4,913 research outputs found
Security in transnational interoperable PPDR communications: threats and requirements
The relevance of cross border security operations
has been identified as a priority at European level for a long time.
A European network where Public Protection and Disaster Relief
(PPDR) forces share communications processes and a legal
framework would greatly enforce response to disaster recovery
and security against crime. Nevertheless, uncertainty on costs,
timescale and functionalities have slowed down the
interconnection of PPDR networks across countries and limited
the transnational cooperation of their PPDR forces so far. In this
context, the European research project ISITEP is aimed at
developing the legal, operational and technical framework to
achieve a cost effective solution for PPDR interoperability across
European countries. Inter alia, ISITEP project is specifying a
new Inter-System-Interface (ISI) interface for the
interconnection of current TETRA and TETRAPOL networks
that can be deployed over Internet Protocol (IP) connectivity.
This approach turns communications security as a central aspect
to consider when deploying the new IP ISI protocol between
PPDR national networks. Ensuring that threats to the
interconnected communications systems and terminals are
sufficiently and appropriately reduced by technical, procedural
and environmental countermeasures is vital to realise the trusted
and secure communication system needed for the pursued PPDR
transnational cooperation activities. In this context, this paper
describes the framework and methodology defined to carry out
the development of the security requirements and provides a
discussion on the undertaken security risk and vulnerability
analysis.Peer ReviewedPostprint (author's final draft
Assessing and augmenting SCADA cyber security: a survey of techniques
SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability
FPGA based remote code integrity verification of programs in distributed embedded systems
The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems
- …