Research Directions in Information Systems for Humanitarian Logistics

This article systematically reviews the literature on using IT (Information Technology) in humanitarian logistics focusing on disaster relief operations. We first discuss problems in humanitarian relief logistics. We then identify the stage and disaster type for each article as well as the article’s research methodology and research contribution. Finally, we identify potential future research directions

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

System importance measures: A new approach to resilient systems-of-systems

Resilience is the ability to withstand and recover rapidly from disruptions. While this attribute has been the focus of research in several fields, in the case of system-of-systems (SoSs), addressing resilience is particularly interesting and challenging. As infrastructure SoSs, such as power, transportation, and communication networks, grow in complexity and interconnectivity, measuring and improving the resilience of these SoSs is vital in terms of safety and providing uninterrupted services. ^ The characteristics of systems-of-systems make analysis and design of resilience challenging. However, these features also offer opportunities to make SoSs resilient using unconventional methods. In this research, we present a new approach to the process of resilience design. The core idea behind the proposed design process is a set of system importance measures (SIMs) that identify systems crucial to overall resilience. Using the results from the SIMs, we determine appropriate strategies from a list of design principles to improve SoS resilience. The main contribution of this research is the development of an aid to design that provides specific guidance on where and how resources need to be targeted. Based on the needs of an SoS, decision-makers can iterate through the design process to identify a set of practical and effective design improvements. ^ We use two case studies to demonstrate how the SIM-based design process can inform decision-making in the context of SoS resilience. The first case study focuses on a naval warfare SoS and describes how the resilience framework can leverage existing simulation models to support end-to-end design. We proceed through stages of the design approach using an agent-based model (ABM) that enables us to demonstrate how simulation tools and analytical models help determine the necessary inputs for the design process and, subsequently, inform decision-making regarding SoS resilience. ^ The second case study considers the urban transportation network in Boston. This case study focuses on interpreting the results of the resilience framework and on describing how they can be used to guide design choices in large infrastructure networks. We use different resilience maps to highlight the range of design-related information that can be obtained from the framework. ^ Specific advantages of the SIM-based resilience design include: (1) incorporates SoS- specific features within existing risk-based design processes - the SIMs determine the relative importance of different systems based on their impacts on SoS-level performance, and suggestions for resilience improvement draw from design options that leverage SoS- specific characteristics, such as the ability to adapt quickly (such as add new systems or re-task existing ones) and to provide partial recovery of performance in the aftermath of a disruption; (2) allows rapid understanding of different areas of concern within the SoS - the visual nature of the resilience map (a key outcome of the SIM analysis) provides a useful way to summarize the current resilience of the SoS as well as point to key systems of concern; and (3) provides a platform for multiple analysts and decision- makers to study, modify, discuss and documentoptions for SoS

Preventing Advanced Persistent Threats in Complex Control Networks

An Advanced Persistent Threat (APT) is an emerging attack against Industrial Control and Automation Systems, that is executed over a long period of time and is difficult to detect. In this context, graph theory can be applied to model the interaction among nodes and the complex attacks affecting them, as well as to design recovery techniques that ensure the survivability of the network. Accordingly, we leverage a decision model to study how a set of hierarchically selected nodes can collaborate to detect an APT within the network, concerning the presence of changes in its topology. Moreover, we implement a response service based on redundant links that dynamically uses a secret sharing scheme and applies a flexible routing protocol depending on the severity of the attack. The ultimate goal is twofold: ensuring the reachability between nodes despite the changes and preventing the path followed by messages from being discovered.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech

Multiagent autonomous energy management

The objective of this thesis is to design distributed software agents for reliable operation of integrated electric power systems of modern electric warships. The automatic reconfiguration of electric shipboard power systems is an important step toward improved fight-through and self-healing capabilities of naval warships. The improvements are conceptualized by redesigning the electric power system and its controls. This research focuses on a new scheme for an energy management system in the form of distributed control/software agents. Multiagent systems provide an ideal level of abstraction for modeling complex applications where distributed and heterogeneous entities need to cooperate to achieve a common goal. The agents\u27 task is to ensure supply of the various load demands while taking into consideration system constraints and load and supply path priorities. A self-stabilizing maximum flow algorithm is investigated to allow implementation of the agents\u27 strategies and find a global solution by only considering local information and a minimum amount of communication. (Abstract shortened by UMI.)

Hybrid Cloud Model Checking Using the Interaction Layer of HARMS for Ambient Intelligent Systems

Soon, humans will be co-living and taking advantage of the help of multi-agent systems in a broader way than the present. Such systems will involve machines or devices of any variety, including robots. These kind of solutions will adapt to the special needs of each individual. However, to the concern of this research effort, systems like the ones mentioned above might encounter situations that will not be seen before execution time. It is understood that there are two possible outcomes that could materialize; either keep working without corrective measures, which could lead to an entirely different end or completely stop working. Both results should be avoided, specially in cases where the end user will depend on a high level guidance provided by the system, such as in ambient intelligence applications. This dissertation worked towards two specific goals. First, to assure that the system will always work, independently of which of the agents performs the different tasks needed to accomplish a bigger objective. Second, to provide initial steps towards autonomous survivable systems which can change their future actions in order to achieve the original final goals. Therefore, the use of the third layer of the HARMS model was proposed to insure the indistinguishability of the actors accomplishing each task and sub-task without regard of the intrinsic complexity of the activity. Additionally, a framework was proposed using model checking methodology during run-time for providing possible solutions to issues encountered in execution time, as a part of the survivability feature of the systems final goals

Nature-inspired survivability: Prey-inspired survivability countermeasures for cloud computing security challenges

As cloud computing environments become complex, adversaries have become highly sophisticated and unpredictable. Moreover, they can easily increase attack power and persist longer before detection. Uncertain malicious actions, latent risks, Unobserved or Unobservable risks (UUURs) characterise this new threat domain. This thesis proposes prey-inspired survivability to address unpredictable security challenges borne out of UUURs. While survivability is a well-addressed phenomenon in non-extinct prey animals, applying prey survivability to cloud computing directly is challenging due to contradicting end goals. How to manage evolving survivability goals and requirements under contradicting environmental conditions adds to the challenges. To address these challenges, this thesis proposes a holistic taxonomy which integrate multiple and disparate perspectives of cloud security challenges. In addition, it proposes the TRIZ (Teorija Rezbenija Izobretatelskib Zadach) to derive prey-inspired solutions through resolving contradiction. First, it develops a 3-step process to facilitate interdomain transfer of concepts from nature to cloud. Moreover, TRIZ’s generic approach suggests specific solutions for cloud computing survivability. Then, the thesis presents the conceptual prey-inspired cloud computing survivability framework (Pi-CCSF), built upon TRIZ derived solutions. The framework run-time is pushed to the user-space to support evolving survivability design goals. Furthermore, a target-based decision-making technique (TBDM) is proposed to manage survivability decisions. To evaluate the prey-inspired survivability concept, Pi-CCSF simulator is developed and implemented. Evaluation results shows that escalating survivability actions improve the vitality of vulnerable and compromised virtual machines (VMs) by 5% and dramatically improve their overall survivability. Hypothesis testing conclusively supports the hypothesis that the escalation mechanisms can be applied to enhance the survivability of cloud computing systems. Numeric analysis of TBDM shows that by considering survivability preferences and attitudes (these directly impacts survivability actions), the TBDM method brings unpredictable survivability information closer to decision processes. This enables efficient execution of variable escalating survivability actions, which enables the Pi-CCSF’s decision system (DS) to focus upon decisions that achieve survivability outcomes under unpredictability imposed by UUUR