An analysis of security issues in building automation systems

The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Multi-level anomaly detection in industrial control systems via package signatures and LSTM networks

We outline an anomaly detection method for industrial control systems (ICS) that combines the analysis of network package contents that are transacted between ICS nodes and their time-series structure. Specifically, we take advantage of the predictable and regular nature of communication patterns that exist between so-called field devices in ICS networks. By observing a system for a period of time without the presence of anomalies we develop a base-line signature database for general packages. A Bloom filter is used to store the signature database which is then used for package content level anomaly detection. Furthermore, we approach time-series anomaly detection by proposing a stacked Long Short Term Memory (LSTM) network-based softmax classifier which learns to predict the most likely package signatures that are likely to occur given previously seen package traffic. Finally, by the inspection of a real dataset created from a gas pipeline SCADA system, we show that an anomaly detection scheme combining both approaches can achieve higher performance compared to various current state-of-the-art techniques

Cyberattacks on critical infrastructure: an economic perspective

The aim of this article is to analyze the economic aspects of cybersecurity of critical infrastructure defined as physical or virtual systems and assets that are vital to a country’s functioning and whose incapacitation or destruction would have a debilitating impact on national, economic, military and public security. The functioning of modern states, firms and individuals increasingly relies on digital or cyber technologies and this trend has also materialized in various facets of critical infrastructure. Critical infrastructure presents a new cybersecurity area of attacks and threats that requires the attention of regulators and service providers. Deploying critical infrastructure systems without suitable cybersecurity might make them vulnerable to intrinsic failures or malicious attacks and result in serious negative consequences. In this article a fuller view of costs and losses associated with cyberattacks that includes both private and external (social) costs is proposed. An application of the cost-benefit analysis or the Return on Security Investment (ROSI) indicator is presented to evaluate the worthiness of cybersecurity efforts and analyze the costs associated with some major cyberattacks in recent years. The “Identify, Protect, Detect, Respond and Recover” (IPDRR) framework of organizing cybersecurity efforts is also proposed as well as an illustration as to how the blockchain technology could be utilized to improve security and efficiency within a critical infrastructure

What Ukraine Taught NATO about Hybrid Warfare

Russia’s invasion of Ukraine in 2022 forced the United States and its NATO partners to be confronted with the impact of hybrid warfare far beyond the battlefield. Targeting Europe’s energy security, Russia’s malign influence campaigns and malicious cyber intrusions are affecting global gas prices, driving up food costs, disrupting supply chains and grids, and testing US and Allied military mobility. This study examines how hybrid warfare is being used by NATO’s adversaries, what vulnerabilities in energy security exist across the Alliance, and what mitigation strategies are available to the member states. Cyberattacks targeting the renewable energy landscape during Europe’s green transition are increasing, making it urgent that new tools are developed to protect these emerging technologies. No less significant are the cyber and information operations targeting energy security in Eastern Europe as it seeks to become independent from Russia. Economic coercion is being used against Western and Central Europe to stop gas from flowing. China’s malign investments in Southern and Mediterranean Europe are enabling Beijing to control several NATO member states’ critical energy infrastructure at a critical moment in the global balance of power. What Ukraine Taught NATO about Hybrid Warfare will be an important reference for NATO officials and US installations operating in the European theater.https://press.armywarcollege.edu/monographs/1952/thumbnail.jp