioned dataset, which led to low detection rates. Genetic algorithm is employed to implement rules for detecting various types of attacks. Rules are formed of the features of the dataset identified as the most important ones for each attack type. In this way we introduce high level of generality and thus achieve high detection rates, but also gain high reduction of the system training time. Thenceforth we re-check the decision of the user-to- root rules with the rules that detect other types of attacks. In this way we decrease the false-positive rate. The model was verified on KDD 99, demonstrating higher detection rates than those reported by the state- of-the-art while maintaining low false-positive rate.

A qualified defense of American drone attacks in northwest Pakistan under international humanitarian law

Since the terrorist attacks of September 11, 2001, international law has had to grapple with the fundamental challenges that large-scale violence carried out by non-State actors poses to the traditional inter- State orientation of international law. Questions related to the “adequacy” and “effectiveness” of international humanitarian law, international human rights law and the law related to the use of force have been particularly pronounced. This paper focuses on the international humanitarian law implications of American drone attacks in northwest Pakistan. A highly-advanced modality of modern warfare, armed drones highlight the possibilities, problems, prospects and pitfalls of high-tech warfare. How is the battlefield to be defined and delineated geographically and temporally? Who can be targeted, and by whom? Ultimately, this paper concludes that American drone attacks in northwest Pakistan are not unlawful as such under international humanitarian law, though, like any tactical decision in the context of asymmetric warfare, they should be continuously and closely monitored according to the dictates of law with sensitivity to facts on the ground.