1,279 research outputs found
A critical review of cyber-physical security for building automation systems
Modern Building Automation Systems (BASs), as the brain that enables the
smartness of a smart building, often require increased connectivity both among
system components as well as with outside entities, such as optimized
automation via outsourced cloud analytics and increased building-grid
integrations. However, increased connectivity and accessibility come with
increased cyber security threats. BASs were historically developed as closed
environments with limited cyber-security considerations. As a result, BASs in
many buildings are vulnerable to cyber-attacks that may cause adverse
consequences, such as occupant discomfort, excessive energy usage, and
unexpected equipment downtime. Therefore, there is a strong need to advance the
state-of-the-art in cyber-physical security for BASs and provide practical
solutions for attack mitigation in buildings. However, an inclusive and
systematic review of BAS vulnerabilities, potential cyber-attacks with impact
assessment, detection & defense approaches, and cyber-secure resilient control
strategies is currently lacking in the literature. This review paper fills the
gap by providing a comprehensive up-to-date review of cyber-physical security
for BASs at three levels in commercial buildings: management level, automation
level, and field level. The general BASs vulnerabilities and protocol-specific
vulnerabilities for the four dominant BAS protocols are reviewed, followed by a
discussion on four attack targets and seven potential attack scenarios. The
impact of cyber-attacks on BASs is summarized as signal corruption, signal
delaying, and signal blocking. The typical cyber-attack detection and defense
approaches are identified at the three levels. Cyber-secure resilient control
strategies for BASs under attack are categorized into passive and active
resilient control schemes. Open challenges and future opportunities are finally
discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro
Exploring Data Security and Privacy Issues in Internet of Things Based on Five-Layer Architecture
Data Security and privacy is one of the serious issues in internet-based computing like cloud computing, mobile computing and Internet of Things (IoT). This security and privacy become manifolded in IoT because of diversified technologies and the interaction of Cyber Physical Systems (CPS) used in IoT. IoTs are being adapted in academics and in many organizations without fully protecting their assets and also without realizing that the traditional security solutions cannot be applied to IoT environment. This paper explores a comprehensive survey of IoT architectures, communication technologies and the security and privacy issues of them for a new researcher in IoT. This paper also suggests methods to thwart the security and privacy issues in the different layers of IoT architecture
Recommended from our members
Cyber and physical threats to the internet of everything
After over 40 years of the Internet faithfully serving the needs of the Earth’s human population for information, communication, and entertainment, we have now entered the era of the IoT. Of course, when we refer to the Internet, we also mean the Web and therefore the Web of Things (WoT), where distributed applications benefitting from networking through the Internet are no longer a privilege of humans. Things can also take full advantage of the capabilities, simplicity, and potential of Web technologies and protocols. Following current developments in this field, it is not difficult to see the inevitability of the convergence of the two worlds, of humans and of things, each using the Internet as a primary means of communication. Possibly the most appropriate term to describe this evolution has been proposed by Cisco: the Internet of Everything (IoE), which "brings together people, process, data, and things to make networked connections more relevant and valuable than ever before." In the IoE era, machines are equal to humans as Internet users.
In an ecosystem in which everything is connected, and where physical and cyber converge and collaborate, the threats of the two worlds not only coexist, but also converge, creating a still largely unknown environment, in which an attack in cyberspace can propagate and have an adverse effect in physical space and vice versa. So how can we be prepared for and confront this new unknown? How can we study and learn from the ways this has been dealt with in the past? First, it is important to simplify the problem by attempting to identify the components of IoE and the threats and effects an attack can have in each one
EmLog:Tamper-Resistant System Logging for Constrained Devices with TEEs
Remote mobile and embedded devices are used to deliver increasingly impactful
services, such as medical rehabilitation and assistive technologies. Secure
system logging is beneficial in these scenarios to aid audit and forensic
investigations particularly if devices bring harm to end-users. Logs should be
tamper-resistant in storage, during execution, and when retrieved by a trusted
remote verifier. In recent years, Trusted Execution Environments (TEEs) have
emerged as the go-to root of trust on constrained devices for isolated
execution of sensitive applications. Existing TEE-based logging systems,
however, focus largely on protecting server-side logs and offer little
protection to constrained source devices. In this paper, we introduce EmLog --
a tamper-resistant logging system for constrained devices using the
GlobalPlatform TEE. EmLog provides protection against complex software
adversaries and offers several additional security properties over past
schemes. The system is evaluated across three log datasets using an
off-the-shelf ARM development board running an open-source,
GlobalPlatform-compliant TEE. On average, EmLog runs with low run-time memory
overhead (1MB heap and stack), 430--625 logs/second throughput, and five-times
persistent storage overhead versus unprotected logs.Comment: Accepted at the 11th IFIP International Conference on Information
Security Theory and Practice (WISTP '17
A Survey of Protocol-Level Challenges and Solutions for Distributed Energy Resource Cyber-Physical Security
The increasing proliferation of distributed energy resources (DERs) on the smart grid has made distributed solar and wind two key contributors to the expanding attack surface of the network; however, there is a lack of proper understanding and enforcement of DER communications security requirements. With vendors employing proprietary methods to mitigate hosts of attacks, the literature currently lacks a clear organization of the protocol-level vulnerabilities, attacks, and solutions mapped to each layer of the logical model such as the OSI stack. To bridge this gap and pave the way for future research by the authors in determining key DER security requirements, this paper conducts a comprehensive review of the key vulnerabilities, attacks, and potential solutions for solar and wind DERs at the protocol level. In doing so, this paper serves as a starting point for utilities, vendors, aggregators, and other industry stakeholders to develop a clear understanding of the DER security challenges and solutions, which are key precursors to comprehending security requirements
A review of cyber threats and defence approaches in emergency management
Emergency planners, first responders and relief workers increasingly rely on computational and communication systems that support all aspects of emergency management, from mitigation and preparedness to response and recovery. Failure of these systems, whether accidental or because of malicious action, can have severe implications for emergency management. Accidental failures have been extensively documented in the past and significant effort has been put into the development and introduction of more resilient technologies. At the same time researchers have been raising concerns about the potential of cyber attacks to cause physical disasters or to maximise the impact of one by intentionally impeding the work of the emergency services. Here, we provide a review of current research on the cyber threats to communication, sensing, information management and vehicular technologies used in emergency management. We emphasise on open issues for research, which are the cyber threats that have the potential to affect emergency management severely and for which solutions have not yet been proposed in the literature
Cyber-Physical Threat Intelligence for Critical Infrastructures Security
Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well
- …