Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Optimizing the Automotive Security Development Process in Early Process Design Phases

Security is a relatively new topic in the automotive industry. In the former days, the only security defense methods were the engine immobilizer and the anti-theft alarm system. The rising connection of vehicles to external networks made it necessary to extend the security effort by introducing security development processes. These processes include, amongothers, risk analysis and treatment steps. In parallel, the development of ISO/SAE 21434 and UN-ECE No. R155 started. The long development cycles in the automotive industry made it necessary to align the development processes' early designs with the standards' draft releases. This work aims to design a new consistent, complete and efficient security development process, aligned with the normative references. The resulting development process design aligns with the overall development methodology of the underlying, evaluated development process. Use cases serve as a basis for evaluating improvements and the method designs. This work concentrates on the left leg of the V-Model. Nevertheless, future work targets extensions for a holistic development approach for safety and security.:I. Foundation 1. Introduction 2. Automotive Development 3. Methodology II. Meta-Functional Aspects 4. Dependability as an Umbrella-Term 5. Security Taxonomy 6. Terms and Definitions III. Security Development Process Design 7. Security Relevance Evaluation 8. Function-oriented Security Risk Analysis 9. Security Risk Analysis on System Level 10. Risk Treatment IV. Use Cases and Evaluation 11. Evaluation Criteria 12. Use Case: Security Relevance Evaluation 13. Use Case: Function-oriented Security Risk Analysis 14. Use Case: System Security Risk Analysis 15. Use Case: Risk Treatment V. Closing 16. Discussion 17. Conclusion 18. Future Work Appendix A. Attacker Model Categories and Rating Appendix B. Basic Threat Classes for System SRA Appendix C. Categories of Defense Method Propertie

Innovation in Energy Systems

It has been a little over a century since the inception of interconnected networks and little has changed in the way that they are operated. Demand-supply balance methods, protection schemes, business models for electric power companies, and future development considerations have remained the same until very recently. Distributed generators, storage devices, and electric vehicles have become widespread and disrupted century-old bulk generation - bulk transmission operation. Distribution networks are no longer passive networks and now contribute to power generation. Old billing and energy trading schemes cannot accommodate this change and need revision. Furthermore, bidirectional power flow is an unprecedented phenomenon in distribution networks and traditional protection schemes require a thorough fix for proper operation. This book aims to cover new technologies, methods, and approaches developed to meet the needs of this changing field

A Computational Approach to Multi-level Analysis of Network Resilience

As communication and network technology has advanced into all areas of human life, large-scale failures of such infrastructures can have a drastic impact on its users, the economy and society in general. Significant attention has been paid to study and improve the dependability of such systems, intending to augment their resilience against challenges. This paper presents a computational approach for a multi-level multi-dimensional study of network robustness, providing hard performance guarantees for networks and helping to assess risk and uncertainty associated with threats. We demonstrate in a case study that such approach is well suited to understood the root causes and subsequent effects of network challenges and therefore obtain deeper insights into the resilience of a network under stress.Network Architectures and ServicesElectrical Engineering, Mathematics and Computer Scienc

Flexible HW-SW design and analysis of an MMT-based MANET system on FPGA

Recently there has been a rapid growth of research interests in Mobile Ad-hoc Networks (MANETs). Their infrastructureless and dynamic nature demands that new strategies be implemented on a robust wireless communication platform in order to provide efficient end-to-end communication. Many routing algorithms have been developed to serve this purpose. This thesis investigated Multi-Meshed Tree (MMT) algorithm, an integrated solution that combines routing, clustering and medium access control operations based on a common multi-meshed tree concept. It provides the robustness and redundancy inherent in mesh topologies and uses the tree branches to deliver packets. MMT is the first of its kind that enables a single algorithm to form multiple proactive routes within a cluster while supporting reactive routes between different clusters. Recent published research and simulations have shown its favorable features and results. To explore the MMT algorithm\u27s novel feature in real systems against simulation work, this work adopts Field Programmable Gate Arrays (FPGA) as the platform for wireless system implementations. Full hardware and various System-on-Chip Hardware-Software designs are developed and studied, providing a design practice that contributes to low-cost system development in the field of MANET by utilizing the evolving FPGA technology. The results show that the MMT-based systems functioned accurately and effectively; in all proposed test scenarios they demonstrated many of the features that a desired MANET routing algorithm should have: high transmission success rate, low latency, scalability, few queued packets and low overhead. The results give valuable insights into the MMT algorithm\u27s performance and facilitate its future improvements

A Cognitive Routing framework for Self-Organised Knowledge Defined Networks

This study investigates the applicability of machine learning methods to the routing protocols for achieving rapid convergence in self-organized knowledge-defined networks. The research explores the constituents of the Self-Organized Networking (SON) paradigm for 5G and beyond, aiming to design a routing protocol that complies with the SON requirements. Further, it also exploits a contemporary discipline called Knowledge-Defined Networking (KDN) to extend the routing capability by calculating the “Most Reliable” path than the shortest one. The research identifies the potential key areas and possible techniques to meet the objectives by surveying the state-of-the-art of the relevant fields, such as QoS aware routing, Hybrid SDN architectures, intelligent routing models, and service migration techniques. The design phase focuses primarily on the mathematical modelling of the routing problem and approaches the solution by optimizing at the structural level. The work contributes Stochastic Temporal Edge Normalization (STEN) technique which fuses link and node utilization for cost calculation; MRoute, a hybrid routing algorithm for SDN that leverages STEN to provide constant-time convergence; Most Reliable Route First (MRRF) that uses a Recurrent Neural Network (RNN) to approximate route-reliability as the metric of MRRF. Additionally, the research outcomes include a cross-platform SDN Integration framework (SDN-SIM) and a secure migration technique for containerized services in a Multi-access Edge Computing environment using Distributed Ledger Technology. The research work now eyes the development of 6G standards and its compliance with Industry-5.0 for enhancing the abilities of the present outcomes in the light of Deep Reinforcement Learning and Quantum Computing

Computer Science & Technology Series : XXI Argentine Congress of Computer Science. Selected papers

CACIC’15 was the 21thCongress in the CACIC series. It was organized by the School of Technology at the UNNOBA (North-West of Buenos Aires National University) in Junín, Buenos Aires. The Congress included 13 Workshops with 131 accepted papers, 4 Conferences, 2 invited tutorials, different meetings related with Computer Science Education (Professors, PhD students, Curricula) and an International School with 6 courses. CACIC 2015 was organized following the traditional Congress format, with 13 Workshops covering a diversity of dimensions of Computer Science Research. Each topic was supervised by a committee of 3-5 chairs of different Universities. The call for papers attracted a total of 202 submissions. An average of 2.5 review reports werecollected for each paper, for a grand total of 495 review reports that involved about 191 different reviewers. A total of 131 full papers, involving 404 authors and 75 Universities, were accepted and 24 of them were selected for this book.Red de Universidades con Carreras en Informática (RedUNCI

Computer Science & Technology Series : XXI Argentine Congress of Computer Science. Selected papers

CACIC’15 was the 21thCongress in the CACIC series. It was organized by the School of Technology at the UNNOBA (North-West of Buenos Aires National University) in Junín, Buenos Aires. The Congress included 13 Workshops with 131 accepted papers, 4 Conferences, 2 invited tutorials, different meetings related with Computer Science Education (Professors, PhD students, Curricula) and an International School with 6 courses. CACIC 2015 was organized following the traditional Congress format, with 13 Workshops covering a diversity of dimensions of Computer Science Research. Each topic was supervised by a committee of 3-5 chairs of different Universities. The call for papers attracted a total of 202 submissions. An average of 2.5 review reports werecollected for each paper, for a grand total of 495 review reports that involved about 191 different reviewers. A total of 131 full papers, involving 404 authors and 75 Universities, were accepted and 24 of them were selected for this book.Red de Universidades con Carreras en Informática (RedUNCI

Air Force Institute of Technology Research Report 2007

This report summarizes the research activities of the Air Force Institute of Technology’s Graduate School of Engineering and Management. It describes research interests and faculty expertise; lists student theses/dissertations; identifies research sponsors and contributions; and outlines the procedures for contacting the school. Included in the report are: faculty publications, conference presentations, consultations, and funded research projects. Research was conducted in the areas of Aeronautical and Astronautical Engineering, Electrical Engineering and Electro-Optics, Computer Engineering and Computer Science, Systems and Engineering Management, Operational Sciences, Mathematics, Statistics and Engineering Physics

IPV6 BLOCKCHAIN DATA COMMUNICATION FOR UAV SWARM-INTELLIGENCE SYSTEMS BASED ON PEER-TO-PEER, PEER-TO-MANY, AND MANY-TO-PEER SCENARIOS

This thesis explores the use of blockchains along with the Internet Protocol version 6 (IPv6) data packet messages to support secure, high-performance, and scalable communication with an intelligent swarm of unmanned aerial vehicles (UAVs). For this thesis, we investigate the exchange of encrypted data packets for three scenarios, those being peer-to-peer, peer-to-many, and many-to-peer. We simulate the swarm’s behavior for each of these scenarios and vary the number of UAVs in a swarm over the simulation runs. The simulation-based results showed that for peer-to-peer scenarios and many-to-peer scenarios, there is no significant increase in latency even though in many-to-peer scenarios, the number of interacting nodes increases. In contrast, latency increases for the peer-to-many scenarios. Additional research needs to be performed to assess the security and scalability of the blockchain-IPv6 approach proposed in this thesis.Major, Indonesian NavyApproved for public release. Distribution is unlimited