An Analysis of IT Governance Practices in the Federal Government: Protecting U.S. Critical Infrastructure from Cyber Terrorist Attacks

ERIC Educational Resources Information Center

Johnson, R. LeWayne

2012-01-01

Much of the governing process in the United States (U.S.) today depends on a reliable and well protected public information technology (IT) infrastructure. The Department of Homeland Security (DHS) is tasked with the responsibility of protecting the country's IT infrastructure. Critics contend that the DHS has failed to address planning and…

Proactive routing mutation against stealthy Distributed Denial of Service attacks: metrics, modeling, and analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Duan, Qi; Al-Shaer, Ehab; Chatterjee, Samrat

The Infrastructure Distributed Denial of Service (IDDoS) attacks continue to be one of the most devastating challenges facing cyber systems. The new generation of IDDoS attacks exploit the inherent weakness of cyber infrastructure including deterministic nature of routes, skew distribution of flows, and Internet ossification to discover the network critical links and launch highly stealthy flooding attacks that are not observable at the victim end. In this paper, first, we propose a new metric to quantitatively measure the potential susceptibility of any arbitrary target server or domain to stealthy IDDoS attacks, and es- timate the impact of such susceptibility onmore » enterprises. Second, we develop a proactive route mutation technique to minimize the susceptibility to these attacks by dynamically changing the flow paths periodically to invalidate the adversary knowledge about the network and avoid targeted critical links. Our proposed approach actively changes these network paths while satisfying security and qualify of service requirements. We present an integrated approach of proactive route mutation that combines both infrastructure-based mutation that is based on reconfiguration of switches and routers, and middle-box approach that uses an overlay of end-point proxies to construct a virtual network path free of critical links to reach a destination. We implemented the proactive path mutation technique on a Software Defined Network using the OpendDaylight controller to demonstrate a feasible deployment of this approach. Our evaluation validates the correctness, effectiveness, and scalability of the proposed approaches.« less

Risk assessment for physical and cyber attacks on critical infrastructures.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Smith, Bryan J.; Sholander, Peter E.; Phelan, James M.

2005-08-01

Assessing the risk of malevolent attacks against large-scale critical infrastructures requires modifications to existing methodologies. Existing risk assessment methodologies consider physical security and cyber security separately. As such, they do not accurately model attacks that involve defeating both physical protection and cyber protection elements (e.g., hackers turning off alarm systems prior to forced entry). This paper presents a risk assessment methodology that accounts for both physical and cyber security. It also preserves the traditional security paradigm of detect, delay and respond, while accounting for the possibility that a facility may be able to recover from or mitigate the results ofmore » a successful attack before serious consequences occur. The methodology provides a means for ranking those assets most at risk from malevolent attacks. Because the methodology is automated the analyst can also play 'what if with mitigation measures to gain a better understanding of how to best expend resources towards securing the facilities. It is simple enough to be applied to large infrastructure facilities without developing highly complicated models. Finally, it is applicable to facilities with extensive security as well as those that are less well-protected.« less

Managing Critical Infrastructures C.I.M. Suite

ScienceCinema

Dudenhoeffer, Donald

2018-05-23

See how a new software package developed by INL researchers could help protect infrastructure during natural disasters, terrorist attacks and electrical outages. For more information about INL research, visit http://www.facebook.com/idahonationallaboratory.

PROTECTING THE NATION'S CRITICAL INFRASTRUCTURE: THE VULNERABILITY OF U.S. WATER SUPPLY SYSTEMS

EPA Science Inventory

Terrorism in the United States was not considered a serious threat until the second half of the 1990s. However, recent attacks both at home and abroad have forced government planners to consider the possibility that critical elements of the U.S. infrastructure might in fact be vu...

Modeling And Detecting Anomalies In Scada Systems

NASA Astrophysics Data System (ADS)

Svendsen, Nils; Wolthusen, Stephen

The detection of attacks and intrusions based on anomalies is hampered by the limits of specificity underlying the detection techniques. However, in the case of many critical infrastructure systems, domain-specific knowledge and models can impose constraints that potentially reduce error rates. At the same time, attackers can use their knowledge of system behavior to mask their manipulations, causing adverse effects to observed only after a significant period of time. This paper describes elementary statistical techniques that can be applied to detect anomalies in critical infrastructure networks. A SCADA system employed in liquefied natural gas (LNG) production is used as a case study.

2008 Defense Industrial Base Critical Infrastructure Protection Conference (DIB-CBIP)

DTIC Science & Technology

2008-04-09

a cloak -and- dagger thing. It’s about computer architecture and the soundness of electronic systems." Joel Brenner, ODNI Counterintelligence Office...to support advanced network exploitation and launch attacks on the informational and physical elements of our cyber infrastructure. In order to...entities and is vulnerable to attacks and manipulation. Operations in the cyber domain have the ability to impact operations in other war-fighting

Development of JSDF Cyber Warfare Defense Critical Capability

DTIC Science & Technology

2010-03-01

attack identification capability is essential for a nation to defend her vital infrastructures against offensive cyber warfare . Although the necessity of...cyber-attack identification capability is quite clear, the Japans preparation against cyber warfare is quite limited.

Cyber-Physical Correlations for Infrastructure Resilience: A Game-Theoretic Approach

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rao, Nageswara S; He, Fei; Ma, Chris Y. T.

In several critical infrastructures, the cyber and physical parts are correlated so that disruptions to one affect the other and hence the whole system. These correlations may be exploited to strategically launch components attacks, and hence must be accounted for ensuring the infrastructure resilience, specified by its survival probability. We characterize the cyber-physical interactions at two levels: (i) the failure correlation function specifies the conditional survival probability of cyber sub-infrastructure given the physical sub-infrastructure as a function of their marginal probabilities, and (ii) the individual survival probabilities of both sub-infrastructures are characterized by first-order differential conditions. We formulate a resiliencemore » problem for infrastructures composed of discrete components as a game between the provider and attacker, wherein their utility functions consist of an infrastructure survival probability term and a cost term expressed in terms of the number of components attacked and reinforced. We derive Nash Equilibrium conditions and sensitivity functions that highlight the dependence of infrastructure resilience on the cost term, correlation function and sub-infrastructure survival probabilities. These results generalize earlier ones based on linear failure correlation functions and independent component failures. We apply the results to models of cloud computing infrastructures and energy grids.« less

Defense Strategies for Asymmetric Networked Systems with Discrete Components.

PubMed

Rao, Nageswara S V; Ma, Chris Y T; Hausken, Kjell; He, Fei; Yau, David K Y; Zhuang, Jun

2018-05-03

We consider infrastructures consisting of a network of systems, each composed of discrete components. The network provides the vital connectivity between the systems and hence plays a critical, asymmetric role in the infrastructure operations. The individual components of the systems can be attacked by cyber and physical means and can be appropriately reinforced to withstand these attacks. We formulate the problem of ensuring the infrastructure performance as a game between an attacker and a provider, who choose the numbers of the components of the systems and network to attack and reinforce, respectively. The costs and benefits of attacks and reinforcements are characterized using the sum-form, product-form and composite utility functions, each composed of a survival probability term and a component cost term. We present a two-level characterization of the correlations within the infrastructure: (i) the aggregate failure correlation function specifies the infrastructure failure probability given the failure of an individual system or network, and (ii) the survival probabilities of the systems and network satisfy first-order differential conditions that capture the component-level correlations using multiplier functions. We derive Nash equilibrium conditions that provide expressions for individual system survival probabilities and also the expected infrastructure capacity specified by the total number of operational components. We apply these results to derive and analyze defense strategies for distributed cloud computing infrastructures using cyber-physical models.

Defense Strategies for Asymmetric Networked Systems with Discrete Components

PubMed Central

Rao, Nageswara S. V.; Ma, Chris Y. T.; Hausken, Kjell; He, Fei; Yau, David K. Y.

2018-01-01

We consider infrastructures consisting of a network of systems, each composed of discrete components. The network provides the vital connectivity between the systems and hence plays a critical, asymmetric role in the infrastructure operations. The individual components of the systems can be attacked by cyber and physical means and can be appropriately reinforced to withstand these attacks. We formulate the problem of ensuring the infrastructure performance as a game between an attacker and a provider, who choose the numbers of the components of the systems and network to attack and reinforce, respectively. The costs and benefits of attacks and reinforcements are characterized using the sum-form, product-form and composite utility functions, each composed of a survival probability term and a component cost term. We present a two-level characterization of the correlations within the infrastructure: (i) the aggregate failure correlation function specifies the infrastructure failure probability given the failure of an individual system or network, and (ii) the survival probabilities of the systems and network satisfy first-order differential conditions that capture the component-level correlations using multiplier functions. We derive Nash equilibrium conditions that provide expressions for individual system survival probabilities and also the expected infrastructure capacity specified by the total number of operational components. We apply these results to derive and analyze defense strategies for distributed cloud computing infrastructures using cyber-physical models. PMID:29751588

Towards the cyber security paradigm of ehealth: Resilience and design aspects

NASA Astrophysics Data System (ADS)

Rajamäki, Jyri; Pirinen, Rauno

2017-06-01

Digital technologies have significantly changed the role of healthcare clients in seeking and receiving medical help, as well as brought up more cooperative policy issues in healthcare cross-border services. Citizens continue to take a more co-creative role in decisions about their own healthcare, and new technologies can enable and facilitate this emergent trend. In this study, healthcare services have been intended as a critical societal sector and therefore healthcare systems are focused on as critical infrastructures that ought to be protected from all types of fears, including cyber security threats and attacks. Despite continual progress in the systemic risk management of cyber domain, it is clear that anticipation and prevention of all possible types of attack and malfunction are not achievable for current or future cyber infrastructures. This study focuses on the investigation of a cyber security paradigm, adaptive systems and sense of resilience in a healthcare critical information infrastructure.

The Jericho Option: Al-Qa'ida and Attacks on Critical Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ackerman, G; Blair, C; Bale, J

There is no doubt that al-Qaida and its affiliates have displayed, and continue to display, an acute interest in attacking targets that are considered to be important components of the infrastructure of the United States. What has not thus far been carried out, however, is an in-depth examination of the basic nature, historical evolution, and present scope of the organization's objectives that might help government personnel develop sound policy recommendations and analytical indicators to assist in detecting and interdicting plots of this nature. This study was completed with the financial support of the Lawrence Livermore National Laboratory, through a projectmore » sponsored by the U.S. Department of Homeland Security, Science and Technology Directorate. It is specifically intended to increase counterterrorism analysts understanding of certain features of al-Qaida's strategy and operations in order to facilitate the anticipation and prevention of attacks directed against our most critical infrastructures. The procedure adopted herein has involved consulting a wide variety of source materials that bear on the topic, ranging from sacred religious texts and historical accounts to al-Qaida-linked materials and the firsthand testimony of captured members of the group. It has also intentionally combined multiple approaches, including exploring the more esoteric religion-historical referents that have served to influence al-Qaida's behavior, providing a strategic analysis of its objectives and targeting rationales, closely examining the statements and writings of al-Qaida leaders and spokesmen (in part on the basis of material translated from primary sources), offering a descriptive analysis of its past global attack patterns, and producing concise but nonetheless in-depth case studies of its previous ''infrastructural'' attacks on U.S. soil. The analyses contained herein tend to support the preliminary assessment made by some of the authors in an earlier report, namely, that transnational jihadist organizations are amongst the extremist groups that are most likely to carry out successful attacks against targets that U.S. officials would categorize as elements of this country's critical infrastructure. These networks clearly have the operational capabilities to conduct these types of attacks, even on a large scale, and they display a number of ideological proclivities that may incline them to attack such targets. Although this seems self-evident, this study has also yielded more detailed insights into the behavior and orientation of al-Qaida and its affiliated networks.« less

Defending networks against denial-of-service attacks

NASA Astrophysics Data System (ADS)

Gelenbe, Erol; Gellman, Michael; Loukas, George

2004-11-01

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

Defense strategies for asymmetric networked systems under composite utilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rao, Nageswara S.; Ma, Chris Y. T.; Hausken, Kjell

We consider an infrastructure of networked systems with discrete components that can be reinforced at certain costs to guard against attacks. The communications network plays a critical, asymmetric role of providing the vital connectivity between the systems. We characterize the correlations within this infrastructure at two levels using (a) aggregate failure correlation function that specifies the infrastructure failure probability giventhe failure of an individual system or network, and (b) first order differential conditions on system survival probabilities that characterize component-level correlations. We formulate an infrastructure survival game between an attacker and a provider, who attacks and reinforces individual components, respectively.more » They use the composite utility functions composed of a survival probability term and a cost term, and the previously studiedsum-form and product-form utility functions are their special cases. At Nash Equilibrium, we derive expressions for individual system survival probabilities and the expected total number of operational components. We apply and discuss these estimates for a simplified model of distributed cloud computing infrastructure« less

Optimal Resource Allocation in Electrical Network Defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yao, Y; Edmunds, T; Papageorgiou, D

2004-01-15

Infrastructure networks supplying electricity, natural gas, water, and other commodities are at risk of disruption due to well-engineered and coordinated terrorist attacks. Countermeasures such as hardening targets, acquisition of spare critical components, and surveillance can be undertaken to detect and deter these attacks. Allocation of available countermeasures resources to sites or activities in a manner that maximizes their effectiveness is a challenging problem. This allocation must take into account the adversary's response after the countermeasure assets are in place and consequence mitigation measures the infrastructure operation can undertake after the attack. The adversary may simply switch strategies to avoid countermeasuresmore » when executing the attack. Stockpiling spares of critical energy infrastructure components has been identified as a key element of a grid infrastructure defense strategy in a recent National Academy of Sciences report [1]. Consider a scenario where an attacker attempts to interrupt the service of an electrical network by disabling some of its facilities while a defender wants to prevent or minimize the effectiveness of any attack. The interaction between the attacker and the defender can be described in three stages: (1) The defender deploys countermeasures, (2) The attacker disrupts the network, and (3) The defender responds to the attack by rerouting power to maintain service while trying to repair damage. In the first stage, the defender considers all possible attack scenarios and deploys countermeasures to defend against the worst scenarios. Countermeasures can include hardening targets, acquiring spare critical components, and installing surveillance devices. In the second stage, the attacker, with full knowledge of the deployed countermeasures, attempts to disable some nodes or links in the network to inflict the greatest loss on the defender. In the third stage, the defender re-dispatches power and restores disabled nodes or links to minimize the loss. The loss can be measured in costs, including the costs of using more expensive generators and the economic losses that can be attributed to loss of load. The defender's goal is to minimize the loss while the attacker wants to maximize it. Assuming some level of budget constraint, each side can only defend or attack a limited number of network elements. When an element is attacked, it is assumed that it will be totally disabled. It is assumed that when an element is defended it cannot be disabled, which may mean that it will be restored in a very short time after being attacked. The rest of the paper is organized as follows. Section 2 will briefly review literature related to multilevel programming and network defense. Section 3 presents a mathematical formulation of the electrical network defense problem. Section 4 describes the solution algorithms. Section 5 discusses computational results. Finally, Sec. 6 explores future research directions.« less

Vulnerability analysis and critical areas identification of the power systems under terrorist attacks

NASA Astrophysics Data System (ADS)

Wang, Shuliang; Zhang, Jianhua; Zhao, Mingwei; Min, Xu

2017-05-01

This paper takes central China power grid (CCPG) as an example, and analyzes the vulnerability of the power systems under terrorist attacks. To simulate the intelligence of terrorist attacks, a method of critical attack area identification according to community structures is introduced. Meanwhile, three types of vulnerability models and the corresponding vulnerability metrics are given for comparative analysis. On this basis, influence of terrorist attacks on different critical areas is studied. Identifying the vulnerability of different critical areas will be conducted. At the same time, vulnerabilities of critical areas under different tolerance parameters and different vulnerability models are acquired and compared. Results show that only a few number of vertex disruptions may cause some critical areas collapse completely, they can generate great performance losses the whole systems. Further more, the variation of vulnerability values under different scenarios is very large. Critical areas which can cause greater damage under terrorist attacks should be given priority of protection to reduce vulnerability. The proposed method can be applied to analyze the vulnerability of other infrastructure systems, they can help decision makers search mitigation action and optimum protection strategy.

Network Randomization and Dynamic Defense for Critical Infrastructure Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chavez, Adrian R.; Martin, Mitchell Tyler; Hamlet, Jason

2015-04-01

Critical Infrastructure control systems continue to foster predictable communication paths, static configurations, and unpatched systems that allow easy access to our nation's most critical assets. This makes them attractive targets for cyber intrusion. We seek to address these attack vectors by automatically randomizing network settings, randomizing applications on the end devices themselves, and dynamically defending these systems against active attacks. Applying these protective measures will convert control systems into moving targets that proactively defend themselves against attack. Sandia National Laboratories has led this effort by gathering operational and technical requirements from Tennessee Valley Authority (TVA) and performing research and developmentmore » to create a proof-of-concept solution. Our proof-of-concept has been tested in a laboratory environment with over 300 nodes. The vision of this project is to enhance control system security by converting existing control systems into moving targets and building these security measures into future systems while meeting the unique constraints that control systems face.« less

The European cooperative approach to securing critical information infrastructure.

PubMed

Purser, Steve

2011-10-01

This paper provides an overview of the EU approach to securing critical information infrastructure, as defined in the Action Plan contained in the Commission Communication of March 2009, entitled 'Protecting Europe from large-scale cyber-attacks and disruptions: enhancing preparedness, security and resilience' and further elaborated by the Communication of May 2011 on critical Information infrastructure protection 'Achievements and next steps: towards global cyber-security'. After explaining the need for pan-European cooperation in this area, the CIIP Action Plan is explained in detail. Finally, the current state of progress is summarised together with the proposed next steps.

RISK DISCLOSURE AGAINST ATTACK ON CRITICAL INFRASTRUCTURES

NASA Astrophysics Data System (ADS)

Yoshida, Mamoru; Kobayashi, Kiyoshi

This paper analyzes the government's defensive and disclosure strategies to reduce the damage caused by terrorists that attack critical infrastructures using subjective game theory. The government recognizes a terrorist as a hidden opponent and the government's decision making about the policies against terror attacks depends on the belief about the existence of terrorist. In addition, it is not necessarily true that the government and the terrorist play the common game and make their decisions. Considering these points, the paper formulates the model in which the government and the terrorist formulate the subjective games respectively, and they induce the strategies using the equilibriums of their subjective games. The paper concluded that the government's disclosure about the implementation of the countermeasure, rather than the disclosure of warning level related with the belief about the existence of terrorist, brings about the higher increment of the subjective payoffs of the government.

Vulnerability of network of networks

NASA Astrophysics Data System (ADS)

Havlin, S.; Kenett, D. Y.; Bashan, A.; Gao, J.; Stanley, H. E.

2014-10-01

Our dependence on networks - be they infrastructure, economic, social or others - leaves us prone to crises caused by the vulnerabilities of these networks. There is a great need to develop new methods to protect infrastructure networks and prevent cascade of failures (especially in cases of coupled networks). Terrorist attacks on transportation networks have traumatized modern societies. With a single blast, it has become possible to paralyze airline traffic, electric power supply, ground transportation or Internet communication. How, and at which cost can one restructure the network such that it will become more robust against malicious attacks? The gradual increase in attacks on the networks society depends on - Internet, mobile phone, transportation, air travel, banking, etc. - emphasize the need to develop new strategies to protect and defend these crucial networks of communication and infrastructure networks. One example is the threat of liquid explosives a few years ago, which completely shut down air travel for days, and has created extreme changes in regulations. Such threats and dangers warrant the need for new tools and strategies to defend critical infrastructure. In this paper we review recent advances in the theoretical understanding of the vulnerabilities of interdependent networks with and without spatial embedding, attack strategies and their affect on such networks of networks as well as recently developed strategies to optimize and repair failures caused by such attacks.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Billings, Jay J.; Bonior, Jason D.; Evans, Philip G.

Securely transferring timing information in the electrical grid is a critical component of securing the nation's infrastructure from cyber attacks. One solution to this problem is to use quantum information to securely transfer the timing information across sites. This software provides such an infrastructure using a standard Java webserver that pulls the quantum information from associated hardware.

Cyber-Critical Infrastructure Protection Using Real-Time Payload-Based Anomaly Detection

NASA Astrophysics Data System (ADS)

Düssel, Patrick; Gehl, Christian; Laskov, Pavel; Bußer, Jens-Uwe; Störmann, Christof; Kästner, Jan

With an increasing demand of inter-connectivity and protocol standardization modern cyber-critical infrastructures are exposed to a multitude of serious threats that may give rise to severe damage for life and assets without the implementation of proper safeguards. Thus, we propose a method that is capable to reliably detect unknown, exploit-based attacks on cyber-critical infrastructures carried out over the network. We illustrate the effectiveness of the proposed method by conducting experiments on network traffic that can be found in modern industrial control systems. Moreover, we provide results of a throughput measuring which demonstrate the real-time capabilities of our system.

Complex Networks and Critical Infrastructures

NASA Astrophysics Data System (ADS)

Setola, Roberto; de Porcellinis, Stefano

The term “Critical Infrastructures” indicates all those technological infrastructures such as: electric grids, telecommunication networks, railways, healthcare systems, financial circuits, etc. that are more and more relevant for the welfare of our countries. Each one of these infrastructures is a complex, highly non-linear, geographically dispersed cluster of systems, that interact with their human owners, operators, users and with the other infrastructures. Their augmented relevance and the actual political and technological scenarios, which have increased their exposition to accidental failure and deliberate attacks, demand for different and innovative protection strategies (generally indicate as CIP - Critical Infrastructure Protection). To this end it is mandatory to understand the mechanisms that regulate the dynamic of these infrastructures. In this framework, an interesting approach is those provided by the complex networks. In this paper we illustrate some results achieved considering structural and functional properties of the corresponding topological networks both when each infrastructure is assumed as an autonomous system and when we take into account also the dependencies existing among the different infrastructures.

Critical Infrastructure Vulnerability to Spatially Localized Failures with Applications to Chinese Railway System.

PubMed

Ouyang, Min; Tian, Hui; Wang, Zhenghua; Hong, Liu; Mao, Zijun

2017-01-17

This article studies a general type of initiating events in critical infrastructures, called spatially localized failures (SLFs), which are defined as the failure of a set of infrastructure components distributed in a spatially localized area due to damage sustained, while other components outside the area do not directly fail. These failures can be regarded as a special type of intentional attack, such as bomb or explosive assault, or a generalized modeling of the impact of localized natural hazards on large-scale systems. This article introduces three SLFs models: node centered SLFs, district-based SLFs, and circle-shaped SLFs, and proposes a SLFs-induced vulnerability analysis method from three aspects: identification of critical locations, comparisons of infrastructure vulnerability to random failures, topologically localized failures and SLFs, and quantification of infrastructure information value. The proposed SLFs-induced vulnerability analysis method is finally applied to the Chinese railway system and can be also easily adapted to analyze other critical infrastructures for valuable protection suggestions. © 2017 Society for Risk Analysis.

Informing Food Protection Education: A Project to Define and Classify Resources for a Cross-Disciplinary Expert Community

ERIC Educational Resources Information Center

Schenck-Hamlin, Donna; Pierquet, Jennifer; McClellan, Chuck

2011-01-01

In the wake of the September 2001 attacks, the U.S. government founded the Department of Homeland Security (DHS) with responsibility to develop a National Infrastructure Protection Plan for securing critical infrastructures and key resources. DHS established interdisciplinary networks of academic expertise administered through Centers of…

Identification and Ranking of Critical Assets within an Electrical Grid under Threat of Cyber Attack

NASA Astrophysics Data System (ADS)

Boyer, Blake R.

This paper examines the ranking of critical assets within an electrical grid under threat of cyber attack.1 Critical to this analysis is the assumption of zero hour exploits namely, the threat of an immediate attack as soon as a vulnerability is discovered. Modeling shows that over time load fluctuations as well as other system variations will change the importance of each asset in the delivery of bulk power. As opposed to classic stability studies where risk can be shown to be greatest during high load periods, the zero hour exploit-cyber-risk assumes that vulnerabilities will be attacked as soon as they are discovered. The probability of attacks is made uniform over time to include any and all possible attacks. Examining the impact of an attack and how the grid reacts immediately following an attack will identify and determine the criticality of each asset. This work endeavors to fulfill the NERC Critical Infrastructure Protection Requirements CIP-001-1 through CIP-009-2, cyber security requirements for the reliable supply of bulk power to customers throughout North America. 1Critical assets will here refer to facilities, systems, and equipment, which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System, NERC Glossary of Terms Used in Reliability Standards, 2009

WeaselBoard :

DOE Office of Scientific and Technical Information (OSTI.GOV)

Mulder, John C.; Schwartz, Moses Daniel; Berg, Michael J.

2013-10-01

Critical infrastructures, such as electrical power plants and oil refineries, rely on programmable logic controllers (PLCs) to control essential processes. State of the art security cannot detect attacks on PLCs at the hardware or firmware level. This renders critical infrastructure control systems vulnerable to costly and dangerous attacks. WeaselBoard is a PLC backplane analysis system that connects directly to the PLC backplane to capture backplane communications between modules. WeaselBoard forwards inter-module traffic to an external analysis system that detects changes to process control settings, sensor values, module configuration information, firmware updates, and process control program (logic) updates. WeaselBoard provides zero-daymore » exploit detection for PLCs by detecting changes in the PLC and the process. This approach to PLC monitoring is protected under U.S. Patent Application 13/947,887.« less

Maintaining Enterprise Resiliency via Kaleidoscopic Adaption and Transformation of Software Services (MEERKATS)

DTIC Science & Technology

2016-04-01

infrastructure . The work is motivated by the fact that today’s clouds are very static, uniform, and predictable, allowing attackers who identify a...vulnerability in one of the services or infrastructure components to spread their effect to other, mission-critical services. Our goal is to integrate into...clouds by elevating continuous change, evolution, and misinformation as first-rate design principles of the cloud’s infrastructure . Our work is

Scaling an urban emergency evacuation framework : challenges and practices.

DOT National Transportation Integrated Search

2014-01-01

Critical infrastructure disruption, caused by severe weather events, natural disasters, terrorist : attacks, etc., has significant impacts on urban transportation systems. We built a computational : framework to simulate urban transportation systems ...

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

PubMed Central

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2013-01-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments. PMID:25685516

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment.

PubMed

Ashok, Aditya; Hahn, Adam; Govindarasu, Manimaran

2014-07-01

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation's electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

INL@Work Cyber Security

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chaffin, May

May Chaffin is one of many Idaho National Laboratory researchers who are helping secure the nation's critical infrastructure from cyber attacks.Lots more content like this is available at INL's facebook page http://www.facebook.com/idahonationallaboratory.

76 FR 76021 - Critical Infrastructure Protection Month, 2011

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-06

..., we must also address the growing threat cyber attacks present to our transportation networks... action against cyber threats. To ensure the safety of our most vital operations, we are working to give...

Increasing the resilience and security of the United States' power infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Happenny, Sean F.

2015-08-01

The United States' power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power infrastructure control and distribution paradigms by utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Understanding how these systems behave in real-worldmore » conditions will lead to new ways to make our power infrastructure more resilient and secure. Demonstrating security in embedded systems is another research area PNNL is tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the aging networks protecting them are becoming easier to attack.« less

Defense strategies for cloud computing multi-site server infrastructures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rao, Nageswara S.; Ma, Chris Y. T.; He, Fei

We consider cloud computing server infrastructures for big data applications, which consist of multiple server sites connected over a wide-area network. The sites house a number of servers, network elements and local-area connections, and the wide-area network plays a critical, asymmetric role of providing vital connectivity between them. We model this infrastructure as a system of systems, wherein the sites and wide-area network are represented by their cyber and physical components. These components can be disabled by cyber and physical attacks, and also can be protected against them using component reinforcements. The effects of attacks propagate within the systems, andmore » also beyond them via the wide-area network.We characterize these effects using correlations at two levels using: (a) aggregate failure correlation function that specifies the infrastructure failure probability given the failure of an individual site or network, and (b) first-order differential conditions on system survival probabilities that characterize the component-level correlations within individual systems. We formulate a game between an attacker and a provider using utility functions composed of survival probability and cost terms. At Nash Equilibrium, we derive expressions for the expected capacity of the infrastructure given by the number of operational servers connected to the network for sum-form, product-form and composite utility functions.« less

78 FR 66603 - Critical Infrastructure Security and Resilience Month, 2013

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-05

... shore up our defenses against physical and cyber incidents. In tandem with my Executive Order on... hazards including terrorism and natural disasters, as well as cyber attacks. We must ensure that the...

Game-Theoretic strategies for systems of components using product-form utilities

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rao, Nageswara S; Ma, Cheng-Yu; Hausken, K.

Many critical infrastructures are composed of multiple systems of components which are correlated so that disruptions to one may propagate to others. We consider such infrastructures with correlations characterized in two ways: (i) an aggregate failure correlation function specifies the conditional failure probability of the infrastructure given the failure of an individual system, and (ii) a pairwise correlation function between two systems specifies the failure probability of one system given the failure of the other. We formulate a game for ensuring the resilience of the infrastructure, wherein the utility functions of the provider and attacker are products of an infrastructuremore » survival probability term and a cost term, both expressed in terms of the numbers of system components attacked and reinforced. The survival probabilities of individual systems satisfy first-order differential conditions that lead to simple Nash Equilibrium conditions. We then derive sensitivity functions that highlight the dependence of infrastructure resilience on the cost terms, correlation functions, and individual system survival probabilities. We apply these results to simplified models of distributed cloud computing and energy grid infrastructures.« less

Deploying Crowd-Sourced Formal Verification Systems in a DoD Network

DTIC Science & Technology

2013-09-01

INTENTIONALLY LEFT BLANK 1 I. INTRODUCTION A. INTRODUCTION In 2014 cyber attacks on critical infrastructure are expected to increase...CSFV systems on the Internet‒‒possibly using cloud infrastructure (Dean, 2013). By using Amazon Compute Cloud (EC2) systems, DARPA will use ordinary...through standard access methods. Those clients could be mobile phones, laptops, netbooks, tablet computers or personal digital assistants (PDAs) (Smoot

Localized attacks on spatially embedded networks with dependencies.

PubMed

Berezin, Yehiel; Bashan, Amir; Danziger, Michael M; Li, Daqing; Havlin, Shlomo

2015-03-11

Many real world complex systems such as critical infrastructure networks are embedded in space and their components may depend on one another to function. They are also susceptible to geographically localized damage caused by malicious attacks or natural disasters. Here, we study a general model of spatially embedded networks with dependencies under localized attacks. We develop a theoretical and numerical approach to describe and predict the effects of localized attacks on spatially embedded systems with dependencies. Surprisingly, we find that a localized attack can cause substantially more damage than an equivalent random attack. Furthermore, we find that for a broad range of parameters, systems which appear stable are in fact metastable. Though robust to random failures-even of finite fraction-if subjected to a localized attack larger than a critical size which is independent of the system size (i.e., a zero fraction), a cascading failure emerges which leads to complete system collapse. Our results demonstrate the potential high risk of localized attacks on spatially embedded network systems with dependencies and may be useful for designing more resilient systems.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Beaver, Justin M; Borges, Raymond Charles; Buckner, Mark A

Critical infrastructure Supervisory Control and Data Acquisition (SCADA) systems were designed to operate on closed, proprietary networks where a malicious insider posed the greatest threat potential. The centralization of control and the movement towards open systems and standards has improved the efficiency of industrial control, but has also exposed legacy SCADA systems to security threats that they were not designed to mitigate. This work explores the viability of machine learning methods in detecting the new threat scenarios of command and data injection. Similar to network intrusion detection systems in the cyber security domain, the command and control communications in amore » critical infrastructure setting are monitored, and vetted against examples of benign and malicious command traffic, in order to identify potential attack events. Multiple learning methods are evaluated using a dataset of Remote Terminal Unit communications, which included both normal operations and instances of command and data injection attack scenarios.« less

Recommended E3 HEMP Heave Electric Field Waveform for the Critical Infrastructures. Volume 2

DTIC Science & Technology

2017-07-31

OF THE COMMISSION TO ASSESS THE THREAT TO THE UNITED STATES FROM ELECTROMAGNETIC PULSE (EMP) ATTACK The cover photo depicts Fishbowl Starfish...Assess the Threat to the United States from Electromagnetic Pulse (EMP) Attack. The Commission was established by Congress in the FY2001 National...Department of Defense E electric field EMP electromagnetic pulse EPRI Electric Power Research Institute FERC Federal Energy Regulatory Commission GMD

Homeland Security and the Private Sector : a CBO Paper

DTIC Science & Technology

2004-12-01

private sector and the nation as a whole that would underlie the expected costs of terrorist attacks and, hence, the broader benefits of security. This paper focuses on those industries for which the expected human and economic losses from a terrorist attack would be highest -- the country’s critical infrastructure. The analysis more narrowly focuses on those industries that reside largely in the private sector and for which an attack could lead to a direct loss of life. The paper also reviews the incentives for private actions to limit

3 CFR 8760 - Proclamation 8760 of November 30, 2011. Critical Infrastructure Protection Month, 2011

Code of Federal Regulations, 2012 CFR

2012-01-01

..., we must also address the growing threat cyber attacks present to our transportation networks... action against cyber threats. To ensure the safety of our most vital operations, we are working to give...

Modeling and Managing Risk in Billing Infrastructures

NASA Astrophysics Data System (ADS)

Baiardi, Fabrizio; Telmon, Claudio; Sgandurra, Daniele

This paper discusses risk modeling and risk management in information and communications technology (ICT) systems for which the attack impact distribution is heavy tailed (e.g., power law distribution) and the average risk is unbounded. Systems with these properties include billing infrastructures used to charge customers for services they access. Attacks against billing infrastructures can be classified as peripheral attacks and backbone attacks. The goal of a peripheral attack is to tamper with user bills; a backbone attack seeks to seize control of the billing infrastructure. The probability distribution of the overall impact of an attack on a billing infrastructure also has a heavy-tailed curve. This implies that the probability of a massive impact cannot be ignored and that the average impact may be unbounded - thus, even the most expensive countermeasures would be cost effective. Consequently, the only strategy for managing risk is to increase the resilience of the infrastructure by employing redundant components.

Shadows of Stuxnet: Recommendations for U.S. Policy on Critical Infrastructure Cyber Defense Derived from the Stuxnet Attack

DTIC Science & Technology

2016-03-01

wastewater, oil and natural gas, chemical, transportation, pharmaceutical, pulp and paper, food and beverage, and discrete manufacturing (e.g...dams, energy infrastructure, banks, farms, food processing facilities, hospitals, nuclear reactors, transportation carriers, and water treatment... food and agriculture sector” is, “almost entirely under private ownership and is comprised of an estimated 2.2 million farms, 900,000 restaurants, and

Engaging the Nation’s Critical Infrastructure Sector to Deter Cyber Threats

DTIC Science & Technology

2013-03-01

is the component of CyberOps that extends cyber power beyond the defensive boundaries of the GIG to detect, deter, deny, and defeat adversaries... economy .16 DDOS attacks are based on multiple, malware infected personal computers, organized into networks called botnets, and are directed by...not condemn the actions of those involved. Of the two attacks on Estonia and Georgia, it was Estonia that had the greatest damage to its economy

Challenges in the Protection of US Critical Infrastructure in the Cyber Realm

DTIC Science & Technology

2014-05-22

their nature and motivation and the need to differentiate attacks in case of individual attributions ( criminal , espionage, and hacktivist attack vs ...also difficult to distinguish between acts of war and criminal acts. For example, it is natural for the military to be ambiguous as to whether an...must be addressed. The resultant cyber security issues challenge everyone. This prompts the question, what is the nature of the US military

3 CFR 9047 - Proclamation 9047 of October 31, 2013. Critical Infrastructure Security and Resilience Month, 2013

Code of Federal Regulations, 2014 CFR

2014-01-01

... defenses against physical and cyber incidents. In tandem with my Executive Order on cybersecurity, this... natural disasters, as well as cyber attacks. We must ensure that the Federal Government works with all...

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models

DOE PAGES

Rao, Nageswara S. V.; Poole, Stephen W.; Ma, Chris Y. T.; ...

2015-04-06

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical sub-infrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein theirmore » components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. In conclusion, the analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures.« less

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rao, Nageswara S. V.; Poole, Stephen W.; Ma, Chris Y. T.

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical sub-infrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein theirmore » components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. In conclusion, the analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures.« less

Anomaly-based intrusion detection for SCADA systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yang, D.; Usynin, A.; Hines, J. W.

2006-07-01

Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper willmore » briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)« less

MINIMIZING THE VULNERABILITY OF WATER SUPPLIES TO NATURAL AND TERRORIST THREATS

EPA Science Inventory

There is increasing concern that drinking water utilities may be vulnerable to attacks by terrorists. In the US the President's Commission on Critical Infrastructure Protection has concluded the US drinking water utilities are vulnerable to physical, cyber and biological terroris...

Dynamic defense and network randomization for computer systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chavez, Adrian R.; Stout, William M. S.; Hamlet, Jason R.

The various technologies presented herein relate to determining a network attack is taking place, and further to adjust one or more network parameters such that the network becomes dynamically configured. A plurality of machine learning algorithms are configured to recognize an active attack pattern. Notification of the attack can be generated, and knowledge gained from the detected attack pattern can be utilized to improve the knowledge of the algorithms to detect a subsequent attack vector(s). Further, network settings and application communications can be dynamically randomized, wherein artificial diversity converts control systems into moving targets that help mitigate the early reconnaissancemore » stages of an attack. An attack(s) based upon a known static address(es) of a critical infrastructure network device(s) can be mitigated by the dynamic randomization. Network parameters that can be randomized include IP addresses, application port numbers, paths data packets navigate through the network, application randomization, etc.« less

Forewarning of Failure in Complex Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Hively, Lee M; Prowell, Stacy J

2011-01-01

As the critical infrastructures of the United States have become more and more dependent on public and private networks, the potential for widespread national impact resulting from disruption or failure of these networks has also increased. Securing the nation s critical infrastructures requires protecting not only their physical systems but, just as important, the cyber portions of the systems on which they rely. A failure is inclusive of random events, design flaws, and instabilities caused by cyber (and/or physical) attack. One such domain is failure in critical equipment. A second is aging bridges. We discuss the workings of such amore » system in the context of the necessary sensors, command and control and data collection as well as the cyber security efforts that would support this system. Their application and the implications of this computing architecture are also discussed, with respect to our nation s aging infrastructure.« less

Defense of Cyber Infrastructures Against Cyber-Physical Attacks Using Game-Theoretic Models.

PubMed

Rao, Nageswara S V; Poole, Stephen W; Ma, Chris Y T; He, Fei; Zhuang, Jun; Yau, David K Y

2016-04-01

The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities, expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical subinfrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein their components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures, are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. The analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures. © 2015 Society for Risk Analysis.

Tri-Level Optimization Algorithms for Solving Defender-Attacker-Defender Network Models

DTIC Science & Technology

2016-06-01

ed.). New York: Springer. Brimberg, J., Hansen, P., Lin, K., Mladenović, N., & Breton, M. (2003). An Oil Pipeline Design Problem. Operations...H. (2012). Critical infrastructure protection: The vulnerability conundrum. Telematics and informatics , 29(1), 56–65. Retrieved from http

Vulnerability of water supply systems to cyber-physical attacks

NASA Astrophysics Data System (ADS)

Galelli, Stefano; Taormina, Riccardo; Tippenhauer, Nils; Salomons, Elad; Ostfeld, Avi

2016-04-01

The adoption of smart meters, distributed sensor networks and industrial control systems has largely improved the level of service provided by modern water supply systems. Yet, the progressive computerization exposes these critical infrastructures to cyber-physical attacks, which are generally aimed at stealing critical information (cyber-espionage) or causing service disruption (denial-of-service). Recent statistics show that water and power utilities are undergoing frequent attacks - such as the December power outage in Ukraine - , attracting the interest of operators and security agencies. Taking the security of Water Distribution Networks (WDNs) as domain of study, our work seeks to characterize the vulnerability of WDNs to cyber-physical attacks, so as to conceive adequate defense mechanisms. We extend the functionality of EPANET, which models hydraulic and water quality processes in pressurized pipe networks, to include a cyber layer vulnerable to repeated attacks. Simulation results on a medium-scale network show that several hydraulic actuators (valves and pumps, for example) can be easily attacked, causing both service disruption - i.e., water spillage and loss of pressure - and structural damages - e.g., pipes burst. Our work highlights the need for adequate countermeasures, such as attacks detection and reactive control systems.

Emerging Techniques for Field Device Security

DOE PAGES

Schwartz, Moses; Bechtel Corp.; Mulder, John; ...

2014-11-01

Critical infrastructure, such as electrical power plants and oil refineries, rely on embedded devices to control essential processes. State of the art security is unable to detect attacks on these devices at the hardware or firmware level. We provide an overview of the hardware used in industrial control system field devices, look at how these devices have been attacked, and discuss techniques and new technologies that may be used to secure them. We follow three themes: (1) Inspectability, the capability for an external arbiter to monitor the internal state of a device. (2) Trustworthiness, the degree to which a systemmore » will continue to function correctly despite disruption, error, or attack. (3) Diversity, the use of adaptive systems and complexity to make attacks more difficult by reducing the feasible attack surface.« less

Using Physical Models for Anomaly Detection in Control Systems

NASA Astrophysics Data System (ADS)

Svendsen, Nils; Wolthusen, Stephen

Supervisory control and data acquisition (SCADA) systems are increasingly used to operate critical infrastructure assets. However, the inclusion of advanced information technology and communications components and elaborate control strategies in SCADA systems increase the threat surface for external and subversion-type attacks. The problems are exacerbated by site-specific properties of SCADA environments that make subversion detection impractical; and by sensor noise and feedback characteristics that degrade conventional anomaly detection systems. Moreover, potential attack mechanisms are ill-defined and may include both physical and logical aspects.

WATER SECURITY MONITORING USING SURFACE-ENHANCED RAMAN SPECTROSCOPY - PHASE II

EPA Science Inventory

Clean drinking water is a critical component of the United States infrastructure and is therefore a potential target for terrorists. In addition to physical attacks to the water network, like dams, pumping stations and pipelines, there must be vigilance to prevent the water i...

WATER SECURITY MONITORING USING SURFACE-ENHANCED RAMAN SPECTROSCOPY - PHASE I

EPA Science Inventory

Clean drinking water is a critical component of the United States infrastructure and is therefore a potential target for terrorists. In addition to physical attacks to the water network including dams, pumping stations and pipelines, there must be vigilance to prevent the wate...

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills,more » and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between those threats and the defensive capabilities of control systems can be analyzed. The results of the gap analysis drive changes in the cyber security of critical infrastructure networks to close the gap between current exploits and existing defenses. The analysis also provides defenders with an idea of how threat technology is evolving and how defenses will need to be modified to address these emerging trends.« less

To amend the Federal Power Act to provide additional authorities to adequately protect the critical electric infrastructure against cyber attack, and for other purposes.

THOMAS, 111th Congress

Rep. Thompson, Bennie G. [D-MS-2

2009-04-30

House - 05/26/2009 Referred to the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology. (All Actions) Tracker: This bill has the status IntroducedHere are the steps for Status of Legislation:

Neural Network Based Intrusion Detection System for Critical Infrastructures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Todd Vollmer; Ondrej Linda; Milos Manic

2009-07-01

Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recordedmore » from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.« less

Cybersecurity for Critical Infrastructure

DTIC Science & Technology

2015-04-01

cybersecurity methods, attackers would have to use different methods to take down a dam in Alabama from the methods to take down the Hoover Dam ...i AU/ACSC/BAKER/AY15 AIR COMMAND AND STAFF COLLEGE AIR UNIVERSITY CYBERSECURITY FOR CRITICAL INFRASTRUCTURE by Christopher J...Authority………………………………………………………………..13 Current National Guard Cybersecurity Utilization………………………………………14 Leveraging the Guard……………………………………………………………………17

DOE Office of Scientific and Technical Information (OSTI.GOV)

Okhravi, Hamed; Sheldon, Frederick T.; Haines, Joshua

Data diodes provide protection of critical cyber assets by the means of physically enforcing traffic direction on the network. In order to deploy data diodes effectively, it is imperative to understand the protection they provide, the protection they do not provide, their limitations, and their place in the larger security infrastructure. In this work, we study data diodes, their functionalities and limitations. We then propose two critical infrastructure systems that can benefit from the additional protection offered by data diodes: process control networks and net-centric cyber decision support systems. We review the security requirements of these systems, describe the architectures,more » and study the trade-offs. Finally, the architectures are evaluated against different attack patterns.« less

DURIP: Mitigating Attacks on Mobile Devices and Critical Cellular Infrastructure

DTIC Science & Technology

2016-03-03

Patrick Traynor, Shobha Venkataraman . Why is my smartphone slow? On the fly diagnosis of underperformance on the mobile Internet, 2013 43rd Annual IEEE...Symposium (NDSS), 2013. 4. C. Amrutkar, M. Hiltunen, T. Jim, K. Joshi, O. Spatscheck, P. Traynor and S. Venkataraman , Why is My Smartphone Slow? On The

Consequence-driven cyber-informed engineering (CCE)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Freeman, Sarah G.; St Michel, Curtis; Smith, Robert

The Idaho National Lab (INL) is leading a high-impact, national security-level initiative to reprioritize the way the nation looks at high-consequence risk within the industrial control systems (ICS) environment of the country’s most critical infrastructure and other national assets. The Consequence-driven Cyber-informed Engineering (CCE) effort provides both private and public organizations with the steps required to examine their own environments for high-impact events/risks; identify implementation of key devices and components that facilitate that risk; illuminate specific, plausible cyber attack paths to manipulate these devices; and develop concrete mitigations, protections, and tripwires to address the high-consequence risk. The ultimate goal ofmore » the CCE effort is to help organizations take the steps necessary to thwart cyber attacks from even top-tier, highly resourced adversaries that would result in a catastrophic physical effect. CCE participants are encouraged to work collaboratively with each other and with key U.S. Government (USG) contributors to establish a coalition, maximizing the positive effect of lessons-learned and further contributing to the protection of critical infrastructure and other national assets.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Klise, Katherine A.; Hart, David; Moriarty, Dylan Michael

Drinking water systems face multiple challenges, including aging infrastructure, water quality concerns, uncertainty in supply and demand, natural disasters, environmental emergencies, and cyber and terrorist attacks. All of these have the potential to disrupt a large portion of a water system causing damage to infrastructure and outages to customers. Increasing resilience to these types of hazards is essential to improving water security. As one of the United States (US) sixteen critical infrastructure sectors, drinking water is a national priority. The National Infrastructure Advisory Council defined infrastructure resilience as “the ability to reduce the magnitude and/or duration of disruptive events. Themore » effectiveness of a resilient infrastructure or enterprise depends upon its ability to anticipate, absorb, adapt to, and/or rapidly recover from a potentially disruptive event”. Being able to predict how drinking water systems will perform during disruptive incidents and understanding how to best absorb, recover from, and more successfully adapt to such incidents can help enhance resilience.« less

Complex Failure Forewarning System - DHS Conference Proceedings

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Hively, Lee M; Prowell, Stacy J

2011-01-01

As the critical infrastructures of the United States have become more and more dependent on public and private networks, the potential for widespread national impact resulting from disruption or failure of these networks has also increased. Securing the nation s critical infrastructures requires protecting not only their physical systems but, just as important, the cyber portions of the systems on which they rely. A failure is inclusive of random events, design flaws, and instabilities caused by cyber (and/or physical) attack. One such domain, aging bridges, is used to explain the Complex Structure Failure Forewarning System. We discuss the workings ofmore » such a system in the context of the necessary sensors, command and control and data collection as well as the cyber security efforts that would support this system. Their application and the implications of this computing architecture are also discussed, with respect to our nation s aging infrastructure.« less

'Known Secure Sensor Measurements' for Critical Infrastructure Systems: Detecting Falsification of System State

DOE Office of Scientific and Technical Information (OSTI.GOV)

Miles McQueen; Annarita Giani

2011-09-01

This paper describes a first investigation on a low cost and low false alarm, reliable mechanism for detecting manipulation of critical physical processes and falsification of system state. We call this novel mechanism Known Secure Sensor Measurements (KSSM). The method moves beyond analysis of network traffic and host based state information, in fact it uses physical measurements of the process being controlled to detect falsification of state. KSSM is intended to be incorporated into the design of new, resilient, cost effective critical infrastructure control systems. It can also be included in incremental upgrades of already in- stalled systems for enhancedmore » resilience. KSSM is based on known secure physical measurements for assessing the likelihood of an attack and will demonstrate a practical approach to creating, transmitting, and using the known secure measurements for detection.« less

HPC Annual Report: Emulytics.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Crussell, Jonathan; Boote, Jeffrey W.; Fritz, David Jakob

Networked Information Technology systems play a key role supporting critical government, military, and private computer installations. Many of today's critical infrastructure systems have strong dependencies on secure information exchange among geographically dispersed facilities. As operations become increasingly dependent on the information exchange they also become targets for exploitation. The need to protect data and defend these systems from external attack has become increasingly vital while the nature of the threats has become sophisticated and pervasive making the challenges daunting. Enter Emulytics.

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Clements, Samuel L.; Patrick, Scott W.

Securing high value and critical assets is one of the biggest challenges facing this nation and others around the world. In modern integrated systems, there are four potential modes of attack available to an adversary: • physical only attack, • cyber only attack, • physical-enabled cyber attack, • cyber-enabled physical attack. Blended attacks involve an adversary working in one domain to reduce system effectiveness in another domain. This enables the attacker to penetrate further into the overall layered defenses. Existing vulnerability assessment (VA) processes and software tools which predict facility vulnerabilities typically evaluate the physical and cyber domains separately. Vulnerabilitiesmore » which result from the integration of cyber-physical control systems are not well characterized and are often overlooked by existing assessment approaches. In this paper, we modified modification of the timely detection methodology, used for decades in physical security VAs, to include cyber components. The Physical and Cyber Risk Analysis Tool (PACRAT) prototype illustrates an integrated vulnerability assessment that includes cyber-physical interdependencies. Information about facility layout, network topology, and emplaced safeguards is used to evaluate how well suited a facility is to detect, delay, and respond to attacks, to identify the pathways most vulnerable to attack, and to evaluate how often safeguards are compromised for a given threat or adversary type. We have tested the PACRAT prototype on critical infrastructure facilities and the results are promising. Future work includes extending the model to prescribe the recommended security improvements via an automated cost-benefit analysis.« less

People at risk - nexus critical infrastructure and society

NASA Astrophysics Data System (ADS)

Heiser, Micha; Thaler, Thomas; Fuchs, Sven

2016-04-01

Strategic infrastructure networks include the highly complex and interconnected systems that are so vital to a city or state that any sudden disruption can result in debilitating impacts on human life, the economy and the society as a whole. Recently, various studies have applied complex network-based models to study the performance and vulnerability of infrastructure systems under various types of attacks and hazards - a major part of them is, particularly after the 9/11 incident, related to terrorism attacks. Here, vulnerability is generally defined as the performance drop of an infrastructure system under a given disruptive event. The performance can be measured by different metrics, which correspond to various levels of resilience. In this paper, we will address vulnerability and exposure of critical infrastructure in the Eastern Alps. The Federal State Tyrol is an international transport route and an essential component of the north-south transport connectivity in Europe. Any interruption of the transport flow leads to incommensurable consequences in terms of indirect losses, since the system does not feature redundant elements at comparable economic efficiency. Natural hazard processes such as floods, debris flows, rock falls and avalanches, endanger this infrastructure line, such as large flood events in 2005 or 2012, rock falls 2014, which had strong impacts to the critical infrastructure, such as disruption of the railway lines (in 2005 and 2012), highways and motorways (in 2014). The aim of this paper is to present how critical infrastructures as well as communities and societies are vulnerable and can be resilient against natural hazard risks and the relative cascading effects to different compartments (industrial, infrastructural, societal, institutional, cultural, etc.), which is the dominant by the type of hazard (avalanches, torrential flooding, debris flow, rock falls). Specific themes will be addressed in various case studies to allow cross-learning and cross-comparison of, for example rural and urban areas, and different scales. Correspondingly, scale-specific resilience indicators and metrics will be developed to tailor methods to specific needs according to the scale of assessment (micro/local and macro/regional) and to the type of infrastructure. The traditional indicators normally used in structural analysis are not sufficient to understand how events happening on the networks can have cascading consequences. Moreover, effects have multidimensional (technical, economic, organizational and human), multiscale (micro and macro) and temporal characteristics (short- to long-term incidence). These considerations will guide to different activities: 1) computation of classic structural analysis indicators on the case studies in order to obtain an identity of the transport infrastructure and; 2) development of a set of new measures of resilience. To mitigate natural hazard risk a large amount of protection measures of different typology have been constructed following inhomogeneous reliability standards. The focus of this case study will be on resilience issues and decision making in the context of a large scale sectorial approach focused on transport infrastructure network.

Decision-Making Uncertainty and the Use of Force in Cyberspace: A Phenomenological Study of Military Officers

ERIC Educational Resources Information Center

Caudle, Daryl L.

2010-01-01

The nation's critical infrastructure, information systems, and telecommunication networks are vulnerable and threatened by an ever-growing number of attacks in cyberspace. An essential element of the nation's comprehensive approach to cybersecurity is the ability for the Department of Defense to protect and defend its information enterprise.…

Impact modeling and prediction of attacks on cyber targets

NASA Astrophysics Data System (ADS)

Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

2010-04-01

In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

Towards a Cyber Defense Framework for SCADA Systems Based on Power Consumption Monitoring

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hernandez Jimenez, Jarilyn M; Chen, Qian; Nichols, Jeff A.

Supervisory control and data acquisition (SCADA) is an industrial automation system that remotely monitor, and control critical infrastructures. SCADA systems are major targets for espionage and sabotage attackers. According to the 2015 Dell security annual threat report, the number of cyber-attacks against SCADA systems has doubled in the past year. Cyber-attacks (i.e., buffer overflow, rootkits and code injection) could cause serious financial losses and physical infrastructure damages. Moreover, some specific cyber-attacks against SCADA systems could become a threat to human life. Current commercial off-the-shelf security solutions are insufficient in protecting SCADA systems against sophisticated cyber-attacks. In 2014 a report bymore » Mandiant stated that only 69% of organizations learned about their breaches from third entities, meaning that these companies lack of their own detection system. Furthermore, these breaches are not detected in real-time or fast enough to prevent further damages. The average time between compromise and detection (for those intrusions that were detected) was 205 days. To address this challenge, we propose an Intrusion Detection System (IDS) that detects SCADA-specific cyber-attacks by analyzing the power consumption of a SCADA device. Specifically, to validate the proposed approach, we chose to monitor in real-time the power usage of a a Programmable Logic Controller (PLC). To this end, we configured the hardware of the tetsbed by installing the required sensors to monitor and collect its power consumption. After that two SCADA-specific cyber-attacks were simulated and TracerDAQ Pro was used to collect the power consumption of the PLC under normal and anomalous scenarios. Results showed that is possible to distinguish between the regular power usage of the PLC and when the PLC was under specific cyber-attacks.« less

A Systems-Based Risk Assessment Framework for Intentional Electromagnetic Interference (IEMI) on Critical Infrastructures.

PubMed

Oakes, Benjamin Donald; Mattsson, Lars-Göran; Näsman, Per; Glazunov, Andrés Alayón

2018-06-01

Modern infrastructures are becoming increasingly dependent on electronic systems, leaving them more vulnerable to electrical surges or electromagnetic interference. Electromagnetic disturbances appear in nature, e.g., lightning and solar wind; however, they may also be generated by man-made technology to maliciously damage or disturb electronic equipment. This article presents a systematic risk assessment framework for identifying possible, consequential, and plausible intentional electromagnetic interference (IEMI) attacks on an arbitrary distribution network infrastructure. In the absence of available data on IEMI occurrences, we find that a systems-based risk assessment is more useful than a probabilistic approach. We therefore modify the often applied definition of risk, i.e., a set of triplets containing scenario, probability, and consequence, to a set of quadruplets: scenario, resource requirements, plausibility, and consequence. Probability is "replaced" by resource requirements and plausibility, where the former is the minimum amount and type of equipment necessary to successfully carry out an attack scenario and the latter is a subjective assessment of the extent of the existence of attackers who possess the motivation, knowledge, and resources necessary to carry out the scenario. We apply the concept of intrusion areas and classify electromagnetic source technology according to key attributes. Worst-case scenarios are identified for different quantities of attacker resources. The most plausible and consequential of these are deemed the most important scenarios and should provide useful decision support in a countermeasures effort. Finally, an example of the proposed risk assessment framework, based on notional data, is provided on a hypothetical water distribution network. © 2017 Society for Risk Analysis.

Risk Assessment Methodology for Water utilities (RAM-W) : the foundation for emergency response planning.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Danneels, Jeffrey John

2005-03-01

Concerns about acts of terrorism against critical infrastructures have been on the rise for several years. Critical infrastructures are those physical structures and information systems (including cyber) essential to the minimum operations of the economy and government. The President's Commission on Critical Infrastructure Protection (PCCIP) probed the security of the nation's critical infrastructures. The PCCIP determined the water infrastructure is highly vulnerable to a range of potential attacks. In October 1997, the PCCIP proposed a public/private partnership between the federal government and private industry to improve the protection of the nation's critical infrastructures. In early 2000, the EPA partnered withmore » the Awwa Research Foundation (AwwaRF) and Sandia National Laboratories to create the Risk Assessment Methodology for Water Utilities (RAM-W{trademark}). Soon thereafter, they initiated an effort to create a template and minimum requirements for water utility Emergency Response Plans (ERP). All public water utilities in the US serving populations greater than 3,300 are required to undertaken both a vulnerability assessment and the development of an emergency response plan. This paper explains the initial steps of RAM-W{trademark} and then demonstrates how the security risk assessment is fundamental to the ERP. During the development of RAM-W{trademark}, Sandia performed several security risk assessments at large metropolitan water utilities. As part of the scope of that effort, ERPs at each utility were reviewed to determine how well they addressed significant vulnerabilities uncovered during the risk assessment. The ERP will contain responses to other events as well (e.g. natural disasters) but should address all major findings in the security risk assessment.« less

Towards A Theory of Autonomous Reconstitution of Compromised Cyber-Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ramuhalli, Pradeep; Halappanavar, Mahantesh; Coble, Jamie B.

The ability to maintain mission-critical operations in cyber-systems in the face of disruptions is critical. Faults in cyber systems can come from accidental sources (e.g., natural failure of a component) or deliberate sources (e.g., an intelligent adversary). Natural and intentional manipulation of data, computing, or coordination are the most impactful ways that an attacker can prevent an infrastructure from realizing its mission goals. Under these conditions, the ability to reconstitute critical infrastructure becomes important. Specifically, the question is: Given an intelligent adversary, how can cyber systems respond to keep critical infrastructure operational? In cyber systems, the distributed nature of themore » system poses serious difficulties in maintaining operations, in part due to the fact that a centralized command and control apparatus is unlikely to provide a robust framework for resilience. Resilience in cyber-systems, in general, has several components, and requires the ability to anticipate and withstand attacks or faults, as well as recover from faults and evolve the system to improve future resilience. The recovery effort (and any subsequent evolution) may require significant reconfiguration of the system (at all levels – hardware, software, services, permissions, etc.) if the system is to be made resilient to further attack or faults. This is especially important in the case of ongoing attacks, where reconfiguration decisions must be taken with care to avoid further compromising the system while maintaining continuity of operations. Collectively, we will label this recovery and evolution process as “reconstitution”. Currently, reconstitution is performed manually, generally after-the-fact, and usually consists of either standing up redundant systems, check-points (rolling back the configuration to a “clean” state), or re-creating the system using “gold-standard” copies. For enterprise systems, such reconstitution may be performed either directly on hardware, or using virtual machines. A significant challenge within this context is the ability to verify that the reconstitution is performed in a manner that renders the cyber-system resilient to ongoing and future attacks or faults. Fundamentally, the need is to determine optimal configuration of the cyber system when a fault is determined to be present. While existing theories for fault tolerance (for example, Byzantine fault tolerance) can guarantee resilience under certain conditions, in practice, these theories can break down in the face of an intelligent adversary. Further, it is difficult, in a dynamically evolving environment, to determine whether the necessary conditions for resilience have been met, resulting in difficulties in achieving resilient operation. In addition, existing theories do not sufficiently take into account the cost for attack and defense (the adversary is generally assumed to have infinite resources and time), hierarchy of importance (all network resources are assumed to be equally important), and the dynamic nature of some attacks (i.e., as the attack evolves, can resilience be maintained?). Alternative approaches to resilience based on a centralized command and control structure suffer from a single-point-failure. This paper presents preliminary research towards concepts for effective autonomous reconstitution of compromised cyber systems. We describe a mathematical framework as a first step towards a theoretical basis for autonomous reconstitution in dynamic cyber-system environments. We then propose formulating autonomous reconstitution as an optimization problem and describe some of the challenges associated with this formulation. This is followed by a brief discussion on potential solutions to these challenges.« less

Expanding the Department of Defense’s Role in Cyber Civil Support

DTIC Science & Technology

2011-06-17

vulnerability of this very crucial domain. They include the Y2K problem, the Estonia cyber-attacks in 2007, and the role of cyber in the Russian-Georgia...cyber security vulnerabilities associated with critical infrastructure. The Year 2000 Challenge The Year 2000 ( Y2K ) problem was the result of...and microprocessors failed to make the correct transition from 1999 to 2000.19 One of the most critical concerns with Y2K was the potential cascading

Security Analysis of Smart Grid Cyber Physical Infrastructures Using Modeling and Game Theoretic Simulation

DOE Office of Scientific and Technical Information (OSTI.GOV)

Abercrombie, Robert K; Sheldon, Frederick T.

Cyber physical computing infrastructures typically consist of a number of sites are interconnected. Its operation critically depends both on cyber components and physical components. Both types of components are subject to attacks of different kinds and frequencies, which must be accounted for the initial provisioning and subsequent operation of the infrastructure via information security analysis. Information security analysis can be performed using game theory implemented in dynamic Agent Based Game Theoretic (ABGT) simulations. Such simulations can be verified with the results from game theory analysis and further used to explore larger scale, real world scenarios involving multiple attackers, defenders, andmore » information assets. We concentrated our analysis on the electric sector failure scenarios and impact analyses by the NESCOR Working Group Study, From the Section 5 electric sector representative failure scenarios; we extracted the four generic failure scenarios and grouped them into three specific threat categories (confidentiality, integrity, and availability) to the system. These specific failure scenarios serve as a demonstration of our simulation. The analysis using our ABGT simulation demonstrates how to model the electric sector functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the cyber physical infrastructure network with respect to CIA.« less

Assessing Resilience in the Global Undersea Cable Infrastructure

DTIC Science & Technology

2012-06-01

ABBREVIATIONS ACMA Australian Communications and Media Authority AD Attacker-Defender FSSCC Financial Services Sector Coordinating Council...after a disruption to the value delivery of the system before the disruption. Finally, their article also highlights the critical importance of...Chang et al. (2006), gravity models take their name from Newton’s law of gravitation, and are commonly used by social scientists to model or

Analyzing Cyber Security Threats on Cyber-Physical Systems Using Model-Based Systems Engineering

NASA Technical Reports Server (NTRS)

Kerzhner, Aleksandr; Pomerantz, Marc; Tan, Kymie; Campuzano, Brian; Dinkel, Kevin; Pecharich, Jeremy; Nguyen, Viet; Steele, Robert; Johnson, Bryan

2015-01-01

The spectre of cyber attacks on aerospace systems can no longer be ignored given that many of the components and vulnerabilities that have been successfully exploited by the adversary on other infrastructures are the same as those deployed and used within the aerospace environment. An important consideration with respect to the mission/safety critical infrastructure supporting space operations is that an appropriate defensive response to an attack invariably involves the need for high precision and accuracy, because an incorrect response can trigger unacceptable losses involving lives and/or significant financial damage. A highly precise defensive response, considering the typical complexity of aerospace environments, requires a detailed and well-founded understanding of the underlying system where the goal of the defensive response is to preserve critical mission objectives in the presence of adversarial activity. In this paper, a structured approach for modeling aerospace systems is described. The approach includes physical elements, network topology, software applications, system functions, and usage scenarios. We leverage Model-Based Systems Engineering methodology by utilizing the Object Management Group's Systems Modeling Language to represent the system being analyzed and also utilize model transformations to change relevant aspects of the model into specialized analyses. A novel visualization approach is utilized to visualize the entire model as a three-dimensional graph, allowing easier interaction with subject matter experts. The model provides a unifying structure for analyzing the impact of a particular attack or a particular type of attack. Two different example analysis types are demonstrated in this paper: a graph-based propagation analysis based on edge labels, and a graph-based propagation analysis based on node labels.

Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hartman, Steven M

2012-01-01

Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both ofmore » these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.« less

A framework for linking cybersecurity metrics to the modeling of macroeconomic interdependencies.

PubMed

Santos, Joost R; Haimes, Yacov Y; Lian, Chenyang

2007-10-01

Hierarchical decision making is a multidimensional process involving management of multiple objectives (with associated metrics and tradeoffs in terms of costs, benefits, and risks), which span various levels of a large-scale system. The nation is a hierarchical system as it consists multiple classes of decisionmakers and stakeholders ranging from national policymakers to operators of specific critical infrastructure subsystems. Critical infrastructures (e.g., transportation, telecommunications, power, banking, etc.) are highly complex and interconnected. These interconnections take the form of flows of information, shared security, and physical flows of commodities, among others. In recent years, economic and infrastructure sectors have become increasingly dependent on networked information systems for efficient operations and timely delivery of products and services. In order to ensure the stability, sustainability, and operability of our critical economic and infrastructure sectors, it is imperative to understand their inherent physical and economic linkages, in addition to their cyber interdependencies. An interdependency model based on a transformation of the Leontief input-output (I-O) model can be used for modeling: (1) the steady-state economic effects triggered by a consumption shift in a given sector (or set of sectors); and (2) the resulting ripple effects to other sectors. The inoperability metric is calculated for each sector; this is achieved by converting the economic impact (typically in monetary units) into a percentage value relative to the size of the sector. Disruptive events such as terrorist attacks, natural disasters, and large-scale accidents have historically shown cascading effects on both consumption and production. Hence, a dynamic model extension is necessary to demonstrate the interplay between combined demand and supply effects. The result is a foundational framework for modeling cybersecurity scenarios for the oil and gas sector. A hypothetical case study examines a cyber attack that causes a 5-week shortfall in the crude oil supply in the Gulf Coast area.

Detecting Payload Attacks on Programmable Logic Controllers (PLCs)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yang, Huan

Programmable logic controllers (PLCs) play critical roles in industrial control systems (ICS). Providing hardware peripherals and firmware support for control programs (i.e., a PLC’s “payload”) written in languages such as ladder logic, PLCs directly receive sensor readings and control ICS physical processes. An attacker with access to PLC development software (e.g., by compromising an engineering workstation) can modify the payload program and cause severe physical damages to the ICS. To protect critical ICS infrastructure, we propose to model runtime behaviors of legitimate PLC payload program and use runtime behavior monitoring in PLC firmware to detect payload attacks. By monitoring themore » I/O access patterns, network access patterns, as well as payload program timing characteristics, our proposed firmware-level detection mechanism can detect abnormal runtime behaviors of malicious PLC payload. Using our proof-of-concept implementation, we evaluate the memory and execution time overhead of implementing our proposed method and find that it is feasible to incorporate our method into existing PLC firmware. In addition, our evaluation results show that a wide variety of payload attacks can be effectively detected by our proposed approach. The proposed firmware-level payload attack detection scheme complements existing bumpin- the-wire solutions (e.g., external temporal-logic-based model checkers) in that it can detect payload attacks that violate realtime requirements of ICS operations and does not require any additional apparatus.« less

Cybersecurity for distributed energy resources and smart inverters

DOE PAGES

Qi, Junjian; Hahn, Adam; Lu, Xiaonan; ...

2016-12-01

The increased penetration of distributed energy resources (DER) will significantly increase the number of devices that are owned and controlled by consumers and third parties. These devices have a significant dependency on digital communication and control, which presents a growing risk from cyber attacks. This paper proposes a holistic attack-resilient framework to protect the the integrated DER and the critical power grid infrastructure from malicious cyber attacks, helping ensure the secure integration of DER without harming the grid reliability and stability. Specifically, we discuss the architecture of the cyber-physical power system with a high penetration of DER and analyze themore » unique cybersecurity challenges introduced by DER integration. Next, we summarize important attack scenarios against DER, propose a systematic DER resilience analysis methodology, and develop effective and quantifiable resilience metrics and design principles. Lastly, we introduce attack prevention, detection, and response measures specifically designed for DER integration across cyber, physical device, and utility layers of the future smart grid.« less

Cybersecurity for distributed energy resources and smart inverters

DOE Office of Scientific and Technical Information (OSTI.GOV)

Qi, Junjian; Hahn, Adam; Lu, Xiaonan

The increased penetration of distributed energy resources (DER) will significantly increase the number of devices that are owned and controlled by consumers and third parties. These devices have a significant dependency on digital communication and control, which presents a growing risk from cyber attacks. This paper proposes a holistic attack-resilient framework to protect the the integrated DER and the critical power grid infrastructure from malicious cyber attacks, helping ensure the secure integration of DER without harming the grid reliability and stability. Specifically, we discuss the architecture of the cyber-physical power system with a high penetration of DER and analyze themore » unique cybersecurity challenges introduced by DER integration. Next, we summarize important attack scenarios against DER, propose a systematic DER resilience analysis methodology, and develop effective and quantifiable resilience metrics and design principles. Lastly, we introduce attack prevention, detection, and response measures specifically designed for DER integration across cyber, physical device, and utility layers of the future smart grid.« less

The robustness of multiplex networks under layer node-based attack

PubMed Central

Zhao, Da-wei; Wang, Lian-hai; Zhi, Yong-feng; Zhang, Jun; Wang, Zhen

2016-01-01

From transportation networks to complex infrastructures, and to social and economic networks, a large variety of systems can be described in terms of multiplex networks formed by a set of nodes interacting through different network layers. Network robustness, as one of the most successful application areas of complex networks, has attracted great interest in a myriad of research realms. In this regard, how multiplex networks respond to potential attack is still an open issue. Here we study the robustness of multiplex networks under layer node-based random or targeted attack, which means that nodes just suffer attacks in a given layer yet no additional influence to their connections beyond this layer. A theoretical analysis framework is proposed to calculate the critical threshold and the size of giant component of multiplex networks when nodes are removed randomly or intentionally. Via numerous simulations, it is unveiled that the theoretical method can accurately predict the threshold and the size of giant component, irrespective of attack strategies. Moreover, we also compare the robustness of multiplex networks under multiplex node-based attack and layer node-based attack, and find that layer node-based attack makes multiplex networks more vulnerable, regardless of average degree and underlying topology. PMID:27075870

The robustness of multiplex networks under layer node-based attack.

PubMed

Zhao, Da-wei; Wang, Lian-hai; Zhi, Yong-feng; Zhang, Jun; Wang, Zhen

2016-04-14

From transportation networks to complex infrastructures, and to social and economic networks, a large variety of systems can be described in terms of multiplex networks formed by a set of nodes interacting through different network layers. Network robustness, as one of the most successful application areas of complex networks, has attracted great interest in a myriad of research realms. In this regard, how multiplex networks respond to potential attack is still an open issue. Here we study the robustness of multiplex networks under layer node-based random or targeted attack, which means that nodes just suffer attacks in a given layer yet no additional influence to their connections beyond this layer. A theoretical analysis framework is proposed to calculate the critical threshold and the size of giant component of multiplex networks when nodes are removed randomly or intentionally. Via numerous simulations, it is unveiled that the theoretical method can accurately predict the threshold and the size of giant component, irrespective of attack strategies. Moreover, we also compare the robustness of multiplex networks under multiplex node-based attack and layer node-based attack, and find that layer node-based attack makes multiplex networks more vulnerable, regardless of average degree and underlying topology.

Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Govindarasu, Manimaran; Wang, Jianhui

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC thatmore » addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.« less

The benefits and costs of disclosing information about risks: what do we know about right-to-know?

PubMed

Beierle, Thomas C

2004-04-01

Following the attacks of September 11, 2001, the Environmental Protection Agency and other government agencies removed information from their web sites that they feared could invite attacks on critical public and private infrastructure. Accordingly, the benefits and costs of environmental information disclosure programs have come under increasing scrutiny. This article describes a framework for examining these benefits and costs and illustrates the framework through brief case studies of two information disclosure programs: risk management planning and materials accounting. The article outlines what we know and still need to find out about information disclosure programs in order to appropriately balance benefits and costs.

Agroterrorism: where are we in the ongoing war on terrorism?

PubMed

Crutchley, Tamara M; Rodgers, Joel B; Whiteside, Heustis P; Vanier, Marty; Terndrup, Thomas E

2007-03-01

The U.S. agricultural infrastructure is one of the most productive and efficient food-producing systems in the world. Many of the characteristics that contribute to its high productivity and efficiency also make this infrastructure extremely vulnerable to a terrorist attack by a biological weapon. Several experts have repeatedly stated that taking advantage of these vulnerabilities would not require a significant undertaking and that the nation's agricultural infrastructure remains highly vulnerable. As a result of continuing criticism, many initiatives at all levels of government and within the private sector have been undertaken to improve our ability to detect and respond to an agroterrorist attack. However, outbreaks, such as the 1999 West Nile outbreak, the 2001 anthrax attacks, the 2003 monkeypox outbreak, and the 2004 Escherichia coli O157:H7 outbreak, have demonstrated the need for improvements in the areas of communication, emergency response and surveillance efforts, and education for all levels of government, the agricultural community, and the private sector. We recommend establishing an interdisciplinary advisory group that consists of experts from public health, human health, and animal health communities to prioritize improvement efforts in these areas. The primary objective of this group would include establishing communication, surveillance, and education benchmarks to determine current weaknesses in preparedness and activities designed to mitigate weaknesses. We also recommend broader utilization of current food and agricultural preparedness guidelines, such as those developed by the U.S. Department of Agriculture and the U.S. Food and Drug Administration.

False Positive and False Negative Effects on Network Attacks

NASA Astrophysics Data System (ADS)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

Design of a Mobile Agent-Based Adaptive Communication Middleware for Federations of Critical Infrastructure Simulations

NASA Astrophysics Data System (ADS)

Görbil, Gökçe; Gelenbe, Erol

The simulation of critical infrastructures (CI) can involve the use of diverse domain specific simulators that run on geographically distant sites. These diverse simulators must then be coordinated to run concurrently in order to evaluate the performance of critical infrastructures which influence each other, especially in emergency or resource-critical situations. We therefore describe the design of an adaptive communication middleware that provides reliable and real-time one-to-one and group communications for federations of CI simulators over a wide-area network (WAN). The proposed middleware is composed of mobile agent-based peer-to-peer (P2P) overlays, called virtual networks (VNets), to enable resilient, adaptive and real-time communications over unreliable and dynamic physical networks (PNets). The autonomous software agents comprising the communication middleware monitor their performance and the underlying PNet, and dynamically adapt the P2P overlay and migrate over the PNet in order to optimize communications according to the requirements of the federation and the current conditions of the PNet. Reliable communications is provided via redundancy within the communication middleware and intelligent migration of agents over the PNet. The proposed middleware integrates security methods in order to protect the communication infrastructure against attacks and provide privacy and anonymity to the participants of the federation. Experiments with an initial version of the communication middleware over a real-life networking testbed show that promising improvements can be obtained for unicast and group communications via the agent migration capability of our middleware.

Assessing and Improving Operational Resilience of Critical Infrastructures and Other Systems

DTIC Science & Technology

2014-01-01

Fukushima Daiichi nuclear disaster in 2011, along with the devastation caused by Hurricane “Superstorm” Sandy in 2012, have reinforced the need for...2006. In the years following HSPD-7, there were a number of unprecedented natural disasters , including the Indonesian tsunami in December 2004...Stakelberg game; optimization; operational model; attacker model; defender model 1. Introduction In the last 15 years, a number of disasters , some deliberately

Cyber attacks against state estimation in power systems: Vulnerability analysis and protection strategies

NASA Astrophysics Data System (ADS)

Liu, Xuan

Power grid is one of the most critical infrastructures in a nation and could suffer a variety of cyber attacks. With the development of Smart Grid, false data injection attack has recently attracted wide research interest. This thesis proposes a false data attack model with incomplete network information and develops optimal attack strategies for attacking load measurements and the real-time topology of a power grid. The impacts of false data on the economic and reliable operations of power systems are quantitatively analyzed in this thesis. To mitigate the risk of cyber attacks, a distributed protection strategies are also developed. It has been shown that an attacker can design false data to avoid being detected by the control center if the network information of a power grid is known to the attacker. In practice, however, it is very hard or even impossible for an attacker to obtain all network information of a power grid. In this thesis, we propose a local load redistribution attacking model based on incomplete network information and show that an attacker only needs to obtain the network information of the local attacking region to inject false data into smart meters in the local region without being detected by the state estimator. A heuristic algorithm is developed to determine a feasible attacking region by obtaining reduced network information. This thesis investigates the impacts of false data on the operations of power systems. It has been shown that false data can be designed by an attacker to: 1) mask the real-time topology of a power grid; 2) overload a transmission line; 3) disturb the line outage detection based on PMU data. To mitigate the risk of cyber attacks, this thesis proposes a new protection strategy, which intends to mitigate the damage effects of false data injection attacks by protecting a small set of critical measurements. To further reduce the computation complexity, a mixed integer linear programming approach is also proposed to separate the power grid into several subnetworks, then distributed protection strategy is applied to each subnetwork.

Essays in Energy Policy: The Interplay Between Risks and Incentives

NASA Astrophysics Data System (ADS)

Lordan-Perret, Rebecca Jane Bishop

My dissertation considers examples of how social, economic, and political incentives associated with energy production, distribution, and consumption increase the risk of harm to society and the environment. In the first essay, "Why America should move toward dry cask consolidated interim storage of used nuclear fuel," my co-authors and I discuss how the confluence of the U.S. Government and electricity utilities' political and economic incentives created a gridlock preventing a long-term nuclear waste disposal solution. We find that our current policies undermine the safety and security of the nuclear waste, and so, suggest a temporary, consolidated storage solution. In the second essay, "Import-Adjusted Fatality Rates for Individual OECD Countries Caused by Accidents in the Oil Energy Chain," my co-authors and I adopt a technique from the greenhouse gas accounting literature and assign CO2 emissions to the final consumer (rather than the producer) by allocating the risk - measured in fatalities - associated with oil production to the final consumer. The new assignments show that normal methods of tracking oil production impacts only capture part of the actual costs. In the third essay, "Insurgent Attacks on Energy Infrastructure and Electoral Institutions in Colombia," my co-authors and I consider the economic and political incentives that an energy resource create in a conflict environment. Our research shows that insurgents in Colombia, Las Fuerzas Armadas Revolucionarias de Colombia (FARC) and Ejercito de Liberacion Nacional (ELN), strategically time attacks on critical energy infrastructure during elections. These results are the first to quantify insurgent tactics to target critical energy infrastructure, which potentially undermine state capacity and democratic processes.

Information Assurance in Wireless Networks

NASA Astrophysics Data System (ADS)

Kabara, Joseph; Krishnamurthy, Prashant; Tipper, David

2001-09-01

Emerging wireless networks will contain a hybrid infrastructure based on fixed, mobile and ad hoc topologies and technologies. In such a dynamic architecture, we define information assurance as the provisions for both information security and information availability. The implications of this definition are that the wireless network architecture must (a) provide sufficient security measures, (b) be survivable under node or link attack or failure and (c) be designed such that sufficient capacity remains for all critical services (and preferably most other services) in the event of attack or component failure. We have begun a research project to investigate the provision of information assurance for wireless networks viz. survivability, security and availability and here discuss the issues and challenges therein.

Trends in Terrorism: 2006

DTIC Science & Technology

2006-07-21

documented are attacks aimed at damaging tourism (e.g. Bali , Luxor) and those disrupting transportation infrastructure (Madrid, London, and plots foiled in...policy focus are (1) attacks that aim to cause economic damage such as attacks on transportation infrastructure, tourism , and oil installations, (2) the...and the allies. Building the group’s own armaments industry is cited as a revised goal as well. See “Papers Reveal Weakening Terror Group,” by Rowan

Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Moore, Michael Roy; Bridges, Robert A; Combs, Frank L

Modern vehicles rely on hundreds of on-board electronic control units (ECUs) communicating over in-vehicle networks. As external interfaces to the car control networks (such as the on-board diagnostic (OBD) port, auxiliary media ports, etc.) become common, and vehicle-to-vehicle / vehicle-to-infrastructure technology is in the near future, the attack surface for vehicles grows, exposing control networks to potentially life-critical attacks. This paper addresses the need for securing the CAN bus by detecting anomalous traffic patterns via unusual refresh rates of certain commands. While previous works have identified signal frequency as an important feature for CAN bus intrusion detection, this paper providesmore » the first such algorithm with experiments on five attack scenarios. Our data-driven anomaly detection algorithm requires only five seconds of training time (on normal data) and achieves true positive / false discovery rates of 0.9998/0.00298, respectively (micro-averaged across the five experimental tests).« less

Designing and Operating Through Compromise: Architectural Analysis of CKMS for the Advanced Metering Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Duren, Mike; Aldridge, Hal; Abercrombie, Robert K

2013-01-01

Compromises attributable to the Advanced Persistent Threat (APT) highlight the necessity for constant vigilance. The APT provides a new perspective on security metrics (e.g., statistics based cyber security) and quantitative risk assessments. We consider design principals and models/tools that provide high assurance for energy delivery systems (EDS) operations regardless of the state of compromise. Cryptographic keys must be securely exchanged, then held and protected on either end of a communications link. This is challenging for a utility with numerous substations that must secure the intelligent electronic devices (IEDs) that may comprise complex control system of systems. For example, distribution andmore » management of keys among the millions of intelligent meters within the Advanced Metering Infrastructure (AMI) is being implemented as part of the National Smart Grid initiative. Without a means for a secure cryptographic key management system (CKMS) no cryptographic solution can be widely deployed to protect the EDS infrastructure from cyber-attack. We consider 1) how security modeling is applied to key management and cyber security concerns on a continuous basis from design through operation, 2) how trusted models and key management architectures greatly impact failure scenarios, and 3) how hardware-enabled trust is a critical element to detecting, surviving, and recovering from attack.« less

INL Control System Situational Awareness Technology Final Report 2013

DOE Office of Scientific and Technical Information (OSTI.GOV)

Gordon Rueff; Bryce Wheeler; Todd Vollmer

The Situational Awareness project is a comprehensive undertaking of Idaho National Laboratory (INL) in an effort to produce technologies capable of defending the country’s energy sector infrastructure from cyber attack. INL has addressed this challenge through research and development of an interoperable suite of tools that safeguard critical energy sector infrastructure. The technologies in this project include the Sophia Tool, Mesh Mapper (MM) Tool, Intelligent Cyber Sensor (ICS) Tool, and Data Fusion Tool (DFT). Each is designed to function effectively on its own, or they can be integrated in a variety of customized configurations based on the end user’s riskmore » profile and security needs.« less

An assessment of the cyber security legislation and its impact on the United States electrical sector

NASA Astrophysics Data System (ADS)

Born, Joshua

The purpose of this research was to examine the cyber-security posture for the United States' electrical grid, which comprises a major component of critical infrastructure for the country. The United States electrical sector is so vast, that the Department of Homeland Security (DHS) estimates, it contains more than 6,413 power plants (this includes 3,273 traditional electric utilities and 1,738 nonutility power producers) with approximately 1,075 gigawatts of energy produced on a daily basis. A targeted cyber-security attack against the electric grid would likely have catastrophic results and could even serve as a precursor to a physical attack against the United States. A recent report by the consulting firm Black and Veatch found that one of the top five greatest concerns for United States electric utilities is the risk that cybersecurity poses to their industry and yet, only one-third state they are currently prepared to meet the increasingly likely threat. The report goes on to state, "only 32% of electric utilities surveyed had integrated security systems with the proper segmentation, monitoring and redundancies needed for cyber threat protection. Another 48 % said they did not" Recent estimates indicate that a large-scale cyber-attack against this sector could cost the United States economy as much as a trillion dollars within a weeks' time. Legislative efforts in the past have primarily been focused on creating mandates that encourage public and private partnership, which have been not been adopted as quickly as desired. With 85 % of all electric utilities being privately owned, it is key that the public and private sector partner in order to mitigate risks and respond as a cohesive unit in the event of a major attack. Keywords: Cybersecurity, Professor Riddell, cyber security, energy, intelligence, outlook, electrical, compliance, legislation, partnerships, critical infrastructure.

The framework for simulation of bioinspired security mechanisms against network infrastructure attacks.

PubMed

Shorov, Andrey; Kotenko, Igor

2014-01-01

The paper outlines a bioinspired approach named "network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed procedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine necessary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described.

Game-theoretic strategies for asymmetric networked systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rao, Nageswara S.; Ma, Chris Y. T.; Hausken, Kjell

Abstract—We consider an infrastructure consisting of a network of systems each composed of discrete components that can be reinforced at a certain cost to guard against attacks. The network provides the vital connectivity between systems, and hence plays a critical, asymmetric role in the infrastructure operations. We characterize the system-level correlations using the aggregate failure correlation function that specifies the infrastructure failure probability given the failure of an individual system or network. The survival probabilities of systems and network satisfy first-order differential conditions that capture the component-level correlations. We formulate the problem of ensuring the infrastructure survival as a gamemore » between anattacker and a provider, using the sum-form and product-form utility functions, each composed of a survival probability term and a cost term. We derive Nash Equilibrium conditions which provide expressions for individual system survival probabilities, and also the expected capacity specified by the total number of operational components. These expressions differ only in a single term for the sum-form and product-form utilities, despite their significant differences.We apply these results to simplified models of distributed cloud computing infrastructures.« less

Report of the Commission to Assess the Threat to the United States from Electromagnetic Pulse (EMP) Attack: Critical National Infrastructures

DTIC Science & Technology

2008-04-01

consumers and electric utilities in Arizona and Southern California. Twelve people, including five children, died as a result of the explosion. The...Modern electronics, communications, pro- tection, control and computers have allowed the physical system to be utilized fully with ever smaller... margins for error. Therefore, a relatively modest upset to the system can cause functional collapse. As the system grows in complexity and interdependence

In The Dark: Military Planning for a Catastrophic Critical Infrastructure Event

DTIC Science & Technology

2011-05-01

source), and can be designed very easily. A trailer can carry a larger sized generator and multiple sites could be impacted by a coordinated attack...limited ingress and egress options. This scenario does not address EMP/ EMI , but for starters, this should be enough of a challenge with all normal...election of President Obama, warning that Russia would not tolerate the Bush Administration’s NATO missile shield , and that Russia would take steps to

Security Economics and Critical National Infrastructure

NASA Astrophysics Data System (ADS)

Anderson, Ross; Fuloria, Shailendra

There has been considerable effort and expenditure since 9/11 on the protection of ‘Critical National Infrastructure' against online attack. This is commonly interpreted to mean preventing online sabotage against utilities such as electricity,oil and gas, water, and sewage - including pipelines, refineries, generators, storage depots and transport facilities such as tankers and terminals. A consensus is emerging that the protection of such assets is more a matter of business models and regulation - in short, of security economics - than of technology. We describe the problems, and the state of play, in this paper. Industrial control systems operate in a different world from systems previously studied by security economists; we find the same issues (lock-in, externalities, asymmetric information and so on) but in different forms. Lock-in is physical, rather than based on network effects, while the most serious externalities result from correlated failure, whether from cascade failures, common-mode failures or simultaneous attacks. There is also an interesting natural experiment happening, in that the USA is regulating cyber security in the electric power industry, but not in oil and gas, while the UK is not regulating at all but rather encouraging industry's own efforts. Some European governments are intervening, while others are leaving cybersecurity entirely to plant owners to worry about. We already note some perverse effects of the U.S. regulation regime as companies game the system, to the detriment of overall dependability.

The Framework for Simulation of Bioinspired Security Mechanisms against Network Infrastructure Attacks

PubMed Central

Kotenko, Igor

2014-01-01

The paper outlines a bioinspired approach named “network nervous system" and methods of simulation of infrastructure attacks and protection mechanisms based on this approach. The protection mechanisms based on this approach consist of distributed prosedures of information collection and processing, which coordinate the activities of the main devices of a computer network, identify attacks, and determine nessesary countermeasures. Attacks and protection mechanisms are specified as structural models using a set-theoretic approach. An environment for simulation of protection mechanisms based on the biological metaphor is considered; the experiments demonstrating the effectiveness of the protection mechanisms are described. PMID:25254229

Simple mathematical law benchmarks human confrontations.

PubMed

Johnson, Neil F; Medina, Pablo; Zhao, Guannan; Messinger, Daniel S; Horgan, John; Gill, Paul; Bohorquez, Juan Camilo; Mattson, Whitney; Gangi, Devon; Qi, Hong; Manrique, Pedro; Velasquez, Nicolas; Morgenstern, Ana; Restrepo, Elvira; Johnson, Nicholas; Spagat, Michael; Zarama, Roberto

2013-12-10

Many high-profile societal problems involve an individual or group repeatedly attacking another - from child-parent disputes, sexual violence against women, civil unrest, violent conflicts and acts of terror, to current cyber-attacks on national infrastructure and ultrafast cyber-trades attacking stockholders. There is an urgent need to quantify the likely severity and timing of such future acts, shed light on likely perpetrators, and identify intervention strategies. Here we present a combined analysis of multiple datasets across all these domains which account for >100,000 events, and show that a simple mathematical law can benchmark them all. We derive this benchmark and interpret it, using a minimal mechanistic model grounded by state-of-the-art fieldwork. Our findings provide quantitative predictions concerning future attacks; a tool to help detect common perpetrators and abnormal behaviors; insight into the trajectory of a 'lone wolf'; identification of a critical threshold for spreading a message or idea among perpetrators; an intervention strategy to erode the most lethal clusters; and more broadly, a quantitative starting point for cross-disciplinary theorizing about human aggression at the individual and group level, in both real and online worlds.

Simple mathematical law benchmarks human confrontations

NASA Astrophysics Data System (ADS)

Johnson, Neil F.; Medina, Pablo; Zhao, Guannan; Messinger, Daniel S.; Horgan, John; Gill, Paul; Bohorquez, Juan Camilo; Mattson, Whitney; Gangi, Devon; Qi, Hong; Manrique, Pedro; Velasquez, Nicolas; Morgenstern, Ana; Restrepo, Elvira; Johnson, Nicholas; Spagat, Michael; Zarama, Roberto

2013-12-01

Many high-profile societal problems involve an individual or group repeatedly attacking another - from child-parent disputes, sexual violence against women, civil unrest, violent conflicts and acts of terror, to current cyber-attacks on national infrastructure and ultrafast cyber-trades attacking stockholders. There is an urgent need to quantify the likely severity and timing of such future acts, shed light on likely perpetrators, and identify intervention strategies. Here we present a combined analysis of multiple datasets across all these domains which account for >100,000 events, and show that a simple mathematical law can benchmark them all. We derive this benchmark and interpret it, using a minimal mechanistic model grounded by state-of-the-art fieldwork. Our findings provide quantitative predictions concerning future attacks; a tool to help detect common perpetrators and abnormal behaviors; insight into the trajectory of a `lone wolf' identification of a critical threshold for spreading a message or idea among perpetrators; an intervention strategy to erode the most lethal clusters; and more broadly, a quantitative starting point for cross-disciplinary theorizing about human aggression at the individual and group level, in both real and online worlds.

Cyber Security Assessment Report: Adventium Labs

DOE Office of Scientific and Technical Information (OSTI.GOV)

None

2007-12-31

Major control system components often have life spans of 15-20 years. Many systems in our Nation's critical infrastructure were installed before the Internet became a reality and security was a concern. Consequently, control systems are generally insecure. Security is now being included in the development of new control system devices; however, legacy control systems remain vulnerable. Most efforts to secure control systems are aimed at protecting network borers, but if an intruder gets inside the network these systems are vulnerable to a cyber attack.

What good cyber resilience looks like.

PubMed

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

Introducing cyber.

PubMed

Hult, Fredrik; Sivanesan, Giri

In January 2012, the World Economic Forum made cyber attacks its fourth top global risk. In the 2013 risk report, cyber attacks were noted to be an even higher risk in absolute terms. The reliance of critical infrastructure on cyber working has never been higher; the frequency, intensity, impact and sophistication of attacks is growing. This trend looks likely to continue. It can be argued that it is no longer a question whether an organisation will be successfully hacked, but how long it will take to detect. In the ever-changing cyber environment, traditional protection techniques and reliance on preventive controls are not enough. A more agile approach is required to give assurance of a sufficiently secure digital society. Are we faced with a paradigm shift or a storm in a digital teacup? This paper offers an introduction to why cyber is important, a wider taxonomy on the topic and some historical context on how the discipline of cyber security has evolved, and an interpretation on what this means in the new normal of today.

Industrial Control Systems/SCADA systems risk assessment in the energy sector

NASA Astrophysics Data System (ADS)

Falodun, Babatunde

The energy sector is one of the most critical components of our national infrastructure. It not only provides the electrical power and petroleum required to run day-to-day operations and mechanisms in society, it's also an important element that directly impacts the economy with regard to growth and stability. Industrial Control Systems (ICS) /Supervisory Control and Data Acquisition Systems (SCADA) are computerized mechanisms, they are both software and hardware that are used to control real time processes and operations in power plants and oil production facilities. A significant attack on these control systems that leads to widespread disruption of energy could result in catastrophic consequences for any major city and even the nation. This research paper explores cyber threats and vulnerabilities faced by ICS/SCADA systems in the energy sector and also highlights possible outcomes of a successful breach. Furthermore, the research underscores mitigation strategies that could be used to prevent and respond to an attack. Keywords: Cybersecurity, SCADA, Cyber Attacks, Threats, Vulnerabilities, Risk Assessment, Dr. Albert Orbinati.

Applying a Space-Based Security Recovery Scheme for Critical Homeland Security Cyberinfrastructure Utilizing the NASA Tracking and Data Relay (TDRS) Based Space Network

NASA Technical Reports Server (NTRS)

Shaw, Harry C.; McLaughlin, Brian; Stocklin, Frank; Fortin, Andre; Israel, David; Dissanayake, Asoka; Gilliand, Denise; LaFontaine, Richard; Broomandan, Richard; Hyunh, Nancy

2015-01-01

Protection of the national infrastructure is a high priority for cybersecurity of the homeland. Critical infrastructure such as the national power grid, commercial financial networks, and communications networks have been successfully invaded and re-invaded from foreign and domestic attackers. The ability to re-establish authentication and confidentiality of the network participants via secure channels that have not been compromised would be an important countermeasure to compromise of our critical network infrastructure. This paper describes a concept of operations by which the NASA Tracking and Data Relay (TDRS) constellation of spacecraft in conjunction with the White Sands Complex (WSC) Ground Station host a security recovery system for re-establishing secure network communications in the event of a national or regional cyberattack. Users would perform security and network restoral functions via a Broadcast Satellite Service (BSS) from the TDRS constellation. The BSS enrollment only requires that each network location have a receive antenna and satellite receiver. This would be no more complex than setting up a DIRECTTV-like receiver at each network location with separate network connectivity. A GEO BSS would allow a mass re-enrollment of network nodes (up to nationwide) simultaneously depending upon downlink characteristics. This paper details the spectrum requirements, link budget, notional assets and communications requirements for the scheme. It describes the architecture of such a system and the manner in which it leverages off of the existing secure infrastructure which is already in place and managed by the NASAGSFC Space Network Project.

Robustness of network of networks under targeted attack.

PubMed

Dong, Gaogao; Gao, Jianxi; Du, Ruijin; Tian, Lixin; Stanley, H Eugene; Havlin, Shlomo

2013-05-01

The robustness of a network of networks (NON) under random attack has been studied recently [Gao et al., Phys. Rev. Lett. 107, 195701 (2011)]. Understanding how robust a NON is to targeted attacks is a major challenge when designing resilient infrastructures. We address here the question how the robustness of a NON is affected by targeted attack on high- or low-degree nodes. We introduce a targeted attack probability function that is dependent upon node degree and study the robustness of two types of NON under targeted attack: (i) a tree of n fully interdependent Erdős-Rényi or scale-free networks and (ii) a starlike network of n partially interdependent Erdős-Rényi networks. For any tree of n fully interdependent Erdős-Rényi networks and scale-free networks under targeted attack, we find that the network becomes significantly more vulnerable when nodes of higher degree have higher probability to fail. When the probability that a node will fail is proportional to its degree, for a NON composed of Erdős-Rényi networks we find analytical solutions for the mutual giant component P(∞) as a function of p, where 1-p is the initial fraction of failed nodes in each network. We also find analytical solutions for the critical fraction p(c), which causes the fragmentation of the n interdependent networks, and for the minimum average degree k[over ¯](min) below which the NON will collapse even if only a single node fails. For a starlike NON of n partially interdependent Erdős-Rényi networks under targeted attack, we find the critical coupling strength q(c) for different n. When q>q(c), the attacked system undergoes an abrupt first order type transition. When q≤q(c), the system displays a smooth second order percolation transition. We also evaluate how the central network becomes more vulnerable as the number of networks with the same coupling strength q increases. The limit of q=0 represents no dependency, and the results are consistent with the classical percolation theory of a single network under targeted attack.

Implications of the World Trade Center attack for the public health and health care infrastructures.

PubMed

Klitzman, Susan; Freudenberg, Nicholas

2003-03-01

The September 11, 2001, attack on the World Trade Center had profound effects on the well-being of New York City. The authors describe and assess the strengths and weaknesses of the city's response to the public health, environmental/ occupational health, and mental health dimensions of the attack in the first 6 months after the event. They also examine the impact on the city's health care and social service system. The authors suggest lessons that can inform the development of a post-September 11th agenda for strengthening urban health infrastructures.

Implications of the World Trade Center Attack for the Public Health and Health Care Infrastructures

PubMed Central

Klitzman, Susan; Freudenberg, Nicholas

2003-01-01

The September 11, 2001, attack on the World Trade Center had profound effects on the well-being of New York City. The authors describe and assess the strengths and weaknesses of the city’s response to the public health, environmental/ occupational health, and mental health dimensions of the attack in the first 6 months after the event. They also examine the impact on the city’s health care and social service system. The authors suggest lessons that can inform the development of a post–September 11th agenda for strengthening urban health infrastructures. PMID:12604481

DOE Office of Scientific and Technical Information (OSTI.GOV)

Happenny, Sean F.

The United States’ power infrastructure is aging, underfunded, and vulnerable to cyber attack. Emerging smart grid technologies may take some of the burden off of existing systems and make the grid as a whole more efficient, reliable, and secure. The Pacific Northwest National Laboratory (PNNL) is funding research into several aspects of smart grid technology and grid security, creating a software simulation tool that will allow researchers to test power distribution networks utilizing different smart grid technologies to determine how the grid and these technologies react under different circumstances. Demonstrating security in embedded systems is another research area PNNL ismore » tackling. Many of the systems controlling the U.S. critical infrastructure, such as the power grid, lack integrated security and the networks protecting them are becoming easier to breach. Providing a virtual power substation network to each student team at the National Collegiate Cyber Defense Competition, thereby supporting the education of future cyber security professionals, is another way PNNL is helping to strengthen the security of the nation’s power infrastructure.« less

Recommended Practice for Securing Control System Modems

DOE Office of Scientific and Technical Information (OSTI.GOV)

James R. Davidson; Jason L. Wright

2008-01-01

This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

Design and Implementation of a Secure Modbus Protocol

NASA Astrophysics Data System (ADS)

Fovino, Igor Nai; Carcano, Andrea; Masera, Marcelo; Trombetta, Alberto

The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

Simple mathematical law benchmarks human confrontations

PubMed Central

Johnson, Neil F.; Medina, Pablo; Zhao, Guannan; Messinger, Daniel S.; Horgan, John; Gill, Paul; Bohorquez, Juan Camilo; Mattson, Whitney; Gangi, Devon; Qi, Hong; Manrique, Pedro; Velasquez, Nicolas; Morgenstern, Ana; Restrepo, Elvira; Johnson, Nicholas; Spagat, Michael; Zarama, Roberto

2013-01-01

Many high-profile societal problems involve an individual or group repeatedly attacking another – from child-parent disputes, sexual violence against women, civil unrest, violent conflicts and acts of terror, to current cyber-attacks on national infrastructure and ultrafast cyber-trades attacking stockholders. There is an urgent need to quantify the likely severity and timing of such future acts, shed light on likely perpetrators, and identify intervention strategies. Here we present a combined analysis of multiple datasets across all these domains which account for >100,000 events, and show that a simple mathematical law can benchmark them all. We derive this benchmark and interpret it, using a minimal mechanistic model grounded by state-of-the-art fieldwork. Our findings provide quantitative predictions concerning future attacks; a tool to help detect common perpetrators and abnormal behaviors; insight into the trajectory of a ‘lone wolf'; identification of a critical threshold for spreading a message or idea among perpetrators; an intervention strategy to erode the most lethal clusters; and more broadly, a quantitative starting point for cross-disciplinary theorizing about human aggression at the individual and group level, in both real and online worlds. PMID:24322528

Detecting relay attacks on RFID communication systems using quantum bits

NASA Astrophysics Data System (ADS)

Jannati, Hoda; Ardeshir-Larijani, Ebrahim

2016-11-01

RFID systems became widespread in variety of applications because of their simplicity in manufacturing and usability. In the province of critical infrastructure protection, RFID systems are usually employed to identify and track people, objects and vehicles that enter restricted areas. The most important vulnerability which is prevalent among all protocols employed in RFID systems is against relay attacks. Until now, to protect RFID systems against this kind of attack, the only approach is the utilization of distance-bounding protocols which are not applicable over low-cost devices such as RFID passive tags. This work presents a novel technique using emerging quantum technologies to detect relay attacks on RFID systems. Recently, it is demonstrated that quantum key distribution (QKD) can be implemented in a client-server scheme where client only requires an on-chip polarization rotator that may be integrated into a handheld device. Now we present our technique for a tag-reader scenario which needs similar resources as the mentioned QKD scheme. We argue that our technique requires less resources and provides lower probability of false alarm for the system, compared with distance-bounding protocols, and may pave the way to enhance the security of current RFID systems.

Protecting ICS Systems Within the Energy Sector from Cyber Attacks

NASA Astrophysics Data System (ADS)

Barnes, Shaquille

Advance persistent threat (APT) groups are continuing to attack the energy sector through cyberspace, which poses a risk to our society, national security, and economy. Industrial control systems (ICSs) are not designed to handle cyber-attacks, which is why asset owners need to implement the correct proactive and reactive measures to mitigate the risk to their ICS environments. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 290 incidents for fiscal year 2016, where 59 of those incidents came from the Energy Sector. APT groups know how vulnerable energy sector ICS systems are and the destruction they can cause when they go offline such as loss of production, loss of life, and economic impact. Defending against APT groups requires more than just passive controls such as firewalls and antivirus solutions. Asset owners should implement a combination of best practices and active defense in their environment to defend against APT groups. Cyber-attacks against critical infrastructure will become more complex and harder to detect and respond to with traditional security controls. The purpose of this paper was to provide asset owners with the correct security controls and methodologies to help defend against APT groups.

Optimizing the robustness of electrical power systems against cascading failures.

PubMed

Zhang, Yingrui; Yağan, Osman

2016-06-21

Electrical power systems are one of the most important infrastructures that support our society. However, their vulnerabilities have raised great concern recently due to several large-scale blackouts around the world. In this paper, we investigate the robustness of power systems against cascading failures initiated by a random attack. This is done under a simple yet useful model based on global and equal redistribution of load upon failures. We provide a comprehensive understanding of system robustness under this model by (i) deriving an expression for the final system size as a function of the size of initial attacks; (ii) deriving the critical attack size after which system breaks down completely; (iii) showing that complete system breakdown takes place through a first-order (i.e., discontinuous) transition in terms of the attack size; and (iv) establishing the optimal load-capacity distribution that maximizes robustness. In particular, we show that robustness is maximized when the difference between the capacity and initial load is the same for all lines; i.e., when all lines have the same redundant space regardless of their initial load. This is in contrast with the intuitive and commonly used setting where capacity of a line is a fixed factor of its initial load.

On a simulation study of cyber attacks on vehicle-to-infrastructure communication (V2I) in Intelligent Transportation System (ITS)

NASA Astrophysics Data System (ADS)

Ekedebe, Nnanna; Yu, Wei; Song, Houbing; Lu, Chao

2015-05-01

An intelligent transportation system (ITS) is one typical cyber-physical system (CPS) that aims to provide efficient, effective, reliable, and safe driving experiences with minimal congestion and effective traffic flow management. In order to achieve these goals, various ITS technologies need to work synergistically. Nonetheless, ITS's reliance on wireless connectivity makes it vulnerable to cyber threats. Thus, it is critical to understand the impact of cyber threats on ITS. In this paper, using real-world transportation dataset, we evaluated the consequences of cyber threats - attacks against service availability by jamming the communication channel of ITS. In this way, we can have a better understanding of the importance of ensuring adequate security respecting safety and life-critical ITS applications before full and expensive real-world deployments. Our experimental data shows that cyber threats against service availability could adversely affect traffic efficiency and safety performances evidenced by exacerbated travel time, fuel consumed, and other evaluated performance metrics as the communication network is compromised. Finally, we discuss a framework to make ITS secure and more resilient against cyber threats.

Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

PubMed

Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

2015-11-01

The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

Protecting complex infrastructures against multiple strategic attackers

NASA Astrophysics Data System (ADS)

Hausken, Kjell

2011-01-01

Infrastructures are analysed subject to defence by a strategic defender and attack by multiple strategic attackers. A framework is developed where each agent determines how much to invest in defending versus attacking each of multiple targets. A target can have economic, human and symbolic values, which generally vary across agents. Investment expenditure functions for each agent can be linear in the investment effort, concave, convex, logistic, can increase incrementally, or can be subject to budget constraints. Contest success functions (e.g., ratio and difference forms) determine the probability of a successful attack on each target, dependent on the relative investments of the defender and attackers on each target, and on characteristics of the contest. Targets can be in parallel, in series, interlinked, interdependent or independent. The defender minimises the expected damage plus the defence expenditures. Each attacker maximises the expected damage minus the attack expenditures. The number of free choice variables equals the number of agents times the number of targets, or lower if there are budget constraints. Each agent is interested in how his investments vary across the targets, and the impact on his utilities. Alternative optimisation programmes are discussed, together with repeated games, dynamic games and incomplete information. An example is provided for illustration.

Examining Cybersecurity of Cyberphysical Systems for Critical Infrastructures Through Work Domain Analysis.

PubMed

Wang, Hao; Lau, Nathan; Gerdes, Ryan M

2018-04-01

The aim of this study was to apply work domain analysis for cybersecurity assessment and design of supervisory control and data acquisition (SCADA) systems. Adoption of information and communication technology in cyberphysical systems (CPSs) for critical infrastructures enables automated and distributed control but introduces cybersecurity risk. Many CPSs employ SCADA industrial control systems that have become the target of cyberattacks, which inflict physical damage without use of force. Given that absolute security is not feasible for complex systems, cyberintrusions that introduce unanticipated events will occur; a proper response will in turn require human adaptive ability. Therefore, analysis techniques that can support security assessment and human factors engineering are invaluable for defending CPSs. We conducted work domain analysis using the abstraction hierarchy (AH) to model a generic SCADA implementation to identify the functional structures and means-ends relations. We then adopted a case study approach examining the Stuxnet cyberattack by developing and integrating AHs for the uranium enrichment process, SCADA implementation, and malware to investigate the interactions between the three aspects of cybersecurity in CPSs. The AHs for modeling a generic SCADA implementation and studying the Stuxnet cyberattack are useful for mapping attack vectors, identifying deficiencies in security processes and features, and evaluating proposed security solutions with respect to system objectives. Work domain analysis is an effective analytical method for studying cybersecurity of CPSs for critical infrastructures in a psychologically relevant manner. Work domain analysis should be applied to assess cybersecurity risk and inform engineering and user interface design.

Testbed-based Performance Evaluation of Attack Resilient Control for AGC

DOE Office of Scientific and Technical Information (OSTI.GOV)

Ashok, Aditya; Sridhar, Siddharth; McKinnon, Archibald D.

The modern electric power grid is a complex cyber-physical system whose reliable operation is enabled by a wide-area monitoring and control infrastructure. This infrastructure, supported by an extensive communication backbone, enables several control applications functioning at multiple time scales to ensure the grid is maintained within stable operating limits. Recent events have shown that vulnerabilities in this infrastructure may be exploited to manipulate the data being exchanged. Such a scenario could cause the associated control application to mis-operate, potentially causing system-wide instabilities. There is a growing emphasis on looking beyond traditional cybersecurity solutions to mitigate such threats. In this papermore » we perform a testbed-based validation of one such solution - Attack Resilient Control (ARC) - on Iowa State University's \\textit{PowerCyber} testbed. ARC is a cyber-physical security solution that combines domain-specific anomaly detection and model-based mitigation to detect stealthy attacks on Automatic Generation Control (AGC). In this paper, we first describe the implementation architecture of the experiment on the testbed. Next, we demonstrate the capability of stealthy attack templates to cause forced under-frequency load shedding in a 3-area test system. We then validate the performance of ARC by measuring its ability to detect and mitigate these attacks. Our results reveal that ARC is efficient in detecting stealthy attacks and enables AGC to maintain system operating frequency close to its nominal value during an attack. Our studies also highlight the importance of testbed-based experimentation for evaluating the performance of cyber-physical security and control applications.« less

SCALING AN URBAN EMERGENCY EVACUATION FRAMEWORK: CHALLENGES AND PRACTICES

DOE Office of Scientific and Technical Information (OSTI.GOV)

Karthik, Rajasekar; Lu, Wei

2014-01-01

Critical infrastructure disruption, caused by severe weather events, natural disasters, terrorist attacks, etc., has significant impacts on urban transportation systems. We built a computational framework to simulate urban transportation systems under critical infrastructure disruption in order to aid real-time emergency evacuation. This framework will use large scale datasets to provide a scalable tool for emergency planning and management. Our framework, World-Wide Emergency Evacuation (WWEE), integrates population distribution and urban infrastructure networks to model travel demand in emergency situations at global level. Also, a computational model of agent-based traffic simulation is used to provide an optimal evacuation plan for traffic operationmore » purpose [1]. In addition, our framework provides a web-based high resolution visualization tool for emergency evacuation modelers and practitioners. We have successfully tested our framework with scenarios in both United States (Alexandria, VA) and Europe (Berlin, Germany) [2]. However, there are still some major drawbacks for scaling this framework to handle big data workloads in real time. On our back-end, lack of proper infrastructure limits us in ability to process large amounts of data, run the simulation efficiently and quickly, and provide fast retrieval and serving of data. On the front-end, the visualization performance of microscopic evacuation results is still not efficient enough due to high volume data communication between server and client. We are addressing these drawbacks by using cloud computing and next-generation web technologies, namely Node.js, NoSQL, WebGL, Open Layers 3 and HTML5 technologies. We will describe briefly about each one and how we are using and leveraging these technologies to provide an efficient tool for emergency management organizations. Our early experimentation demonstrates that using above technologies is a promising approach to build a scalable and high performance urban emergency evacuation framework that can improve traffic mobility and safety under critical infrastructure disruption in today s socially connected world.« less

Formal Approach For Resilient Reachability based on End-System Route Agility

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rauf, Usman; Gillani, Fida; Al-Shaer, Ehab

The deterministic nature of existing routing protocols has resulted into an ossified Internet with static and predictable network routes. This gives persistent attackers (e.g. eavesdroppers and DDoS attackers) plenty of time to study the network and identify the vulnerable links (critical) to plan a devastating and stealthy attack. Recently, route mutation approaches have been proposed to address such issues. However, these approaches incur significantly high overhead and depend upon the availability of disjoint routes in the network, which inherently limit their use for mission critical services. To cope with these issues, we extend the current routing architecture to consider end-hostsmore » as routing elements, and present a formal method based agile defense mechanism to increase resiliency of the existing cyber infrastructure. The major contributions of this paper include: (1) formalization of efficient and resilient End to End (E2E) reachability problem as a constraint satisfaction problem, which identifies the potential end-hosts to reach a destination while satisfying resilience and QoS constraints, (2) design and implementation of a novel decentralized End Point Route Mutation (EPRM) protocol, and (3) design and implementation of planning algorithm to minimize the overlap between multiple flows, for the sake of maximizing the agility in the system. Our implementation and evaluation validates the correctness, effectiveness and scalability of the proposed approach.« less

The biological threat to U.S. water supplies: Toward a national water security policy.

PubMed

Nuzzo, Jennifer B

2006-01-01

In addition to providing potable drinking water, U.S. water systems are critical to the maintenance of many vital public services, such as fire suppression and power generation. Disruption of these systems would produce severe public health and safety risks, as well as considerable economic losses. Thus, water systems have been designated as critical to national security by the U.S. government. Previous outbreaks of waterborne disease have demonstrated the vulnerability of both the water supply and the public's health to biological contamination of drinking water. Such experiences suggest that a biological attack, or even a credible threat of an attack, on water infrastructure could seriously jeopardize the public's health, its confidence, and the economic vitality of a community. Despite these recognized vulnerabilities, protecting water supplies from a deliberate biological attack has not been sufficiently addressed. Action in this area has suffered from a lack of scientific understanding of the true vulnerability of water supplies to intentional contamination with bioweapons, insufficient tools for detecting biological agents, and a lack of funds to implement security improvements. Much of what is needed to address the vulnerability of the national water supply falls outside the influence of individual utilities. This includes developing a national research agenda to appropriately identify and characterize waterborne threats and making funds available to implement security improvements.

Artificial Diversity and Defense Security (ADDSec) Final Report.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chavez, Adrian R.; Hamlet, Jason; Stout, William M.S.

Critical infrastructure systems continue to foster predictable communication patterns and static configurations over extended periods of time. The static nature of these systems eases the process of gathering reconnaissance information that can be used to design, develop, and launch attacks by adversaries. In this research effort, the early phases of an attack vector will be disrupted by randomizing application port numbers, IP addresses, and communication paths dynamically through the use of overlay networks within Industrial Control Systems (ICS). These protective measures convert static systems into "moving targets," adding an additional layer of defense. Additionally, we have developed a framework thatmore » automatically detects and defends against threats within these systems using an ensemble of machine learning algorithms that classify and categorize abnormal behavior. Our proof-of-concept has been demonstrated within a representative ICS environment. Performance metrics of our proof-of-concept have been captured with latency impacts of less than a millisecond, on average.« less

A U.S. Biodefense Strategy Primer

DOE Office of Scientific and Technical Information (OSTI.GOV)

Poulin, D

2009-05-11

The anthrax mailings that followed the attacks of September 11, 2001 highlighted the need for a comprehensive national strategy to prevent, prepare for, respond to, and mitigate the effects of biological attacks. The goal of U.S. biodefense strategy is to reduce the likelihood of a future biological event, improve overall U.S. public health security, and minimize the economic and social disruption of a biological incident. Presidential communications, federal legislation, and executive agency planning documents provide the foundation for this strategy. Central to current U.S. biodefense strategy is the 2004 Homeland Security Presidential Directive (HSPD) 10, Biodefense for the 21st Century,more » which states that ''the United States will use all means necessary to prevent, protect against, and mitigate biological weapons attacks perpetrated against our homeland and our global interests.'' HSPD-10 also sets forth four pillars of U.S. biodefense: {sm_bullet} Threat awareness includes timely, accurate, and relevant intelligence, threat assessment, and the anticipation of future threats. {sm_bullet} Prevention and protection involve continuing and expanding efforts to limit access to agents, technologies, and knowledge to certain groups and countries as well as protecting critical infrastructure from the effects of biological attacks. {sm_bullet} Surveillance and detection provide early warning or recognition of biological attacks to permit a timely response and mitigation of consequences as well as attribution. {sm_bullet} Response and recovery include pre-attack planning and preparedness, capabilities to treat casualties, risk communications, physical control measures, medical countermeasures, and decontamination capabilities.« less

Cyberwarfare on the Electricity Infrastructure

DOE Office of Scientific and Technical Information (OSTI.GOV)

Murarka, N.; Ramesh, V.C.

2000-03-20

The report analyzes the possibility of cyberwarfare on the electricity infrastructure. The ongoing deregulation of the electricity industry makes the power grid all the more vulnerable to cyber attacks. The report models the power system information system components, models potential threats and protective measures. It therefore offers a framework for infrastructure protection.

PKI Layer Cake: New Collision Attacks against the Global X.509 Infrastructure

NASA Astrophysics Data System (ADS)

Kaminsky, Dan; Patterson, Meredith L.; Sassaman, Len

Research unveiled in December of 2008 [15] showed how MD5's long-known flaws could be actively exploited to attack the real-worldCertification Authority infrastructure. In this paper, we demonstrate two new classes of collision, which will be somewhat trickier to address than previous attacks against X.509: the applicability of MD2 preimage attacks against the primary root certificate for Verisign, and the difficulty of validating X.509 Names contained within PKCS#10 Certificate Requests.We also draw particular attention to two possibly unrecognized vectors for implementation flaws that have been problematic in the past: the ASN.1 BER decoder required to parsePKCS#10, and the potential for SQL injection fromtext contained within its requests. Finally, we explore why the implications of these attacks are broader than some have realized - first, because Client Authentication is sometimes tied to X.509, and second, because Extended Validation certificates were only intended to stop phishing attacks from names similar to trusted brands. As per the work of Adam Barth and Collin Jackson [4], EV does not prevent an attacker who can synthesize or acquire a "low assurance" certificate for a given name from acquiring the "green bar" EV experience.

Public health and national security: the critical role of increased federal support.

PubMed

Frist, Bill

2002-01-01

Protecting the public's health historically has been a state and local responsibility. However, the growing threat of bioterrorism has highlighted the importance of a strong public health infrastructure to the nation's homeland security and has focused increased attention on the preparedness of the public health system. As a result, federal public health funding has increased exponentially since the anthrax attacks of late 2001, and Congress has passed sweeping new federal legislation intended to strengthen the nation's public health system. This heightened level of federal interest and support should yield important public health benefits. Most recognize that after years of neglect the public health infrastructure cannot be rebuilt overnight. As we implement a comprehensive strategy to increase the capabilities and capacity of our nation's public health system, it is essential to address a series of important policy questions, including the appropriate level of ongoing public health investments from local, state, and federal sources.

Primer to Design Safe School Projects in Case of Terrorist Attacks and School Shootings. Buildings and Infrastructure Protection Series. FEMA-428/BIPS-07/January 2012. Edition 2

ERIC Educational Resources Information Center

Chipley, Michael; Lyon, Wesley; Smilowitz, Robert; Williams, Pax; Arnold, Christopher; Blewett, William; Hazen, Lee; Krimgold, Fred

2012-01-01

This publication, part of the new Building and Infrastructure Protection Series (BIPS) published by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) Infrastructure Protection and Disaster Management Division (IDD), serves to advance high performance and integrated design for buildings and infrastructure. This…

Cyber security risk assessment for SCADA and DCS networks.

PubMed

Ralston, P A S; Graham, J H; Hieb, J L

2007-10-01

The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

Resilience of Cyber Systems with Over- and Underregulation.

PubMed

Gisladottir, Viktoria; Ganin, Alexander A; Keisler, Jeffrey M; Kepner, Jeremy; Linkov, Igor

2017-09-01

Recent cyber attacks provide evidence of increased threats to our critical systems and infrastructure. A common reaction to a new threat is to harden the system by adding new rules and regulations. As federal and state governments request new procedures to follow, each of their organizations implements their own cyber defense strategies. This unintentionally increases time and effort that employees spend on training and policy implementation and decreases the time and latitude to perform critical job functions, thus raising overall levels of stress. People's performance under stress, coupled with an overabundance of information, results in even more vulnerabilities for adversaries to exploit. In this article, we embed a simple regulatory model that accounts for cybersecurity human factors and an organization's regulatory environment in a model of a corporate cyber network under attack. The resulting model demonstrates the effect of under- and overregulation on an organization's resilience with respect to insider threats. Currently, there is a tendency to use ad-hoc approaches to account for human factors rather than to incorporate them into cyber resilience modeling. It is clear that using a systematic approach utilizing behavioral science, which already exists in cyber resilience assessment, would provide a more holistic view for decisionmakers. © 2016 Society for Risk Analysis.

ICS logging solution for network-based attacks using Gumistix technology

NASA Astrophysics Data System (ADS)

Otis, Jeremy R.; Berman, Dustin; Butts, Jonathan; Lopez, Juan

2013-05-01

Industrial Control Systems (ICS) monitor and control operations associated with the national critical infrastructure (e.g., electric power grid, oil and gas pipelines and water treatment facilities). These systems rely on technologies and architectures that were designed for system reliability and availability. Security associated with ICS was never an inherent concern, primarily due to the protections afforded by network isolation. However, a trend in ICS operations is to migrate to commercial networks via TCP/IP in order to leverage commodity benefits and cost savings. As a result, system vulnerabilities are now exposed to the online community. Indeed, recent research has demonstrated that many exposed ICS devices are being discovered using readily available applications (e.g., ShodanHQ search engine and Google-esque queries). Due to the lack of security and logging capabilities for ICS, most knowledge about attacks are derived from real world incidents after an attack has already been carried out and the damage has been done. This research provides a method for introducing sensors into the ICS environment that collect information about network-based attacks. The sensors are developed using an inexpensive Gumstix platform that can be deployed and incorporated with production systems. Data obtained from the sensors provide insight into attack tactics (e.g., port scans, Nessus scans, Metasploit modules, and zero-day exploits) and characteristics (e.g., attack origin, frequency, and level of persistence). Findings enable security professionals to draw an accurate, real-time awareness of the threats against ICS devices and help shift the security posture from reactionary to preventative.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers.

PubMed

Alonso, Roberto; Monroy, Raúl; Trejo, Luis A

2016-08-17

The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS). The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting) and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers

PubMed Central

Alonso, Roberto; Monroy, Raúl; Trejo, Luis A.

2016-01-01

The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS). The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting) and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers. PMID:27548169

The Limits of Cyberspace Deterrence

DTIC Science & Technology

2014-01-01

networks are secure, this protection would also take the form of deterring, preventing, detect- ing, and defending against cyber attacks . As a result...tar- get into inaction. In a nuclear scenario, all nations are aware of the American ability to attribute a nuclear attack to its source, U.S...through degraded environment and improving ability to attribute and defeat attacks on systems and infrastructure. Military must provide broad range of

The Economic and Risk Constraints in the Feasibility Analysis of Wireless Communications in Marine Corps Combat Operation Centers

DTIC Science & Technology

2013-09-01

attacker can acquire and use against a wireless infrastructure. Wireless attack tool kits such as the “ Raspberry – PI ” (shown in Figure 10), and...still use a tool such as the Raspberry – PI to perform attacks against a network from outside the controlled area or even inside the controlled area...when considering an insider attack. Figure 10. (From www.howtodocomputing.blogspot.com, n.d.) Wireless – PI is “a collection of pre-configured

Cyber / Physical Security Vulnerability Assessment Integration

DOE Office of Scientific and Technical Information (OSTI.GOV)

MacDonald, Douglas G.; Simpkins, Bret E.

Abstract Both physical protection and cyber security domains offer solutions for the discovery of vulnerabilities through the use of various assessment processes and software tools. Each vulnerability assessment (VA) methodology provides the ability to identify and categorize vulnerabilities, and quantifies the risks within their own areas of expertise. Neither approach fully represents the true potential security risk to a site and/or a facility, nor comprehensively assesses the overall security posture. The technical approach to solving this problem was to identify methodologies and processes that blend the physical and cyber security assessments, and develop tools to accurately quantify the unaccounted formore » risk. SMEs from both the physical and the cyber security domains developed the blending methodologies, and cross trained each other on the various aspects of the physical and cyber security assessment processes. A local critical infrastructure entity volunteered to host a proof of concept physical/cyber security assessment, and the lessons learned have been leveraged by this effort. The four potential modes of attack an adversary can use in approaching a target are; Physical Only Attack, Cyber Only Attack, Physical Enabled Cyber Attack, and the Cyber Enabled Physical Attack. The Physical Only and the Cyber Only pathway analysis are two of the most widely analyzed attack modes. The pathway from an off-site location to the desired target location is dissected to ensure adversarial activity can be detected and neutralized by the protection strategy, prior to completion of a predefined task. This methodology typically explores a one way attack from the public space (or common area) inward towards the target. The Physical Enabled Cyber Attack and the Cyber Enabled Physical Attack are much more intricate. Both scenarios involve beginning in one domain to affect change in the other, then backing outward to take advantage of the reduced system effectiveness, before penetrating further into the defenses. The proper identification and assessment of the overlapping areas (and interaction between these areas) in the VA process is necessary to accurately assess the true risk.« less

Sandia National Laboratories: Malware Technical Exchange Meeting (MTEM)

Science.gov Websites

Cyber & Infrastructure Security Global Security Remote Sensing & Verification Research Research Against Malware Detection of Malware Malware Research Malware in Mobile Devices Malware Attack Trends Malware Malware Research Malware in Mobile Devices Malware Attack Trends Success Stories of COTS Products

Developing a Regional Recovery Framework

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lesperance, Ann M.; Olson, Jarrod; Stein, Steven L.

2011-09-01

Abstract A biological attack would present an unprecedented challenge for local, state, and federal agencies; the military; the private sector; and individuals on many fronts ranging from vaccination and treatment to prioritization of cleanup actions to waste disposal. To prepare the Seattle region to recover from a biological attack, the Seattle Urban Area Security Initiative (UASI) partners collaborated with military and federal agencies to develop a Regional Recovery Framework for a Biological Attack in the Seattle Urban Area. The goal was to reduce the time and resources required to recover and restore wide urban areas, military installations, and other criticalmore » infrastructure following a biological incident by providing a coordinated systems approach. Based on discussions in small workshops, tabletop exercises, and interviews with emergency response agency staff, the partners identified concepts of operation for various areas to address critical issues the region will face as recovery progresses. Key to this recovery is the recovery of the economy. Although the Framework is specific to a catastrophic, wide-area biological attack using anthrax, it was designed to be flexible and scalable so it could also serve as the recovery framework for an all-hazards approach. The Framework also served to coalesce policy questions that must be addressed for long-term recovery. These questions cover such areas as safety and health, security, financial management, waste management, legal issues, and economic development.« less

A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things

PubMed Central

Costa Gondim, João José; de Oliveira Albuquerque, Robson; Clayton Alves Nascimento, Anderson; García Villalba, Luis Javier; Kim, Tai-Hoon

2016-01-01

Concerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices’ limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class–amplified reflection distributed denial of service attacks (AR-DDoS)–against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims. PMID:27827931

A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things.

PubMed

Costa Gondim, João José; de Oliveira Albuquerque, Robson; Clayton Alves Nascimento, Anderson; García Villalba, Luis Javier; Kim, Tai-Hoon

2016-11-04

Concerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices' limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class-amplified reflection distributed denial of service attacks (AR-DDoS)-against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims.

Engineering Infrastructures: Problems of Safety and Security in the Russian Federation

NASA Astrophysics Data System (ADS)

Makhutov, Nikolay A.; Reznikov, Dmitry O.; Petrov, Vitaly P.

Modern society cannot exist without stable and reliable engineering infrastructures (EI), whose operation is vital for any national economy. These infrastructures include energy, transportation, water and gas supply systems, telecommunication and cyber systems, etc. Their performance is commensurate with storing and processing huge amounts of information, energy and hazardous substances. Ageing infrastructures are deteriorating — with operating conditions declining from normal to emergency and catastrophic. The complexity of engineering infrastructures and their interdependence with other technical systems makes them vulnerable to emergency situations triggered by natural and manmade catastrophes or terrorist attacks.

Emergency response guidance for the first 48 hours after the outdoor detonation of an explosive radiological dispersal device.

PubMed

Musolino, Stephen V; Harper, Frederick T

2006-04-01

Strategies and decisions to protect emergency responders, the public, and critical infrastructure against the effects of a radiological dispersal device detonated outdoors must be made in the planning stage, not in the early period just after an attack. This contrasts with planning for small-scale types of radiological or nuclear emergencies, or for a large-scale nuclear-power-type accident that evolves over many hours or days before radioactivity is released to the environment, such that its effects can be prospectively modeled and analyzed. By the time it is known an attack has occurred, most likely there will have been casualties, all the radioactive material will have been released, plume growth will be progressing, and there will be no time left for evaluating possible countermeasures. This paper offers guidance to planners, first responders, and senior decision makers to assist them in developing strategies for protective actions and operational procedures for the first 48 hours after an explosive radiological dispersal device has been detonated.

Proceedings Second Annual Cyber Security and Information Infrastructure Research Workshop

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sheldon, Frederick T; Krings, Axel; Yoo, Seong-Moo

2006-01-01

The workshop theme is Cyber Security: Beyond the Maginot Line Recently the FBI reported that computer crime has skyrocketed costing over $67 billion in 2005 alone and affecting 2.8M+ businesses and organizations. Attack sophistication is unprecedented along with availability of open source concomitant tools. Private, academic, and public sectors invest significant resources in cyber security. Industry primarily performs cyber security research as an investment in future products and services. While the public sector also funds cyber security R&D, the majority of this activity focuses on the specific mission(s) of the funding agency. Thus, broad areas of cyber security remain neglectedmore » or underdeveloped. Consequently, this workshop endeavors to explore issues involving cyber security and related technologies toward strengthening such areas and enabling the development of new tools and methods for securing our information infrastructure critical assets. We aim to assemble new ideas and proposals about robust models on which we can build the architecture of a secure cyberspace including but not limited to: * Knowledge discovery and management * Critical infrastructure protection * De-obfuscating tools for the validation and verification of tamper-proofed software * Computer network defense technologies * Scalable information assurance strategies * Assessment-driven design for trust * Security metrics and testing methodologies * Validation of security and survivability properties * Threat assessment and risk analysis * Early accurate detection of the insider threat * Security hardened sensor networks and ubiquitous computing environments * Mobile software authentication protocols * A new "model" of the threat to replace the "Maginot Line" model and more . . .« less

Risk assessment of the fatality due to explosion in land mass transport infrastructure by fast transient dynamic analysis.

PubMed

Giannopoulos, G; Larcher, M; Casadei, F; Solomos, G

2010-01-15

Terrorist attacks in New York have shocked the world community showing clearly the vulnerability of air transport in such events. However, the terrorist attacks in Madrid and London showed that land mass transport infrastructure is equally vulnerable in case of similar attacks. The fact that there has not been substantial investment in the domain of risk analysis and evaluation of the possible effects due to such events in land mass transportation infrastructure leaves large room for new developments that could eventually fill this gap. In the present work using the finite element code EUROPLEXUS there has been a large effort to perform a complete study of the land mass infrastructure in case of explosion events. This study includes a train station, a metro station and a metro carriage providing thus valuable simulation data for a variety of different situations. For the analysis of these structures it has been necessary to apply a laser scanning method for the acquisition of geometrical data, to improve the simulation capabilities of EUROPLEXUS by adding failure capabilities for specific finite elements, to implement new material models (e.g. glass), and to add new modules that achieve data post-processing for the calculation of fatal and non-fatal injuries risk. The aforementioned improvements are explained in the present work with emphasis in the newly developed risk analysis features of EUROPLEXUS.

Percolation of localized attack on complex networks

NASA Astrophysics Data System (ADS)

Shao, Shuai; Huang, Xuqing; Stanley, H. Eugene; Havlin, Shlomo

2015-02-01

The robustness of complex networks against node failure and malicious attack has been of interest for decades, while most of the research has focused on random attack or hub-targeted attack. In many real-world scenarios, however, attacks are neither random nor hub-targeted, but localized, where a group of neighboring nodes in a network are attacked and fail. In this paper we develop a percolation framework to analytically and numerically study the robustness of complex networks against such localized attack. In particular, we investigate this robustness in Erdős-Rényi networks, random-regular networks, and scale-free networks. Our results provide insight into how to better protect networks, enhance cybersecurity, and facilitate the design of more robust infrastructures.

78 FR 66038 - Critical Infrastructure Partnership Advisory Council (CIPAC); Correction.

Federal Register 2010, 2011, 2012, 2013, 2014

2013-11-04

... DEPARTMENT OF HOMELAND SECURITY Critical Infrastructure Partnership Advisory Council (CIPAC... Critical Infrastructure Partnership Advisory Council (CIPAC) Plenary Meeting on November 5, 2013. The... Murphy, Critical Infrastructure Partnership Advisory Council Alternate Designated Federal Officer...

77 FR 32656 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-01

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0008] Critical Infrastructure Partnership... Critical Infrastructure Partnership Advisory Council (CIPAC) by notice published in the Federal Register... Federal Officer, Critical Infrastructure Partnership Advisory Council, Sector Outreach and Programs...

77 FR 32655 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-06-01

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0009] Critical Infrastructure Partnership... the Critical Infrastructure Partnership Advisory Council (CIPAC) by notice published in the Federal... CONTACT: Larry May, Designated Federal Officer, Critical Infrastructure Partnership Advisory Council...

An Attack-Resilient Middleware Architecture for Grid Integration of Distributed Energy Resources

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wu, Yifu; Mendis, Gihan J.; He, Youbiao

In recent years, the increasing penetration of Distributed Energy Resources (DERs) has made an impact on the operation of the electric power systems. In the grid integration of DERs, data acquisition systems and communications infrastructure are crucial technologies to maintain system economic efficiency and reliability. Since most of these generators are relatively small, dedicated communications investments for every generator are capital cost prohibitive. Combining real-time attack-resilient communications middleware with Internet of Things (IoTs) technologies allows for the use of existing infrastructure. In our paper, we propose an intelligent communication middleware that utilizes the Quality of Experience (QoE) metrics to complementmore » the conventional Quality of Service (QoS) evaluation. Furthermore, our middleware employs deep learning techniques to detect and defend against congestion attacks. The simulation results illustrate the efficiency of our proposed communications middleware architecture.« less

Defense on the Move: Ant-Based Cyber Defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Fink, Glenn A.; Haack, Jereme N.; McKinnon, Archibald D.

Many common cyber defenses (like firewalls and IDS) are as static as trench warfare allowing the attacker freedom to probe them at will. The concept of Moving Target Defense (MTD) adds dynamism to the defender side, but puts the systems to be defended themselves in motion, potentially at great cost to the defender. An alternative approach is a mobile resilient defense that removes attackers’ ability to rely on prior experience without requiring motion in the protected infrastructure itself. The defensive technology absorbs most of the cost of motion, is resilient to attack, and is unpredictable to attackers. The Ant-Based Cybermore » Defense (ABCD) is a mobile resilient defense providing a set of roaming, bio-inspired, digital-ant agents working with stationary agents in a hierarchy headed by a human supervisor. The ABCD approach provides a resilient, extensible, and flexible defense that can scale to large, multi-enterprise infrastructures like the smart electric grid.« less

3 CFR 8427 - Proclamation 8427 of October 1, 2009. National Cybersecurity Awareness Month, 2009

Code of Federal Regulations, 2010 CFR

2010-01-01

... solutions at work and at home. Our Nation’s growing dependence on cyber and information-related technologies, coupled with an increasing threat of malicious cyber attacks and loss of privacy, has given rise to the... digital infrastructures. Cyber attacks and their viral ability to infect networks, devices, and software...

Hierarchical Coloured Petrinet Based Healthcare Infrastructure Interdependency Model

NASA Astrophysics Data System (ADS)

Nivedita, N.; Durbha, S.

2014-11-01

To ensure a resilient Healthcare Critical Infrastructure, understanding the vulnerabilities and analysing the interdependency on other critical infrastructures is important. To model this critical infrastructure and its dependencies, Hierarchal Coloured petri net modelling approach for simulating the vulnerability of Healthcare Critical infrastructure in a disaster situation is studied.. The model enables to analyse and understand various state changes, which occur when there is a disruption or damage to any of the Critical Infrastructure, and its cascading nature. It also enables to explore optimal paths for evacuation during the disaster. The simulation environment can be used to understand and highlight various vulnerabilities of Healthcare Critical Infrastructure during a flood disaster scenario; minimize consequences; and enable timely, efficient response.

78 FR 57644 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-19

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2103-0050] Critical Infrastructure Partnership... management; Notice of an open Federal Advisory Committee Meeting. SUMMARY: The Critical Infrastructure... involving critical infrastructure security and resiliency. Off-topic questions or comments will not be...

75 FR 75611 - Critical Infrastructure Protection Month, 2010

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-03

... Part IV The President Proclamation 8607--Critical Infrastructure Protection Month, 2010..., 2010 Critical Infrastructure Protection Month, 2010 By the President of the United States of America A Proclamation During Critical Infrastructure Protection Month, we highlight the vast network of systems and...

"SWING": A European project for a new application of an ionospheric network

NASA Astrophysics Data System (ADS)

Zolesi, B.; Bianchi, C.; Meloni, A.; Baskaradas, J. A.; Belehaki, A.; Altadill, D.; Dalle Mese, E.

2016-05-01

The SWING (Short Wave critical Infrastructure Network based on a new Generation high survival radio communication system) is a European project aimed at studying a high survival high-frequency (HF) radio network to link European Critical Infrastructures (ECIs). This system is thought to replace broadband internet communication, maintaining the minimum flux of essential information for the ECIs management and control, in case of wide-scale threats, including terrorist attacks, able to put out of order internet links over the Mediterranean region. SWING is designed to evaluate the threat and increase the security awareness, as well as the level of protection, of analogous and/or interdependent ECIs. In order to meet these goals, SWING was finalized to recognize how and when the internet communication fails and to develop the standard software and hardware tools necessary for implementing communication protocols suited for a reliable and interoperable short-wave (SW) or high-frequency (HF) radio network backup. The internet broadband description and internet failure recognition were taken into consideration in the project but are not treated in this paper. It has been assessed that in case of complete failure of the internet broadband communication fundamental information for the management and control of ECIs over the Mediterranean region can be maintained with a HF network, even in case of moderate ionospheric perturbations.

Collapse and pull - down analysis of high voltage electricity transmission towers subjected to cyclonic wind

NASA Astrophysics Data System (ADS)

Ahmed, Ammar; Arthur, Craig; Edwards, Mark

2010-06-01

Bulk electricity transmission lines are linear assets that can be very exposed to wind effects, particularly where they traverse steep topography or open coastal terrain in cyclonic regions. Interconnected nature of the lattice type towers and conductors also, present complex vulnerabilities. These relate to the direction of wind attack to the conductors and the cascading failure mechanisms in which the failure of a single tower has cascading effects on neighbouring towers. Such behaviour is exacerbated by the finely tuned nature of tower design which serves to minimize cost and reserve strength at design wind speeds. There is a clear need to better quantify the interdependent vulnerabilities of these critical infrastructure assets in the context of the severe wind hazard. This paper presents a novel methodology developed for the Critical Infrastructure Protection Modelling and Analysis (CIPMA) capability for assessing local wind speeds and the likelihood of tower failure for a range of transmission tower and conductor types. CIPMA is a program managed by the Federal Attorney-General's Department and Geoscience Australia is leading the technical development. The methodology then involves the development of heuristically derived vulnerability models that are consistent with Australian industry experience and full-scale static tower testing results, considering isolated tower loss along with three interdependent failure mechanisms to give overall likelihoods of failure.

Nanotechnology and MEMS-based systems for civil infrastructure safety and security: Opportunities and challenges

NASA Astrophysics Data System (ADS)

Robinson, Nidia; Saafi, Mohamed

2006-03-01

Critical civil infrastructure systems such as bridges, high rises, dams, nuclear power plants and pipelines present a major investment and the health of the United States' economy and the lifestyle of its citizens both depend on their safety and security. The challenge for engineers is to maintain the safety and security of these large structures in the face of terrorism threats, natural disasters and long-term deterioration, as well as to meet the demands of emergency response times. With the significant negative impact that these threats can have on the structural environment, health monitoring of civil infrastructure holds promise as a way to provide information for near real-time condition assessment of the structure's safety and security. This information can be used to assess the integrity of the structure for post-earthquake and terrorist attacks rescue and recovery, and to safely and rapidly remove the debris and to temporary shore specific structural elements. This information can also be used for identification of incipient damage in structures experiencing long-term deterioration. However, one of the major obstacles preventing sensor-based monitoring is the lack of reliable, easy-to-install, cost-effective and harsh environment resistant sensors that can be densely embedded into large-scale civil infrastructure systems. Nanotechnology and MEMS-based systems which have matured in recent years represent an innovative solution to current damage detection systems, leading to wireless, inexpensive, durable, compact, and high-density information collection. In this paper, ongoing research activities at Alabama A&M University (AAMU) Center for Transportation Infrastructure Safety and Security on the application of nanotechnology and MEMS to Civil Infrastructure for health monitoring will presented. To date, research showed that nanotechnology and MEMS-based systems can be used to wirelessly detect and monitor different damage mechanisms in concrete structures as well as monitor critical structures' stability during floods and barge impact. However, some technical issues that needs to be addressed before full implementation of these new systems and will also be discussed in this paper.

Decontamination of Anthrax spores in critical infrastructure and critical assets.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Boucher, Raymond M.; Crown, Kevin K.; Tucker, Mark David

2010-05-01

Decontamination of anthrax spores in critical infrastructure (e.g., subway systems, major airports) and critical assets (e.g., the interior of aircraft) can be challenging because effective decontaminants can damage materials. Current decontamination methods require the use of highly toxic and/or highly corrosive chemical solutions because bacterial spores are very difficult to kill. Bacterial spores such as Bacillus anthracis, the infectious agent of anthrax, are one of the most resistant forms of life and are several orders of magnitude more difficult to kill than their associated vegetative cells. Remediation of facilities and other spaces (e.g., subways, airports, and the interior of aircraft)more » contaminated with anthrax spores currently requires highly toxic and corrosive chemicals such as chlorine dioxide gas, vapor- phase hydrogen peroxide, or high-strength bleach, typically requiring complex deployment methods. We have developed a non-toxic, non-corrosive decontamination method to kill highly resistant bacterial spores in critical infrastructure and critical assets. A chemical solution that triggers the germination process in bacterial spores and causes those spores to rapidly and completely change to much less-resistant vegetative cells that can be easily killed. Vegetative cells are then exposed to mild chemicals (e.g., low concentrations of hydrogen peroxide, quaternary ammonium compounds, alcohols, aldehydes, etc.) or natural elements (e.g., heat, humidity, ultraviolet light, etc.) for complete and rapid kill. Our process employs a novel germination solution consisting of low-cost, non-toxic and non-corrosive chemicals. We are testing both direct surface application and aerosol delivery of the solutions. A key Homeland Security need is to develop the capability to rapidly recover from an attack utilizing biological warfare agents. This project will provide the capability to rapidly and safely decontaminate critical facilities and assets to return them to normal operations as quickly as possible, sparing significant economic damage by re-opening critical facilities more rapidly and safely. Facilities and assets contaminated with Bacillus anthracis (i.e., anthrax) spores can be decontaminated with mild chemicals as compared to the harsh chemicals currently needed. Both the 'germination' solution and the 'kill' solution are constructed of 'off-the-shelf,' inexpensive chemicals. The method can be utilized by directly spraying the solutions onto exposed surfaces or by application of the solutions as aerosols (i.e., small droplets), which can also reach hidden surfaces.« less

Web Server Security on Open Source Environments

NASA Astrophysics Data System (ADS)

Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies.

PubMed

Paté-Cornell, M-Elisabeth; Kuypers, Marshall; Smith, Matthew; Keller, Philip

2018-02-01

Managing cyber security in an organization involves allocating the protection budget across a spectrum of possible options. This requires assessing the benefits and the costs of these options. The risk analyses presented here are statistical when relevant data are available, and system-based for high-consequence events that have not happened yet. This article presents, first, a general probabilistic risk analysis framework for cyber security in an organization to be specified. It then describes three examples of forward-looking analyses motivated by recent cyber attacks. The first one is the statistical analysis of an actual database, extended at the upper end of the loss distribution by a Bayesian analysis of possible, high-consequence attack scenarios that may happen in the future. The second is a systems analysis of cyber risks for a smart, connected electric grid, showing that there is an optimal level of connectivity. The third is an analysis of sequential decisions to upgrade the software of an existing cyber security system or to adopt a new one to stay ahead of adversaries trying to find their way in. The results are distributions of losses to cyber attacks, with and without some considered countermeasures in support of risk management decisions based both on past data and anticipated incidents. © 2017 Society for Risk Analysis.

6 CFR 29.4 - Protected Critical Infrastructure Information Program administration.

Code of Federal Regulations, 2014 CFR

2014-01-01

...) Protected Critical Infrastructure Information Management System (PCIIMS). The PCII Program Manager shall... be known as the “Protected Critical Infrastructure Information Management System” (PCIIMS), to record... 6 Domestic Security 1 2014-01-01 2014-01-01 false Protected Critical Infrastructure Information...

6 CFR 29.4 - Protected Critical Infrastructure Information Program administration.

Code of Federal Regulations, 2011 CFR

2011-01-01

...) Protected Critical Infrastructure Information Management System (PCIIMS). The PCII Program Manager shall... be known as the “Protected Critical Infrastructure Information Management System” (PCIIMS), to record... 6 Domestic Security 1 2011-01-01 2011-01-01 false Protected Critical Infrastructure Information...

6 CFR 29.4 - Protected Critical Infrastructure Information Program administration.

Code of Federal Regulations, 2010 CFR

2010-01-01

...) Protected Critical Infrastructure Information Management System (PCIIMS). The PCII Program Manager shall... be known as the “Protected Critical Infrastructure Information Management System” (PCIIMS), to record... 6 Domestic Security 1 2010-01-01 2010-01-01 false Protected Critical Infrastructure Information...

6 CFR 29.4 - Protected Critical Infrastructure Information Program administration.

Code of Federal Regulations, 2012 CFR

2012-01-01

...) Protected Critical Infrastructure Information Management System (PCIIMS). The PCII Program Manager shall... be known as the “Protected Critical Infrastructure Information Management System” (PCIIMS), to record... 6 Domestic Security 1 2012-01-01 2012-01-01 false Protected Critical Infrastructure Information...

6 CFR 29.4 - Protected Critical Infrastructure Information Program administration.

Code of Federal Regulations, 2013 CFR

2013-01-01

...) Protected Critical Infrastructure Information Management System (PCIIMS). The PCII Program Manager shall... be known as the “Protected Critical Infrastructure Information Management System” (PCIIMS), to record... 6 Domestic Security 1 2013-01-01 2013-01-01 false Protected Critical Infrastructure Information...

18 CFR 388.112 - Requests for privileged treatment and Critical Energy Infrastructure Information (CEII) treatment...

Code of Federal Regulations, 2013 CFR

2013-04-01

... treatment and Critical Energy Infrastructure Information (CEII) treatment for documents submitted to the... treatment and Critical Energy Infrastructure Information (CEII) treatment for documents submitted to the... of exemption from disclosure under FOIA, including critical energy infrastructure information (CEII...

18 CFR 388.112 - Requests for privileged treatment and Critical Energy Infrastructure Information (CEII) treatment...

Code of Federal Regulations, 2014 CFR

2014-04-01

... treatment and Critical Energy Infrastructure Information (CEII) treatment for documents submitted to the... treatment and Critical Energy Infrastructure Information (CEII) treatment for documents submitted to the... of exemption from disclosure under FOIA, including critical energy infrastructure information (CEII...

Geographic Hotspots of Critical National Infrastructure.

PubMed

Thacker, Scott; Barr, Stuart; Pant, Raghav; Hall, Jim W; Alderson, David

2017-12-01

Failure of critical national infrastructures can result in major disruptions to society and the economy. Understanding the criticality of individual assets and the geographic areas in which they are located is essential for targeting investments to reduce risks and enhance system resilience. Within this study we provide new insights into the criticality of real-life critical infrastructure networks by integrating high-resolution data on infrastructure location, connectivity, interdependence, and usage. We propose a metric of infrastructure criticality in terms of the number of users who may be directly or indirectly disrupted by the failure of physically interdependent infrastructures. Kernel density estimation is used to integrate spatially discrete criticality values associated with individual infrastructure assets, producing a continuous surface from which statistically significant infrastructure criticality hotspots are identified. We develop a comprehensive and unique national-scale demonstration for England and Wales that utilizes previously unavailable data from the energy, transport, water, waste, and digital communications sectors. The testing of 200,000 failure scenarios identifies that hotspots are typically located around the periphery of urban areas where there are large facilities upon which many users depend or where several critical infrastructures are concentrated in one location. © 2017 Society for Risk Analysis.

31 CFR 800.208 - Critical infrastructure.

Code of Federal Regulations, 2012 CFR

2012-07-01

... 31 Money and Finance:Treasury 3 2012-07-01 2012-07-01 false Critical infrastructure. 800.208..., AND TAKEOVERS BY FOREIGN PERSONS Definitions § 800.208 Critical infrastructure. The term critical infrastructure means, in the context of a particular covered transaction, a system or asset, whether physical or...

18 CFR 375.313 - Delegations to the Critical Energy Infrastructure Information Coordinator.

Code of Federal Regulations, 2012 CFR

2012-04-01

... Critical Energy Infrastructure Information Coordinator. 375.313 Section 375.313 Conservation of Power and... COMMISSION Delegations § 375.313 Delegations to the Critical Energy Infrastructure Information Coordinator... requests for critical energy infrastructure information as defined in § 388.113(c)(1). (b) Make...

18 CFR 375.313 - Delegations to the Critical Energy Infrastructure Information Coordinator.

Code of Federal Regulations, 2014 CFR

2014-04-01

... Critical Energy Infrastructure Information Coordinator. 375.313 Section 375.313 Conservation of Power and... COMMISSION Delegations § 375.313 Delegations to the Critical Energy Infrastructure Information Coordinator... requests for critical energy infrastructure information as defined in § 388.113(c)(1). (b) Make...

18 CFR 375.313 - Delegations to the Critical Energy Infrastructure Information Coordinator.

Code of Federal Regulations, 2010 CFR

2010-04-01

... Critical Energy Infrastructure Information Coordinator. 375.313 Section 375.313 Conservation of Power and... COMMISSION Delegations § 375.313 Delegations to the Critical Energy Infrastructure Information Coordinator... requests for critical energy infrastructure information as defined in § 388.113(c)(1). (b) Make...

18 CFR 375.313 - Delegations to the Critical Energy Infrastructure Information Coordinator.

Code of Federal Regulations, 2013 CFR

2013-04-01

... Critical Energy Infrastructure Information Coordinator. 375.313 Section 375.313 Conservation of Power and... COMMISSION Delegations § 375.313 Delegations to the Critical Energy Infrastructure Information Coordinator... requests for critical energy infrastructure information as defined in § 388.113(c)(1). (b) Make...

31 CFR 800.208 - Critical infrastructure.

Code of Federal Regulations, 2014 CFR

2014-07-01

... 31 Money and Finance:Treasury 3 2014-07-01 2014-07-01 false Critical infrastructure. 800.208..., AND TAKEOVERS BY FOREIGN PERSONS Definitions § 800.208 Critical infrastructure. The term critical infrastructure means, in the context of a particular covered transaction, a system or asset, whether physical or...

31 CFR 800.208 - Critical infrastructure.

Code of Federal Regulations, 2011 CFR

2011-07-01

... 31 Money and Finance:Treasury 3 2011-07-01 2011-07-01 false Critical infrastructure. 800.208..., AND TAKEOVERS BY FOREIGN PERSONS Definitions § 800.208 Critical infrastructure. The term critical infrastructure means, in the context of a particular covered transaction, a system or asset, whether physical or...

18 CFR 375.313 - Delegations to the Critical Energy Infrastructure Information Coordinator.

Code of Federal Regulations, 2011 CFR

2011-04-01

... Critical Energy Infrastructure Information Coordinator. 375.313 Section 375.313 Conservation of Power and... COMMISSION Delegations § 375.313 Delegations to the Critical Energy Infrastructure Information Coordinator... requests for critical energy infrastructure information as defined in § 388.113(c)(1). (b) Make...

31 CFR 800.208 - Critical infrastructure.

Code of Federal Regulations, 2013 CFR

2013-07-01

... 31 Money and Finance:Treasury 3 2013-07-01 2013-07-01 false Critical infrastructure. 800.208..., AND TAKEOVERS BY FOREIGN PERSONS Definitions § 800.208 Critical infrastructure. The term critical infrastructure means, in the context of a particular covered transaction, a system or asset, whether physical or...

Resilience of networks formed of interdependent modular networks

NASA Astrophysics Data System (ADS)

Shekhtman, Louis M.; Shai, Saray; Havlin, Shlomo

2015-12-01

Many infrastructure networks have a modular structure and are also interdependent with other infrastructures. While significant research has explored the resilience of interdependent networks, there has been no analysis of the effects of modularity. Here we develop a theoretical framework for attacks on interdependent modular networks and support our results through simulations. We focus, for simplicity, on the case where each network has the same number of communities and the dependency links are restricted to be between pairs of communities of different networks. This is particularly realistic for modeling infrastructure across cities. Each city has its own infrastructures and different infrastructures are dependent only within the city. However, each infrastructure is connected within and between cities. For example, a power grid will connect many cities as will a communication network, yet a power station and communication tower that are interdependent will likely be in the same city. It has previously been shown that single networks are very susceptible to the failure of the interconnected nodes (between communities) (Shai et al 2014 arXiv:1404.4748) and that attacks on these nodes are even more crippling than attacks based on betweenness (da Cunha et al 2015 arXiv:1502.00353). In our example of cities these nodes have long range links which are more likely to fail. For both treelike and looplike interdependent modular networks we find distinct regimes depending on the number of modules, m. (i) In the case where there are fewer modules with strong intraconnections, the system first separates into modules in an abrupt first-order transition and then each module undergoes a second percolation transition. (ii) When there are more modules with many interconnections between them, the system undergoes a single transition. Overall, we find that modular structure can significantly influence the type of transitions observed in interdependent networks and should be considered in attempts to make interdependent networks more resilient.

3 CFR 13636 - Executive Order 13636 of February 12, 2013. Improving Critical Infrastructure Cybersecurity

Code of Federal Regulations, 2014 CFR

2014-01-01

... hereby ordered as follows: Section 1. Policy. Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow... resilience of the Nation's critical infrastructure and to maintain a cyber environment that encourages...

Pandemic influenza-implications for critical care resources in Australia and New Zealand.

PubMed

Anderson, Therese A; Hart, Graeme K; Kainer, Marion A

2003-09-01

To quantify resource requirements (additional beds and ventilator capacity), for critical care services in the event of pandemic influenza. Cross-sectional survey about existing and potential critical care resources. Participants comprised 156 of the 176 Australasian (Australia and New Zealand) critical care units on the database of the Australian and New Zealand Intensive Care Society (ANZICS) Research Centre for Critical Care Resources. The Meltzer, Cox and Fukuda model was adapted to map a range of influenza attack rate estimates for hospitalisation and episodes likely to require intensive care and to predict critical care admission rates and bed day requirements. Estimations of ventilation rates were based on those for community-acquired pneumonia. The estimated extra number of persons requiring hospitalisation ranged from 8,455 (10% attack rate) to 150,087 (45% attack rate). The estimated number of additional admissions to critical care units ranged from 423 (5% admission rate, 10% attack rate) to 37,522 (25% admission rate, 45% attack rate). The potential number of required intensive care bed days ranged from 846 bed days (2 day length of stay, 10% attack rate) to 375,220 bed days (10 day length of stay, 45% attack rate). The number of persons likely to require mechanical ventilation ranged from 106 (25% of projected critical care admissions, 10% attack rate) to 28,142 (75% of projected critical care admissions, 45% attack rate). An additional 1,195 emergency ventilator beds were identified in public sector and 248 in private sector hospitals. Cancellation of elective surgery could release a potential 76,402 intensive care bed days (per annum), but in the event of pandemic influenza, 31,150 bed days could be required over an 8- to 12-week period. Australasian critical care services would be overwhelmed in the event of pandemic influenza. More work is required in relation to modelling, contingency plans, and resource allocation.

VoIP attacks detection engine based on neural network

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Slachta, Jiri

2015-05-01

The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

76 FR 20995 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-14

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0028] Critical Infrastructure Partnership... Critical Infrastructure Partnership Advisory Council (CIPAC) by notice published in the Federal Register... Infrastructure Protection, National Protection and Programs Directorate, U.S. Department of Homeland Security...

Protecting drinking water utilities from cyberthreats

DOE PAGES

Clark, Robert M.; Panguluri, Srinivas; Nelson, Trent D.; ...

2017-02-01

Cyber-security challenges have the potential for becoming one of the defining issues of our time. Cyber-attacks have become an ever-increasing threat and the United States (US) Federal Bureau of Investigation (FBI) now ranks cyber-crime as one of its most important law enforcement activities. In addition to the general problems associated with cyber-crime, critical infrastructure (CI) related to energy production, manufacturing, water supply and other systems have come under attack. For example, drinking water utilities are increasingly incorporating computer technology into their routine operations and are therefore increasingly vulnerable to cyber- threats. Systems control and data acquisition (SCADA) systems used tomore » manage automated physical processes essential to water treatment and distribution systems have become standard in medium to large drinking water utilities and in many small water systems. However, even with the application of standard information technology cybersecurity best practices these types of systems have proven to be vulnerable to cyber-attacks. In 2015, the US Department of Homeland Security (DHS) responded to 25 cybersecurity incidents in the Water Sector and to 46 incidents in the Energy Sector. Comparatively, between 2014 and 2015, the reported number of Water Sector incidents actually increased by 78.6% (from 14 to 25). The DHS is in a collaborative partnership with the US Environmental Protection Agency to ensure cybersecurity in the Water Sector. As a result of this partnership a number of guidance documents and techniques have been developed to counter cyber-attacks and minimize cyber vulnerability. These approaches are documented along with a summary of common vulnerabilities. However, a new approach which has great promise in protecting drinking water systems against hacking and cyber-attacks, based on the concept of unidirectional gateways, is presented and discussed.« less

Protecting drinking water utilities from cyberthreats

DOE Office of Scientific and Technical Information (OSTI.GOV)

Clark, Robert M.; Panguluri, Srinivas; Nelson, Trent D.

Cyber-security challenges have the potential for becoming one of the defining issues of our time. Cyber-attacks have become an ever-increasing threat and the United States (US) Federal Bureau of Investigation (FBI) now ranks cyber-crime as one of its most important law enforcement activities. In addition to the general problems associated with cyber-crime, critical infrastructure (CI) related to energy production, manufacturing, water supply and other systems have come under attack. For example, drinking water utilities are increasingly incorporating computer technology into their routine operations and are therefore increasingly vulnerable to cyber- threats. Systems control and data acquisition (SCADA) systems used tomore » manage automated physical processes essential to water treatment and distribution systems have become standard in medium to large drinking water utilities and in many small water systems. However, even with the application of standard information technology cybersecurity best practices these types of systems have proven to be vulnerable to cyber-attacks. In 2015, the US Department of Homeland Security (DHS) responded to 25 cybersecurity incidents in the Water Sector and to 46 incidents in the Energy Sector. Comparatively, between 2014 and 2015, the reported number of Water Sector incidents actually increased by 78.6% (from 14 to 25). The DHS is in a collaborative partnership with the US Environmental Protection Agency to ensure cybersecurity in the Water Sector. As a result of this partnership a number of guidance documents and techniques have been developed to counter cyber-attacks and minimize cyber vulnerability. These approaches are documented along with a summary of common vulnerabilities. However, a new approach which has great promise in protecting drinking water systems against hacking and cyber-attacks, based on the concept of unidirectional gateways, is presented and discussed.« less

Semantic policy and adversarial modeling for cyber threat identification and avoidance

NASA Astrophysics Data System (ADS)

DeFrancesco, Anton; McQueary, Bruce

2009-05-01

Today's enterprise networks undergo a relentless barrage of attacks from foreign and domestic adversaries. These attacks may be perpetrated with little to no funding, but may wreck incalculable damage upon the enterprises security, network infrastructure, and services. As more services come online, systems that were once in isolation now provide information that may be combined dynamically with information from other systems to create new meaning on the fly. Security issues are compounded by the potential to aggregate individual pieces of information and infer knowledge at a higher classification than any of its constituent parts. To help alleviate these challenges, in this paper we introduce the notion of semantic policy and discuss how it's use is evolving from a robust approach to access control to preempting and combating attacks in the cyber domain, The introduction of semantic policy and adversarial modeling to network security aims to ask 'where is the network most vulnerable', 'how is the network being attacked', and 'why is the network being attacked'. The first aspect of our approach is integration of semantic policy into enterprise security to augment traditional network security with an overall awareness of policy access and violations. This awareness allows the semantic policy to look at the big picture - analyzing trends and identifying critical relations in system wide data access. The second aspect of our approach is to couple adversarial modeling with semantic policy to move beyond reactive security measures and into a proactive identification of system weaknesses and areas of vulnerability. By utilizing Bayesian-based methodologies, the enterprise wide meaning of data and semantic policy is applied to probability and high-level risk identification. This risk identification will help mitigate potential harm to enterprise networks by enabling resources to proactively isolate, lock-down, and secure systems that are most vulnerable.

Critical Infrastructure Protection II, The International Federation for Information Processing, Volume 290.

NASA Astrophysics Data System (ADS)

Papa, Mauricio; Shenoi, Sujeet

The information infrastructure -- comprising computers, embedded devices, networks and software systems -- is vital to day-to-day operations in every sector: information and telecommunications, banking and finance, energy, chemicals and hazardous materials, agriculture, food, water, public health, emergency services, transportation, postal and shipping, government and defense. Global business and industry, governments, indeed society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed. Critical Infrastructure Protection II describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: - Themes and Issues - Infrastructure Security - Control Systems Security - Security Strategies - Infrastructure Interdependencies - Infrastructure Modeling and Simulation This book is the second volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of twenty edited papers from the Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection held at George Mason University, Arlington, Virginia, USA in the spring of 2008.

A network-based framework for assessing infrastructure resilience: a case study of the London metro system.

PubMed

Chopra, Shauhrat S; Dillon, Trent; Bilec, Melissa M; Khanna, Vikas

2016-05-01

Modern society is increasingly dependent on the stability of a complex system of interdependent infrastructure sectors. It is imperative to build resilience of large-scale infrastructures like metro systems for addressing the threat of natural disasters and man-made attacks in urban areas. Analysis is needed to ensure that these systems are capable of withstanding and containing unexpected perturbations, and develop heuristic strategies for guiding the design of more resilient networks in the future. We present a comprehensive, multi-pronged framework that analyses information on network topology, spatial organization and passenger flow to understand the resilience of the London metro system. Topology of the London metro system is not fault tolerant in terms of maintaining connectivity at the periphery of the network since it does not exhibit small-world properties. The passenger strength distribution follows a power law, suggesting that while the London metro system is robust to random failures, it is vulnerable to disruptions on a few critical stations. The analysis further identifies particular sources of structural and functional vulnerabilities that need to be mitigated for improving the resilience of the London metro network. The insights from our framework provide useful strategies to build resilience for both existing and upcoming metro systems. © 2016 The Author(s).

Independent component analysis (ICA) and self-organizing map (SOM) approach to multidetection system for network intruders

NASA Astrophysics Data System (ADS)

Abdi, Abdi M.; Szu, Harold H.

2003-04-01

With the growing rate of interconnection among computer systems, network security is becoming a real challenge. Intrusion Detection System (IDS) is designed to protect the availability, confidentiality and integrity of critical network information systems. Today"s approach to network intrusion detection involves the use of rule-based expert systems to identify an indication of known attack or anomalies. However, these techniques are less successful in identifying today"s attacks. Hackers are perpetually inventing new and previously unanticipated techniques to compromise information infrastructure. This paper proposes a dynamic way of detecting network intruders on time serious data. The proposed approach consists of a two-step process. Firstly, obtaining an efficient multi-user detection method, employing the recently introduced complexity minimization approach as a generalization of a standard ICA. Secondly, we identified unsupervised learning neural network architecture based on Kohonen"s Self-Organizing Map for potential functional clustering. These two steps working together adaptively will provide a pseudo-real time novelty detection attribute to supplement the current intrusion detection statistical methodology.

76 FR 70730 - The Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-11-15

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0112] The Critical Infrastructure Partnership... Critical Infrastructure Partnership Advisory Council (CIPAC) by notice published in the Federal Register... Infrastructure Protection, National Protection and Programs Directorate, U.S. Department of Homeland Security...

76 FR 29775 - The Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2011-05-23

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0038] The Critical Infrastructure Partnership... Critical Infrastructure Partnership Advisory Council (CIPAC) by notice published in the Federal Register... Infrastructure Protection, National Protection and Programs Directorate, U.S. Department of Homeland Security...

78 FR 16861 - The Critical Infrastructure Partnership Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-19

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0077] The Critical Infrastructure Partnership... Infrastructure Partnership Advisory Council membership update. SUMMARY: The Department of Homeland Security (DHS) announced the establishment of the Critical Infrastructure Partnership Advisory Council (CIPAC) in a Federal...

75 FR 48983 - The Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2010-08-12

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0062] The Critical Infrastructure Partnership... Critical Infrastructure Partnership Advisory Council (CIPAC) by notice published in the Federal Register... Infrastructure Protection, National Protection and Programs Directorate, Department of Homeland Security, 245...

TCIA Secure Cyber Critical Infrastructure Modernization.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Keliiaa, Curtis M.

The Sandia National Laboratories (Sandia Labs) tribal cyber infrastructure assurance initiative was developed in response to growing national cybersecurity concerns in the the sixteen Department of Homeland Security (DHS) defined critical infrastructure sectors1. Technical assistance is provided for the secure modernization of critical infrastructure and key resources from a cyber-ecosystem perspective with an emphasis on enhanced security, resilience, and protection. Our purpose is to address national critical infrastructure challenges as a shared responsibility.

Common Criteria for Information Technology Security Evaluation: Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness)

DTIC Science & Technology

2002-03-22

may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure

Governance and Risk Management of Network and Information Security: The Role of Public Private Partnerships in Managing the Existing and Emerging Risks

NASA Astrophysics Data System (ADS)

Navare, Jyoti; Gemikonakli, Orhan

Globalisation and new technology has opened the gates to more security risks. As the strategic importance of communication networks and information increased, threats to the security and safety of communication infrastructures, as well as information stored in and/or transmitted increased significantly. The development of the self replicating programmes has become a nightmare for Internet users. Leading companies, strategic organisations were not immune to attacks; they were also "hacked" and overtaken by intruders. Incidents of recent years have also shown that national/regional crisis may also trigger cyber attacks at large scale. Experts forecast that cyber wars are likely to take the stage as tension mounts between developed societies. New risks such as cyber-attacks, network terrorism and disintegration of traditional infrastructures has somewhat blurred the boundaries of operation and control. This paper seeks to consider the risk management and governance and looking more specifically at implications for emerging economies.

Limits of Predictability of Cascading Overload Failures in Spatially-Embedded Networks with Distributed Flows.

PubMed

Moussawi, A; Derzsy, N; Lin, X; Szymanski, B K; Korniss, G

2017-09-15

Cascading failures are a critical vulnerability of complex information or infrastructure networks. Here we investigate the properties of load-based cascading failures in real and synthetic spatially-embedded network structures, and propose mitigation strategies to reduce the severity of damages caused by such failures. We introduce a stochastic method for optimal heterogeneous distribution of resources (node capacities) subject to a fixed total cost. Additionally, we design and compare the performance of networks with N-stable and (N-1)-stable network-capacity allocations by triggering cascades using various real-world node-attack and node-failure scenarios. We show that failure mitigation through increased node protection can be effectively achieved against single-node failures. However, mitigating against multiple node failures is much more difficult due to the combinatorial increase in possible sets of initially failing nodes. We analyze the robustness of the system with increasing protection, and find that a critical tolerance exists at which the system undergoes a phase transition, and above which the network almost completely survives an attack. Moreover, we show that cascade-size distributions measured in this region exhibit a power-law decay. Finally, we find a strong correlation between cascade sizes induced by individual nodes and sets of nodes. We also show that network topology alone is a weak predictor in determining the progression of cascading failures.

A generic open-source software framework supporting scenario simulations in bioterrorist crises.

PubMed

Falenski, Alexander; Filter, Matthias; Thöns, Christian; Weiser, Armin A; Wigger, Jan-Frederik; Davis, Matthew; Douglas, Judith V; Edlund, Stefan; Hu, Kun; Kaufman, James H; Appel, Bernd; Käsbohrer, Annemarie

2013-09-01

Since the 2001 anthrax attack in the United States, awareness of threats originating from bioterrorism has grown. This led internationally to increased research efforts to improve knowledge of and approaches to protecting human and animal populations against the threat from such attacks. A collaborative effort in this context is the extension of the open-source Spatiotemporal Epidemiological Modeler (STEM) simulation and modeling software for agro- or bioterrorist crisis scenarios. STEM, originally designed to enable community-driven public health disease models and simulations, was extended with new features that enable integration of proprietary data as well as visualization of agent spread along supply and production chains. STEM now provides a fully developed open-source software infrastructure supporting critical modeling tasks such as ad hoc model generation, parameter estimation, simulation of scenario evolution, estimation of effects of mitigation or management measures, and documentation. This open-source software resource can be used free of charge. Additionally, STEM provides critical features like built-in worldwide data on administrative boundaries, transportation networks, or environmental conditions (eg, rainfall, temperature, elevation, vegetation). Users can easily combine their own confidential data with built-in public data to create customized models of desired resolution. STEM also supports collaborative and joint efforts in crisis situations by extended import and export functionalities. In this article we demonstrate specifically those new software features implemented to accomplish STEM application in agro- or bioterrorist crisis scenarios.

77 FR 19300 - National Infrastructure Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2012-03-30

... Homeland Security with advice on the security of the critical infrastructure sectors and their information systems. The NIAC will meet to address issues relevant to the protection of critical infrastructure as... Group regarding the scope of the next phase of the Working Group's critical infrastructure resilience...

Sandia SCADA Program -- High Surety SCADA LDRD Final Report

DOE Office of Scientific and Technical Information (OSTI.GOV)

CARLSON, ROLF E.

2002-04-01

Supervisory Control and Data Acquisition (SCADA) systems are a part of the nation's critical infrastructure that is especially vulnerable to attack or disruption. Sandia National Laboratories is developing a high-security SCADA specification to increase the national security posture of the U.S. Because SCADA security is an international problem and is shaped by foreign and multinational interests, Sandia is working to develop a standards-based solution through committees such as the IEC TC 57 WG 15, the IEEE Substation Committee, and the IEEE P1547-related activity on communications and controls. The accepted standards are anticipated to take the form of a Common Criteriamore » Protection Profile. This report provides the status of work completed and discusses several challenges ahead.« less

77 FR 59203 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2012-09-26

... Infrastructure Partnership Advisory Council. [FR Doc. 2012-23666 Filed 9-25-12; 8:45 am] BILLING CODE 9910-9P-P ... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0051] Critical Infrastructure Partnership... meeting. SUMMARY: The Critical Infrastructure Partnership Advisory Council (CIPAC) Plenary Meeting will be...

Personal control of privacy and data: Estonian experience.

PubMed

Priisalu, Jaan; Ottis, Rain

2017-01-01

The Republic of Estonia leads Europe in the provision of public digital services. The national communications and transactions platform allows for twenty-first century governance by allowing for transparency, e-safety (inter alia privacy), e-security, entrepreneurship and, among other things, rising levels of prosperity, and well-being for all its Citizens. However, a series of Information Infrastructure attacks against the Estonian e-society infrastructure in 2007 became one of best known incidents and experiences that fundamentally changed both Estonian and international discussions about Cyber Security and Privacy. Estonian experience shows that an open and transparent attitude provides a good foundation for trust between the Citizen and the State, and gives more control to the real owner of the data - the Citizen. Another important lesson is that the Citizen needs to be confident in the government's ability to keep their data safe -- in terms of confidentiality, integrity and availability - establishing a strong link between privacy and information security. This paper discusses certain critical choices, context, and events connected to the birth and growth of the Estonian e-society in terms of Privacy.

An evaluation of security measures implemented to address physical threats to water infrastructure in the state of Mississippi.

PubMed

Barrett, Jason R; French, P Edward

2013-01-01

The events of September 11, 2001, increased and intensified domestic preparedness efforts in the United States against terrorism and other threats. The heightened focus on protecting this nation's critical infrastructure included legislation requiring implementation of extensive new security measures to better defend water supply systems against physical, chemical/biological, and cyber attacks. In response, municipal officials have implemented numerous safeguards to reduce the vulnerability of these systems to purposeful intrusions including ongoing vulnerability assessments, extensive personnel training, and highly detailed emergency response and communication plans. This study evaluates fiscal year 2010 annual compliance assessments of public water systems with security measures that were implemented by Mississippi's Department of Health as a response to federal requirements to address these potential terrorist threats to water distribution systems. The results show that 20 percent of the water systems in this state had at least one security violation on their 2010 Capacity Development Assessment, and continued perseverance from local governments is needed to enhance the resiliency and robustness of these systems against physical threats.

System for critical infrastructure security based on multispectral observation-detection module

NASA Astrophysics Data System (ADS)

Trzaskawka, Piotr; Kastek, Mariusz; Życzkowski, Marek; Dulski, Rafał; Szustakowski, Mieczysław; Ciurapiński, Wiesław; Bareła, Jarosław

2013-10-01

Recent terrorist attacks and possibilities of such actions in future have forced to develop security systems for critical infrastructures that embrace sensors technologies and technical organization of systems. The used till now perimeter protection of stationary objects, based on construction of a ring with two-zone fencing, visual cameras with illumination are efficiently displaced by the systems of the multisensor technology that consists of: visible technology - day/night cameras registering optical contrast of a scene, thermal technology - cheap bolometric cameras recording thermal contrast of a scene and active ground radars - microwave and millimetre wavelengths that record and detect reflected radiation. Merging of these three different technologies into one system requires methodology for selection of technical conditions of installation and parameters of sensors. This procedure enables us to construct a system with correlated range, resolution, field of view and object identification. Important technical problem connected with the multispectral system is its software, which helps couple the radar with the cameras. This software can be used for automatic focusing of cameras, automatic guiding cameras to an object detected by the radar, tracking of the object and localization of the object on the digital map as well as target identification and alerting. Based on "plug and play" architecture, this system provides unmatched flexibility and simplistic integration of sensors and devices in TCP/IP networks. Using a graphical user interface it is possible to control sensors and monitor streaming video and other data over the network, visualize the results of data fusion process and obtain detailed information about detected intruders over a digital map. System provide high-level applications and operator workload reduction with features such as sensor to sensor cueing from detection devices, automatic e-mail notification and alarm triggering. The paper presents a structure and some elements of critical infrastructure protection solution which is based on a modular multisensor security system. System description is focused mainly on methodology of selection of sensors parameters. The results of the tests in real conditions are also presented.

Real-Time SCADA Cyber Protection Using Compression Techniques

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lyle G. Roybal; Gordon H Rueff

2013-11-01

The Department of Energy’s Office of Electricity Delivery and Energy Reliability (DOE-OE) has a critical mission to secure the energy infrastructure from cyber attack. Through DOE-OE’s Cybersecurity for Energy Delivery Systems (CEDS) program, the Idaho National Laboratory (INL) has developed a method to detect malicious traffic on Supervisory, Control, and Data Acquisition (SCADA) network using a data compression technique. SCADA network traffic is often repetitive with only minor differences between packets. Research performed at the INL showed that SCADA network traffic has traits desirable for using compression analysis to identify abnormal network traffic. An open source implementation of a Lempel-Ziv-Welchmore » (LZW) lossless data compression algorithm was used to compress and analyze surrogate SCADA traffic. Infected SCADA traffic was found to have statistically significant differences in compression when compared against normal SCADA traffic at the packet level. The initial analyses and results are clearly able to identify malicious network traffic from normal traffic at the packet level with a very high confidence level across multiple ports and traffic streams. Statistical differentiation between infected and normal traffic level was possible using a modified data compression technique at the 99% probability level for all data analyzed. However, the conditions tested were rather limited in scope and need to be expanded into more realistic simulations of hacking events using techniques and approaches that are better representative of a real-world attack on a SCADA system. Nonetheless, the use of compression techniques to identify malicious traffic on SCADA networks in real time appears to have significant merit for infrastructure protection.« less

What’s My Lane? Identifying the State Government Role in Critical Infrastructure Protection

DTIC Science & Technology

2012-03-01

lacking. Dr. Bellavita makes an important point that “the initial difference between critical infrastructure and plain vanilla infrastructure seems to...more definitive description of “critical” would help to improve understanding of what infrastructure is critical and help to segregate “ vanilla ” or

The role of minimum supply and social vulnerability assessment for governing critical infrastructure failure: current gaps and future agenda

NASA Astrophysics Data System (ADS)

Garschagen, Matthias; Sandholz, Simone

2018-04-01

Increased attention has lately been given to the resilience of critical infrastructure in the context of natural hazards and disasters. The major focus therein is on the sensitivity of critical infrastructure technologies and their management contingencies. However, strikingly little attention has been given to assessing and mitigating social vulnerabilities towards the failure of critical infrastructure and to the development, design and implementation of minimum supply standards in situations of major infrastructure failure. Addressing this gap and contributing to a more integrative perspective on critical infrastructure resilience is the objective of this paper. It asks which role social vulnerability assessments and minimum supply considerations can, should and do - or do not - play for the management and governance of critical infrastructure failure. In its first part, the paper provides a structured review on achievements and remaining gaps in the management of critical infrastructure and the understanding of social vulnerabilities towards disaster-related infrastructure failures. Special attention is given to the current state of minimum supply concepts with a regional focus on policies in Germany and the EU. In its second part, the paper then responds to the identified gaps by developing a heuristic model on the linkages of critical infrastructure management, social vulnerability and minimum supply. This framework helps to inform a vision of a future research agenda, which is presented in the paper's third part. Overall, the analysis suggests that the assessment of socially differentiated vulnerabilities towards critical infrastructure failure needs to be undertaken more stringently to inform the scientifically and politically difficult debate about minimum supply standards and the shared responsibilities for securing them.

Bytes: Weapons of Mass Disruption

DTIC Science & Technology

2002-04-01

advances compound the problems of protecting complex global infrastructures from attacks. How should the U.S. integrate the many disparate...deploy and sustain military forces.".16 According to the direst of information warfare theories , all computer systems are vulnerable to attack. The...Crisis Show of Force Punitive Strikes Armed Intervention Regional Conflict Regional War Global Conventional War Strategic Nuclear War IW & C2W area of

Securing SSL-VPN with LR-AKE to access personal health record.

PubMed

Eizen, Kimura; Masato, Saito; Kazukuni, Kobara; Yoshihito, Nakato; Takuji, Kuroda; Ken, Ishihara

2013-01-01

Using SSL-VPN requires special considerations for well-known issues such as attackers exploiting web browser vulnerabilities and phishing sites using man-in-the-middle attacks. We used leakage-resilient authenticated key exchange (LR-AKE) to develop a comprehensive solution to SSL-VPN issues. Our results show that the LR-AKE should contribute to building a robust infrastructure for personal health records.

International Cyber Incident Repository System: Information Sharing on a Global Scale

DOE Office of Scientific and Technical Information (OSTI.GOV)

Joyce, Amanda L.; Evans, PhD, Nathaniel; Tanzman, Edward A.

According to the 2016 Internet Security Threat Report, the largest number of cyber attacks were recorded last year (2015), reaching a total of 430 million incidents throughout the world. As the number of cyber incidents increases, the need for information and intelligence sharing increases, as well. This fairly large increase in cyber incidents is driving the need for an international cyber incident data reporting system. The goal of the cyber incident reporting system is to make available shared and collected information about cyber events among participating international parties. In its 2014 report, Insurance Industry Working Session Readout Report-Insurance for CyberRelatedmore » Critical Infrastructure Loss: Key Issues, on the outcomes of a working session on cyber insurance, the U.S. Department of Homeland Security observed that “many participants cited the need for a secure method through which organizations could pool and share cyber incident information” and noted that one underwriter emphasized the importance of internationally harmonized data taxonomies. This cyber incident data reporting system could benefit all nations that take part in reporting incidents to provide a more common operating picture. In addition, this reporting system could allow for trending and anticipated attacks and could potentially benefit participating members by enabling them to get in front of potential attacks. The purpose of this paper is to identify options for consideration for such a system in fostering cooperative cyber defense.« less

Onsite and Electric Backup Capabilities at Critical Infrastructure Facilities in the United States

DOE Office of Scientific and Technical Information (OSTI.GOV)

Phillips, Julia A.; Wallace, Kelly E.; Kudo, Terence Y.

2016-04-01

The following analysis, conducted by Argonne National Laboratory’s (Argonne’s) Risk and Infrastructure Science Center (RISC), details an analysis of electric power backup of national critical infrastructure as captured through the Department of Homeland Security’s (DHS’s) Enhanced Critical Infrastructure Program (ECIP) Initiative. Between January 1, 2011, and September 2014, 3,174 ECIP facility surveys have been conducted. This study focused first on backup capabilities by infrastructure type and then expanded to infrastructure type by census region.

Web Forms and Untraceable DDoS Attacks

NASA Astrophysics Data System (ADS)

Jakobsson, Markus; Menczer, Filippo

We analyze a Web vulnerability that allows an attacker to perform an email-based attack on selected victims, using standard scripts and agents. What differentiates the attack we describe from other, already known forms of distributed denial of service (DDoS) attacks is that an attacker does not need to infiltrate the network in any manner - as is normally required to launch a DDoS attack. Thus, we see this type of attack as a poor man's DDoS. Not only is the attack easy to mount, but it is also almost impossible to trace back to the perpetrator. Along with descriptions of our attack, we demonstrate its destructive potential with (limited and contained) experimental results. We illustrate the potential impact of our attack by describing how an attacker can disable an email account by flooding its inbox; block competition during on-line auctions; harm competitors with an on-line presence; disrupt phone service to a given victim; disconnect mobile corporate leaders from their networks; and disrupt electronic elections. Finally, we propose a set of countermeasures that are light-weight, do not require modifications to the infrastructure, and can be deployed in a gradual manner.

78 FR 73202 - Review and Revision of the National Critical Infrastructure Security and Resilience (NCISR...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-12-05

...This Request for Information (RFI) notice informs the public that the Department of Homeland Security's (DHS) Science and Technology Directorate (S&T) is currently developing a National Critical Infrastructure Security and Resilience Research and Development Plan (NCISR R&D Plan) to conform to the requirements of Presidential Policy Directive 21, Critical Infrastructure Security and Resilience. As part of a comprehensive national review process, DHS solicits public comment on issues or language in the NCISR R&D Plan that need to be included. Critical infrastructure includes both cyber and physical components, systems, and networks for the sixteen established ``critical infrastructures''.

PACE: Proactively Secure Accumulo with Cryptographic Enforcement

DTIC Science & Technology

2017-05-27

Abstract—Cloud-hosted databases have many compelling ben- efits, including high availability , flexible resource allocation, and resiliency to attack...infrastructure to the cloud. This move is motivated by the cloud’s increased availability , flexibility, and resilience [1]. Most importantly, the cloud enables...a level of availability and performance that would be impossible for many companies to achieve using their own infrastructure. For example, using a

Solving Defender-Attacker-Defender Models for Infrastructure Defense

DTIC Science & Technology

2011-01-01

PRA,” also 28 Report Documentation Page Form ApprovedOMB No. 0704-0188 Public reporting burden for the collection of information is estimated to...information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports , 1215... REPORT DATE 2011 2. REPORT TYPE 3. DATES COVERED 00-00-2011 to 00-00-2011 4. TITLE AND SUBTITLE Solving Defender-Attacker-Defender Models for

Secure Multiparty Computation for Cooperative Cyber Risk Assessment

DTIC Science & Technology

2016-11-01

the scope of data available; the more attacks that are represented in the dataset the easier it will be to determine which vulnerabilities are most...assessments by pooling their data, as a dataset that covers the infrastructure of multiple institutions would allow each of them to account for...attacks that others had experienced [4]. Sharing information to produce a broad dataset would greatly improve the ability of each organization involved to

6 CFR 29.1 - Purpose and scope.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... receipt, care, and storage of Critical Infrastructure Information (CII) voluntarily submitted to the... herein as the Critical Infrastructure Information Act of 2002 (CII Act). Consistent with the statutory...

6 CFR 29.1 - Purpose and scope.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... receipt, care, and storage of Critical Infrastructure Information (CII) voluntarily submitted to the... herein as the Critical Infrastructure Information Act of 2002 (CII Act). Consistent with the statutory...

6 CFR 29.1 - Purpose and scope.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... receipt, care, and storage of Critical Infrastructure Information (CII) voluntarily submitted to the... herein as the Critical Infrastructure Information Act of 2002 (CII Act). Consistent with the statutory...

6 CFR 29.1 - Purpose and scope.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... receipt, care, and storage of Critical Infrastructure Information (CII) voluntarily submitted to the... herein as the Critical Infrastructure Information Act of 2002 (CII Act). Consistent with the statutory...

75 FR 21011 - Critical Infrastructure Partnership Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2010-04-22

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0032] Critical Infrastructure Partnership... Infrastructure Partnership Advisory Council (CIPAC) charter renewal. SUMMARY: The Department of Homeland Security... and Outreach Division, Office of Infrastructure Protection, National Protection and Programs...

75 FR 60771 - Critical Infrastructure Partnership Advisory Council (CIPAC)

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-01

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2010-0080] Critical Infrastructure Partnership..., Section Chief Partnership Programs, Partnership and Outreach Division, Office of Infrastructure Protection... Outreach Division, Office of Infrastructure Protection, National Protection and Programs Directorate...

US-CERT Control System Center Input/Output (I/O) Conceputal Design

DOE Office of Scientific and Technical Information (OSTI.GOV)

Not Available

2005-02-01

This document was prepared for the US-CERT Control Systems Center of the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). DHS has been tasked under the Homeland Security Act of 2002 to coordinate the overall national effort to enhance the protection of the national critical infrastructure. Homeland Security Presidential Directive HSPD-7 directs the federal departments to identify and prioritize critical infrastructure and protect it from terrorist attack. The US-CERT National Strategy for Control Systems Security was prepared by the NCSD to address the control system security component addressed in the National Strategy to Secure Cyberspace andmore » the National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. The US-CERT National Strategy for Control Systems Security identified five high-level strategic goals for improving cyber security of control systems; the I/O upgrade described in this document supports these goals. The vulnerability assessment Test Bed, located in the Information Operations Research Center (IORC) facility at Idaho National Laboratory (INL), consists of a cyber test facility integrated with multiple test beds that simulate the nation's critical infrastructure. The fundamental mission of the Test Bed is to provide industry owner/operators, system vendors, and multi-agency partners of the INL National Security Division a platform for vulnerability assessments of control systems. The Input/Output (I/O) upgrade to the Test Bed (see Work Package 3.1 of the FY-05 Annual Work Plan) will provide for the expansion of assessment capabilities within the IORC facility. It will also provide capabilities to connect test beds within the Test Range and other Laboratory resources. This will allow real time I/O data input and communication channels for full replications of control systems (Process Control Systems [PCS], Supervisory Control and Data Acquisition Systems [SCADA], and components). This will be accomplished through the design and implementation of a modular infrastructure of control system, communications, networking, computing and associated equipment, and measurement/control devices. The architecture upgrade will provide a flexible patching system providing a quick ''plug and play''configuration through various communication paths to gain access to live I/O running over specific protocols. This will allow for in-depth assessments of control systems in a true-to-life environment. The full I/O upgrade will be completed through a two-phased approach. Phase I, funded by DHS, expands the capabilities of the Test Bed by developing an operational control system in two functional areas, the Science & Technology Applications Research (STAR) Facility and the expansion of various portions of the Test Bed. Phase II (see Appendix A), funded by other programs, will complete the full I/O upgrade to the facility.« less

The impact of natural hazard on critical infrastructure systems: definition of an ontology

NASA Astrophysics Data System (ADS)

Dimauro, Carmelo; Bouchon, Sara; Frattini, Paolo; Giusto, Claudia

2013-04-01

According to the Council of the European Union Directive (2008), 'critical infrastructure' means an asset, system or part thereof which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact as a result of the failure to maintain those functions. Critical infrastructure networks are exposed to natural events, such as floods, storms, landslides, earthquakes, etc. Recent natural disasters show that socio-economic consequences can be very much aggravated by the impact on these infrastructures. Though, there is still a lack of a recognized approach or methodology to assess the vulnerability of critical infrastructure assets against natural threats. The difficulty to define such an approach is increased by the need to consider a very high number of natural events, which differ in nature, magnitude and probability, as well as the need to assess the vulnerability of a high variety of infrastructure assets (e.g. bridges, roads, tunnels, pipelines, etc.) To meet this challenge, the objective of the THREVI2 EU-CIPS project is to create a database linking the relationships between natural hazards and critical infrastructure assets. The query of the database will allow the end-users (critical infrastructure protection authorities and operators) to identify the relevant scenarios according to the own priorities and criteria. The database builds on an ontology optimized for the assessment of the impact of threats on critical infrastructures. The ontology aims at capturing the existing knowledge on natural hazards, critical infrastructures assets and their related vulnerabilities. Natural phenomena that can threaten critical infrastructures are classified as "events", and organized in a genetic-oriented hierarchy. The main attributes associated to each event are the probability, the magnitude and the "modus". The modus refers to the physical-chemical process by means the event (e.g., a pyroclastic flow) can interact and damage a critical infrastructure asset (e.g., a pipe). Each event can be characterized by several modi (e.g., impact load, heating, burying) that can cause damages to the asset. Hence, the damage is linked to the modus and not directly to the event. The advantage of using the "modus" approach is to allow reducing the number of interactions (natural hazard/Critical infrastructure assets) to be addressed. All different events exert their impact on infrastructures by means of a limited number of different modus. This allows adapting existing vulnerability or fragility laws to events that have not been studied yet, and for which these laws are not available.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Corey Thuen

The On-Device Dynamic Analysis of Mobile Applications (ODAMA) project was started in an effort to protect mobile devices used in Industrial Control Systems (ICS) from cyber attack. Because mobile devices hide as much of the “computer” as possible, the user’s ability to assess the software running on their system is limited. The research team chose Google’s Android platform for this initial research because it is open source and it would give us freedom in our approach, including the ability to modify the mobile device’s operating system itself. The research team concluded that a Privileged Application was the right approach, andmore » the result was ODAMA. This project is an important piece of the work to secure the expanding use of mobile devices with our nation’s critical infrastructure.« less

Water System Security and Resilience in Homeland Security Research

EPA Pesticide Factsheets

EPA's water security research provides tools needed to improve infrastructure security and to recover from an attack or contamination incident involving chemical, biological, or radiological (CBR) agents or weapons.

6 CFR 29.7 - Safeguarding of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2012 CFR

2012-01-01

... prevents unauthorized retrieval, such as shredding or incineration. (f) Transmission of information. PCII... Infrastructure Information. 29.7 Section 29.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE INFORMATION § 29.7 Safeguarding of Protected Critical...

6 CFR 29.7 - Safeguarding of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2011 CFR

2011-01-01

... prevents unauthorized retrieval, such as shredding or incineration. (f) Transmission of information. PCII... Infrastructure Information. 29.7 Section 29.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE INFORMATION § 29.7 Safeguarding of Protected Critical...

6 CFR 29.7 - Safeguarding of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2013 CFR

2013-01-01

... prevents unauthorized retrieval, such as shredding or incineration. (f) Transmission of information. PCII... Infrastructure Information. 29.7 Section 29.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE INFORMATION § 29.7 Safeguarding of Protected Critical...

6 CFR 29.7 - Safeguarding of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2014 CFR

2014-01-01

... prevents unauthorized retrieval, such as shredding or incineration. (f) Transmission of information. PCII... Infrastructure Information. 29.7 Section 29.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE INFORMATION § 29.7 Safeguarding of Protected Critical...

6 CFR 29.7 - Safeguarding of Protected Critical Infrastructure Information.

Code of Federal Regulations, 2010 CFR

2010-01-01

... prevents unauthorized retrieval, such as shredding or incineration. (f) Transmission of information. PCII... Infrastructure Information. 29.7 Section 29.7 Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE INFORMATION § 29.7 Safeguarding of Protected Critical...

The Effects of Denial-of-Service Attacks on Secure Time-Critical Communications in the Smart Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zhang, Fengli; Li, QInghua; Mantooth, Homer Alan

2016-04-02

According to IEC 61850, many smart grid communications require messages to be delivered in a very short time. –Trip messages and sample values applied to the transmission level: 3 ms –Interlocking messages applied to the distribution level: 10 ms •Time-critical communications are vulnerable to denial-of-service (DoS) attacks –Flooding attack: Attacker floods many messages to the target network/machine. We conducted systematic, experimental study about how DoS attacks affect message delivery delays.

Transport Traffic Analysis for Abusive Infrastructure Characterization

DTIC Science & Technology

2012-12-14

Introduction Abusive traffic abounds on the Internet, in the form of email, malware, vulnerability scanners, worms, denial-of-service, drive-by-downloads, scam ...insight is two-fold. First, attackers have a basic requirement to source large amounts of data, be it denial-of-service, scam -hosting, spam, or other...the network core. This paper explores the power of transport-layer traffic analysis to detect and characterize scam hosting infrastructure, including

Ten Tales of Betrayal: The Threat to Corporate Infrastructure by Information Technology Insiders Analysis and Observations

DTIC Science & Technology

2005-09-01

for traditional social networks. Often the computer is used to mediate their social interactions at work. This lack of social skills tends to...substance of the case narratives. These issue areas are: Subject and Attack Characteristics, Screening, Attack Detection, Organizational and Social ...strong relationship between personal stress as well as adverse social climates and the level of risk for systems abuse in any organization that relies

76 FR 18743 - Commission Information Collection Activities (FERC-603); Comment Request; Extension

Federal Register 2010, 2011, 2012, 2013, 2014

2011-04-05

... FERC-603 ``Critical Energy Infrastructure Information'' (OMB No. 1902-0197) is used by the Commission to implement procedures for gaining access to critical energy infrastructure information (CEII) that... information about ``existing or proposed critical infrastructure that (i) relates to the production...

Application of the PageRank Algorithm to Alarm Graphs

NASA Astrophysics Data System (ADS)

Treinen, James J.; Thurimella, Ramakrishna

The task of separating genuine attacks from false alarms in large intrusion detection infrastructures is extremely difficult. The number of alarms received in such environments can easily enter into the millions of alerts per day. The overwhelming noise created by these alarms can cause genuine attacks to go unnoticed. As means of highlighting these attacks, we introduce a host ranking technique utilizing Alarm Graphs. Rather than enumerate all potential attack paths as in Attack Graphs, we build and analyze graphs based on the alarms generated by the intrusion detection sensors installed on a network. Given that the alarms are predominantly false positives, the challenge is to identify, separate, and ideally predict future attacks. In this paper, we propose a novel approach to tackle this problem based on the PageRank algorithm. By elevating the rank of known attackers and victims we are able to observe the effect that these hosts have on the other nodes in the Alarm Graph. Using this information we are able to discover previously overlooked attacks, as well as defend against future intrusions.

76 FR 81956 - National Infrastructure Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2011-12-29

... through the Secretary of Homeland Security with advice on the security of the critical infrastructure... critical infrastructure as directed by the President. At this meeting, the committee will receive work from... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0117] National Infrastructure Advisory...

76 FR 36137 - National Infrastructure Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2011-06-21

... Homeland Security with advice on the security of the critical infrastructure sectors and their information systems. The NIAC will meet to address issues relevant to the protection of critical infrastructure as... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2011-0034] National Infrastructure Advisory...

Critical infrastructure protection.

PubMed

Deitz, Kim M

2012-01-01

Current government policies for protecting the nation's critical infrastructure are described in this article which focuses on hospital disaster planning and incident management and the significant role of Security in infrastructure protection

A Federal Response: The President's Critical Infrastructure Protection Board.

ERIC Educational Resources Information Center

Schmidt, Howard

2002-01-01

Outlines the U.S. Critical Infrastructure Protection Board's purpose, budget, principles, and priorities. Describes the board's role in coordinating all federal activities related to protection of information systems and networks supporting critical infrastructures. Also discusses its responsibility in creating a policy and road map for government…

Cybersecurity Awareness in the Power Grid

DOE Office of Scientific and Technical Information (OSTI.GOV)

Scholtz, Jean; Franklin, Lyndsey; Le Blanc, Katya L.

2016-07-10

We report on a series of interviews and observations conducted with control room dispatchers in a bulk electrical system. These dispatchers must react quickly to incidents as they happen in order to ensure the reliability and safe operation of the power grid. They do not have the time to evaluate incidents for signs of cyber-attack as part of their initial response. Cyber-attack detection involves multiple personnel from a variety of roles at both local and regional levels. Smart grid technology will improve detection and defense capabilities of the future grid, however, the current infrastructure remains a mixture of old andmore » new equipment which will continue to operate for some time. Thus, research still needs to focus on strategies for the detection of malicious activity on current infrastructure as well as protection and remediation.« less

78 FR 6807 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-01-31

... Cyber Security Trade Mission to Saudi Arabia and Kuwait, September 28-October 1, 2013 AGENCY... coordinating and sponsoring an executive-led Critical Infrastructure Protection and Cyber Security mission to... on the cyber security, critical infrastructure protection, and emergency management, ports of entry...

The Influence of State Policies on Critical Infrastructure Resilience: An Approach for Analyzing Transportation and Capital Investment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wall, Thomas; Trail, Jessica; Gevondyan, Erna

During times of crisis, communities and regions rely heavily on critical infrastructure systems to support their emergency management response and recovery activities. Therefore, the resilience of critical infrastructure systems to crises is a pivotal factor to a community’s overall resilience. Critical infrastructure resilience can be influenced by many factors, including State policies – which are not always uniform in their structure or application across the United States – were identified by the U.S. Department of Homeland Security as an area of particular interest with respect to their the influence on the resilience of critical infrastructure systems. This study focuses onmore » developing an analytical methodology to assess links between policy and resilience, and applies that methodology to critical infrastructure in the Transportation Systems Sector. Specifically, this study seeks to identify potentially influential linkages between State transportation capital funding policies and the resilience of bridges located on roadways that are under the management of public agencies. This study yielded notable methodological outcomes, including the general capability of the analytical methodology to yield – in the case of some States – significant results connecting State policies with critical infrastructure resilience, with the suggestion that further refinement of the methodology may be beneficial.« less

A modeling framework for investment planning in interdependent infrastructures in multi-hazard environments.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Brown, Nathanael J. K.; Gearhart, Jared Lee; Jones, Dean A.

Currently, much of protection planning is conducted separately for each infrastructure and hazard. Limited funding requires a balance of expenditures between terrorism and natural hazards based on potential impacts. This report documents the results of a Laboratory Directed Research & Development (LDRD) project that created a modeling framework for investment planning in interdependent infrastructures focused on multiple hazards, including terrorism. To develop this framework, three modeling elements were integrated: natural hazards, terrorism, and interdependent infrastructures. For natural hazards, a methodology was created for specifying events consistent with regional hazards. For terrorism, we modeled the terrorists actions based on assumptions regardingmore » their knowledge, goals, and target identification strategy. For infrastructures, we focused on predicting post-event performance due to specific terrorist attacks and natural hazard events, tempered by appropriate infrastructure investments. We demonstrate the utility of this framework with various examples, including protection of electric power, roadway, and hospital networks.« less

75 FR 81284 - National Protection and Programs Directorate; National Infrastructure Advisory Council Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2010-12-27

... Homeland Security with advice on the security of the critical infrastructure sectors and their information systems. The NIAC will meet to address issues relevant to the protection of critical infrastructure as... Directorate; National Infrastructure Advisory Council Meeting AGENCY: National Protection and Programs...

A Mathematical Framework for the Analysis of Cyber-Resilient Control Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Melin, Alexander M; Ferragut, Erik M; Laska, Jason A

2013-01-01

The increasingly recognized vulnerability of industrial control systems to cyber-attacks has inspired a considerable amount of research into techniques for cyber-resilient control systems. The majority of this effort involves the application of well known information security (IT) techniques to control system networks. While these efforts are important to protect the control systems that operate critical infrastructure, they are never perfectly effective. Little research has focused on the design of closed-loop dynamics that are resilient to cyber-attack. The majority of control system protection measures are concerned with how to prevent unauthorized access and protect data integrity. We believe that the abilitymore » to analyze how an attacker can effect the closed loop dynamics of a control system configuration once they have access is just as important to the overall security of a control system. To begin to analyze this problem, consistent mathematical definitions of concepts within resilient control need to be established so that a mathematical analysis of the vulnerabilities and resiliencies of a particular control system design methodology and configuration can be made. In this paper, we propose rigorous definitions for state awareness, operational normalcy, and resiliency as they relate to control systems. We will also discuss some mathematical consequences that arise from the proposed definitions. The goal is to begin to develop a mathematical framework and testable conditions for resiliency that can be used to build a sound theoretical foundation for resilient control research.« less

Security in MANETs using reputation-adjusted routing

NASA Astrophysics Data System (ADS)

Ondi, Attila; Hoffman, Katherine; Perez, Carlos; Ford, Richard; Carvalho, Marco; Allen, William

2009-04-01

Mobile Ad-Hoc Networks enable communication in various dynamic environments, including military combat operations. Their open and shared communication medium enables new forms of attack that are not applicable for traditional wired networks. Traditional security mechanisms and defense techniques are not prepared to cope with the new attacks and the lack of central authorities make identity verifications difficult. This work extends our previous work in the Biologically Inspired Tactical Security Infrastructure to provide a reputation-based weighing mechanism for linkstate routing protocols to protect the network from attackers that are corrupting legitimate network traffic. Our results indicate that the approach is successful in routing network traffic around compromised computers.

An efficient collaborative approach for black hole attack discovery and mitigating its impact in manet

NASA Astrophysics Data System (ADS)

Devipriya, K.; Ivy, B. Persis Urbana; Prabha, D.

2018-04-01

A mobile ad hoc network (MANET) is an assemblage of nodes composed of mobile devices coupled in various ways wirelessly which do not have any central administration. Each node in MANET cooperates in forwarding packets in the network. This type of collaboration incurs high cost but there exits nodes that declines to cooperate leading to selfish conduct of nodes which effects overall network performance. To discover the attacks caused by such nodes, a renowned mechanism using watchdog can be deployed. In infrastructure less network attack detection and reaction and high false positives, false negatives initiating black hole attack becomes major issue in watchdog. This paper put forward a collaborative approach for identifying such attacks in MANET. Through abstract analysis and extensive simulation of this approach, the detection time of misbehaved nodes is reduced and substantial enhancement in overhead and throughput is witnessed.

On localization attacks against cloud infrastructure

NASA Astrophysics Data System (ADS)

Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

2013-05-01

One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

Vibration Monitoring of Power Distribution Poles

DOE Office of Scientific and Technical Information (OSTI.GOV)

Clark Scott; Gail Heath; John Svoboda

2006-04-01

Some of the most visible and least monitored elements of our national security infrastructure are the poles and towers used for the distribution of our nation’s electrical power. Issues surrounding these elements within the United States include safety such as unauthorized climbing and access, vandalism such as nut/bolt removal or destructive small arms fire, and major vandalism such as the downing of power poles and towers by the cutting of the poles with a chainsaw or torches. The Idaho National Laboratory (INL) has an ongoing research program working to develop inexpensive and sensitive sensor platforms for the monitoring and characterizationmore » of damage to the power distribution infrastructure. This presentation covers the results from the instrumentation of a variety of power poles and wires with geophone assemblies and the recording of vibration data when power poles were subjected to a variety of stimuli. Initial results indicate that, for the majority of attacks against power poles, the resulting signal can be seen not only on the targeted pole but on sensors several poles away in the distribution network and a distributed sensor system can be used to monitor remote and critical structures.« less

Celestial data routing network

NASA Astrophysics Data System (ADS)

Bordetsky, Alex

2000-11-01

Imagine that information processing human-machine network is threatened in a particular part of the world. Suppose that an anticipated threat of physical attacks could lead to disruption of telecommunications network management infrastructure and access capabilities for small geographically distributed groups engaged in collaborative operations. Suppose that small group of astronauts are exploring the solar planet and need to quickly configure orbital information network to support their collaborative work and local communications. The critical need in both scenarios would be a set of low-cost means of small team celestial networking. To the geographically distributed mobile collaborating groups such means would allow to maintain collaborative multipoint work, set up orbital local area network, and provide orbital intranet communications. This would be accomplished by dynamically assembling the network enabling infrastructure of the small satellite based router, satellite based Codec, and set of satellite based intelligent management agents. Cooperating single function pico satellites, acting as agents and personal switching devices together would represent self-organizing intelligent orbital network of cooperating mobile management nodes. Cooperative behavior of the pico satellite based agents would be achieved by comprising a small orbital artificial neural network capable of learning and restructing the networking resources in response to the anticipated threat.

77 FR 64818 - The Critical Infrastructure Partnership Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2012-10-23

... DEPARTMENT OF HOMELAND SECURITY [Docket No. DHS-2012-0033] The Critical Infrastructure Partnership... Infrastructure Partnership Advisory Council membership update. SUMMARY: The Department of Homeland Security (DHS) announced the [[Page 64819

Taking Care of Yourself

MedlinePlus

... high blood pressure, staying on your medicines is critical to prevent heart attacks, strokes, kidney disease and ... high blood pressure, staying on your medicines is critical to prevent heart attacks, strokes, kidney disease and ...

Competition in the domain of wireless networks security

NASA Astrophysics Data System (ADS)

Bednarczyk, Mariusz

2017-04-01

Wireless networks are very popular and have found wide spread usage amongst various segments, also in military environment. The deployment of wireless infrastructures allow to reduce the time it takes to install and dismantle communications networks. With wireless, users are more mobile and can easily get access to the network resources all the time. However, wireless technologies like WiFi or Bluetooth have security issues that hackers have extensively exploited over the years. In the paper several serious security flaws in wireless technologies are presented. Most of them enable to get access to the internal networks and easily carry out man-in-the-middle attacks. Very often, they are used to launch massive denial of service attacks that target the physical infrastructure as well as the RF spectrum. For instance, there are well known instances of Bluetooth connection spoofing in order to steal WiFi password stored in the mobile device. To raise the security awareness and protect wireless networks against an adversary attack, an analysis of attack methods and tools over time is presented in the article. The particular attention is paid to the severity, possible targets as well as the ability to persist in the context of protective measures. Results show that an adversary can take complete control of the victims' mobile device features if the users forget to use simple safety principles.

Performance Evaluation of AODV with Blackhole Attack

NASA Astrophysics Data System (ADS)

Dara, Karuna

2010-11-01

A Mobile Ad Hoc Network (MANET) is a temporary network set up by a wireless mobile computers moving arbitrary in the places that have no network infrastructure. These nodes maintain connectivity in a decentralized manner. Since the nodes communicate with each other, they cooperate by forwarding data packets to other nodes in the network. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, mobile ad-hoc networks are unprotected to attacks of the malicious nodes. One of these attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. In this paper, we simulated the black hole attack in various mobile ad-hoc network scenarios using AODV routing protocol of MANET and have tried to find a effect if number of nodes are increased with increase in malicious nodes.

3 CFR 8607 - Proclamation 8607 of November 30, 2010. Critical Infrastructure Protection Month, 2010

Code of Federal Regulations, 2011 CFR

2011-01-01

..., which will make our physical and cyber infrastructure more resilient. Working together, we can raise... Infrastructure Protection Month, 2010 8607 Proclamation 8607 Presidential Documents Proclamations Proclamation 8607 of November 30, 2010 Proc. 8607 Critical Infrastructure Protection Month, 2010By the President of...

The 'Direct Attack' Strategy for Poverty Removal: Implementation Methodology.

ERIC Educational Resources Information Center

Sinha, Sanjay

1981-01-01

Discusses elements of an implementation methodology for the removal of poverty in India. Includes background, methodology, aggregation of demands, economics of the strategy, complementary activities and infrastructure, mechanics of implementation, and monitoring. (CT)

Aviation security : terrorist acts illustrate severe weaknesses in aviation security

DOT National Transportation Integrated Search

2001-09-20

This is the statement of Gerald L. Dillingham, Director, Physical Infrastructure Issues before the Subcommittee on Transportation, Senate and House Committees on Appropriations regarding vulnerabilities to terrorist attacks of the nation's aviation s...

A Distributed Middleware Architecture for Attack-Resilient Communications in Smart Grids

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hodge, Brian S; Wu, Yifu; Wei, Jin

Distributed Energy Resources (DERs) are being increasingly accepted as an excellent complement to traditional energy sources in smart grids. As most of these generators are geographically dispersed, dedicated communications investments for every generator are capital cost prohibitive. Real-time distributed communications middleware, which supervises, organizes and schedules tremendous amounts of data traffic in smart grids with high penetrations of DERs, allows for the use of existing network infrastructure. In this paper, we propose a distributed attack-resilient middleware architecture that detects and mitigates the congestion attacks by exploiting the Quality of Experience (QoE) measures to complement the conventional Quality of Service (QoS)more » information to detect and mitigate the congestion attacks effectively. The simulation results illustrate the efficiency of our proposed communications middleware architecture.« less

A Distributed Middleware Architecture for Attack-Resilient Communications in Smart Grids: Preprint

DOE Office of Scientific and Technical Information (OSTI.GOV)

Wu, Yifu; Wei, Jin; Hodge, Bri-Mathias

Distributed energy resources (DERs) are being increasingly accepted as an excellent complement to traditional energy sources in smart grids. Because most of these generators are geographically dispersed, dedicated communications investments for every generator are capital-cost prohibitive. Real-time distributed communications middleware - which supervises, organizes, and schedules tremendous amounts of data traffic in smart grids with high penetrations of DERs - allows for the use of existing network infrastructure. In this paper, we propose a distributed attack-resilient middleware architecture that detects and mitigates the congestion attacks by exploiting the quality of experience measures to complement the conventional quality of service informationmore » to effectively detect and mitigate congestion attacks. The simulation results illustrate the efficiency of our proposed communications middleware architecture.« less

Characterization of attacks on public telephone networks

NASA Astrophysics Data System (ADS)

Lorenz, Gary V.; Manes, Gavin W.; Hale, John C.; Marks, Donald; Davis, Kenneth; Shenoi, Sujeet

2001-02-01

The U.S. Public Telephone Network (PTN) is a massively connected distributed information systems, much like the Internet. PTN signaling, transmission and operations functions must be protected from physical and cyber attacks to ensure the reliable delivery of telecommunications services. The increasing convergence of PTNs with wireless communications systems, computer networks and the Internet itself poses serious threats to our nation's telecommunications infrastructure. Legacy technologies and advanced services encumber well-known and as of yet undiscovered vulnerabilities that render them susceptible to cyber attacks. This paper presents a taxonomy of cyber attacks on PTNs in converged environments that synthesizes exploits in computer and communications network domains. The taxonomy provides an opportunity for the systematic exploration of mitigative and preventive strategies, as well as for the identification and classification of emerging threats.

The Impact of Process Capability on Service Reliability for Critical Infrastructure Providers

ERIC Educational Resources Information Center

Houston, Clemith J., Jr.

2013-01-01

This study investigated the relationship between organizational processes that have been identified as promoting resiliency and their impact on service reliability within the scope of critical infrastructure providers. The importance of critical infrastructure to the nation is evident from the body of research and is supported by instances where…

Security Events and Vulnerability Data for Cybersecurity Risk Estimation.

PubMed

Allodi, Luca; Massacci, Fabio

2017-08-01

Current industry standards for estimating cybersecurity risk are based on qualitative risk matrices as opposed to quantitative risk estimates. In contrast, risk assessment in most other industry sectors aims at deriving quantitative risk estimations (e.g., Basel II in Finance). This article presents a model and methodology to leverage on the large amount of data available from the IT infrastructure of an organization's security operation center to quantitatively estimate the probability of attack. Our methodology specifically addresses untargeted attacks delivered by automatic tools that make up the vast majority of attacks in the wild against users and organizations. We consider two-stage attacks whereby the attacker first breaches an Internet-facing system, and then escalates the attack to internal systems by exploiting local vulnerabilities in the target. Our methodology factors in the power of the attacker as the number of "weaponized" vulnerabilities he/she can exploit, and can be adjusted to match the risk appetite of the organization. We illustrate our methodology by using data from a large financial institution, and discuss the significant mismatch between traditional qualitative risk assessments and our quantitative approach. © 2017 Society for Risk Analysis.

Percolation and Reinforcement on Complex Networks

NASA Astrophysics Data System (ADS)

Yuan, Xin

Complex networks appear in almost every aspect of our daily life and are widely studied in the fields of physics, mathematics, finance, biology and computer science. This work utilizes percolation theory in statistical physics to explore the percolation properties of complex networks and develops a reinforcement scheme on improving network resilience. This dissertation covers two major parts of my Ph.D. research on complex networks: i) probe--in the context of both traditional percolation and k-core percolation--the resilience of complex networks with tunable degree distributions or directed dependency links under random, localized or targeted attacks; ii) develop and propose a reinforcement scheme to eradicate catastrophic collapses that occur very often in interdependent networks. We first use generating function and probabilistic methods to obtain analytical solutions to percolation properties of interest, such as the giant component size and the critical occupation probability. We study uncorrelated random networks with Poisson, bi-Poisson, power-law, and Kronecker-delta degree distributions and construct those networks which are based on the configuration model. The computer simulation results show remarkable agreement with theoretical predictions. We discover an increase of network robustness as the degree distribution broadens and a decrease of network robustness as directed dependency links come into play under random attacks. We also find that targeted attacks exert the biggest damage to the structure of both single and interdependent networks in k-core percolation. To strengthen the resilience of interdependent networks, we develop and propose a reinforcement strategy and obtain the critical amount of reinforced nodes analytically for interdependent Erdḧs-Renyi networks and numerically for scale-free and for random regular networks. Our mechanism leads to improvement of network stability of the West U.S. power grid. This dissertation provides us with a deeper understanding of the effects of structural features on network stability and fresher insights into designing resilient interdependent infrastructure networks.

Critical infrastructure protection : significant challenges in developing national capabilities

DOT National Transportation Integrated Search

2001-04-01

To address the concerns about protecting the nation's critical computer-dependent infrastructure, this General Accounting Office (GOA) report describes the progress of the National Infrastructure Protection Center (NIPC) in (1) developing national ca...

Optimal resource allocation for defense of targets based on differing measures of attractiveness.

PubMed

Bier, Vicki M; Haphuriwat, Naraphorn; Menoyo, Jaime; Zimmerman, Rae; Culpen, Alison M

2008-06-01

This article describes the results of applying a rigorous computational model to the problem of the optimal defensive resource allocation among potential terrorist targets. In particular, our study explores how the optimal budget allocation depends on the cost effectiveness of security investments, the defender's valuations of the various targets, and the extent of the defender's uncertainty about the attacker's target valuations. We use expected property damage, expected fatalities, and two metrics of critical infrastructure (airports and bridges) as our measures of target attractiveness. Our results show that the cost effectiveness of security investment has a large impact on the optimal budget allocation. Also, different measures of target attractiveness yield different optimal budget allocations, emphasizing the importance of developing more realistic terrorist objective functions for use in budget allocation decisions for homeland security.

18 CFR 141.300 - FERC Form No. 715, Annual Transmission Planning and Evaluation Report.

Code of Federal Regulations, 2011 CFR

2011-04-01

... form. (d) Critical Energy Infrastructure Information. (1) If the instructions in Form No. 715 require a utility to reveal Critical Energy Infrastructure Information (CEII), as defined in § 388.113(c) of this... Critical Energy Infrastructure Information (CEII) may be found at 18 CFR 388.113. Requests for access to...

18 CFR 141.300 - FERC Form No. 715, Annual Transmission Planning and Evaluation Report.

Code of Federal Regulations, 2013 CFR

2013-04-01

... form. (d) Critical Energy Infrastructure Information. (1) If the instructions in Form No. 715 require a utility to reveal Critical Energy Infrastructure Information (CEII), as defined in § 388.113(c) of this... Critical Energy Infrastructure Information (CEII) may be found at 18 CFR 388.113. Requests for access to...

18 CFR 141.300 - FERC Form No. 715, Annual Transmission Planning and Evaluation Report.

Code of Federal Regulations, 2014 CFR

2014-04-01

... form. (d) Critical Energy Infrastructure Information. (1) If the instructions in Form No. 715 require a utility to reveal Critical Energy Infrastructure Information (CEII), as defined in § 388.113(c) of this... Critical Energy Infrastructure Information (CEII) may be found at 18 CFR 388.113. Requests for access to...

18 CFR 141.300 - FERC Form No. 715, Annual Transmission Planning and Evaluation Report.

Code of Federal Regulations, 2012 CFR

2012-04-01

... form. (d) Critical Energy Infrastructure Information. (1) If the instructions in Form No. 715 require a utility to reveal Critical Energy Infrastructure Information (CEII), as defined in § 388.113(c) of this... Critical Energy Infrastructure Information (CEII) may be found at 18 CFR 388.113. Requests for access to...

Reliable Communication Models in Interdependent Critical Infrastructure Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Lee, Sangkeun; Chinthavali, Supriya; Shankar, Mallikarjun

Modern critical infrastructure networks are becoming increasingly interdependent where the failures in one network may cascade to other dependent networks, causing severe widespread national-scale failures. A number of previous efforts have been made to analyze the resiliency and robustness of interdependent networks based on different models. However, communication network, which plays an important role in today's infrastructures to detect and handle failures, has attracted little attention in the interdependency studies, and no previous models have captured enough practical features in the critical infrastructure networks. In this paper, we study the interdependencies between communication network and other kinds of critical infrastructuremore » networks with an aim to identify vulnerable components and design resilient communication networks. We propose several interdependency models that systematically capture various features and dynamics of failures spreading in critical infrastructure networks. We also discuss several research challenges in building reliable communication solutions to handle failures in these models.« less

Systematic risk assessment methodology for critical infrastructure elements - Oil and Gas subsectors

NASA Astrophysics Data System (ADS)

Gheorghiu, A.-D.; Ozunu, A.

2012-04-01

The concern for the protection of critical infrastructure has been rapidly growing in the last few years in Europe. The level of knowledge and preparedness in this field is beginning to develop in a lawfully organized manner, for the identification and designation of critical infrastructure elements of national and European interest. Oil and gas production, refining, treatment, storage and transmission by pipelines facilities, are considered European critical infrastructure sectors, as per Annex I of the Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection. Besides identifying European and national critical infrastructure elements, member states also need to perform a risk analysis for these infrastructure items, as stated in Annex II of the above mentioned Directive. In the field of risk assessment, there are a series of acknowledged and successfully used methods in the world, but not all hazard identification and assessment methods and techniques are suitable for a given site, situation, or type of hazard. As Theoharidou, M. et al. noted (Theoharidou, M., P. Kotzanikolaou, and D. Gritzalis 2009. Risk-Based Criticality Analysis. In Critical Infrastructure Protection III. Proceedings. Third Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection. Hanover, New Hampshire, USA, March 23-25, 2009: revised selected papers, edited by C. Palmer and S. Shenoi, 35-49. Berlin: Springer.), despite the wealth of knowledge already created, there is a need for simple, feasible, and standardized criticality analyses. The proposed systematic risk assessment methodology includes three basic steps: the first step (preliminary analysis) includes the identification of hazards (including possible natural hazards) for each installation/section within a given site, followed by a criterial analysis and then a detailed analysis step. The criterial evaluation is used as a ranking system in order to establish the priorities for the detailed risk assessment. This criterial analysis stage is necessary because the total number of installations and sections on a site can be quite large. As not all installations and sections on a site contribute significantly to the risk of a major accident occurring, it is not efficient to include all installations and sections in the detailed risk assessment, which can be time and resource consuming. The selected installations are then taken into consideration in the detailed risk assessment, which is the third step of the systematic risk assessment methodology. Following this step, conclusions can be drawn related to the overall risk characteristics of the site. The proposed methodology can as such be successfully applied to the assessment of risk related to critical infrastructure elements falling under the energy sector of Critical Infrastructure, mainly the sub-sectors oil and gas. Key words: Systematic risk assessment, criterial analysis, energy sector critical infrastructure elements

IP Infrastructure Geolocation

DTIC Science & Technology

2015-03-01

unlimited 13. ABSTRACT (maximum 200 words) Physical network maps are important to critical infrastructure defense and planning. Current state-of...the-art network infrastructure geolocation relies on Domain Name System (DNS) inferences. However, not only is using the DNS relatively inaccurate for...INTENTIONALLY LEFT BLANK iv ABSTRACT Physical network maps are important to critical infrastructure defense and planning. Cur- rent state-of-the-art

Critical Infrastructure Interdependencies Assessment

DOE PAGES

Petit, Frederic; Verner, Duane

2016-11-01

Throughout the world there is strong recognition that critical infrastructure security and resilience needs to be improved. In the United States, the National Infrastructure Protection Plan (NIPP) provides the strategic vision to guide the national effort to manage risk to the Nation’s critical infrastructure.”1 The achievement of this vision is challenged by the complexity of critical infrastructure systems and their inherent interdependencies. The update to the NIPP presents an opportunity to advance the nation’s efforts to further understand and analyze interdependencies. Such an important undertaking requires the involvement of public and private sector stakeholders and the reinforcement of existing partnershipsmore » and collaborations within the U.S. Department of Homeland Security (DHS) and other Federal agencies, including national laboratories; State, local, tribal, and territorial governments; and nongovernmental organizations.« less

The enduring mental health impact of the September 11th terrorist attacks: challenges and lessons learned.

PubMed

Ozbay, Fatih; Auf der Heyde, Tanja; Reissman, Dori; Sharma, Vansh

2013-09-01

The authors review the existing literature on the mental health impact of the September 11th attacks and the implications for disaster mental health clinicians and policy makers. The authors discuss the demographic characteristics of those affected and the state of mental health needs and existing mental health delivery services; the nature of the disaster and primary impacts on lives, infrastructure, and socioeconomic factors; the acute aftermath in the days and weeks after the attacks; the persistent mental health impact and evolution of services of the postacute aftermath; and the implications for future disaster mental health practitioners and policy makers. Copyright © 2013 Elsevier Inc. All rights reserved.

Supervisory Control and Data Acquisition (SCADA) Systems and Cyber-Security: Best Practices to Secure Critical Infrastructure

ERIC Educational Resources Information Center

Morsey, Christopher

2017-01-01

In the critical infrastructure world, many critical infrastructure sectors use a Supervisory Control and Data Acquisition (SCADA) system. The sectors that use SCADA systems are the electric power, nuclear power and water. These systems are used to control, monitor and extract data from the systems that give us all the ability to light our homes…

Detection, Localization, and Tracking of Unauthorized UAS and Jammers

NASA Technical Reports Server (NTRS)

Guvenc, Ismail; Ozdemir, Ozgur; Yapici, Yavuz; Mehrpouyan, Hani; Matolak, David

2017-01-01

Small unmanned aircraft systems (UASs) are expected to take major roles in future smart cities, for example, by delivering goods and merchandise, potentially serving as mobile hot spots for broadband wireless access, and maintaining surveillance and security. Although they can be used for the betterment of the society, they can also be used by malicious entities to conduct physical and cyber attacks to infrastructure, private/public property, and people. Even for legitimate use-cases of small UASs, air traffic management (ATM) for UASs becomes of critical importance for maintaining safe and collusion-free operation. Therefore, various ways to detect, track, and interdict potentially unauthorized drones carries critical importance for surveillance and ATM applications. In this paper, we will review techniques that rely on ambient radio frequency signals (emitted from UASs), radars, acoustic sensors, and computer vision techniques for detection of malicious UASs. We will present some early experimental and simulation results on radar-based range estimation of UASs, and receding horizon tracking of UASs. Subsequently, we will overview common techniques that are considered for interdiction of UASs.

Development of module for neural network identification of attacks on applications and services in multi-cloud platforms

NASA Astrophysics Data System (ADS)

Parfenov, D. I.; Bolodurina, I. P.

2018-05-01

The article presents the results of developing an approach to detecting and protecting against network attacks on the corporate infrastructure deployed on the multi-cloud platform. The proposed approach is based on the combination of two technologies: a softwareconfigurable network and virtualization of network functions. The approach for searching for anomalous traffic is to use a hybrid neural network consisting of a self-organizing Kohonen network and a multilayer perceptron. The study of the work of the prototype of the system for detecting attacks, the method of forming a learning sample, and the course of experiments are described. The study showed that using the proposed approach makes it possible to increase the effectiveness of the obfuscation of various types of attacks and at the same time does not reduce the performance of the network

18 CFR 388.113 - Accessing critical energy infrastructure information.

Code of Federal Regulations, 2014 CFR

2014-04-01

... energy infrastructure information. 388.113 Section 388.113 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY PROCEDURAL RULES INFORMATION AND REQUESTS § 388.113 Accessing critical energy infrastructure information. (a) Scope. This section governs access to...

18 CFR 388.113 - Accessing critical energy infrastructure information.

Code of Federal Regulations, 2010 CFR

2010-04-01

... energy infrastructure information. 388.113 Section 388.113 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY PROCEDURAL RULES INFORMATION AND REQUESTS § 388.113 Accessing critical energy infrastructure information. (a) Scope. This section governs access to...

18 CFR 388.113 - Accessing critical energy infrastructure information.

Code of Federal Regulations, 2012 CFR

2012-04-01

... energy infrastructure information. 388.113 Section 388.113 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY PROCEDURAL RULES INFORMATION AND REQUESTS § 388.113 Accessing critical energy infrastructure information. (a) Scope. This section governs access to...

18 CFR 388.113 - Accessing critical energy infrastructure information.

Code of Federal Regulations, 2013 CFR

2013-04-01

... energy infrastructure information. 388.113 Section 388.113 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY PROCEDURAL RULES INFORMATION AND REQUESTS § 388.113 Accessing critical energy infrastructure information. (a) Scope. This section governs access to...

18 CFR 388.113 - Accessing critical energy infrastructure information.

Code of Federal Regulations, 2011 CFR

2011-04-01

... energy infrastructure information. 388.113 Section 388.113 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY PROCEDURAL RULES INFORMATION AND REQUESTS § 388.113 Accessing critical energy infrastructure information. (a) Scope. This section governs access to...

Security challenge to using smartphones for SHM

NASA Astrophysics Data System (ADS)

Abueh, Yeka; Liu, Hong

2016-04-01

Pervasive smartphones have demonstrated great potential in structural health monitoring (SHM) of civil infrastructures. Their sensing, processing, and communication capabilities along with crowdsourcing facility ease technical difficulties and reduce financial burdens of instrumentation and monitoring for SHM in civil infrastructures. However, smartphones are vulnerable to unintentional misuses and malicious attacks. This paper analyzes the vulnerabilities of smartphones in performing SHM and reveals the exploitation of those vulnerabilities. The work probes the attack surface of both devices and data. Device attack scenarios include hacking individual smartphones to modify the data stored on them and orchestrating smartphones to launch a distributed denial-of-service attack. Specifically, experiments are conducted to remotely access an Android smartphone and modify the sensing data of structural health stored on it. The work also presents a case study that reveals the sensitivity of a popular perturbation analysis method to faulty data delivered by a smartphone. The paper provides the direction of meeting the security challenge to using smartphones for SHM. As the first line of defense, device authentication is implemented in the smartphone to stop spoofing. Subsequently, message authentication is devised to maintain data integrity. There is a need to apply data science for the SHM immunity system against the sensitivity to data inaccuracy. The work also evaluates the cost-effectiveness of the proposed security measures, recommending varying levels of security to mitigate the adversaries to smartphones used in SHM systems. It calls for security solutions at the design stage of SHM systems rather than patching up after their implementations.

Service Modeling Language Applied to Critical Infrastructure

NASA Astrophysics Data System (ADS)

Baldini, Gianmarco; Fovino, Igor Nai

The modeling of dependencies in complex infrastructure systems is still a very difficult task. Many methodologies have been proposed, but a number of challenges still remain, including the definition of the right level of abstraction, the presence of different views on the same critical infrastructure and how to adequately represent the temporal evolution of systems. We propose a modeling methodology where dependencies are described in terms of the service offered by the critical infrastructure and its components. The model provides a clear separation between services and the underlying organizational and technical elements, which may change in time. The model uses the Service Modeling Language proposed by the W3 consortium for describing critical infrastructure in terms of interdependent services nodes including constraints, behavior, information flows, relations, rules and other features. Each service node is characterized by its technological, organizational and process components. The model is then applied to a real case of an ICT system for users authentication.

Experimental quantum key distribution at 1.3 gigabit-per-second secret-key rate over a 10 dB loss channel

NASA Astrophysics Data System (ADS)

Zhang, Zheshen; Chen, Changchen; Zhuang, Quntao; Wong, Franco N. C.; Shapiro, Jeffrey H.

2018-04-01

Quantum key distribution (QKD) enables unconditionally secure communication ensured by the laws of physics, opening a promising route to security infrastructure for the coming age of quantum computers. QKD’s demonstrated secret-key rates (SKRs), however, fall far short of the gigabit-per-second rates of classical communication, hindering QKD’s widespread deployment. QKD’s low SKRs are largely due to existing single-photon-based protocols’ vulnerability to channel loss. Floodlight QKD (FL-QKD) boosts SKR by transmitting many photons per encoding, while offering security against collective attacks. Here, we report an FL-QKD experiment operating at a 1.3 Gbit s‑1 SKR over a 10 dB loss channel. To the best of our knowledge, this is the first QKD demonstration that achieves a gigabit-per-second-class SKR, representing a critical advance toward high-rate QKD at metropolitan-area distances.

Identification of needs and requirements defined by services subordinated to the Minister of the Interior and Administration in key technology and user interfaces to develop a concept of the Video Signals Integrator (VSI) system

NASA Astrophysics Data System (ADS)

Bukowiecka, Danuta; Tyburska, Agata; Struniawski, Jarosław; Jastrzebski, Pawel; Jewartowski, Blazej; Pozniak, Krzysztof; Kasprowicz, Grzegorz; Pastuszak, Grzegorz; Trochimiuk, Maciej; Abramowski, Andrzej; Gaska, Michal; Frasunek, Przemysław; Nalbach-Moszynska, Małgorzata; Brawata, Sebastian; Bubak, Iwona; Gloza, Małgorzata

2016-09-01

Preventing and eliminating the risks of terrorist attacks or natural disasters as well as an increase in the security of mass events and critical infrastructure requires the application of modern technologies. Therefore there is a proposal to construct a tool that integrates video signals transmitted by devices that are a part of video monitoring systems functioning in Poland. The article presents selected results of research conducted by the Police Academy in Szczytno under the implemented project for national defense and security on "Video Signals Integrator" Acronym - VSI. Project Leader: Warsaw University of Technology. The consortium: Police Academy in Szczytno, Atende Software Ltd., VORTEX Ltd. No. DOBBio7/ 01/02/2015 funded by the National Centre for Research and Development.

Designing Security-Hardened Microkernels For Field Devices

NASA Astrophysics Data System (ADS)

Hieb, Jeffrey; Graham, James

Distributed control systems (DCSs) play an essential role in the operation of critical infrastructures. Perimeter field devices are important DCS components that measure physical process parameters and perform control actions. Modern field devices are vulnerable to cyber attacks due to their increased adoption of commodity technologies and that fact that control networks are no longer isolated. This paper describes an approach for creating security-hardened field devices using operating system microkernels that isolate vital field device operations from untrusted network-accessible applications. The approach, which is influenced by the MILS and Nizza architectures, is implemented in a prototype field device. Whereas, previous microkernel-based implementations have been plagued by poor inter-process communication (IPC) performance, the prototype exhibits an average IPC overhead for protected device calls of 64.59 μs. The overall performance of field devices is influenced by several factors; nevertheless, the observed IPC overhead is low enough to encourage the continued development of the prototype.

A real-time early warning system for pathogens in water

NASA Astrophysics Data System (ADS)

Adams, John A.; McCarty, David; Crousore, Kristina

2006-05-01

The events of September 11, 2001 represented an escalation in the means and effects of terrorist attacks and raised awareness of the vulnerability of major infrastructures such as transportation, finance, power and energy, communications, food, and water. A re-examination of the security of critical assets was initiated. Actions were taken in the United States to protect our drinking water. Anti-terrorism monitoring systems that allow us to take action before contaminated water can reach the consumer have been under development since then. This presentation will discuss the current performance of a laser-based, multi-angle light scattering (MALS) technology for continuous, real-time detection and classification of microorganisms for security applications in all drinking and process water applications inclusive of protection of major assets, potable and distributed water. Field test data for a number of waterborne pathogens will also be presented.

Improving Security for SCADA Sensor Networks with Reputation Systems and Self-Organizing Maps.

PubMed

Moya, José M; Araujo, Alvaro; Banković, Zorana; de Goyeneche, Juan-Mariano; Vallejo, Juan Carlos; Malagón, Pedro; Villanueva, Daniel; Fraga, David; Romero, Elena; Blesa, Javier

2009-01-01

The reliable operation of modern infrastructures depends on computerized systems and Supervisory Control and Data Acquisition (SCADA) systems, which are also based on the data obtained from sensor networks. The inherent limitations of the sensor devices make them extremely vulnerable to cyberwarfare/cyberterrorism attacks. In this paper, we propose a reputation system enhanced with distributed agents, based on unsupervised learning algorithms (self-organizing maps), in order to achieve fault tolerance and enhanced resistance to previously unknown attacks. This approach has been extensively simulated and compared with previous proposals.

Improving Security for SCADA Sensor Networks with Reputation Systems and Self-Organizing Maps

PubMed Central

Moya, José M.; Araujo, Álvaro; Banković, Zorana; de Goyeneche, Juan-Mariano; Vallejo, Juan Carlos; Malagón, Pedro; Villanueva, Daniel; Fraga, David; Romero, Elena; Blesa, Javier

2009-01-01

The reliable operation of modern infrastructures depends on computerized systems and Supervisory Control and Data Acquisition (SCADA) systems, which are also based on the data obtained from sensor networks. The inherent limitations of the sensor devices make them extremely vulnerable to cyberwarfare/cyberterrorism attacks. In this paper, we propose a reputation system enhanced with distributed agents, based on unsupervised learning algorithms (self-organizing maps), in order to achieve fault tolerance and enhanced resistance to previously unknown attacks. This approach has been extensively simulated and compared with previous proposals. PMID:22291569

6 CFR 29.5 - Requirements for protection.

Code of Federal Regulations, 2013 CFR

2013-01-01

... protected use regarding the security of critical infrastructure or protected systems, analysis, warning... expectation of protection from disclosure as provided by the provisions of the Critical Infrastructure... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL...

6 CFR 29.5 - Requirements for protection.

Code of Federal Regulations, 2014 CFR

2014-01-01

... protected use regarding the security of critical infrastructure or protected systems, analysis, warning... expectation of protection from disclosure as provided by the provisions of the Critical Infrastructure... Domestic Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL...

78 FR 11737 - Improving Critical Infrastructure Cybersecurity

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-19

... of America, it is hereby ordered as follows: Section 1. Policy. Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical... cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety...

10 CFR 217.3 - Program eligibility.

Code of Federal Regulations, 2013 CFR

2013-01-01

... programs for military and energy production or construction, military or critical infrastructure assistance... Act (42 U.S.C. 5195 et seq.) and critical infrastructure protection and restoration. ...

10 CFR 217.3 - Program eligibility.

Code of Federal Regulations, 2014 CFR

2014-01-01

... programs for military and energy production or construction, military or critical infrastructure assistance... Act (42 U.S.C. 5195 et seq.) and critical infrastructure protection and restoration. ...

10 CFR 217.3 - Program eligibility.

Code of Federal Regulations, 2012 CFR

2012-01-01

... programs for military and energy production or construction, military or critical infrastructure assistance... Act (42 U.S.C. 5195 et seq.) and critical infrastructure protection and restoration. ...

Impact analysis of two kinds of failure strategies in Beijing road transportation network

NASA Astrophysics Data System (ADS)

Zhang, Zundong; Xu, Xiaoyang; Zhang, Zhaoran; Zhou, Huijuan

The Beijing road transportation network (BRTN), as a large-scale technological network, exhibits very complex and complicate features during daily periods. And it has been widely highlighted that how statistical characteristics (i.e. average path length and global network efficiency) change while the network evolves. In this paper, by using different modeling concepts, three kinds of network models of BRTN namely the abstract network model, the static network model with road mileage as weights and the dynamic network model with travel time as weights — are constructed, respectively, according to the topological data and the real detected flow data. The degree distribution of the three kinds of network models are analyzed, which proves that the urban road infrastructure network and the dynamic network behavior like scale-free networks. By analyzing and comparing the important statistical characteristics of three models under random attacks and intentional attacks, it shows that the urban road infrastructure network and the dynamic network of BRTN are both robust and vulnerable.

Mass casualty response in the 2008 Mumbai terrorist attacks.

PubMed

Roy, Nobhojit; Kapil, Vikas; Subbarao, Italo; Ashkenazi, Isaac

2011-12-01

The November 26-29, 2008, terrorist attacks on Mumbai were unique in its international media attention, multiple strategies of attack, and the disproportionate national fear they triggered. Everyone was a target: random members of the general population, iconic targets, and foreigners alike were under attack by the terrorists. A retrospective, descriptive study of the distribution of terror victims to various city hospitals, critical radius, surge capacity, and the nature of specialized medical interventions was gathered through police, legal reports, and interviews with key informants. Among the 172 killed and 304 injured people, about four-fifths were men (average age, 33 years) and 12% were foreign nationals. The case-fatality ratio for this event was 2.75:1, and the mortality rate among those who were critically injured was 12%. A total of 38.5% of patients arriving at the hospitals required major surgical intervention. Emergency surgical operations were mainly orthopedic (external fixation for compound fractures) and general surgical interventions (abdominal explorations for penetrating bullet/shrapnel injuries). The use of heavy-duty automatic weapons, explosives, hostages, and arson in these terrorist attacks alerts us to new challenges to medical counterterrorism response. The need for building central medical control for a coordinated response and for strengthening public hospital capacity are lessons learned for future attacks. These particular terrorist attacks had global consequences, in terms of increased security checks and alerts for and fears of further similar "Mumbai-style" attacks. The resilience of the citizens of Mumbai is a critical measure of the long-term effects of terror attacks.

Collaborative Access Control For Critical Infrastructures

NASA Astrophysics Data System (ADS)

Baina, Amine; El Kalam, Anas Abou; Deswarte, Yves; Kaaniche, Mohamed

A critical infrastructure (CI) can fail with various degrees of severity due to physical and logical vulnerabilities. Since many interdependencies exist between CIs, failures can have dramatic consequences on the entire infrastructure. This paper focuses on threats that affect information and communication systems that constitute the critical information infrastructure (CII). A new collaborative access control framework called PolyOrBAC is proposed to address security problems that are specific to CIIs. The framework offers each organization participating in a CII the ability to collaborate with other organizations while maintaining control of its resources and internal security policy. The approach is demonstrated on a practical scenario involving the electrical power grid.

Chemical terrorism for the intensivist.

PubMed

Chalela, Julio A; Burnett, Thomas

2012-05-01

The use of chemical agents for terrorist attacks or military warfare is a major concern at the present time. Chemical agents can cause significant morbidity, are relatively inexpensive, and are easy to store and use. Weaponization of chemical agents is only limited by the physicochemical properties of some agents. Recent incidents involving toxic industrial chemicals and chemical terrorist attacks indicate that critical care services are frequently utilized. For obvious reasons, the critical care literature on chemical terrorism is scarce. This article reviews the clinical aspects of diagnosing and treating victims of chemical terrorism while emphasizing the critical care management. The intensivist needs to be familiar with the chemical agents that could be used in a terrorist attack. The military classification divides agents into lung agents, blood agents, vesicants, and nerve agents. Supportive critical care is the cornerstone of treatment for most casualties, and dramatic recovery can occur in many cases. Specific antidotes are available for some agents, but even without the antidote, aggressive intensive care support can lead to favorable outcome in many cases. Critical care and emergency services can be overwhelmed by a terrorist attack as many exposed but not ill will seek care.

48 CFR 3002.101 - Definitions.

Code of Federal Regulations, 2011 CFR

2011-10-01

... information: (1) Protected Critical Infrastructure Information (PCII) as set out in the Critical Infrastructure Information Act of 2002 (Title II, Subtitle B, of the Homeland Security Act, Pub. L. 107-296, 196...

49 CFR 15.15 - SSI disclosed by DOT.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Information Act. (h) Disclosure of Critical Infrastructure Information. Disclosure of information that is both SSI and has been designated as critical infrastructure information under section 214 of the Homeland...

49 CFR 15.15 - SSI disclosed by DOT.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Information Act. (h) Disclosure of Critical Infrastructure Information. Disclosure of information that is both SSI and has been designated as critical infrastructure information under section 214 of the Homeland...

49 CFR 15.15 - SSI disclosed by DOT.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Information Act. (h) Disclosure of Critical Infrastructure Information. Disclosure of information that is both SSI and has been designated as critical infrastructure information under section 214 of the Homeland...

A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems.

PubMed

Seo, Jung Woo; Lee, Sang Jin

2016-01-01

Large-scale network environments require effective detection and response methods against DDoS attacks. Depending on the advancement of IT infrastructure such as the server or network equipment, DDoS attack traffic arising from a few malware-infected systems capable of crippling the organization's internal network has become a significant threat. This study calculates the frequency of network-based packet attributes and analyzes the anomalies of the attributes in order to detect IP-spoofed DDoS attacks. Also, a method is proposed for the effective detection of malware infection systems triggering IP-spoofed DDoS attacks on an edge network. Detection accuracy and performance of the collected real-time traffic on a core network is analyzed thru the use of the proposed algorithm, and a prototype was developed to evaluate the performance of the algorithm. As a result, DDoS attacks on the internal network were detected in real-time and whether or not IP addresses were spoofed was confirmed. Detecting hosts infected by malware in real-time allowed the execution of intrusion responses before stoppage of the internal network caused by large-scale attack traffic.

Resilient Military Systems and the Advanced Cyber Threat

DTIC Science & Technology

2013-01-01

systems; intelligence, surveillance, and reconnaissance systems; logistics and human resource systems; and mobile as well as fixed- infrastructure ...significant portions of military and critical infrastructure : power generation, communications, fuel and transportation, emergency services, financial...vulnerabilities in the domestic power grid and critical infrastructure systems.4,5 DoD, and the United States, is extremely reliant on the

76 FR 55886 - Selection Criteria-Transportation Infrastructure Improvements Associated With Medical Facilities...

Federal Register 2010, 2011, 2012, 2013, 2014

2011-09-09

... on-base parking demand (negative factor) or relieves parking demand (positive factor); (ii) the... four different comments. The public comments were considered by OEA in determining the final selection... of mitigation (positive factor) or contribution to vulnerability to a terrorist attack or major...

Energy Theft in the Advanced Metering Infrastructure

NASA Astrophysics Data System (ADS)

McLaughlin, Stephen; Podkuiko, Dmitry; McDaniel, Patrick

Global energy generation and delivery systems are transitioning to a new computerized "smart grid". One of the principle components of the smart grid is an advanced metering infrastructure (AMI). AMI replaces the analog meters with computerized systems that report usage over digital communication interfaces, e.g., phone lines. However, with this infrastructure comes new risk. In this paper, we consider adversary means of defrauding the electrical grid by manipulating AMI systems. We document the methods adversaries will use to attempt to manipulate energy usage data, and validate the viability of these attacks by performing penetration testing on commodity devices. Through these activities, we demonstrate that not only is theft still possible in AMI systems, but that current AMI devices introduce a myriad of new vectors for achieving it.

Critical Infrastructure Protection- Los Alamos National Laboratory

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bofman, Ryan K.

Los Alamos National Laboratory (LANL) has been a key facet of Critical National Infrastructure since the nuclear bombing of Hiroshima exposed the nature of the Laboratory’s work in 1945. Common knowledge of the nature of sensitive information contained here presents a necessity to protect this critical infrastructure as a matter of national security. This protection occurs in multiple forms beginning with physical security, followed by cybersecurity, safeguarding of classified information, and concluded by the missions of the National Nuclear Security Administration.

Application of the API/NPRA SVA methodology to transportation security issues.

PubMed

Moore, David A

2006-03-17

Security vulnerability analysis (SVA) is becoming more prevalent as the issue of chemical process security is of greater concern. The American Petroleum Institute (API) and the National Petrochemical and Refiner's Association (NPRA) have developed a guideline for conducting SVAs of petroleum and petrochemical facilities in May 2003. In 2004, the same organizations enhanced the guidelines by adding the ability to evaluate transportation security risks (pipeline, truck, and rail). The importance of including transportation and value chain security in addition to fixed facility security in a SVA is that these issues may be critically important to understanding the total risk of the operation. Most of the SVAs done using the API/NPRA SVA and other SVA methods were centered on the fixed facility and the operations within the plant fence. Transportation interfaces alone are normally studied as a part of the facility SVA, and the entire transportation route impacts and value chain disruption are not commonly considered. Particularly from a national, regional, or local infrastructure analysis standpoint, understanding the interdependencies is critical to the risk assessment. Transportation risks may include weaponization of the asset by direct attack en route, sabotage, or a Trojan Horse style attack into a facility. The risks differ in the level of access control and the degree of public exposures, as well as the dynamic nature of the assets. The public exposures along the transportation route need to be carefully considered. Risks may be mitigated by one of many strategies including internment, staging, prioritization, conscription, or prohibition, as well as by administrative security measures and technology for monitoring and isolating the assets. This paper illustrates how these risks can be analyzed by the API/NPRA SVA methodology. Examples are given of a pipeline operation, and other examples are found in the guidelines.

Stability and Topology of Scale-Free Networks under Attack and Defense Strategies

NASA Astrophysics Data System (ADS)

Gallos, Lazaros K.; Cohen, Reuven; Argyrakis, Panos; Bunde, Armin; Havlin, Shlomo

2005-05-01

We study tolerance and topology of random scale-free networks under attack and defense strategies that depend on the degree k of the nodes. This situation occurs, for example, when the robustness of a node depends on its degree or in an intentional attack with insufficient knowledge of the network. We determine, for all strategies, the critical fraction pc of nodes that must be removed for disintegrating the network. We find that, for an intentional attack, little knowledge of the well-connected sites is sufficient to strongly reduce pc. At criticality, the topology of the network depends on the removal strategy, implying that different strategies may lead to different kinds of percolation transitions.

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version

PubMed Central

Babu, M. Rajesh; Dian, S. Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things. PMID:26495430

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version.

PubMed

Babu, M Rajesh; Dian, S Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things.

Reduction redux.

PubMed

Shapiro, Lawrence

2018-04-01

Putnam's criticisms of the identity theory attack a straw man. Fodor's criticisms of reduction attack a straw man. Properly interpreted, Nagel offered a conception of reduction that captures everything a physicalist could want. I update Nagel, introducing the idea of overlap, and show why multiple realization poses no challenge to reduction so construed. Copyright © 2017 Elsevier Ltd. All rights reserved.

49 CFR 15.9 - Restrictions on the disclosure of SSI.

Code of Federal Regulations, 2012 CFR

2012-10-01

... DOT or DHS component or agency. (d) Additional requirements for critical infrastructure information. In the case of information that is both SSI and has been designated as critical infrastructure...

49 CFR 15.9 - Restrictions on the disclosure of SSI.

Code of Federal Regulations, 2013 CFR

2013-10-01

... DOT or DHS component or agency. (d) Additional requirements for critical infrastructure information. In the case of information that is both SSI and has been designated as critical infrastructure...

49 CFR 15.9 - Restrictions on the disclosure of SSI.

Code of Federal Regulations, 2014 CFR

2014-10-01

... DOT or DHS component or agency. (d) Additional requirements for critical infrastructure information. In the case of information that is both SSI and has been designated as critical infrastructure...

49 CFR 1520.15 - SSI disclosed by TSA or the Coast Guard.

Code of Federal Regulations, 2013 CFR

2013-10-01

... under the Freedom of Information Act. (h) Disclosure of Critical Infrastructure Information. Disclosure of information that is both SSI and has been designated as critical infrastructure information under...

49 CFR 1520.15 - SSI disclosed by TSA or the Coast Guard.

Code of Federal Regulations, 2011 CFR

2011-10-01

... under the Freedom of Information Act. (h) Disclosure of Critical Infrastructure Information. Disclosure of information that is both SSI and has been designated as critical infrastructure information under...

49 CFR 1520.15 - SSI disclosed by TSA or the Coast Guard.

Code of Federal Regulations, 2012 CFR

2012-10-01

... under the Freedom of Information Act. (h) Disclosure of Critical Infrastructure Information. Disclosure of information that is both SSI and has been designated as critical infrastructure information under...

49 CFR 1520.15 - SSI disclosed by TSA or the Coast Guard.

Code of Federal Regulations, 2014 CFR

2014-10-01

... under the Freedom of Information Act. (h) Disclosure of Critical Infrastructure Information. Disclosure of information that is both SSI and has been designated as critical infrastructure information under...

Robust allocation of a defensive budget considering an attacker's private information.

PubMed

Nikoofal, Mohammad E; Zhuang, Jun

2012-05-01

Attackers' private information is one of the main issues in defensive resource allocation games in homeland security. The outcome of a defense resource allocation decision critically depends on the accuracy of estimations about the attacker's attributes. However, terrorists' goals may be unknown to the defender, necessitating robust decisions by the defender. This article develops a robust-optimization game-theoretical model for identifying optimal defense resource allocation strategies for a rational defender facing a strategic attacker while the attacker's valuation of targets, being the most critical attribute of the attacker, is unknown but belongs to bounded distribution-free intervals. To our best knowledge, no previous research has applied robust optimization in homeland security resource allocation when uncertainty is defined in bounded distribution-free intervals. The key features of our model include (1) modeling uncertainty in attackers' attributes, where uncertainty is characterized by bounded intervals; (2) finding the robust-optimization equilibrium for the defender using concepts dealing with budget of uncertainty and price of robustness; and (3) applying the proposed model to real data. © 2011 Society for Risk Analysis.

Transportation security : post-September 11th initiatives and long-term challenges : statement of Gerald L. Dillingham, Director, Physical Infrastructure Issues

DOT National Transportation Integrated Search

2003-04-01

This testimony responds to the request of the National Commission on Terrorist Attacks Upon the United States for information on GAO's work in transportation security. It addresses (1) transportation security before September 2001; (2) what the feder...

Leaks in the National Information Infrastructure Dam: Who Should Protect It?

DTIC Science & Technology

2004-04-01

have paid off cyber criminals who threatened to attack their computer systems and destroy their data unless a ‘ransom’ was paid. These cyber...sharing information with law enforcement and appropriate industry groups will we be able to identify and prosecute cyber criminals , identify new

System Dynamics Approach for Critical Infrastructure and Decision Support. A Model for a Potable Water System.

NASA Astrophysics Data System (ADS)

Pasqualini, D.; Witkowski, M.

2005-12-01

The Critical Infrastructure Protection / Decision Support System (CIP/DSS) project, supported by the Science and Technology Office, has been developing a risk-informed Decision Support System that provides insights for making critical infrastructure protection decisions. The system considers seventeen different Department of Homeland Security defined Critical Infrastructures (potable water system, telecommunications, public health, economics, etc.) and their primary interdependencies. These infrastructures have been modeling in one model called CIP/DSS Metropolitan Model. The modeling approach used is a system dynamics modeling approach. System dynamics modeling combines control theory and the nonlinear dynamics theory, which is defined by a set of coupled differential equations, which seeks to explain how the structure of a given system determines its behavior. In this poster we present a system dynamics model for one of the seventeen critical infrastructures, a generic metropolitan potable water system (MPWS). Three are the goals: 1) to gain a better understanding of the MPWS infrastructure; 2) to identify improvements that would help protect MPWS; and 3) to understand the consequences, interdependencies, and impacts, when perturbations occur to the system. The model represents raw water sources, the metropolitan water treatment process, storage of treated water, damage and repair to the MPWS, distribution of water, and end user demand, but does not explicitly represent the detailed network topology of an actual MPWS. The MPWS model is dependent upon inputs from the metropolitan population, energy, telecommunication, public health, and transportation models as well as the national water and transportation models. We present modeling results and sensitivity analysis indicating critical choke points, negative and positive feedback loops in the system. A general scenario is also analyzed where the potable water system responds to a generic disruption.

The Department of Energy Nuclear Criticality Safety Program

NASA Astrophysics Data System (ADS)

Felty, James R.

2005-05-01

This paper broadly covers key events and activities from which the Department of Energy Nuclear Criticality Safety Program (NCSP) evolved. The NCSP maintains fundamental infrastructure that supports operational criticality safety programs. This infrastructure includes continued development and maintenance of key calculational tools, differential and integral data measurements, benchmark compilation, development of training resources, hands-on training, and web-based systems to enhance information preservation and dissemination. The NCSP was initiated in response to Defense Nuclear Facilities Safety Board Recommendation 97-2, Criticality Safety, and evolved from a predecessor program, the Nuclear Criticality Predictability Program, that was initiated in response to Defense Nuclear Facilities Safety Board Recommendation 93-2, The Need for Critical Experiment Capability. This paper also discusses the role Dr. Sol Pearlstein played in helping the Department of Energy lay the foundation for a robust and enduring criticality safety infrastructure.

Water security - Nation state and international security implications

USGS Publications Warehouse

Tindall, James A.; Andrew A. Campbell,

2009-01-01

A terrorist attack such as poisoning and sabotage of the national water supply and water-quality infrastructure of the continental United States or any country, could disrupt the delivery of vital human services, threaten both public health and the environment, potentially cause mass casualties and pose grave public concern for homeland security. Most significantly, an attack on water resources would weaken social cohesion and trust in government. A threat to continuity of services is a potential threat to continuity of government since both are necessary for continuity of operations. Water infrastructure is difficult to protect, as it extends over vast areas across the U.S. and for which ownership is overwhelmingly nonfederal (approximately 85 percent). Since the 9111 attacks, federal dam operators and water and wastewater utilities have established counter measures. Similar measures have been taken in countries around the world. These include enhanced physical security, improved coordination between corporate ownership, Department of Homeland Security, and local law enforcement, and research into risk assessment and vulnerability analysis to ensure greater system safety. A key issue is the proportionate additional resources directed at public and private sector specific priorities. Agencies that have the scientific and technological ability to leverage resources, exploit integrated science approaches, focus on interdisciplinary practices, utilize informatics expertise and employ a wide use of evolving technologies should play a key role in water security and related issues.

Interconnectedness and interdependencies of critical infrastructures in the US economy: Implications for resilience

NASA Astrophysics Data System (ADS)

Chopra, Shauhrat S.; Khanna, Vikas

2015-10-01

Natural disasters in 2011 yielded close to 55 billion in economic damages alone in the United States (US), which highlights the need to reduce impacts of such disasters or other deliberate attacks. The US Department of Homeland Security (DHS) identifies a list of 16 Critical Infrastructure Sectors (CIS) whose incapacity due to disruptions would have a debilitating impact on the nation's economy. The goal of this work is to understand the implications of interdependencies among CIS on the resilience of the US economic system as a whole. We develop a framework that combines the empirical economic input-output (EIO) model with graph theory based techniques for understanding interdependencies, interconnectedness and resilience in the US economic system. By representing the US economy as a network, we are able to analyze its topology by separately looking at its unweighted and weighted forms. Topological analysis of the US EIO network suggests that it exhibits small world properties for the unweighted case, and in the weighted case, the throughput of industry sectors follows a power-law with an exponential cutoff. Implications of these topological properties are discussed in the paper. We also simulate hypothetical disruptions on CIS in order to identify industrial sectors that experience the largest economic impacts, and to quantify systemic vulnerability in economic terms. In addition, insights from community detection and hypothetical disruption scenarios help assess vulnerability of individual industrial communities to disruptions on individual CIS. These methodologies also provide insights regarding the extent of coupling between each CIS in the US EIO network. Based on our analysis, we observe that excessive interconnectedness and interdependencies of CIS results in high systemic vulnerability. This information can guide policymakers to design policies that improve resilience of economic networks, and evaluate policies that might indirectly increase coupling between CIS.

AVQS: attack route-based vulnerability quantification scheme for smart grid.

PubMed

Ko, Jongbin; Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification.

Cybersecurity Information Sharing Between Public Private Sector Agencies

DTIC Science & Technology

2015-03-01

Recognizing the lack of scholarly literature on PPPs and protecting CI from all hazards , including cyber-related threats, Nathan Busch and Austen...referred to as SLTT), and the owners and operators in charge of critical infrastructure, to manage risks and increase resiliency against all hazards .74 PPD...and hazards to critical infrastructure security and resilience, and called for an updated National Infrastructure Protection Plan (NIPP).76 Despite

Game Theory and Uncertainty Quantification for Cyber Defense Applications

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chatterjee, Samrat; Halappanavar, Mahantesh; Tipireddy, Ramakrishna

Cyber-system defenders face the challenging task of protecting critical assets and information continually against multiple types of malicious attackers. Defenders typically operate within resource constraints while attackers operate at relatively low costs. As a result, design and development of resilient cyber-systems that can support mission goals under attack while accounting for the dynamics between attackers and defenders is an important research problem.

Identity Verification Systems as a Critical Infrastructure

DTIC Science & Technology

2012-03-01

COVERED Master’s Thesis 4 . TITLE AND SUBTITLE Identity Verification Systems as a Critical Infrastructure 5. FUNDING NUMBERS 6. AUTHOR(S...43 3. Cybercrime .........................................................................................45 4 ...24 Figure 3. Uses of Fictitious or Stolen Identity ................................................................30 Figure 4

Hiding Critical Targets in Smart Grid Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bao, Wei; Li, Qinghua

With the integration of advanced communication technologies, the power grid is expected to greatly enhance efficiency and reliability of future power systems. However, since most electrical devices in power grid substations are connected via communication networks, cyber security of these communication networks becomes a critical issue. Real-World incidents such as Stuxnet have shown the feasibility of compromising a device in the power grid network to further launch more sophisticated attacks. To deal with security attacks of this spirit, this paper aims to hide critical targets from compromised internal nodes and hence protect them from further attacks launched by those compromisedmore » nodes. In particular, we consider substation networks and propose to add carefully-controlled dummy traffic to a substation network to make critical target nodes indistinguishable from other nodes in network traffic patterns. This paper describes the design and evaluation of such a scheme. Evaluations show that the scheme can effectively protect critical nodes with acceptable communication cost.« less

Improving Remote Voting Security with CodeVoting

NASA Astrophysics Data System (ADS)

Joaquim, Rui; Ribeiro, Carlos; Ferreira, Paulo

One of the major problems that prevents the spread of elections with the possibility of remote voting over electronic networks, also called Internet Voting, is the use of unreliable client platforms, such as the voter's computer and the Internet infrastructure connecting it to the election server. A computer connected to the Internet is exposed to viruses, worms, Trojans, spyware, malware and other threats that can compromise the election's integrity. For instance, it is possible to write a virus that changes the voter's vote to a predetermined vote on election's day. Another possible attack is the creation of a fake election web site where the voter uses a malicious vote program on the web site that manipulates the voter's vote (phishing/pharming attack). Such attacks may not disturb the election protocol, therefore can remain undetected in the eyes of the election auditors.

18 CFR 5.29 - Other provisions.

Code of Federal Regulations, 2014 CFR

2014-04-01

... member of the public. (c) Requests for privileged or Critical Energy Infrastructure Information treatment of pre-filing submission. If a potential Applicant requests privileged or critical energy infrastructure information treatment of any information submitted to the Commission during pre-filing...

18 CFR 5.29 - Other provisions.

Code of Federal Regulations, 2013 CFR

2013-04-01

... member of the public. (c) Requests for privileged or Critical Energy Infrastructure Information treatment of pre-filing submission. If a potential Applicant requests privileged or critical energy infrastructure information treatment of any information submitted to the Commission during pre-filing...

Magnus effects at high angles of attack and critical Reynolds numbers

NASA Technical Reports Server (NTRS)

Seginer, A.; Ringel, M.

1983-01-01

The Magnus force and moment experienced by a yawed, spinning cylinder were studied experimentally in low speed and subsonic flows at high angles of attack and critical Reynolds numbers. Flow-field visualization aided in describing a flow model that divides the Magnus phenomenon into a subcritical region, where reverse Magnus loads are experienced, and a supercritical region where these loads are not encountered. The roles of the spin rate, angle of attack, and crossflow Reynolds number in determining the boundaries of the subcritical region and the variations of the Magnus loads were studied.

Low carbon technology performance vs infrastructure vulnerability: analysis through the local and global properties space.

PubMed

Dawson, David A; Purnell, Phil; Roelich, Katy; Busch, Jonathan; Steinberger, Julia K

2014-11-04

Renewable energy technologies, necessary for low-carbon infrastructure networks, are being adopted to help reduce fossil fuel dependence and meet carbon mitigation targets. The evolution of these technologies has progressed based on the enhancement of technology-specific performance criteria, without explicitly considering the wider system (global) impacts. This paper presents a methodology for simultaneously assessing local (technology) and global (infrastructure) performance, allowing key technological interventions to be evaluated with respect to their effect on the vulnerability of wider infrastructure systems. We use exposure of low carbon infrastructure to critical material supply disruption (criticality) to demonstrate the methodology. A series of local performance changes are analyzed; and by extension of this approach, a method for assessing the combined criticality of multiple materials for one specific technology is proposed. Via a case study of wind turbines at both the material (magnets) and technology (turbine generators) levels, we demonstrate that analysis of a given intervention at different levels can lead to differing conclusions regarding the effect on vulnerability. Infrastructure design decisions should take a systemic approach; without these multilevel considerations, strategic goals aimed to help meet low-carbon targets, that is, through long-term infrastructure transitions, could be significantly jeopardized.

Critical Infrastructure: The National Asset Database

DTIC Science & Technology

2007-07-16

Infrastructure: The National Asset Database 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR(S) 5d. PROJECT NUMBER 5e...upon which federal resources, including infrastructure protection grants , are allocated. According to DHS, both of those assumptions are wrong. DHS...assets that it has determined are critical to the nation. Also, while the National Asset Database has been used to support federal grant -making

A Tool for Rating the Resilience of Critical Infrastructures in Extreme Fires

DTIC Science & Technology

2014-05-01

provide a tool for NRC to help the Canadian industry to develop extreme fire protection materials and technologies for critical infrastructures. Future...supported by the Canadian Safety and Security Program (CSSP) which is led by Defence Research and Development Canada’s Centre for Security Science, in...in oil refinery and chemical industry facilities. The only available standard in North America that addresses the transportation infrastructure is

Method or Madness: Federal Oversight Structures for Critical Infrastructure Protection

DTIC Science & Technology

2007-12-01

to dramatically reduce their operating costs and completely revamp their business models. In fact, many companies no longer have the capacity or...increasing reliance on private sector companies in many critical infrastructure segments, government agencies have been reluctant to try innovative...as it is applied to infrastructure services, is effectively limited to “economic growth and the free flow of commerce.”15 The collection of essays

Department of Defense Public Key Infrastructure Token Protection Profile. Version 2.0

DTIC Science & Technology

2001-03-12

Profile Authors: Tamara Cleveland, Booz·Allen & Hamilton Inc. Michael Alexander, Booz·Allen & Hamilton Inc. Asok Ganguly, Booz·Allen & Hamilton Inc...testing, and electron beam testing. • Other attacks, such as UV or X- rays or high temperatures, could cause erasure of memory. However, erasure of selected

Exploring Crisis Management in U.S. Small Businesses

NASA Astrophysics Data System (ADS)

Williams, Jon

As a critical infrastructure, the US electricity grid supplies electricity to 340 million people within eight separate regions. The power infrastructure is vulnerable to many types of disasters capable of severing supplies of electricity. The impact on the employees and communities when small- and medium-size enterprises are shut down due to disasters can be severe. The purpose of the quantitative comparative study was to explore small- and medium-size enterprises crisis management strategies in the case of power infrastructure vulnerabilities. Perceptions of small business leaders were probed about crisis management planning relevant to three secondary factors: prior experience of crises, threat perceptions, and planning self-efficacy. Participants completed an adapted questionnaire instrument based on a five-point Likert scale for six sub-factors including resilience through planning, financial impact, operational crisis management, the perfect storm, the aftermath of survival, and atrophy. The instrument also measured three additional factors to include, prior experience of crises, threat perceptions, and planning self-efficacy, across seven types of crises. The results of this study indicated that of the 276 respondents, 104 had no crisis plans, but 172 did have crisis plans. Of those who had implemented crisis plans, 19% had specific provisions to address power outages or attacks on the electrical grid. Of the respondents who had not planned for power outages nor experienced significant losses of power, a statistically significant number acknowledged an external threat to their business. The majority of respondents indicated that long-term planning was related to resilience; however, the migration of crisis understanding into the planning process or implementation was not implemented. This heightened awareness of potential crises without the corresponding development and implementation of mitigation crisis plans requires additional research to understand drivers effecting the decision making process with crisis managers.

Continuity of operations/continuity of government for state-level transportation organizations : brief.

DOT National Transportation Integrated Search

2011-09-01

As a result of a federal requirement, all non-federal entities that own or operate critical : infrastructure are required to develop Continuity of Operations/Continuity of Government : (COOP/COG) Plans. Transportation is a critical infrastructure com...

6 CFR 29.3 - Effect of provisions.

Code of Federal Regulations, 2011 CFR

2011-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... utilize the PCII only for purposes appropriate under the CII Act, including securing critical infrastructure or protected systems. Such PCII may not be utilized for any other collateral regulatory purposes...

6 CFR 29.3 - Effect of provisions.

Code of Federal Regulations, 2010 CFR

2010-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... utilize the PCII only for purposes appropriate under the CII Act, including securing critical infrastructure or protected systems. Such PCII may not be utilized for any other collateral regulatory purposes...

6 CFR 29.3 - Effect of provisions.

Code of Federal Regulations, 2013 CFR

2013-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... utilize the PCII only for purposes appropriate under the CII Act, including securing critical infrastructure or protected systems. Such PCII may not be utilized for any other collateral regulatory purposes...

6 CFR 29.3 - Effect of provisions.

Code of Federal Regulations, 2014 CFR

2014-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... utilize the PCII only for purposes appropriate under the CII Act, including securing critical infrastructure or protected systems. Such PCII may not be utilized for any other collateral regulatory purposes...

6 CFR 29.3 - Effect of provisions.

Code of Federal Regulations, 2012 CFR

2012-01-01

... Security DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY PROTECTED CRITICAL INFRASTRUCTURE... utilize the PCII only for purposes appropriate under the CII Act, including securing critical infrastructure or protected systems. Such PCII may not be utilized for any other collateral regulatory purposes...

78 FR 16699 - National Maritime Security Advisory Committee; Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-18

... Executive Order \\1\\ to strengthen the cybersecurity of critical infrastructure by increasing information sharing and by jointly developing and implementing a framework of cybersecurity practices with our...-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity . (2...

Geospatial decision support framework for critical infrastructure interdependency assessment

NASA Astrophysics Data System (ADS)

Shih, Chung Yan

Critical infrastructures, such as telecommunications, energy, banking and finance, transportation, water systems and emergency services are the foundations of modern society. There is a heavy dependence on critical infrastructures at multiple levels within the supply chain of any good or service. Any disruptions in the supply chain may cause profound cascading effect to other critical infrastructures. A 1997 report by the President's Commission on Critical Infrastructure Protection states that a serious interruption in freight rail service would bring the coal mining industry to a halt within approximately two weeks and the availability of electric power could be reduced in a matter of one to two months. Therefore, this research aimed at representing and assessing the interdependencies between coal supply, transportation and energy production. A proposed geospatial decision support framework was established and applied to analyze interdependency related disruption impact. By utilizing the data warehousing approach, geospatial and non-geospatial data were retrieved, integrated and analyzed based on the transportation model and geospatial disruption analysis developed in the research. The results showed that by utilizing this framework, disruption impacts can be estimated at various levels (e.g., power plant, county, state, etc.) for preventative or emergency response efforts. The information derived from the framework can be used for data mining analysis (e.g., assessing transportation mode usages; finding alternative coal suppliers, etc.).

Critical Infrastructure Rebuild Prioritization using Simulation Optimization

DTIC Science & Technology

2007-03-01

23 Figure 2.9 Production by temperature and production made from a crude oil (EIA.com)24 Figure 2.10 Natural gas industry... Oil infrastructure physical layer ...................................................................... 45 Figure 3.6 Natural gas infrastructure...information layer.......................................................... 55 Figure 3.11 Oil infrastructure information layer

LANL: Weapons Infrastructure Briefing to Naval Reactors, July 18, 2017

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chadwick, Frances

Presentation slides address: The Laboratory infrastructure supports hundreds of high hazard, complex operations daily; LANL’s unique science and engineering infrastructure is critical to delivering on our mission; LANL FY17 Budget & Workforce; Direct-Funded Infrastructure Accounts; LANL Org Chart; Weapons Infrastructure Program Office; The Laboratory’s infrastructure relies on both Direct and Indirect funding; NA-50’s Operating, Maintenance & Recapitalization funding is critical to the execution of the mission; Los Alamos is currently executing several concurrent Line Item projects; Maintenance @ LANL; NA-50 is helping us to address D&D needs; We are executing a CHAMP Pilot Project at LANL; G2 = Main Toolmore » for Program Management; MDI: Future Investments are centered on facilities with a high Mission Dependency Index; Los Alamos hosted first “Deep Dive” in November 2016; Safety, Infrastructure & Operations is one of the most important programs at LANL, and is foundational for our mission success.« less

Minimizing Expected Maximum Risk from Cyber-Attacks with Probabilistic Attack Success

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bhuiyan, Tanveer H.; Nandi, Apurba; Medal, Hugh

The goal of our work is to enhance network security by generating partial cut-sets, which are a subset of edges that remove paths from initially vulnerable nodes (initial security conditions) to goal nodes (critical assets), on an attack graph given costs for cutting an edge and a limited overall budget.

Sea Level Rise Impacts On Infrastructure Vulnerability

NASA Astrophysics Data System (ADS)

Pasqualini, D.; Mccown, A. W.; Backhaus, S.; Urban, N. M.

2015-12-01

Increase of global sea level is one of the potential consequences of climate change and represents a threat for the U.S.A coastal regions, which are highly populated and home of critical infrastructures. The potential danger caused by sea level rise may escalate if sea level rise is coupled with an increase in frequency and intensity of storms that may strike these regions. These coupled threats present a clear risk to population and critical infrastructure and are concerns for Federal, State, and particularly local response and recovery planners. Understanding the effect of sea level rise on the risk to critical infrastructure is crucial for long planning and for mitigating potential damages. In this work we quantify how infrastructure vulnerability to a range of storms changes due to an increase of sea level. Our study focuses on the Norfolk area of the U.S.A. We assess the direct damage of drinking water and wastewater facilities and the power sector caused by a distribution of synthetic hurricanes. In addition, our analysis estimates indirect consequences of these damages on population and economic activities accounting also for interdependencies across infrastructures. While projections unanimously indicate an increase in the rate of sea level rise, the scientific community does not agree on the size of this rate. Our risk assessment accounts for this uncertainty simulating a distribution of sea level rise for a specific climate scenario. Using our impact assessment results and assuming an increase of future hurricanes frequencies and intensities, we also estimate the expected benefits for critical infrastructure.

76 FR 50487 - Protected Critical Infrastructure Information (PCII) Stakeholder Survey

Federal Register 2010, 2011, 2012, 2013, 2014

2011-08-15

... Information (PCII) Stakeholder Survey AGENCY: National Protection and Programs Directorate, DHS. ACTION: 30... Collection Request, Protected Critical Infrastructure Information (PCII) Stakeholder Survey. DHS previously... homeland security duties. This survey is designed to gather information from PCII Officers that can be used...

47 CFR 90.615 - Individual channels available in the General Category in 806-824/851-869 MHz band.

Code of Federal Regulations, 2011 CFR

2011-10-01

... Critical Infrastructure Industry Categories from three to five years after the release of a public notice... applicants in the Public Safety or Critical Infrastructure Industry Categories from three to five years after...

47 CFR 90.615 - Individual channels available in the General Category in 806-824/851-869 MHz band.

Code of Federal Regulations, 2014 CFR

2014-10-01

... Critical Infrastructure Industry Categories from three to five years after the release of a public notice... applicants in the Public Safety or Critical Infrastructure Industry Categories from three to five years after...

47 CFR 90.615 - Individual channels available in the General Category in 806-824/851-869 MHz band.

Code of Federal Regulations, 2013 CFR

2013-10-01

... Critical Infrastructure Industry Categories from three to five years after the release of a public notice... applicants in the Public Safety or Critical Infrastructure Industry Categories from three to five years after...

47 CFR 90.615 - Individual channels available in the General Category in 806-824/851-869 MHz band.

Code of Federal Regulations, 2012 CFR

2012-10-01

... Critical Infrastructure Industry Categories from three to five years after the release of a public notice... applicants in the Public Safety or Critical Infrastructure Industry Categories from three to five years after...

The national strategy for the physical protection of critical infrastructures and key assets

DOT National Transportation Integrated Search

2003-02-01

This document defines the road ahead for a core mission area identified in the President's National Strategy for Homeland Security-reducing the Nation's vulnerability to acts of terrorism by protecting our critical infrastructures and key assets from...

31 CFR 800.208 - Critical infrastructure.

Code of Federal Regulations, 2010 CFR

2010-07-01

... 31 Money and Finance: Treasury 3 2010-07-01 2010-07-01 false Critical infrastructure. 800.208 Section 800.208 Money and Finance: Treasury Regulations Relating to Money and Finance (Continued) OFFICE OF INVESTMENT SECURITY, DEPARTMENT OF THE TREASURY REGULATIONS PERTAINING TO MERGERS, ACQUISITIONS...

78 FR 54454 - Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2013-09-04

... include the following items: --Cybersecurity Executive Order 13636, Improving Critical Infrastructure Cybersecurity (78 FR 11737, February 19, 2013); Development of New Cybersecurity Framework; Request for Information (RFI)--Developing a Framework to Improve Critical Infrastructure Cybersecurity (78 FR 13024...

78 FR 19277 - National Maritime Security Advisory Committee; Meeting

Federal Register 2010, 2011, 2012, 2013, 2014

2013-03-29

... Obama signed an Executive Order to strengthen the cybersecurity of critical infrastructure by increasing information sharing and by jointly developing and implementing a framework of cybersecurity practices with our...-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity . (2...

Detection of MAVs (Micro Aerial Vehicles) based on millimeter wave radar

NASA Astrophysics Data System (ADS)

Noetel, Denis; Johannes, Winfried; Caris, Michael; Hommes, Alexander; Stanko, Stephan

2016-10-01

In this paper we present two system approaches for perimeter surveillance with radar techniques focused on the detection of Micro Aerial Vehicles (MAVs). The main task of such radars is to detect movements of targets such as an individual or a vehicle approaching a facility. The systems typically cover a range of several hundred meters up to several kilometers. In particular, the capability of identifying Remotely Piloted Aircraft Systems (RPAS), which pose a growing threat on critical infrastructure areas, is of great importance nowadays. The low costs, the ease of handling and a considerable payload make them an excellent tool for unwanted surveillance or attacks. Most platforms can be equipped with all kind of sensors or, in the worst case, with destructive devices. A typical MAV is able to take off and land vertically, to hover, and in many cases to fly forward at high speed. Thus, it can reach all kinds of places in short time while the concealed operator of the MAV resides at a remote and riskless place.

Wide area restoration following biological contamination

NASA Astrophysics Data System (ADS)

Yang, Lynn; Hibbard, Wilthea; Edwards, Donna; Franco, David; Fruetel, Julie; Tucker, Mark; Einfeld, Wayne; Knowlton, Robert; Brown, Gary; Brockmann, John; Greenwalt, Robert; Miles, Robin; Raber, Ellen; Carlsen, Tina; Krauter, Paula; Dillon, Michael; MacQueen, Don; Intrepido, Tony; Hoppes, Bill; Wilson, Wendy; Mancieri, Sav

2008-04-01

Current understanding of how to restore a wide area that has been contaminated following a large biological attack is limited. The Department of Homeland Security and Department of Defense are executing a four-year collaborative program named the Interagency Biological Restoration Demonstration (IBRD) program. This program is aimed at developing technologies, methods, plans and policies necessary to restore a wide area, including military installations and critical infrastructures, in the event of a large outdoor aerosol release of anthrax. The IBRD program partner pilot city is the Seattle Urban Area to include Fort Lewis, WA and McChord Air Force Base. A front-end systems analysis was conducted as part of IBRD, to: 1) assess existing technologies and processes for wide area restoration; from this, 2) develop an "as-is" decision framework for wide area restoration; and 3) identify and prioritize capability gaps. Qualitative assessments and quantitative analyses, including sensitivity, timeline and case study analyses, were conducted to evaluate existing processes and rank capability gaps. This paper describes the approach and results from this front-end systems analysis.

75 FR 61160 - National Protection and Programs Directorate; National Infrastructure Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2010-10-04

... systems. The NIAC will meet to address issues relevant to the protection of critical infrastructure as.... Deliberation: Optimization of Resources for Mitigating Infrastructure Disruptions VII. Discussion of Potential...

78 FR 39712 - Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait...

Federal Register 2010, 2011, 2012, 2013, 2014

2013-07-02

... DEPARTMENT OF COMMERCE International Trade Administration Critical Infrastructure Protection and Cyber Security Trade Mission to Saudi Arabia and Kuwait Clarification and Amendment AGENCY... cyber-security firms and trade organizations which have not already submitted an application are...

78 FR 25254 - Announcing an Open Meeting of the Information Security and Privacy Advisory Board

Federal Register 2010, 2011, 2012, 2013, 2014

2013-04-30

... include the following items: --Cybersecurity Executive Order 13636, Improving Critical Infrastructure Cybersecurity (78 FR 11737, February 19, 2013); Development of New Cybersecurity Framework; Request for Information (RFI)--Developing a Framework to Improve Critical Infrastructure Cybersecurity (78 FR 13024...

Experiences from coordinating research after the 2011 terrorist attacks in Norway

PubMed Central

Refsdal, Nils O.

2014-01-01

This brief report presents some of the lessons learned from coordinating research in which people directly affected by terrorist attacks in Norway in 2011 are taking part. After the terrorist attacks, it was decided to establish a national coordinating function in order to protect those who were affected when they participate in research. By gathering key stakeholders, it is possible to avoid duplication of research through practical measures such as information sharing, facilitating cooperation, and working toward sharing of data. In addition, a coordinating function provides a platform for working to increase the impact of the research among practitioners and policy makers, and inform the general public. The conclusions are that coordination should be interdisciplinary, that it is important to plan for the sharing and reuse of data, and that both the research community and the research infrastructure should take steps to improve preparedness when disaster inevitably strikes again. PMID:25018857

Fuzzy architecture assessment for critical infrastructure resilience

DOE Office of Scientific and Technical Information (OSTI.GOV)

Muller, George

2012-12-01

This paper presents an approach for the selection of alternative architectures in a connected infrastructure system to increase resilience of the overall infrastructure system. The paper begins with a description of resilience and critical infrastructure, then summarizes existing approaches to resilience, and presents a fuzzy-rule based method of selecting among alternative infrastructure architectures. This methodology includes considerations which are most important when deciding on an approach to resilience. The paper concludes with a proposed approach which builds on existing resilience architecting methods by integrating key system aspects using fuzzy memberships and fuzzy rule sets. This novel approach aids the systemsmore » architect in considering resilience for the evaluation of architectures for adoption into the final system architecture.« less

Volcanic hazards at distant critical infrastructure: A method for bespoke, multi-disciplinary assessment

NASA Astrophysics Data System (ADS)

Odbert, H. M.; Aspinall, W.; Phillips, J.; Jenkins, S.; Wilson, T. M.; Scourse, E.; Sheldrake, T.; Tucker, P.; Nakeshree, K.; Bernardara, P.; Fish, K.

2015-12-01

Societies rely on critical services such as power, water, transport networks and manufacturing. Infrastructure may be sited to minimise exposure to natural hazards but not all can be avoided. The probability of long-range transport of a volcanic plume to a site is comparable to other external hazards that must be considered to satisfy safety assessments. Recent advances in numerical models of plume dispersion and stochastic modelling provide a formalized and transparent approach to probabilistic assessment of hazard distribution. To understand the risks to critical infrastructure far from volcanic sources, it is necessary to quantify their vulnerability to different hazard stressors. However, infrastructure assets (e.g. power plantsand operational facilities) are typically complex systems in themselves, with interdependent components that may differ in susceptibility to hazard impact. Usually, such complexity means that risk either cannot be estimated formally or that unsatisfactory simplifying assumptions are prerequisite to building a tractable risk model. We present a new approach to quantifying risk by bridging expertise of physical hazard modellers and infrastructure engineers. We use a joint expert judgment approach to determine hazard model inputs and constrain associated uncertainties. Model outputs are chosen on the basis of engineering or operational concerns. The procedure facilitates an interface between physical scientists, with expertise in volcanic hazards, and infrastructure engineers, with insight into vulnerability to hazards. The result is a joined-up approach to estimating risk from low-probability hazards to critical infrastructure. We describe our methodology and show preliminary results for vulnerability to volcanic hazards at a typical UK industrial facility. We discuss our findings in the context of developing bespoke assessment of hazards from distant sources in collaboration with key infrastructure stakeholders.

Estimating the probability of mountain pine beetle red-attack damage

Treesearch

Michael A Wulder; J. C. White; Barbara J Bentz; M. F. Alvarez; N. C. Coops

2006-01-01

Accurate spatial information on the location and extent of mountain pine beetle infestation is critical for the planning of mitigation and treatment activities. Areas of mixed forest and variable terrain present unique challenges for the detection and mapping of mountain pine beetle red-attack damage, as red-attack has a more heterogeneous distribution under these...

Geographical Assesment of Results from Preventing the Parameter Tampering in a Web Application

NASA Astrophysics Data System (ADS)

Menemencioğlu, O.; Orak, İ. M.

2017-11-01

The improving usage of internet and attained intensity of usage rate attracts the malicious in around the world. Many preventing systems are offered by researchers with different infrastructures. Very effective preventing system was proposed most recently by the researchers. The previously offered mechanism has prevented the multi-type vulnerabilities after preventing system was put into use. The attack attempts have been recorded. The researchers analysed the results geographically, discussed the obtained results and made some inference of the results. Our assessments show that the geographical findings can be used to retrieve some implication and build an infrastructure which prevents the vulnerabilities by location.

Information Technology Certification Training Implementation: Exploratory Case Study of Air Force and Civilian Leaders Experiences

ERIC Educational Resources Information Center

Munn, Jamie E.

2017-01-01

Military leaders, both active duty and General Schedule (GS), must understand cyber warfare with its environmental connections and rapid evolution while finding ways to develop strategies that may lessen threats and attacks to government infrastructure. The Department of Defense (DoD) sought training and certification programs from the civilian…

75 FR 67989 - Agency Information Collection Activities: Office of Infrastructure Protection; Infrastructure...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-11-04

..., National Protection and Programs Directorate, Office of Infrastructure Protection (IP), will submit the... manner.'' DHS designated IP to lead these efforts. Given that the vast majority of the Nation's critical infrastructure and key resources in most sectors are privately owned or controlled, IP's success in achieving the...

A probabilistic and adaptive approach to modeling performance of pavement infrastructure

DOT National Transportation Integrated Search

2007-08-01

Accurate prediction of pavement performance is critical to pavement management agencies. Reliable and accurate predictions of pavement infrastructure performance can save significant amounts of money for pavement infrastructure management agencies th...

75 FR 39266 - National Protection and Programs Directorate; National Infrastructure Advisory Council

Federal Register 2010, 2011, 2012, 2013, 2014

2010-07-08

... infrastructure sectors and their information systems. Pursuant to 41 CFR 102-3.150(b), this notice was published... Critical Infrastructure Resilience Goals VI. Working Group Status: Optimization of Resources for Mitigating...

Cybersecurity: The Nation’s Greatest Threat to Critical Infrastructure

DTIC Science & Technology

2013-03-01

protection has become a matter of national security, public safety, and economic stability . It is imperative the U.S. Government (USG) examine current...recommendations for federal responsibilities and legislation to direct nation critical infrastructure efforts to ensure national security, public safety and economic stability .

GPS disruptions : efforts to assess risks to critical infrastructure and coordinate agency actions should be enhanced.

DOT National Transportation Integrated Search

2013-11-01

To assess the risks and potential effects from disruptions in the Global : Positioning System (GPS) on critical infrastructure, the Department of Homeland : Security (DHS) published the GPS National Risk Estimate (NRE) in 2012. In : doing so, DHS con...

75 FR 54915 - Notice Pursuant to the National Cooperative Research and Production Act of 1993-Sensory System...

Federal Register 2010, 2011, 2012, 2013, 2014

2010-09-09

... DEPARTMENT OF JUSTICE Antitrust Division Notice Pursuant to the National Cooperative Research and Production Act of 1993--Sensory System for Critical Infrastructure Defect Recognition, Visualization and... Critical Infrastructure Defect Recognition, Visualization and Failure Prediction ('Sensory System'') has...

6 CFR 29.1 - Purpose and scope.

Code of Federal Regulations, 2010 CFR

2010-01-01

... INFORMATION § 29.1 Purpose and scope. (a) Purpose of this Part. This Part implements sections 211 through 215... receipt, care, and storage of Critical Infrastructure Information (CII) voluntarily submitted to the... herein as the Critical Infrastructure Information Act of 2002 (CII Act). Consistent with the statutory...

18 CFR 5.30 - Critical energy infrastructure information.

Code of Federal Regulations, 2011 CFR

2011-04-01

... 18 Conservation of Power and Water Resources 1 2011-04-01 2011-04-01 false Critical energy infrastructure information. 5.30 Section 5.30 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY REGULATIONS UNDER THE FEDERAL POWER ACT INTEGRATED LICENSE APPLICATION...

18 CFR 5.30 - Critical energy infrastructure information.

Code of Federal Regulations, 2013 CFR

2013-04-01

... 18 Conservation of Power and Water Resources 1 2013-04-01 2013-04-01 false Critical energy infrastructure information. 5.30 Section 5.30 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY REGULATIONS UNDER THE FEDERAL POWER ACT INTEGRATED LICENSE APPLICATION...

18 CFR 5.30 - Critical energy infrastructure information.

Code of Federal Regulations, 2010 CFR

2010-04-01

... 18 Conservation of Power and Water Resources 1 2010-04-01 2010-04-01 false Critical energy infrastructure information. 5.30 Section 5.30 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY REGULATIONS UNDER THE FEDERAL POWER ACT INTEGRATED LICENSE APPLICATION...

18 CFR 5.30 - Critical energy infrastructure information.

Code of Federal Regulations, 2012 CFR

2012-04-01

... 18 Conservation of Power and Water Resources 1 2012-04-01 2012-04-01 false Critical energy infrastructure information. 5.30 Section 5.30 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY REGULATIONS UNDER THE FEDERAL POWER ACT INTEGRATED LICENSE APPLICATION...

18 CFR 5.30 - Critical energy infrastructure information.

Code of Federal Regulations, 2014 CFR

2014-04-01

... 18 Conservation of Power and Water Resources 1 2014-04-01 2014-04-01 false Critical energy infrastructure information. 5.30 Section 5.30 Conservation of Power and Water Resources FEDERAL ENERGY REGULATORY COMMISSION, DEPARTMENT OF ENERGY REGULATIONS UNDER THE FEDERAL POWER ACT INTEGRATED LICENSE APPLICATION...

Modeling, Evaluation and Detection of Jamming Attacks in Time-Critical Wireless Applications

DTIC Science & Technology

2014-08-01

computing, modeling and analysis of wireless networks , network topol- ogy, and architecture design. Dr. Wang has been a Member of the Association for...important, yet open research question is how to model and detect jamming attacks in such wireless networks , where communication traffic is more time...against time-critical wireless networks with applications to the smart grid. In contrast to communication networks where packets-oriented metrics

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets aremore » considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.« less

A security-awareness virtual machine management scheme based on Chinese wall policy in cloud computing.

PubMed

Yu, Si; Gui, Xiaolin; Lin, Jiancai; Tian, Feng; Zhao, Jianqiang; Dai, Min

2014-01-01

Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

The Threat Among Us: Insiders Intensify Aviation Terrorism

DOE Office of Scientific and Technical Information (OSTI.GOV)

Krull, Katie E.

Aviation terrorism is powerful and symbolic, and will likely remain a staple target for terrorists aiming to inflict chaos and cause mass casualties similar to the 9/11 attacks on the U.S. The majority of international and domestic aviation terrorist attacks involves outsiders, or people who do not have direct access to or affiliation with a target through employment. However, several significant attacks and plots against the industry involved malicious employees motivated by suicide or devotion to a terrorist organization. Malicious insiders’ access and knowledge of aviation security, systems, networks, and infrastructure is valuable to terrorists, providing a different pathway formore » attacking the industry through the insider threat. Indicators and warnings of insider threats in these cases exist, providing insight into how security agencies, such as the Transportation Security Administration, can better predict and identify insider involvement. Understanding previous aviation insider threat events will likely aid in stimulating proactive security measures, rather than reactive responses. However, similar to traditional airport security measures, there are social, political, and economic challenges in protecting against the insider threat, including privacy concerns and cost-benefit analysis.« less

AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid

PubMed Central

Lim, Hyunwoo; Lee, Seokjun; Shon, Taeshik

2014-01-01

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification. PMID:25152923

A Security-Awareness Virtual Machine Management Scheme Based on Chinese Wall Policy in Cloud Computing

PubMed Central

Gui, Xiaolin; Lin, Jiancai; Tian, Feng; Zhao, Jianqiang; Dai, Min

2014-01-01

Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much. PMID:24688434

Architecture and Methods for Substation SCADA Cybersecurity: Best Practices

DOE Office of Scientific and Technical Information (OSTI.GOV)

Albunashee, Hamdi; Al Sarray, Muthanna; McCann, Roy

There are over 3000 electricity providers in the United States, encompassing investor and publicly owned utilities as well as electric cooperatives. There has been ongoing trends to increasingly automate and provide remote control and monitoring of electric energy delivery systems. The deployment of computer network technologies has increased the efficiency and reliability of electric power infrastructure. However, the increased use of digital communications has also increased the vulnerability to malicious cyber attacks [1]. In 2004 the National Research Councils (National Academies) formed a committee of specialists to address these vulnerabilities and propose possible solutions with an objective to prioritize themore » R&D needs for developing countermeasures. The committee addressed many potential concerns in the electric power delivery system and classified them based upon different criteria and presented recommendations to minimize the gap between the academic research directions and the needs of the electric utility industry. The complexity and diversity of the electric power delivery system in the U.S. has opened many ports for attackers and intruders [1]. This complexity and diversity is attributed to the fact that power delivery system is a network of substations, transmission and distribution lines, sub-networks of controlling, sensing and monitoring units, and human operator involvement for running the system [1]. Accordingly, any incident such as the occurrence of a fault or disturbance in this complex network cannot be deferred and should be resolved within an order of milliseconds, otherwise there is risk of large-scale outages similar to the occurrences in India and the U.S. in 2003 [2]. There are three main vulnerabilities in supervisory control and data acquisition (SCADA) systems commonly identified—physical vulnerability, cyber vulnerability and personal vulnerability [1]. In terms of cyber threats, SCADA systems are the most critical elements in the electric power grid in the U.S. Unauthorized access to a SCADA system could enable/disable unexpected equipment (such as disable the protection system or a circuit breaker) which could cause large scale disruptions of electric power delivery. This paper provides an overview of power system SCADA technologies in transmission substations (Section 2) and summarizes the best practices for implementing a cyber security program. After introducing SCADA system operations in Section 2, a description of the security challenges for SCADA systems is presented in Section 3. In Section 4, NECRC Critical Infrastructure Protection standards CIP-002 through CIP-009 are summarized. An overview of industry best practices is presented in Section 5.« less

3 CFR 8460 - Proclamation 8460 of December 2, 2009. Critical Infrastructure Protection Month, 2009

Code of Federal Regulations, 2010 CFR

2010-01-01

... the United States of America A Proclamation Critical infrastructure protection is an essential element... have a debilitating effect on security, national economic security, public health or safety. From water... country's essential resources are safe and capable of recovering from disruptive incidents. The Department...

Information Security: A Difficult Balance

ERIC Educational Resources Information Center

Rose, Linwood H.

2004-01-01

Protecting the critical infrastructure of this country is essential to the preservation of lives as they are now lived. The time has come for leaders in higher education to recognize and creatively respond to the opportunity and realities of protecting the national critical infrastructure. To do this effectively, the academy must embrace and…

78 FR 13024 - Developing a Framework To Improve Critical Infrastructure Cybersecurity

Federal Register 2010, 2011, 2012, 2013, 2014

2013-02-26

... review to develop a framework to reduce cyber risks to critical infrastructure \\1\\ (the ``Cybersecurity... processes that align policy, business, and technological approaches to address cyber risks. \\1\\ For the... cyber activity. Such activity is increasing and its consequences can range from theft through disruption...

Developing measurement indices to enhance protection and resilience of critical infrastructure and key resources.

PubMed

Fisher, Ronald E; Norman, Michael

2010-07-01

The US Department of Homeland Security (DHS) is developing indices to better assist in the risk management of critical infrastructures. The first of these indices is the Protective Measures Index - a quantitative index that measures overall protection across component categories: physical security, security management, security force, information sharing, protective measures and dependencies. The Protective Measures Index, which can also be recalculated as the Vulnerability Index, is a way to compare differing protective measures (eg fence versus security training). The second of these indices is the Resilience Index, which assesses a site's resilience and consists of three primary components: robustness, resourcefulness and recovery. The third index is the Criticality Index, which assesses the importance of a facility. The Criticality Index includes economic, human, governance and mass evacuation impacts. The Protective Measures Index, Resilience Index and Criticality Index are being developed as part of the Enhanced Critical Infrastructure Protection initiative that DHS protective security advisers implement across the nation at critical facilities. This paper describes two core themes: determination of the vulnerability, resilience and criticality of a facility and comparison of the indices at different facilities.

2010 Defense Industrial Base Critical Infrastructure Protection Conference (DIBCIP) Risk Reduction and Mitigation in the Defense Industrial Base

DTIC Science & Technology

2010-04-28

Base Critical Infrastructure Protection Conference (DIBCIP) “Risk Reduction & Mitigation in the Defense Industrial Base ” April 26-28, 2010...Philadelphia, PA Agenda Tuesday, April 27, 2010 Keynote Address: The Economic Crisis and Its Impact on the DIB: Defense Industrial Base Forecasts 2010...Ms. Nancy Pomerleau, Exercise Director, Partnership Outreach Division, DHS-IP DIB 2010 DIB CIP DEFENSE INDUSTRIAL BASE CRITICAL

Consequence Prioritization Process for Potential High Consequence Events (HCE)

DOE Office of Scientific and Technical Information (OSTI.GOV)

Freeman, Sarah G.

2016-10-31

This document describes the process for Consequence Prioritization, the first phase of the Consequence-Driven Cyber-Informed Engineering (CCE) framework. The primary goal of Consequence Prioritization is to identify potential disruptive events that would significantly inhibit an organization’s ability to provide the critical services and functions deemed fundamental to their business mission. These disruptive events, defined as High Consequence Events (HCE), include both events that have occurred or could be realized through an attack of critical infrastructure owner assets. While other efforts have been initiated to identify and mitigate disruptive events at the national security level, such as Presidential Policy Directive 41more » (PPD-41), this process is intended to be used by individual organizations to evaluate events that fall below the threshold for a national security. Described another way, Consequence Prioritization considers threats greater than those addressable by standard cyber-hygiene and includes the consideration of events that go beyond a traditional continuity of operations (COOP) perspective. Finally, Consequence Prioritization is most successful when organizations adopt a multi-disciplinary approach, engaging both cyber security and engineering expertise, as in-depth engineering perspectives are required to recognize and characterize and mitigate HCEs. Figure 1 provides a high-level overview of the prioritization process.« less

Corrosion pitting of SiC by molten salts

NASA Technical Reports Server (NTRS)

Jacobson, N. S.; Smialek, J. L.

1986-01-01

The corrosion of SiC by thin films of Na2CO3 and Na2SO4 at 1000 C is characterized by a severe pitting attack of the SiC substrate. A range of different Si and SiC substrates were examined to isolate the factors critical to pitting. Two types of pitting attack are identified: attack at structural discontinuities and a crater-like attack. The crater-like pits are correlated with bubble formation during oxidation of the SiC. It appears that bubbles create unprotected regions, which are susceptible to enhanced attack and, hence, pit formation.

Infrastructure management : Project A : developing a framework for prioritizing infrastructure improvements on critical freight corridors; Project B : developing a market based framework for freight infrastructure management.

DOT National Transportation Integrated Search

2012-12-01

Fully operational highways are necessary for efficient freight movements by the trucking industry. Yet, the combination of limited funding and aging infrastructure creates a grim scenario for states, which are dependent upon the economic benefits of ...

Robustness and fragility in coupled oscillator networks under targeted attacks.

PubMed

Yuan, Tianyu; Aihara, Kazuyuki; Tanaka, Gouhei

2017-01-01

The dynamical tolerance of coupled oscillator networks against local failures is studied. As the fraction of failed oscillator nodes gradually increases, the mean oscillation amplitude in the entire network decreases and then suddenly vanishes at a critical fraction as a phase transition. This critical fraction, widely used as a measure of the network robustness, was analytically derived for random failures but not for targeted attacks so far. Here we derive the general formula for the critical fraction, which can be applied to both random failures and targeted attacks. We consider the effects of targeting oscillator nodes based on their degrees. First we deal with coupled identical oscillators with homogeneous edge weights. Then our theory is applied to networks with heterogeneous edge weights and to those with nonidentical oscillators. The analytical results are validated by numerical experiments. Our results reveal the key factors governing the robustness and fragility of oscillator networks.

Assessing the vulnerability of infrastructure to climate change on the Islands of Samoa

NASA Astrophysics Data System (ADS)

Fakhruddin, S. H. M.

2015-03-01

Pacific Islanders have been exposed to risks associated with climate change. Samoa as one of the Pacific Islands are prone to climatic hazards that will likely increase in coming decades, affecting coastal communities and infrastructure around the islands. Climate models do not predict a reduction of such disaster events in the future in Samoa; indeed, most predict an increase in such events. This paper identifies key infrastructure and their functions and status in order to provide an overall picture of relative vulnerability to climate-related stresses of such infrastructure on the island. By reviewing existing reports as well as holding a series of consultation meetings, a list of critical infrastructures were developed and shared with stakeholders for their consideration. An indicator-based vulnerability model (SIVM) was developed in collaboration with stakeholders to assess the vulnerability of selected infrastructure systems on the Samoan Islands. Damage costs were extracted from the Evan cyclone recovery needs document. On the other hand, criticality and capacity to repair data were collected from stakeholders. Having stakeholder perspectives on these two issues was important because (a) criticality of a given infrastructure could be viewed differently among different stakeholders, and (b) stakeholders were the best available source (in this study) to estimate the capacity to repair non-physical damage to such infrastructure. Analysis of the results suggested rankings from most vulnerable to least vulnerable sectors are the transportation sector, the power sector, the water supply sector and the sewerage system.

Assessing the vulnerability of infrastructure to climate change on the Islands of Samoa

NASA Astrophysics Data System (ADS)

Fakhruddin, S. H. M.; Babel, M. S.; Kawasaki, A.

2015-06-01

Pacific Islanders have been exposed to risks associated with climate change. Samoa, as one of the Pacific Islands, is prone to climatic hazards that will likely increase in the coming decades, affecting coastal communities and infrastructure around the islands. Climate models do not predict a reduction of such disaster events in the future in Samoa; indeed, most predict an increase. This paper identifies key infrastructure and their functions and status in order to provide an overall picture of relative vulnerability to climate-related stresses of such infrastructure on the island. By reviewing existing reports as well as holding a series of consultation meetings, a list of critical infrastructure was developed and shared with stakeholders for their consideration. An indicator-based vulnerability model (SIVM) was developed in collaboration with stakeholders to assess the vulnerability of selected infrastructure systems on the Samoan Islands. Damage costs were extracted from the Cyclone Evan recovery needs document. Additionally, data on criticality and capacity to repair damage were collected from stakeholders. Having stakeholder perspectives on these two issues was important because (a) criticality of a given infrastructure could be viewed differently among different stakeholders, and (b) stakeholders were the best available source (in this study) to estimate the capacity to repair non-physical damage to such infrastructure. Analysis of the results suggested a ranking of sectors from the most vulnerable to least vulnerable are: the transportation sector, the power sector, the water supply sector and the sewerage system.

A novel critical infrastructure resilience assessment approach using dynamic Bayesian networks

NASA Astrophysics Data System (ADS)

Cai, Baoping; Xie, Min; Liu, Yonghong; Liu, Yiliu; Ji, Renjie; Feng, Qiang

2017-10-01

The word resilience originally originates from the Latin word "resiliere", which means to "bounce back". The concept has been used in various fields, such as ecology, economics, psychology, and society, with different definitions. In the field of critical infrastructure, although some resilience metrics are proposed, they are totally different from each other, which are determined by the performances of the objects of evaluation. Here we bridge the gap by developing a universal critical infrastructure resilience metric from the perspective of reliability engineering. A dynamic Bayesian networks-based assessment approach is proposed to calculate the resilience value. A series, parallel and voting system is used to demonstrate the application of the developed resilience metric and assessment approach.

802.11 Wireless Infrastructure To Enhance Medical Response to Disasters

PubMed Central

Arisoylu, Mustafa; Mishra, Rajesh; Rao, Ramesh; Lenert, Leslie A.

2005-01-01

802.11 (WiFi) is a well established network communications protocol that has wide applicability in civil infrastructure. This paper describes research that explores the design of 802.11 networks enhanced to support data communications in disaster environments. The focus of these efforts is to create network infrastructure to support operations by Metropolitan Medical Response System (MMRS) units and Federally-sponsored regional teams that respond to mass casualty events caused by a terrorist attack with chemical, biological, nuclear or radiological weapons or by a hazardous materials spill. In this paper, we describe an advanced WiFi-based network architecture designed to meet the needs of MMRS operations. This architecture combines a Wireless Distribution Systems for peer-to-peer multihop connectivity between access points with flexible and shared access to multiple cellular backhauls for robust connectivity to the Internet. The architecture offers a high bandwidth data communications infrastructure that can penetrate into buildings and structures while also supporting commercial off-the-shelf end-user equipment such as PDAs. It is self-configuring and is self-healing in the event of a loss of a portion of the infrastructure. Testing of prototype units is ongoing. PMID:16778990

Protecting water and wastewater infrastructure from cyber attacks

NASA Astrophysics Data System (ADS)

Panguluri, Srinivas; Phillips, William; Cusimano, John

2011-12-01

Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor's approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security.

Attenuation of Storm Surge Flooding By Wetlands in the Chesapeake Bay: An Integrated Geospatial Framework Evaluating Impacts to Critical Infrastructure

NASA Astrophysics Data System (ADS)

Khalid, A.; Haddad, J.; Lawler, S.; Ferreira, C.

2014-12-01

Areas along the Chesapeake Bay and its tributaries are extremely vulnerable to hurricane flooding, as evidenced by the costly effects and severe impacts of recent storms along the Virginia coast, such as Hurricane Isabel in 2003 and Hurricane Sandy in 2012. Coastal wetlands, in addition to their ecological importance, are expected to mitigate the impact of storm surge by acting as a natural protection against hurricane flooding. Quantifying such interactions helps to provide a sound scientific basis to support planning and decision making. Using storm surge flooding from various historical hurricanes, simulated using a coupled hydrodynamic wave model (ADCIRC-SWAN), we propose an integrated framework yielding a geospatial identification of the capacity of Chesapeake Bay wetlands to protect critical infrastructure. Spatial identification of Chesapeake Bay wetlands is derived from the National Wetlands Inventory (NWI), National Land Cover Database (NLCD), and the Coastal Change Analysis Program (C-CAP). Inventories of population and critical infrastructure are extracted from US Census block data and FEMA's HAZUS-Multi Hazard geodatabase. Geospatial and statistical analyses are carried out to develop a relationship between wetland land cover, hurricane flooding, population and infrastructure vulnerability. These analyses result in the identification and quantification of populations and infrastructure in flooded areas that lie within a reasonable buffer surrounding the identified wetlands. Our analysis thus produces a spatial perspective on the potential for wetlands to attenuate hurricane flood impacts in critical areas. Statistical analysis will support hypothesis testing to evaluate the benefits of wetlands from a flooding and storm-surge attenuation perspective. Results from geospatial analysis are used to identify where interactions with critical infrastructure are relevant in the Chesapeake Bay.

The Legal Limitations on Defending the National Information Infrastructure Against a Cyber Attack

DTIC Science & Technology

1999-05-27

has a wider significance .... Kelsen has asserted that ’use of force’ in Article 2, paragraph 4, of the Charter includes both the use of arms and a...or United Nations practice that it bears the meaning suggested by Kelsen . Indeed, in view of the predominant view of aggression and the use of force

Blue Horizons IV: Deterrence in the Age of Surprise

DTIC Science & Technology

2014-01-01

technologies. It posits that the result of rapid advances in nanotechnology, biotechnology , directed energy, space, computers and communications...nanotechnology, and biotechnology . Each of these poses the risk of catastrophic attack to the United States, its citizens, and its infrastructure. Deterring...of advanced and potentially dangerous technologies. It posits that the result of rapid advances in nanotechnology, biotechnology , directed energy

Deception Using an SSH Honeypot

DTIC Science & Technology

2017-09-01

the device itself but also the device’s cloud and mobile infrastructure. This increase in unsecured devices connected to the Internet presents...have SSH enabled on their systems without knowledge that this service is running. Computer -security professionals use several techniques to gain...early 2000s. Honeypots are decoy computer systems intended for no other purpose than to collect data on attackers. They gather information about

Evaluating Aircrew and Maintainer Warfighter Performance in Aeronautical Systems using Mission-Oriented Measures of Effectiveness

DTIC Science & Technology

2001-02-01

ECM Electronic Countermeasures EEG Electroencephalograph EKG Electrocardiogram EPA Extended Planning Annex EPF Equipment Performance Factor...related physiological measures Changes in the brain/neural system caused by workload. Rehmann, 1995, p. 12 M 8.2.16 Electroencephalograph ( EEG ...architecture TMD Operational Objectives: Destroy Theater Missiles ( TM ) and their infrastructure as far forward as possible (Attack Operations

Applications for Navy Unmanned Aircraft Systems

DTIC Science & Technology

2010-01-01

ABUSE TERRORISM AND HOMELAND SECURITY TRANSPORTATION AND INFRASTRUCTURE WORKFORCE AND WORKPLACE The RAND Corporation is a nonprofit institution that... comunication intelligence (COMINT) collection, and airborne electronic attack applications. If the UCAS-D program is successful in addressing many of the...SATCOM availability to global war on terrorism and major combat operations in regions where SATCOM is denied by noise jamming or kinetic threats. As

Analyzing Cyber-Physical Threats on Robotic Platforms.

PubMed

Ahmad Yousef, Khalil M; AlMajali, Anas; Ghalyon, Salah Abu; Dweik, Waleed; Mohd, Bassam J

2018-05-21

Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBot TM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications.

Analyzing Cyber-Physical Threats on Robotic Platforms †

PubMed Central

2018-01-01

Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBotTM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications. PMID:29883403

49 CFR 1520.9 - Restrictions on the disclosure of SSI.

Code of Federal Regulations, 2011 CFR

2011-10-01

... inform TSA or the applicable DOT or DHS component or agency. (d) Additional Requirements for Critical Infrastructure Information. In the case of information that is both SSI and has been designated as critical infrastructure information under section 214 of the Homeland Security Act, any covered person who is a Federal...

49 CFR 1520.9 - Restrictions on the disclosure of SSI.

Code of Federal Regulations, 2013 CFR

2013-10-01

... inform TSA or the applicable DOT or DHS component or agency. (d) Additional Requirements for Critical Infrastructure Information. In the case of information that is both SSI and has been designated as critical infrastructure information under section 214 of the Homeland Security Act, any covered person who is a Federal...

49 CFR 1520.9 - Restrictions on the disclosure of SSI.

Code of Federal Regulations, 2014 CFR

2014-10-01

... inform TSA or the applicable DOT or DHS component or agency. (d) Additional Requirements for Critical Infrastructure Information. In the case of information that is both SSI and has been designated as critical infrastructure information under section 214 of the Homeland Security Act, any covered person who is a Federal...

49 CFR 1520.9 - Restrictions on the disclosure of SSI.

Code of Federal Regulations, 2012 CFR

2012-10-01

... inform TSA or the applicable DOT or DHS component or agency. (d) Additional Requirements for Critical Infrastructure Information. In the case of information that is both SSI and has been designated as critical infrastructure information under section 214 of the Homeland Security Act, any covered person who is a Federal...

How Critical Is Critical Infrastructure?

DTIC Science & Technology

2015-09-01

electrical power, telecommunications, transportation, petroleum liquid , or natural gas as shown in Figure 34 from the National Infrastructure Protection...Natural Gas Segment  Food and Agriculture Sector  Government facilities Sector  Healthcare and Public Health Sector  Information Technology...514 religious meeting places, 127 gas 69 “Current United States GDP,” 2015, http

Eco-logical : an ecosystem approach to developing transportation infrastructure projects in a changing environment

DOT National Transportation Integrated Search

2009-09-13

The development of infrastructure facilities can negatively impact critical habitat and essential ecosystems. There are a variety of techniques available to avoid, minimize, and mitigate negative impacts of existing infrastructure as well as future i...

77 FR 72673 - Critical Infrastructure Protection and Resilience Month, 2012

Federal Register 2010, 2011, 2012, 2013, 2014

2012-12-05

.... Cyber incidents can have devastating consequences on both physical and virtual infrastructure, which is... work within existing authorities to fortify our country against cyber risks, comprehensive legislation remains essential to improving infrastructure security, enhancing cyber information sharing between...

Enhancing infrastructure resilience through business continuity planning.

PubMed

Fisher, Ronald; Norman, Michael; Klett, Mary

2017-01-01

Critical infrastructure is crucial to the functionality and wellbeing of the world around us. It is a complex network that works together to create an efficient society. The core components of critical infrastructure are dependent on one another to function at their full potential. Organisations face unprecedented environmental risks such as increased reliance on information technology and telecommunications, increased infrastructure interdependencies and globalisation. Successful organisations should integrate the components of cyber-physical and infrastructure interdependencies into a holistic risk framework. Physical security plans, cyber security plans and business continuity plans can help mitigate environmental risks. Cyber security plans are becoming the most crucial to have, yet are the least commonly found in organisations. As the reliance on cyber continues to grow, it is imperative that organisations update their business continuity and emergency preparedness activities to include this.

Intrusion detection system using Online Sequence Extreme Learning Machine (OS-ELM) in advanced metering infrastructure of smart grid.

PubMed

Li, Yuancheng; Qiu, Rixuan; Jing, Sitong

2018-01-01

Advanced Metering Infrastructure (AMI) realizes a two-way communication of electricity data through by interconnecting with a computer network as the core component of the smart grid. Meanwhile, it brings many new security threats and the traditional intrusion detection method can't satisfy the security requirements of AMI. In this paper, an intrusion detection system based on Online Sequence Extreme Learning Machine (OS-ELM) is established, which is used to detecting the attack in AMI and carrying out the comparative analysis with other algorithms. Simulation results show that, compared with other intrusion detection methods, intrusion detection method based on OS-ELM is more superior in detection speed and accuracy.

Risk and Ethical Concerns of Hunting Male Elephant: Behavioural and Physiological Assays of the Remaining Elephants

PubMed Central

Burke, Tarryne; Page, Bruce; Van Dyk, Gus; Millspaugh, Josh; Slotow, Rob

2008-01-01

Background Hunting of male African elephants may pose ethical and risk concerns, particularly given their status as a charismatic species of high touristic value, yet which are capable of both killing people and damaging infrastructure. Methodology/Principal Findings We quantified the effect of hunts of male elephants on (1) risk of attack or damage (11 hunts), and (2) behavioural (movement dynamics) and physiological (stress hormone metabolite concentrations) responses (4 hunts) in Pilanesberg National Park. For eleven hunts, there were no subsequent attacks on people or infrastructure, and elephants did not break out of the fenced reserve. For three focal hunts, there was an initial flight response by bulls present at the hunting site, but their movements stabilised the day after the hunt event. Animals not present at the hunt (both bulls and herds) did not show movement responses. Physiologically, hunting elephant bulls increased faecal stress hormone levels (corticosterone metabolites) in both those bulls that were present at the hunts (for up to four days post-hunt) and in the broader bull and breeding herd population (for up to one month post-hunt). Conclusions/Significance As all responses were relatively minor, hunting male elephants is ethically acceptable when considering effects on the remaining elephant population; however bulls should be hunted when alone. Hunting is feasible in relatively small enclosed reserves without major risk of attack, damage, or breakout. Physiological stress assays were more effective than behavioural responses in detecting effects of human intervention. Similar studies should evaluate intervention consequences, inform and improve best practice, and should be widely applied by management agencies. PMID:18560517

Technologies for Protection and Resistance Enhancement of Critical Infrastructures againstExtreme Fire

DTIC Science & Technology

2014-05-01

in Right of Canada, as represented by the Minister of National Defence, 2014 © Sa Majesté la Reine (en droit du Canada), telle que représentée par le ...extreme fire protection of critical infrastructures. Résumé …..... Le présent rapport fournit de l’information qui pourrait aider à élaborer des...démarches nationales pour une atténuation du risque émergeant des conditions d’incendie extrêmes pour les infrastructures essentielles (IE). Les résultats

Using a Prediction Model to Manage Cyber Security Threats.

PubMed

Jaganathan, Venkatesh; Cherurveettil, Priyesh; Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization.

Using a Prediction Model to Manage Cyber Security Threats

PubMed Central

Muthu Sivashanmugam, Premapriya

2015-01-01

Cyber-attacks are an important issue faced by all organizations. Securing information systems is critical. Organizations should be able to understand the ecosystem and predict attacks. Predicting attacks quantitatively should be part of risk management. The cost impact due to worms, viruses, or other malicious software is significant. This paper proposes a mathematical model to predict the impact of an attack based on significant factors that influence cyber security. This model also considers the environmental information required. It is generalized and can be customized to the needs of the individual organization. PMID:26065024

Integrating Cost Engineering and Project Management in a Junior Engineering Economics Course and a Senior Capstone Project Design Course

ERIC Educational Resources Information Center

Tickles, Virginia C.; Li, Yadong; Walters, Wilbur L.

2013-01-01

Much criticism exists concerning a lack of focus on real-world problem-solving in the science, technology, engineering and mathematics (STEM) infrastructures. Many of these critics say that current educational infrastructures are incapable in preparing future scientists and engineers to solve the complex and multidisciplinary problems this society…

Aging Water Infrastructure Research Program Innovation & Research for the 21st Century

EPA Science Inventory

The U.S. infrastructure is critical for providing essential services: protect public health and the environment and support and sustain our economy. Significant investment in water infrastructure: over 16,000 WWTPs serving 190 million people; about 54,000 community water syste...

78 FR 29375 - Protected Critical Infrastructure Information (PCII) Office Self-Assessment Questionnaire

Federal Register 2010, 2011, 2012, 2013, 2014

2013-05-20

...), Office of Infrastructure Protection (IP), Infrastructure Information Collection Division (IICD... Forrest DHS/NPPD/IP/PCII, [email protected] . SUPPLEMENTARY INFORMATION: The PCII Program was... administered by DHS/ NPPD/IP/IICD. The PCII Program is responsible for ensuring compliance with the Regulation...

76 FR 17935 - Protected Critical Infrastructure Information (PCII) Stakeholder Survey

Federal Register 2010, 2011, 2012, 2013, 2014

2011-03-31

... Infrastructure Protection (IP) will submit the following Information Collection Request to the Office of... questions about this Information Collection Request should be forwarded to DHS/NPPD/IP, Attn: Emily R... PCII Program is administered by IP's Infrastructure Information Collection Division (IICD). The PCII...

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2014 CFR

2014-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2012 CFR

2012-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2011 CFR

2011-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

49 CFR 1520.5 - Sensitive security information.

Code of Federal Regulations, 2013 CFR

2013-10-01

..., including threats against cyber infrastructure. (8) Security measures. Specific details of aviation...) Critical aviation, maritime, or rail infrastructure asset information. Any list identifying systems or...

Data to DecisionsTerminate, Tolerate, Transfer, or Treat

DTIC Science & Technology

2016-07-25

and patching, a risk-based cyber - security decision model that enables a pre- dictive capability to respond to impending cyber -attacks is needed...States. This sensitive data includes business proprietary information on key programs of record and infrastructure, including government documents at...leverage nationally. The Institute for Defense Analyses (IDA) assisted the DoD CIO in formalizing a proof of concept for cyber initiatives and

Cyberspace and Posse Comitatus: Legal Implications of a Borderless Domain

DTIC Science & Technology

2010-03-01

technology infrastructures, including the Internet , telecommunications networks, computer systems, and embedded processors and controllers.” 9 This...the people, and stopped just short of shutting down economic markets . 2 Though never admitted, all indications point to a coordinated attack from...control orders transit many of the same, generally commercially-owned, routers, switches, computers, and wires, each with the goal of passing information

Active Computer Network Defense: An Assessment

DTIC Science & Technology

2001-04-01

sufficient base of knowledge in information technology can be assumed to be working on some form of computer network warfare, even if only defensive in...the Defense Information Infrastructure (DII) to attack. Transmission Control Protocol/ Internet Protocol (TCP/IP) networks are inherently resistant to...aims to create this part of information superiority, and computer network defense is one of its fundamental components. Most of these efforts center

Engaging Cyber Communities

DTIC Science & Technology

2010-04-01

technology centric operations such as computer network attack and computer network defense. 3 This leads to the question of whether the US military is... information and infrastructure. For the purpose of military operations, CNO are divided into CNA, CND, and computer network exploitation (CNE) enabling...of a CNA if they take undesirable action,” 21 and from a defensive stance in CND, “providing information about non-military threat to computers in

The physical basis of explosion and blast injury processes.

PubMed

Proud, W G

2013-03-01

Energetic materials are widely used in civilian and military applications, such as quarrying and mining, flares, and in munitions. Recent conflicts have involved the widespread use of improvised explosive devices to attack military, civilians and infrastructure. This article gives a basic overview of explosive technology and the underlying physical processes that produce the injuries encountered. In particular aspects relevant to primary and secondary injuries are discussed.

Terrorism Risk Modeling for Intelligence Analysis and Infrastructure Protection

DTIC Science & Technology

2007-01-01

comparatively high risk of CBRN attacks. Estimates of sabotage risk are highly dependent on proximity of nuclear power plants , chemical plants , or oil...and casinos, airports, nuclear power plants 3 Military, train and subway stations, stadiums, bridges and tunnels 4 Industrial facilities, oil and...airspace zones 8 Power plants , dams, railway networks levels. Collecting and incorporating such data for specific localities or industry sectors would

The Long March. Building an Afghan National Army

DTIC Science & Technology

2009-01-01

UNDP, 2007). Illiteracy and gender discrimination remain widespread. Additionally, 2006 witnessed a significant rise in terror- ist attacks and a 59...TERRORISM AND HOMELAND SECURITY TRANSPORTATION AND INFRASTRUCTURE WORKFORCE AND WORKPLACE The RAND Corporation is a nonprofit research organization...ANA) is seen as a sine qua non for security in Afghanistan. The recent resurgence of the Taliban, operating out of bases in Pakistan and parts of

A comprehensive Network Security Risk Model for process control networks.

PubMed

Henry, Matthew H; Haimes, Yacov Y

2009-02-01

The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

Fast Fragmentation of Networks Using Module-Based Attacks

PubMed Central

Requião da Cunha, Bruno; González-Avella, Juan Carlos; Gonçalves, Sebastián

2015-01-01

In the multidisciplinary field of Network Science, optimization of procedures for efficiently breaking complex networks is attracting much attention from a practical point of view. In this contribution, we present a module-based method to efficiently fragment complex networks. The procedure firstly identifies topological communities through which the network can be represented using a well established heuristic algorithm of community finding. Then only the nodes that participate of inter-community links are removed in descending order of their betweenness centrality. We illustrate the method by applying it to a variety of examples in the social, infrastructure, and biological fields. It is shown that the module-based approach always outperforms targeted attacks to vertices based on node degree or betweenness centrality rankings, with gains in efficiency strongly related to the modularity of the network. Remarkably, in the US power grid case, by deleting 3% of the nodes, the proposed method breaks the original network in fragments which are twenty times smaller in size than the fragments left by betweenness-based attack. PMID:26569610

An Adaptive Reputation-Based Algorithm for Grid Virtual Organization Formation

NASA Astrophysics Data System (ADS)

Cui, Yongrui; Li, Mingchu; Ren, Yizhi; Sakurai, Kouichi

A novel adaptive reputation-based virtual organization formation is proposed. It restrains the bad performers effectively based on the consideration of the global experience of the evaluator and evaluates the direct trust relation between two grid nodes accurately by consulting the previous trust value rationally. It also consults and improves the reputation evaluation process in PathTrust model by taking account of the inter-organizational trust relationship and combines it with direct and recommended trust in a weighted way, which makes the algorithm more robust against collusion attacks. Additionally, the proposed algorithm considers the perspective of the VO creator and takes required VO services as one of the most important fine-grained evaluation criterion, which makes the algorithm more suitable for constructing VOs in grid environments that include autonomous organizations. Simulation results show that our algorithm restrains the bad performers and resists against fake transaction attacks and badmouth attacks effectively. It provides a clear advantage in the design of a VO infrastructure.

On defense strategies for system of systems using aggregated correlations

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rao, Nageswara S.; Imam, Neena; Ma, Chris Y. T.

2017-04-01

We consider a System of Systems (SoS) wherein each system Si, i = 1; 2; ... ;N, is composed of discrete cyber and physical components which can be attacked and reinforced. We characterize the disruptions using aggregate failure correlation functions given by the conditional failure probability of SoS given the failure of an individual system. We formulate the problem of ensuring the survival of SoS as a game between an attacker and a provider, each with a utility function composed of asurvival probability term and a cost term, both expressed in terms of the number of components attacked and reinforced.more » The survival probabilities of systems satisfy simple product-form, first-order differential conditions, which simplify the Nash Equilibrium (NE) conditions. We derive the sensitivity functions that highlight the dependence of SoS survival probability at NE on cost terms, correlation functions, and individual system survival probabilities.We apply these results to a simplified model of distributed cloud computing infrastructure.« less

Distributed denial of service (DDoS) attack in cloud- assisted wireless body area networks: a systematic literature review.

PubMed

Latif, Rabia; Abbas, Haider; Assar, Saïd

2014-11-01

Wireless Body Area Networks (WBANs) have emerged as a promising technology that has shown enormous potential in improving the quality of healthcare, and has thus found a broad range of medical applications from ubiquitous health monitoring to emergency medical response systems. The huge amount of highly sensitive data collected and generated by WBAN nodes requires an ascendable and secure storage and processing infrastructure. Given the limited resources of WBAN nodes for storage and processing, the integration of WBANs and cloud computing may provide a powerful solution. However, despite the benefits of cloud-assisted WBAN, several security issues and challenges remain. Among these, data availability is the most nagging security issue. The most serious threat to data availability is a distributed denial of service (DDoS) attack that directly affects the all-time availability of a patient's data. The existing solutions for standalone WBANs and sensor networks are not applicable in the cloud. The purpose of this review paper is to identify the most threatening types of DDoS attacks affecting the availability of a cloud-assisted WBAN and review the state-of-the-art detection mechanisms for the identified DDoS attacks.

Network traffic anomaly prediction using Artificial Neural Network

NASA Astrophysics Data System (ADS)

Ciptaningtyas, Hening Titi; Fatichah, Chastine; Sabila, Altea

2017-03-01

As the excessive increase of internet usage, the malicious software (malware) has also increase significantly. Malware is software developed by hacker for illegal purpose(s), such as stealing data and identity, causing computer damage, or denying service to other user[1]. Malware which attack computer or server often triggers network traffic anomaly phenomena. Based on Sophos's report[2], Indonesia is the riskiest country of malware attack and it also has high network traffic anomaly. This research uses Artificial Neural Network (ANN) to predict network traffic anomaly based on malware attack in Indonesia which is recorded by Id-SIRTII/CC (Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center). The case study is the highest malware attack (SQL injection) which has happened in three consecutive years: 2012, 2013, and 2014[4]. The data series is preprocessed first, then the network traffic anomaly is predicted using Artificial Neural Network and using two weight update algorithms: Gradient Descent and Momentum. Error of prediction is calculated using Mean Squared Error (MSE) [7]. The experimental result shows that MSE for SQL Injection is 0.03856. So, this approach can be used to predict network traffic anomaly.

Transforming Our Cities: High-Performance Green Infrastructure (WERF Report INFR1R11)

EPA Science Inventory

The objective of this project is to demonstrate that the highly distributed real-time control (DRTC) technologies for green infrastructure being developed by the research team can play a critical role in transforming our nation’s urban infrastructure. These technologies include a...

DOE Office of Scientific and Technical Information (OSTI.GOV)

Eltoweissy, Mohamed Y.; Du, David H.C.; Gerla, Mario

Mission-Critical Networking (MCN) refers to networking for application domains where life or livelihood may be at risk. Typical application domains for MCN include critical infrastructure protection and operation, emergency and crisis intervention, healthcare services, and military operations. Such networking is essential for safety, security and economic vitality in our complex world characterized by uncertainty, heterogeneity, emergent behaviors, and the need for reliable and timely response. MCN comprise networking technology, infrastructures and services that may alleviate the risk and directly enable and enhance connectivity for mission-critical information exchange among diverse, widely dispersed, mobile users.

MISSION: Mission and Safety Critical Support Environment. Executive overview

NASA Technical Reports Server (NTRS)

Mckay, Charles; Atkinson, Colin

1992-01-01

For mission and safety critical systems it is necessary to: improve definition, evolution and sustenance techniques; lower development and maintenance costs; support safe, timely and affordable system modifications; and support fault tolerance and survivability. The goal of the MISSION project is to lay the foundation for a new generation of integrated systems software providing a unified infrastructure for mission and safety critical applications and systems. This will involve the definition of a common, modular target architecture and a supporting infrastructure.

Fully integrated automated security surveillance system: managing a changing world through managed technology and product applications

NASA Astrophysics Data System (ADS)

Francisco, Glen; Brown, Todd

2012-06-01

Integrated security systems are essential to pre-empting criminal assaults. Nearly 500,000 sites have been identified (source: US DHS) as critical infrastructure sites that would suffer severe damage if a security breach should occur. One major breach in any of 123 U.S. facilities, identified as "most critical", threatens more than 1,000,000 people. The vulnerabilities of critical infrastructure are expected to continue and even heighten over the coming years.

Modeling the resilience of critical infrastructure: the role of network dependencies.

PubMed

Guidotti, Roberto; Chmielewski, Hana; Unnikrishnan, Vipin; Gardoni, Paolo; McAllister, Therese; van de Lindt, John

2016-01-01

Water and wastewater network, electric power network, transportation network, communication network, and information technology network are among the critical infrastructure in our communities; their disruption during and after hazard events greatly affects communities' well-being, economic security, social welfare, and public health. In addition, a disruption in one network may cause disruption to other networks and lead to their reduced functionality. This paper presents a unified theoretical methodology for the modeling of dependent/interdependent infrastructure networks and incorporates it in a six-step probabilistic procedure to assess their resilience. Both the methodology and the procedure are general, can be applied to any infrastructure network and hazard, and can model different types of dependencies between networks. As an illustration, the paper models the direct effects of seismic events on the functionality of a potable water distribution network and the cascading effects of the damage of the electric power network (EPN) on the potable water distribution network (WN). The results quantify the loss of functionality and delay in the recovery process due to dependency of the WN on the EPN. The results show the importance of capturing the dependency between networks in modeling the resilience of critical infrastructure.

Modeling the resilience of critical infrastructure: the role of network dependencies

PubMed Central

Guidotti, Roberto; Chmielewski, Hana; Unnikrishnan, Vipin; Gardoni, Paolo; McAllister, Therese; van de Lindt, John

2017-01-01

Water and wastewater network, electric power network, transportation network, communication network, and information technology network are among the critical infrastructure in our communities; their disruption during and after hazard events greatly affects communities’ well-being, economic security, social welfare, and public health. In addition, a disruption in one network may cause disruption to other networks and lead to their reduced functionality. This paper presents a unified theoretical methodology for the modeling of dependent/interdependent infrastructure networks and incorporates it in a six-step probabilistic procedure to assess their resilience. Both the methodology and the procedure are general, can be applied to any infrastructure network and hazard, and can model different types of dependencies between networks. As an illustration, the paper models the direct effects of seismic events on the functionality of a potable water distribution network and the cascading effects of the damage of the electric power network (EPN) on the potable water distribution network (WN). The results quantify the loss of functionality and delay in the recovery process due to dependency of the WN on the EPN. The results show the importance of capturing the dependency between networks in modeling the resilience of critical infrastructure. PMID:28825037

Employing Replay Connectors for SIEM Operator Education

DTIC Science & Technology

2013-09-01

BLANK xiii LIST OF ACRONYMS AND ABBREVIATIONS CORR Correlation Optimized Retention and Retrieval CII Critical Information Infrastructure GLBA...vast distances is now quicker and easier with the advancement in mobile computing devices and more ubiquitous connectivity and bandwidth. As a result...breakdown of the Critical Information Infrastructure (CII) is one of the core risks facing the international economy. The World Economic Forum

DETECTION OF TOXICANT(S) ON BUILDING SURFACES FOLLOWING CHEMICAL ATTACK

EPA Science Inventory

A critical step prior to reoccupation of any facility following a chemical attack is monitoring for toxic compounds on surfaces within that facility. Low level detection of toxicant(s) is necessary to ensure that these compounds have been eliminated after building decontaminatio...

DETECTION OF TOXICANTS ON BUILDING SURFACES FOLLOWING CHEMICAL ATTACK

EPA Science Inventory

A critical step prior to reoccupation of any facility following a chemical attack will be the monitoring of toxic compounds on surfaces within that facility. Low level detection of toxicant(s) is necessary to ensure that these compounds have been eliminated after decontamination...

Robustness and structure of complex networks

NASA Astrophysics Data System (ADS)

Shao, Shuai

This dissertation covers the two major parts of my PhD research on statistical physics and complex networks: i) modeling a new type of attack -- localized attack, and investigating robustness of complex networks under this type of attack; ii) discovering the clustering structure in complex networks and its influence on the robustness of coupled networks. Complex networks appear in every aspect of our daily life and are widely studied in Physics, Mathematics, Biology, and Computer Science. One important property of complex networks is their robustness under attacks, which depends crucially on the nature of attacks and the structure of the networks themselves. Previous studies have focused on two types of attack: random attack and targeted attack, which, however, are insufficient to describe many real-world damages. Here we propose a new type of attack -- localized attack, and study the robustness of complex networks under this type of attack, both analytically and via simulation. On the other hand, we also study the clustering structure in the network, and its influence on the robustness of a complex network system. In the first part, we propose a theoretical framework to study the robustness of complex networks under localized attack based on percolation theory and generating function method. We investigate the percolation properties, including the critical threshold of the phase transition pc and the size of the giant component Pinfinity. We compare localized attack with random attack and find that while random regular (RR) networks are more robust against localized attack, Erdoḧs-Renyi (ER) networks are equally robust under both types of attacks. As for scale-free (SF) networks, their robustness depends crucially on the degree exponent lambda. The simulation results show perfect agreement with theoretical predictions. We also test our model on two real-world networks: a peer-to-peer computer network and an airline network, and find that the real-world networks are much more vulnerable to localized attack compared with random attack. In the second part, we extend the tree-like generating function method to incorporating clustering structure in complex networks. We study the robustness of a complex network system, especially a network of networks (NON) with clustering structure in each network. We find that the system becomes less robust as we increase the clustering coefficient of each network. For a partially dependent network system, we also find that the influence of the clustering coefficient on network robustness decreases as we decrease the coupling strength, and the critical coupling strength qc, at which the first-order phase transition changes to second-order, increases as we increase the clustering coefficient.

77 FR 68795 - Protected Critical Infrastructure Information (PCII) Office Self-Assessment Questionnaire

Federal Register 2010, 2011, 2012, 2013, 2014

2012-11-16

...), Office of Infrastructure Protection (IP), Infrastructure Information Collection Division (IICD... forwarded to DHS/NPPD/IP/IICD, 245 Murray Lane, SW., Mail Stop 0602, Arlington,VA 20598-0602. Emailed.../IP PCII Program to assess state and local programs, their compliance with PCII rules and requirements...

Cost-effectiveness comparison of response strategies to a large-scale anthrax attack on the chicago metropolitan area: impact of timing and surge capacity.

PubMed

Kyriacou, Demetrios N; Dobrez, Debra; Parada, Jorge P; Steinberg, Justin M; Kahn, Adam; Bennett, Charles L; Schmitt, Brian P

2012-09-01

Rapid public health response to a large-scale anthrax attack would reduce overall morbidity and mortality. However, there is uncertainty about the optimal cost-effective response strategy based on timing of intervention, public health resources, and critical care facilities. We conducted a decision analytic study to compare response strategies to a theoretical large-scale anthrax attack on the Chicago metropolitan area beginning either Day 2 or Day 5 after the attack. These strategies correspond to the policy options set forth by the Anthrax Modeling Working Group for population-wide responses to a large-scale anthrax attack: (1) postattack antibiotic prophylaxis, (2) postattack antibiotic prophylaxis and vaccination, (3) preattack vaccination with postattack antibiotic prophylaxis, and (4) preattack vaccination with postattack antibiotic prophylaxis and vaccination. Outcomes were measured in costs, lives saved, quality-adjusted life-years (QALYs), and incremental cost-effectiveness ratios (ICERs). We estimated that postattack antibiotic prophylaxis of all 1,390,000 anthrax-exposed people beginning on Day 2 after attack would result in 205,835 infected victims, 35,049 fulminant victims, and 28,612 deaths. Only 6,437 (18.5%) of the fulminant victims could be saved with the existing critical care facilities in the Chicago metropolitan area. Mortality would increase to 69,136 if the response strategy began on Day 5. Including postattack vaccination with antibiotic prophylaxis of all exposed people reduces mortality and is cost-effective for both Day 2 (ICER=$182/QALY) and Day 5 (ICER=$1,088/QALY) response strategies. Increasing ICU bed availability significantly reduces mortality for all response strategies. We conclude that postattack antibiotic prophylaxis and vaccination of all exposed people is the optimal cost-effective response strategy for a large-scale anthrax attack. Our findings support the US government's plan to provide antibiotic prophylaxis and vaccination for all exposed people within 48 hours of the recognition of a large-scale anthrax attack. Future policies should consider expanding critical care capacity to allow for the rescue of more victims.

Cost-Effectiveness Comparison of Response Strategies to a Large-Scale Anthrax Attack on the Chicago Metropolitan Area: Impact of Timing and Surge Capacity

PubMed Central

Dobrez, Debra; Parada, Jorge P.; Steinberg, Justin M.; Kahn, Adam; Bennett, Charles L.; Schmitt, Brian P.

2012-01-01

Rapid public health response to a large-scale anthrax attack would reduce overall morbidity and mortality. However, there is uncertainty about the optimal cost-effective response strategy based on timing of intervention, public health resources, and critical care facilities. We conducted a decision analytic study to compare response strategies to a theoretical large-scale anthrax attack on the Chicago metropolitan area beginning either Day 2 or Day 5 after the attack. These strategies correspond to the policy options set forth by the Anthrax Modeling Working Group for population-wide responses to a large-scale anthrax attack: (1) postattack antibiotic prophylaxis, (2) postattack antibiotic prophylaxis and vaccination, (3) preattack vaccination with postattack antibiotic prophylaxis, and (4) preattack vaccination with postattack antibiotic prophylaxis and vaccination. Outcomes were measured in costs, lives saved, quality-adjusted life-years (QALYs), and incremental cost-effectiveness ratios (ICERs). We estimated that postattack antibiotic prophylaxis of all 1,390,000 anthrax-exposed people beginning on Day 2 after attack would result in 205,835 infected victims, 35,049 fulminant victims, and 28,612 deaths. Only 6,437 (18.5%) of the fulminant victims could be saved with the existing critical care facilities in the Chicago metropolitan area. Mortality would increase to 69,136 if the response strategy began on Day 5. Including postattack vaccination with antibiotic prophylaxis of all exposed people reduces mortality and is cost-effective for both Day 2 (ICER=$182/QALY) and Day 5 (ICER=$1,088/QALY) response strategies. Increasing ICU bed availability significantly reduces mortality for all response strategies. We conclude that postattack antibiotic prophylaxis and vaccination of all exposed people is the optimal cost-effective response strategy for a large-scale anthrax attack. Our findings support the US government's plan to provide antibiotic prophylaxis and vaccination for all exposed people within 48 hours of the recognition of a large-scale anthrax attack. Future policies should consider expanding critical care capacity to allow for the rescue of more victims. PMID:22845046

Categorizing threat : building and using a generic threat matrix.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Woodard, Laura; Veitch, Cynthia K.; Thomas, Sherry Reede

2007-09-01

The key piece of knowledge necessary for building defenses capable of withstanding or surviving cyber and kinetic attacks is an understanding of the capabilities posed by threats to a government, function, or system. With the number of threats continuing to increase, it is no longer feasible to enumerate the capabilities of all known threats and then build defenses based on those threats that are considered, at the time, to be the most relevant. Exacerbating the problem for critical infrastructure entities is the fact that the majority of detailed threat information for higher-level threats is held in classified status and ismore » not available for general use, such as the design of defenses and the development of mitigation strategies. To reduce the complexity of analyzing threat, the threat space must first be reduced. This is achieved by taking the continuous nature of the threat space and creating an abstraction that allows the entire space to be grouped, based on measurable attributes, into a small number of distinctly different levels. The work documented in this report is an effort to create such an abstraction.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Buckner, Mark A; Bobrek, Miljko; Farquhar, Ethan

Wireless Access Points (WAP) remain one of the top 10 network security threats. This research is part of an effort to develop a physical (PHY) layer aware Radio Frequency (RF) air monitoring system with multi-factor authentication to provide a first-line of defense for network security--stopping attackers before they can gain access to critical infrastructure networks through vulnerable WAPs. This paper presents early results on the identification of OFDM-based 802.11a WiFi devices using RF Distinct Native Attribute (RF-DNA) fingerprints produced by the Fractional Fourier Transform (FRFT). These fingerprints are input to a "Learning from Signals" (LFS) classifier which uses hybrid Differentialmore » Evolution/Conjugate Gradient (DECG) optimization to determine the optimal features for a low-rank model to be used for future predictions. Results are presented for devices under the most challenging conditions of intra-manufacturer classification, i.e., same-manufacturer, same-model, differing only in serial number. The results of Fractional Fourier Domain (FRFD) RF-DNA fingerprints demonstrate significant improvement over results based on Time Domain (TD), Spectral Domain (SD) and even Wavelet Domain (WD) fingerprints.« less