Probabilistic measures of edge criticality in graphs: a study in water distribution networks

AbstractThe issue of vulnerability and robustness in networks have been addressed by several methods. The goal is to identify which are the critical components (i.e., nodes/edges) whose failure impairs the functioning of the network and how much this impacts the ensuing increase in vulnerability. In this paper we consider the drop in the network robustness as measured by the increase in vulnerability of the perturbed network and compare it with the original one. Traditional robustness metrics are based on centrality measures, the loss of efficiency and spectral analysis. The approach proposed in this paper sees the graph as a set of probability distributions and computes, specifically the probability distribution of its node to node distances and computes an index of vulnerability through the distance between the node-to-node distributions associated to original network and the one obtained by the removal of nodes and edges. Two such distances are proposed for this analysis: Jensen–Shannon and Wasserstein, based respectively on information theory and optimal transport theory, which are shown to offer a different characterization of vulnerability. Extensive computational results, including two real-world water distribution networks, are reported comparing the new approach to the traditional metrics. This modelling and algorithmic framework can also support the analysis of other networked infrastructures among which power grids, gas distribution and transit networks

Electric Power Synchrophasor Network Cyber Security Vulnerabilities

Smart grid technologies such as synchrophasor devices (Phasor Measurement Units (PMUs)), make real-time monitoring, control, and analysis of the electric power grid possible. PMUs measure voltage and current phasors across the electrical power grid, add a GPS time stamps to measurements, and sends reports to the Phasor Data Concentrators (PDCs) in the control centers. Reports are used to make decisions about the condition and state of the power grid. Since this approach relies on Internet Protocol (IP) network infrastructure, possible cybersecurity vulnerabilities have to be addressed to ensure that it is stable, secure, and reliable. In literature, attacks that are relevant to PMUs, are discussed. The system modeled is the benchmark IEEE 68 bus (New England/New York) power system. This document details vulnerability testing performed on a network implemented with a real-time grid simulator, the Real Time Digital Simulator (RTDS), with SEL PMU devices monitoring several bases. The first set of security vulnerabilities were found when running traffic analysis of the network. In using this approach it was found that the system was susceptible to Address Resolution Protocol (ARP) poisoning. This allowed the switch to be tricked so that all network traffic was rerouted through the attack computer. This technique allowed for packet analysis, man-in-the-middle, and denial of service (DOS) attacks. Side channel analysis was used to distinguish PMU traffic across the virtual private network (VPN) established by the security gateways. After the traffic was collected, the inter-packet delays were used to construct a Hidden Markov Model. This model was used to distinguish measurement packets being transported across the VPN. Once the measurements are identified, a DOS attack can be performed on the network. While this document unveils certain security vulnerabilities within the PMU network, further testing is needed to provide a full security vulnerability analysis. A future security agenda is proposed

Static detection of control-flow-related vulnerabilities using graph embedding

© 2019 IEEE. Static vulnerability detection has shown its effectiveness in detecting well-defined low-level memory errors. However, high-level control-flow related (CFR) vulnerabilities, such as insufficient control flow management (CWE-691), business logic errors (CWE-840), and program behavioral problems (CWE-438), which are often caused by a wide variety of bad programming practices, posing a great challenge for existing general static analysis solutions. This paper presents a new deep-learning-based graph embedding approach to accurate detection of CFR vulnerabilities. Our approach makes a new attempt by applying a recent graph convolutional network to embed code fragments in a compact and low-dimensional representation that preserves high-level control-flow information of a vulnerable program. We have conducted our experiments using 8,368 real-world vulnerable programs by comparing our approach with several traditional static vulnerability detectors and state-of-the-art machine-learning-based approaches. The experimental results show the effectiveness of our approach in terms of both accuracy and recall. Our research has shed light on the promising direction of combining program analysis with deep learning techniques to address the general static analysis challenges

The vulnerability of shifting towards a greener world:The impact of the EU's green transition on material demand

The green transition from fossil fuels to renewables requires acquisition of rare earth minerals and other materials for construction of renewable energy technologies and may lead to new dependencies through imports potentially causing immense pressure on global supply chains. This study investigates the material vulnerability of sectors and countries in the EU. Vulnerability maps are created for the EU's material demands by combining three analyses: input-output analysis, forward linkage analysis and network analysis. The approach reveals the relative importance of individual sectors and their vulnerability given increasing demand. As such, the analyses help to identify which sectors, based on their current implementation of renewable energy sources, could put a country and the EU at risk of not meeting their mitigation targets by 2050. The analysis concludes that Austria, Germany, the Czech Republic, Denmark and Slovakia will experience particularly large material vulnerabilities in several of the materials investigated. Hence, such findings can provide early warnings to sectors and countries about potential implications in their supply chains along with potential mitigation measures such as secondary sourcing, material substitution and material diplomacy

Constructing personal networks in light of COVID-19 containment measures

The policies for containing the spread of the SARS-CoV2 virus include a number of measures aimed at reducing physical contacts. In this paper, we explore the potential impact of such containment measures on social relations of both young adults and the elderly in Italy. We propose two ego-centered network definitions accounting for physical distance in light of the COVID-19 containment measures: the easy-to-reach network, that represents an accessible source of support that can be activate in case of new lockdown; the accustomed-to-reach network, which includes proximity and habit to meet in person. The approach used for constructing personal (ego-centered) networks on data from the most recent release of Families and Social Subject survey allows us to bring to the foreground people exposed to relational vulnerability. The analysis of the most vulnerable individuals by age, gender, and place of residence reveals that living alone is often associated with a condition of relational vulnerability for both the elderly and for young adults

Application of Complex Network Theory in Power System Security Assessment

The power demand increases every year around the world with the growth of population and the expansion of cities. Meanwhile, the structure of a power system becomes increasing complex. Moreover, increasing renewable energy sources (RES) has linked to the power network at different voltage levels. These new features are expected to have a negative impact on the security of the power system. In recent years, complex network (CN) theory has been studied intensively in solving practical problems of large-scale complex systems. A new direction for power system security assessment has been provided with the developments in the CN field. In this thesis, we carry out investigations on models and approaches that aim to make the security assessment from an overview system level with CN theory. Initially, we study the impact of the renewable energy (RE) penetration level on the vulnerability in the future grid (FG). Data shows that the capacity of RE has been increasing over by 10% annually all over the world. To demonstrate the impact of unpredictable fluctuating characteristics of RES on the power system stability, a CN model given renewable energy integration for the vulnerability analysis is introduced. The numerical simulations are investigated based on the simplified 14-generator model of the South Eastern Australia power system. Based on the simulation results, the impact of different penetrations of RES and demand side management on the Australian FG is discussed. Secondly, the distributed optimization performance of the communication network topology in the photovoltaic (PV) and energy storage (ES) combined system is studied with CN theory. A Distributed Alternating Direction Method of Multipliers (D-ADMM) is proposed to accelerate the convergence speed in a large dimensional communication system. It is shown that the dynamic performance of this approach is highly-sensitive to the communication network topology. We study the variation of convergence speed under different communication network topology. Based on this research, guidance on how to design a relatively more optimal communication network is given as well. Then, we focus on a new model of vulnerability analysis. The existing CN models usually neglect the detailed electrical characteristics of a power grid. In order to address the issue, an innovative model which considers power flow (PF), one of the most important characteristics in a power system, is proposed for the analysis of power grid vulnerability. Moreover, based on the CN theory and the Max-Flow theorem, a new vulnerability index is presented to identify the vulnerable lines in a power system. The comparative simulations between the power flow model and existing models are investigated on the IEEE 118-bus system. Based on the PF model, we improve a power system cascading risk assessment model. In this research the risk is defined by the consequence and probabilities of the failures in the system, which is affected by both power factors and the network structure. Furthermore, a cascading event simulation module is designed to identify the cascading chain in the system during a failure. This innovation can form a better module for the cascading risk assessment of a power system. Finally, we argue that the current cyber-physical network model have their limitations and drawbacks. The existing “point-wise” failure model is not appropriate to present the interdependency of power grid and communication network. The interactions between those two interdependent networks are much more complicated than they were described in some the prior literatures. Therefore, we propose a new interdependency model which is based on earlier research in this thesis. The simulation results confirm the effectiveness of the new model in explaining the cascading mechanism in this kind of networks

Systemic Risk and Vulnerability Analysis of Multi-cloud Environments

With the increasing use of multi-cloud environments, security professionals face challenges in configuration, management, and integration due to uneven security capabilities and features among providers. As a result, a fragmented approach toward security has been observed, leading to new attack vectors and potential vulnerabilities. Other research has focused on single-cloud platforms or specific applications of multi-cloud environments. Therefore, there is a need for a holistic security and vulnerability assessment and defense strategy that applies to multi-cloud platforms. We perform a risk and vulnerability analysis to identify attack vectors from software, hardware, and the network, as well as interoperability security issues in multi-cloud environments. Applying the STRIDE and DREAD threat modeling methods, we present an analysis of the ecosystem across six attack vectors: cloud architecture, APIs, authentication, automation, management differences, and cybersecurity legislation. We quantitatively determine and rank the threats in multi-cloud environments and suggest mitigation strategies.Comment: 27 pages, 9 figure

Potentialities of Complex Network Theory Tools for Urban Drainage Networks Analysis

Urban drainage networks (UDNs) represent important infrastructures to protect and maintain community health and safety. For these reasons, technicians and researcher are focusing more and more on topics related to vulnerability, resilience and monitoring for controlling illicit intrusions, contaminant and pathogenic spread. In the last years the complex network theory (CNT) is attracting attention as a new, useful and structured approach to analyze urban systems. The aim of this work is to evaluate potentialities of CNT approaches for UDNs vulnerability assessment and monitoring system planning. Limits and potentialities of applicability of CNT tools to UDNs are first provided evaluating the performances of standard centrality metrics. Then, it is proposed the use of tailored metrics embedding prior information, as intrinsic relevance of each node and pipe flow direction, which derive from the Horton's hierarchy and geometric data (pipe slope), respectively, without performing hydraulic simulations. The analysis is applied on two schematic literature networks of different complexity and to a real case-study. The results suggest that vulnerability/resilience, monitoring design, contaminant and pathogenic spreads can be effectively analyzed using tailored metrics. Therefore, the proposed approach represents a complementary tool respect the more complex and computationally expensive methodologies and it is particular useful for large complex networks

Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks

The Controller Area Network (CAN) in vehicles provides serial communication between electronic control units that manage en- gine, transmission, steering and braking. Researchers have recently demonstrated the vulnerability of the network to cyber-attacks which can manipulate the operation of the vehicle and compromise its safety. Some proposals for CAN intrusion detection systems, that identify attacks by detecting packet anomalies, have drawn on one-class classi cation, whereby the system builds a decision surface based on a large number of normal instances. The one-class approach is discussed in this paper, together with initial results and observations from implementing a classi er new to this eld. The Compound Classier has been used in image processing and medical analysis, and holds advantages that could be relevant to CAN intrusion detection.<br/

Computing a global performance index by fuzzy set approach

This paper introduces a new methodology for analyzing and computing the overall hydraulic performance for each single component in the network and for the whole water distribution system. Water required and supplied, are considered as the main asset to carry out the hydraulic analysis. The methodology is based on hierarchical system approach that begins by evaluating the hydraulic performance through a set of three indicators that are reliability, resiliency, and vulnerability. Then the Analytic Hierarchy Process (AHP) is being used in order to assign weight for each indicator. Finally, fuzzy logic technique is applied which allows the aggregation of all previous indicators into one single index that depict the system condition whether is poor, good or somewhere in between