329 research outputs found
Autonomic computing meets SCADA security
© 2017 IEEE. National assets such as transportation networks, large manufacturing, business and health facilities, power generation, and distribution networks are critical infrastructures. The cyber threats to these infrastructures have increasingly become more sophisticated, extensive and numerous. Cyber security conventional measures have proved useful in the past but increasing sophistication of attacks dictates the need for newer measures. The autonomic computing paradigm mimics the autonomic nervous system and is promising to meet the latest challenges in the cyber threat landscape. This paper provides a brief review of autonomic computing applications for SCADA systems and proposes architecture for cyber security
Software Defined Networks based Smart Grid Communication: A Comprehensive Survey
The current power grid is no longer a feasible solution due to
ever-increasing user demand of electricity, old infrastructure, and reliability
issues and thus require transformation to a better grid a.k.a., smart grid
(SG). The key features that distinguish SG from the conventional electrical
power grid are its capability to perform two-way communication, demand side
management, and real time pricing. Despite all these advantages that SG will
bring, there are certain issues which are specific to SG communication system.
For instance, network management of current SG systems is complex, time
consuming, and done manually. Moreover, SG communication (SGC) system is built
on different vendor specific devices and protocols. Therefore, the current SG
systems are not protocol independent, thus leading to interoperability issue.
Software defined network (SDN) has been proposed to monitor and manage the
communication networks globally. This article serves as a comprehensive survey
on SDN-based SGC. In this article, we first discuss taxonomy of advantages of
SDNbased SGC.We then discuss SDN-based SGC architectures, along with case
studies. Our article provides an in-depth discussion on routing schemes for
SDN-based SGC. We also provide detailed survey of security and privacy schemes
applied to SDN-based SGC. We furthermore present challenges, open issues, and
future research directions related to SDN-based SGC.Comment: Accepte
Finding sands in the eyes: vulnerabilities discovery in IoT with EUFuzzer on human machine interface
In supervisory control and data acquisition (SCADA) systems or the Internet of Things (IoT), human machine interface (HMI) performs the function of data acquisition and control, providing the operators with a view of the whole plant and access to monitoring and interacting with the system. The compromise of HMI will result in lost of view (LoV), which means the state of the whole system is invisible to operators. The worst case is that adversaries can manipulate control commands through HMI to damage the physical plant. HMI often relies on poorly understood proprietary protocols, which are time-sensitive, and usually keeps a persistent connection for hours even days. All these factors together make the vulnerability mining of HMI a tough job. In this paper, we present EUFuzzer, a novel fuzzing tool to assist testers in HMI vulnerability discovery. EUFuzzer first identifies packet fields of the specific protocol and classifies all fields into four types, then using a relatively high efficiency fuzzing method to test HMI. The experimental results show that EUFuzzer is capable of identifying packet fields and revealing bugs. EUFuzzer also successfully triggers flaws of actual proprietary SCADA protocol implementation on HMI, which the SCADA software vendor has confirmed that four were zero-day vulnerabilities and has taken measures to patch up
Cloud computing for energy management in smart grid - an application survey
The smart grid is the emerging energy system wherein the application of information technology, tools and techniques that make the grid run more efficiently. It possesses demand response capacity to help balance electrical consumption with supply. The challenges and opportunities of emerging and future smart grids can be addressed by cloud computing. To focus on these requirements, we provide an in-depth survey on different cloud computing applications for energy management in the smart grid architecture. In this survey, we present an outline of the current state of research on smart grid development. We also propose a model of cloud based economic power dispatch for smart grid
Trusted Energy-Efficient Cloud-based Services Brokerage Platform
The use of cloud computing can increase service efficiency and service level agreements for cloud users, by linking them to an appropriate cloud service provider, using the cloud services brokerage paradigm. Cloud service brokerage represents a promising new layer which is to be added to the cloud computing network, which manages the use, performance and delivery of cloud services, and negotiates relationships between cloud service providers and cloud service consumers. The work presented in this paper studies the research related to cloud service brokerage systems along with the weaknesses and vulnerabilities associated with each of these systems, with a particular focus on the multicloud-based services environment. In addition, the paper will conclude with a proposed multi-cloud framework that overcomes the weaknesses of other listed cloud brokers. The new framework aims to find the appropriate data centre in terms of energy efficiency, QoS and SLA. Moreover, it presents a security model aims to protect the proposed multicloud framework and highlights the key features that must be available in multi-cloud-based brokerage systems
Recommended from our members
Evaluating the resilience and security of boundaryless, evolving socio-technical Systems of Systems
Towards Digital Twin-enabled DevOps for CPS providing Architecture-Based Service Adaptation & Verification at Runtime
Industrial Product-Service Systems (IPSS) denote a service-oriented (SO) way
of providing access to CPS capabilities. The design of such systems bears high
risk due to uncertainty in requirements related to service function and
behavior, operation environments, and evolving customer needs. Such risks and
uncertainties are well known in the IT sector, where DevOps principles ensure
continuous system improvement through reliable and frequent delivery processes.
A modular and SO system architecture complements these processes to facilitate
IT system adaptation and evolution. This work proposes a method to use and
extend the Digital Twins (DTs) of IPSS assets for enabling the continuous
optimization of CPS service delivery and the latter's adaptation to changing
needs and environments. This reduces uncertainty during design and operations
by assuring IPSS integrity and availability, especially for design and service
adaptations at CPS runtime. The method builds on transferring IT DevOps
principles to DT-enabled CPS IPSS. The chosen design approach integrates,
reuses, and aligns the DT processing and communication resources with DevOps
requirements derived from literature. We use these requirements to propose a
DT-enabled self-adaptive CPS model, which guides the realization of DT-enabled
DevOps in CPS IPSS. We further propose detailed design models for
operation-critical DTs that integrate CPS closed-loop control and
architecture-based CPS adaptation. This integrated approach enables the
implementation of A/B testing as a use case and central concept to enable CPS
IPSS service adaptation and reconfiguration. The self-adaptive CPS model and DT
design concept have been validated in an evaluation environment for
operation-critical CPS IPSS. The demonstrator achieved sub-millisecond cycle
times during service A/B testing at runtime without causing CPS operation
interferences and downtime.Comment: Final published version appearing in 17th Symposium on Software
Engineering for Adaptive and Self-Managing Systems (SEAMS 2022
- …