Optimizing Interconnectivity among Networks under Attacks

Networks may need to be interconnected for various reasons such as inter-organizational communication, redundant connectivity, increasing data-rate and minimizing delay or packet-loss, etc. However, the trustworthiness of an added interconnection link cannot be taken for granted due to the presence of attackers who may compromise the security of an interconnected network by intercepting the interconnections. Namely, an intercepted interconnection link may not be secured due to the data manipulations by attackers. In the first part of this dissertation, the number of interconnections between the two networks is optimized for maximizing the data-rate and minimizing the packet-loss under the threat of security attacks. The optimization of the interconnectivity considering the security attack is formulated using a rate-distortion optimization setting, as originally introduced by Claude E. Shannon in the information theory. In particular, each intercepted interconnection is modeled as a noisy communication channel where the attackers may manipulate the data by flipping and erasing of data bits, and then the total capacity for any given number of interconnections is calculated. By exploiting such formulation, the optimal number of interconnections between two networks is found under network administrators data-rate and packet-loss requirement, and most importantly, without compromising the data security. It is concluded analytically and verified by simulations under certain conditions, increasing interconnections beyond an optimal number would not be beneficial concerning the data-rates and packet-loss. In the second part of this dissertation, the vulnerability of the interconnected network is analyzed by a probabilistic model that maps the intensity of physical attacks to network component failure distributions. Also, assuming the network is susceptible to the attack propagation, the resiliency of the network is modeled by the influence model and epidemic model. Finally, a stochastic model is proposed to track the node failure dynamics in a network considering dependency with power failures. Besides, the cascading failure in the power grid is analyzed with a data-driven model that reproduces the evolution of power-transmission line failure in power grids. To summarize, the optimal interconnectivity among networks is analyzed under security attacks, and the dynamic interactions in an interconnected network are investigated under various physical and logical attacks. The proper application of this work would add the minimum number of inter-network connections between two networks without compromising the data security. The optimal number interconnections would meet network administrator’s requirement and minimize cost (both security and monetary) associated with unnecessary connections. This work can also be used to estimate the reliability of a communication network under different types of physical attacks independently and also by incorporating the dynamics of power failures

THE ELECTROMAGNETIC THREAT TO THE UNITED STATES: RECOMMENDATIONS FOR CONSEQUENCE MANAGEMENT

This thesis analyzes the threat of both electromagnetic pulse (EMP) and geomagnetic disturbances (GMD) to the U.S. Department of Homeland Security. EMP/GMD events are classified as low-probability/high-impact events that have potential catastrophic consequences to all levels of government as well as the civilian population of the United States. By reviewing current literature and conducting two thought experiments, this thesis determined that various critical infrastructure sectors and modern society are at risk of the effects of EMP/GMD events. Some of the most serious consequences of a large-scale EMP/GMD event include long-term power loss to large geographic regions, loss of modern medical services, and severe communication blackouts that could make recovery from these events extremely difficult. In an attempt to counteract and mitigate the risks of EMP/GMD events, resilience engineering concepts introduced several recommendations that could be utilized by policymakers to mitigate the effects of EMP or GMD events. Some of the recommendations include utilizing hardened micro-grid systems, black start options, and various changes to government agency organizations that would provide additional resilience and recovery to American critical infrastructure systems in a post-EMP/GMD environment.Captain, United States ArmyApproved for public release. Distribution is unlimited

An Application of Con-Resistant Trust to Improve the Reliability of Special Protection Systems within the Smart Grid

This thesis explores an application of a con-resistant trust mechanism to improve the performance of communications-based special protection systems to further enhance their effectiveness and resiliency. New initiatives in the energy sector are paving the way for the emergent communications-based smart grid technology. Smart grids incorporate modern technologies in an effort to be more reliable and efficient. However, with the benefits of this new technology comes added risk. This research utilizes a con-resistant trust mechanism as a method to quickly identify malicious or malfunctioning protection system nodes in order to mitigate the resulting instabilities in the smart grid. The feasibility and performance of this trust architecture is demonstrated through experiments comparing a simulated special protection system implemented with a con-resistant trust mechanism and without via an analysis of variance statistical model. The simulations yield positive results when implementing the con-resistant trust mechanism within the communications-based special protection system for the smart grid

Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency (NATO COE-DAT Handbook 1)

In 2014 NATO’s Center of Excellence-Defence Against Terrorism (COE-DAT) launched the inaugural course on “Critical Infrastructure Protection Against Terrorist Attacks.” As this course garnered increased attendance and interest, the core lecturer team felt the need to update the course in critical infrastructure (CI) taking into account the shift from an emphasis on “protection” of CI assets to “security and resiliency.” What was lacking in the fields of academe, emergency management, and the industry practitioner community was a handbook that leveraged the collective subject matter expertise of the core lecturer team, a handbook that could serve to educate government leaders, state and private-sector owners and operators of critical infrastructure, academicians, and policymakers in NATO and partner countries. Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency is the culmination of such an effort, the first major collaborative research project under a Memorandum of Understanding between the US Army War College Strategic Studies Institute (SSI), and NATO COE-DAT. The research project began in October 2020 with a series of four workshops hosted by SSI. The draft chapters for the book were completed in late January 2022. Little did the research team envision the Russian invasion of Ukraine in February this year. The Russian occupation of the Zaporizhzhya nuclear power plant, successive missile attacks against Ukraine’s electric generation and distribution facilities, rail transport, and cyberattacks against almost every sector of the country’s critical infrastructure have been on world display. Russian use of its gas supplies as a means of economic warfare against Europe—designed to undermine NATO unity and support for Ukraine—is another timely example of why adversaries, nation-states, and terrorists alike target critical infrastructure. Hence, the need for public-private sector partnerships to secure that infrastructure and build the resiliency to sustain it when attacked. Ukraine also highlights the need for NATO allies to understand where vulnerabilities exist in host nation infrastructure that will undermine collective defense and give more urgency to redressing and mitigating those fissures.https://press.armywarcollege.edu/monographs/1951/thumbnail.jp

Critical Infrastructure Automated Immuno-Response System (CIAIRS)

Critical Infrastructures play a central role in the world around us and are the backbone of everyday life. Their service provision has become more widespread, to the point where it is now practically ubiquitous in many societies. Critical Infrastructure assets contribute to the economy and society as a whole. Their impact on the security, economy and health sector are extremely vital. Critical Infrastructures now possess levels of automation that require the integration of, often, mutually incompatible technologies. Their increasing complexity has led to the creation of direct and indirect interdependent connections amongst the infrastructure groupings. In addition, the data generated is vast as the intricate level of interdependency between infrastructures has grown. Since Critical Infrastructures are the backbone of everyday life, their protection from cyber-threats is an increasingly pressing issue for governments and private industries. Any failures, caused by cyber-attacks, have the ability to spread through interconnected systems and are a challenge to detect; especially as the Internet is now heavily reliant on Critical Infrastructures. This has led to different security threats facing interconnected security systems. Understanding the complexity of Critical Infrastructure interdependencies, how to take advantage of it in order to minimize the cascading problem, enables the prediction of potential problems before they happen. Therefore, this work firstly discusses the interdependency challenges facing Critical Infrastructures; and how it can be used to create a support network against cyber-attacks. In much, the same way as the human immune system is able to respond to intrusion. Next, the development of a distributed support system is presented. The system employs behaviour analysis techniques to support interconnected infrastructures and distribute security advice throughout a distributed system of systems. The approach put forward is tested through a statistical analysis methodology, in order to investigate the cascading failure effect whilst taking into account the independent variables. Moreover, our proposed system is able to detect cyber-attacks and share the knowledge with interconnected partners to create an immune system network. The development of the ‘Critical Infrastructure Auto-Immune Response System’ (CIAIRS) is presented with a detailed discussion on the main segments that comprise the framework and illustrates the functioning of the system. A semi-structured interview helped to demonstrate our approach by using a realistic simulation to construct data and evaluate the system output

Cellular networks for smart grid communication

The next-generation electric power system, known as smart grid, relies on a robust and reliable underlying communication infrastructure to improve the efficiency of electricity distribution. Cellular networks, e.g., LTE/LTE-A systems, appear as a promising technology to facilitate the smart grid evolution. Their inherent performance characteristics and well-established ecosystem could potentially unlock unprecedented use cases, enabling real-time and autonomous distribution grid operations. However, cellular technology was not originally intended for smart grid communication, associated with highly-reliable message exchange and massive device connectivity requirements. The fundamental differences between smart grid and human-type communication challenge the classical design of cellular networks and introduce important research questions that have not been sufficiently addressed so far. Motivated by these challenges, this doctoral thesis investigates novel radio access network (RAN) design principles and performance analysis for the seamless integration of smart grid traffic in future cellular networks. Specifically, we focus on addressing the fundamental RAN problems of network scalability in massive smart grid deployments and radio resource management for smart grid and human-type traffic. The main objective of the thesis lies on the design, analysis and performance evaluation of RAN mechanisms that would render cellular networks the key enabler for emerging smart grid applications. The first part of the thesis addresses the radio access limitations in LTE-based networks for reliable and scalable smart grid communication. We first identify the congestion problem in LTE random access that arises in large-scale smart grid deployments. To overcome this, a novel random access mechanism is proposed that can efficiently support real-time distribution automation services with negligible impact on the background traffic. Motivated by the stringent reliability requirements of various smart grid operations, we then develop an analytical model of the LTE random access procedure that allows us to assess the performance of event-based monitoring traffic under various load conditions and network configurations. We further extend our analysis to include the relation between the cell size and the availability of orthogonal random access resources and we identify an additional challenge for reliable smart grid connectivity. To this end, we devise an interference- and load-aware cell planning mechanism that enhances reliability in substation automation services. Finally, we couple the problem of state estimation in wide-area monitoring systems with the reliability challenges in information acquisition. Using our developed analytical framework, we quantify the impact of imperfect communication reliability in the state estimation accuracy and we provide useful insights for the design of reliability-aware state estimators. The second part of the thesis builds on the previous one and focuses on the RAN problem of resource scheduling and sharing for smart grid and human-type traffic. We introduce a novel scheduler that achieves low latency for distribution automation traffic while resource allocation is performed in a way that keeps the degradation of cellular users at a minimum level. In addition, we investigate the benefits of Device-to-Device (D2D) transmission mode for event-based message exchange in substation automation scenarios. We design a joint mode selection and resource allocation mechanism which results in higher data rates with respect to the conventional transmission mode via the base station. An orthogonal resource partition scheme between cellular and D2D links is further proposed to prevent the underutilization of the scarce cellular spectrum. The research findings of this thesis aim to deliver novel solutions to important RAN performance issues that arise when cellular networks support smart grid communication.Las redes celulares, p.e., los sistemas LTE/LTE-A, aparecen como una tecnología prometedora para facilitar la evolución de la próxima generación del sistema eléctrico de potencia, conocido como smart grid (SG). Sin embargo, la tecnología celular no fue pensada originalmente para las comunicaciones en la SG, asociadas con el intercambio fiable de mensajes y con requisitos de conectividad de un número masivo de dispositivos. Las diferencias fundamentales entre las comunicaciones en la SG y la comunicación de tipo humano desafían el diseño clásico de las redes celulares e introducen importantes cuestiones de investigación que hasta ahora no se han abordado suficientemente. Motivada por estos retos, esta tesis doctoral investiga los principios de diseño y analiza el rendimiento de una nueva red de acceso radio (RAN) que permita una integración perfecta del tráfico de la SG en las redes celulares futuras. Nos centramos en los problemas fundamentales de escalabilidad de la RAN en despliegues de SG masivos, y en la gestión de los recursos radio para la integración del tráfico de la SG con el tráfico de tipo humano. El objetivo principal de la tesis consiste en el diseño, el análisis y la evaluación del rendimiento de los mecanismos de las RAN que convertirán a las redes celulares en el elemento clave para las aplicaciones emergentes de las SGs. La primera parte de la tesis aborda las limitaciones del acceso radio en redes LTE para la comunicación fiable y escalable en SGs. En primer lugar, identificamos el problema de congestión en el acceso aleatorio de LTE que aparece en los despliegues de SGs a gran escala. Para superar este problema, se propone un nuevo mecanismo de acceso aleatorio que permite soportar de forma eficiente los servicios de automatización de la distribución eléctrica en tiempo real, con un impacto insignificante en el tráfico de fondo. Motivados por los estrictos requisitos de fiabilidad de las diversas operaciones en la SG, desarrollamos un modelo analítico del procedimiento de acceso aleatorio de LTE que nos permite evaluar el rendimiento del tráfico de monitorización de la red eléctrica basado en eventos bajo diversas condiciones de carga y configuraciones de red. Además, ampliamos nuestro análisis para incluir la relación entre el tamaño de celda y la disponibilidad de recursos de acceso aleatorio ortogonales, e identificamos un reto adicional para la conectividad fiable en la SG. Con este fin, diseñamos un mecanismo de planificación celular que tiene en cuenta las interferencias y la carga de la red, y que mejora la fiabilidad en los servicios de automatización de las subestaciones eléctricas. Finalmente, combinamos el problema de la estimación de estado en sistemas de monitorización de redes eléctricas de área amplia con los retos de fiabilidad en la adquisición de la información. Utilizando el modelo analítico desarrollado, cuantificamos el impacto de la baja fiabilidad en las comunicaciones sobre la precisión de la estimación de estado. La segunda parte de la tesis se centra en el problema de scheduling y compartición de recursos en la RAN para el tráfico de SG y el tráfico de tipo humano. Presentamos un nuevo scheduler que proporciona baja latencia para el tráfico de automatización de la distribución eléctrica, mientras que la asignación de recursos se realiza de un modo que mantiene la degradación de los usuarios celulares en un nivel mínimo. Además, investigamos los beneficios del modo de transmisión Device-to-Device (D2D) en el intercambio de mensajes basados en eventos en escenarios de automatización de subestaciones eléctricas. Diseñamos un mecanismo conjunto de asignación de recursos y selección de modo que da como resultado tasas de datos más elevadas con respecto al modo de transmisión convencional a través de la estación base. Finalmente, se propone un esquema de partición de recursos ortogonales entre enlaces celulares y D2Postprint (published version

Global Risks 2012, Seventh Edition

The World Economic Forum's Global Risks 2012 report is based on a survey of 469 experts from industry, government, academia and civil society that examines 50 global risks across five categories. The report emphasizes the singular effect of a particular constellation of global risks rather than focusing on a single existential risk. Three distinct constellations of risks that present a very serious threat to our future prosperity and security emerged from a review of this year's set of risks. Includes a special review of the important lessons learned from the 2011 earthquake, tsunami and the subsequent nuclear crisis at Fukushima, Japan. It focuses on therole of leadership, challenges to effective communication in this information age and resilient business models in response to crises of unforeseen magnitude

Session 1B Internet Expansion Plan Proposal in Developing Countries: Peru as a Case Study

Full text available. The presentation will explore how cell phone carriers have helped countries work toward SDG 9, Target 9.c. It will be a critical perspective and will include economic, social, and political implications in the countries researched