Impact Assessment of Hypothesized Cyberattacks on Interconnected Bulk Power Systems

The first-ever Ukraine cyberattack on power grid has proven its devastation by hacking into their critical cyber assets. With administrative privileges accessing substation networks/local control centers, one intelligent way of coordinated cyberattacks is to execute a series of disruptive switching executions on multiple substations using compromised supervisory control and data acquisition (SCADA) systems. These actions can cause significant impacts to an interconnected power grid. Unlike the previous power blackouts, such high-impact initiating events can aggravate operating conditions, initiating instability that may lead to system-wide cascading failure. A systemic evaluation of "nightmare" scenarios is highly desirable for asset owners to manage and prioritize the maintenance and investment in protecting their cyberinfrastructure. This survey paper is a conceptual expansion of real-time monitoring, anomaly detection, impact analyses, and mitigation (RAIM) framework that emphasizes on the resulting impacts, both on steady-state and dynamic aspects of power system stability. Hypothetically, we associate the combinatorial analyses of steady state on substations/components outages and dynamics of the sequential switching orders as part of the permutation. The expanded framework includes (1) critical/noncritical combination verification, (2) cascade confirmation, and (3) combination re-evaluation. This paper ends with a discussion of the open issues for metrics and future design pertaining the impact quantification of cyber-related contingencies

Cybervandalism or Digital Act of War? America\u27s Muddled Approach to Cyber Incidents Will Not Deter More Crises

If experts say a malicious [cyber] code \u27 has similar effects to a physical bomb, \u27 and that code actually causes a stunning breach of global internet stability, is it really accurate to call that event merely an instance of a cyber attack ? Moreover, can you really expect to deter state and non-state actors from employing such code and similarly hostile cyber methodologies if all they think that they are risking is being labeled as a cyber-vandal subject only to law enforcement measures? Or might they act differently if it were made clear to them that such activity is considered an armed attack \u27 against the United States and that they are in jeopardy of being on the receiving end of a forceful, law-of-war response by the most powerful military on the planet? Of course, if something really is just vandalism, the law enforcement paradigm, with its very limited response options, would suffice. But when malevolent cyber activity endangers the reliability of the internet in a world heavily dependent on a secure cyberspace, it is not merely vandalism. Rather, it is a national and international security threat that ought to be characterized and treated as such. Unfortunately, the United States\u27 current approach is too inscrutable and even contradictory to send an effective deterrence message to potential cyber actors. This needs to change

Spatiotemporal Patterns and Predictability of Cyberattacks

Y.C.L. was supported by Air Force Office of Scientific Research (AFOSR) under grant no. FA9550-10-1-0083 and Army Research Office (ARO) under grant no. W911NF-14-1-0504. S.X. was supported by Army Research Office (ARO) under grant no. W911NF-13-1-0141. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.Peer reviewedPublisher PD

Meeting the Challenge of Cyberterrorism: Defining the Military Role in a Democracy

Denna forskningskonsumtion strävar efter att utifrån två frågeställningar undersöka dels var det deliberativa samtalets möjligheter och begränsningar ligger, dels undersöka hur det deliberativa samtalet påverkar lärarrollen i klassrummet. Detta sker genom en systematisk litteraturstudie som behandlar ett urval av relevanta svenska författare och även ett par internationella engelskspråkiga författare. Det deliberativa samtalet är en kommunikativ metod där samförståelse, konsensus och demokrati står i fokus. Tomas Englund, en av de mest uppmärksammade förespråkare av metoden beskriver det deliberativa samtalet med en rad punkter. Dessa punkter beskriver samtalet som att det ska ge olika argument utrymme, samtalet ska vara tolerant, samtalet ska ha inslag av kollektiv viljebildning, traditionella uppfattningar ska ifrågaställas och samtalet ska helst utesluta lärarledning. Det deliberativa samtalet har av bl.a. Skolverket lyfts fram som en  metod som ska gynna värdegrundsarbetet i skolan. Runt millenieskiftet hade det deliberativa samtalet samt värdegrundsarbetet fått en allt mer central del i skolan där Tomas Englund var en av de mest framträdande förespråkarna av metoden. Ytterligare styrkor i samtalet kunde även förstås som dess potential i att kunna implementeras i andra kommunikativa situationer inom flertalet ämnen. Trots att förespråkarna av det deliberativa samtalet kan lyfta många styrkor hos metoden finns fortfarande flera invändningar. De främsta styrkorna som lyfts ur det deliberativa samtalet är värdegrundsarbetet och samtalets tillämpningsbarhet, men de mer kritiska författarna vill gärna uppmärksamma hur det tämligen strukturerade samtalet kan påverka klassrummet och dess dynamik mellan lärare och elever. Hur ska exempelvis läraren förena sin position som betygsättande maktfigur med att hålla samtalet så öppet och tolererande som möjligt, oavsett åsikter som tas upp? Hur ska retoriska färdigheter hos eleverna behandlas när samtalet ska vara öppet och inkluderande? Forskningskonsumtionen lyfter även hur sociala och kulturella faktorer spelar in på elevers förmåga att deltaga i samtalet och lyfter genom författarna fram en diskussion om samtalets lämplighet i klassrummet, främst genom dess deltagare som utgångspunkt. Slutsatsen härleds till att lämpligheten hos det deliberativa samtalet i klassrummet kan kondenseras ned till frågan om förutsättningarna i klassrummet. Det deliberativa samtalet är ingen universallösning för värdegrundsarbete, men har samtidigt en rad andra styrkor som är värda att lyfta fram. Författarna saknar även en enhällig lösning över vilken roll läraren ska ha i samtalet och saknar även en riktig diskussion om hur det deliberativa samtalet ska behandla konflikter när samtalet drivs till sin spets

Planning for the Future of Cyber Attack Attribution : Hearing Before the H. Subcomm. on Technology and Innovation of the H. Comm. on Science and Technology, 111th Cong., July 15, 2010 (Statement by Adjunct Professor Marc Rotenberg, Geo. U. L. Center)

Steve Bellovin, another security expert, noted recently that one of risks of the new White House plan for cyber security is that it places too much emphasis on attribution. As Dr. Bellovin explains: The fundamental premise of the proposed strategy is that our serious Internet security problems are due to lack of sufficient authentication. That is demonstrably false. The biggest problem was and is buggy code. All the authentication in the world won\u27t stop a bad guy who goes around the authentication system, either by finding bugs exploitable before authentication is performed, finding bugs in the authentication system itself, or by hijacking your system and abusing the authenticated connection set up by the legitimate user. While I believe the White House, the Cyber Security Advisor, and the various participants in the drafting process have made an important effort to address privacy and security interests, I share Professor Bellovin’s concern that too much emphasis has been placed on promoting identification. I also believe that online identification, promoted by government, will be used for purposes unrelated to cyber security and could ultimately chill political speech and limit the growth of the Internet. Greater public participation in the development of this policy as well as a formal rulemaking on the White House proposal could help address these concerns

Toward Network-based DDoS Detection in Software-defined Networks

To combat susceptibility of modern computing systems to cyberattack, identifying and disrupting malicious traffic without human intervention is essential. To accomplish this, three main tasks for an effective intrusion detection system have been identified: monitor network traffic, categorize and identify anomalous behavior in near real time, and take appropriate action against the identified threat. This system leverages distributed SDN architecture and the principles of Artificial Immune Systems and Self-Organizing Maps to build a network-based intrusion detection system capable of detecting and terminating DDoS attacks in progress