Smart grid architecture for rural distribution networks: application to a Spanish pilot network

This paper presents a novel architecture for rural distribution grids. This architecture is designed to modernize traditional rural networks into new Smart Grid ones. The architecture tackles innovation actions on both the power plane and the management plane of the system. In the power plane, the architecture focuses on exploiting the synergies between telecommunications and innovative technologies based on power electronics managing low scale electrical storage. In the management plane, a decentralized management system is proposed based on the addition of two new agents assisting the typical Supervisory Control And Data Acquisition (SCADA) system of distribution system operators. Altogether, the proposed architecture enables operators to use more effectively—in an automated and decentralized way—weak rural distribution systems, increasing the capability to integrate new distributed energy resources. This architecture is being implemented in a real Pilot Network located in Spain, in the frame of the European Smart Rural Grid project. The paper also includes a study case showing one of the potentialities of one of the principal technologies developed in the project and underpinning the realization of the new architecture: the so-called Intelligent Distribution Power Router.Postprint (published version

Towards Secure and Safe Appified Automated Vehicles

The advancement in Autonomous Vehicles (AVs) has created an enormous market for the development of self-driving functionalities,raising the question of how it will transform the traditional vehicle development process. One adventurous proposal is to open the AV platform to third-party developers, so that AV functionalities can be developed in a crowd-sourcing way, which could provide tangible benefits to both automakers and end users. Some pioneering companies in the automotive industry have made the move to open the platform so that developers are allowed to test their code on the road. Such openness, however, brings serious security and safety issues by allowing untrusted code to run on the vehicle. In this paper, we introduce the concept of an Appified AV platform that opens the development framework to third-party developers. To further address the safety challenges, we propose an enhanced appified AV design schema called AVGuard, which focuses primarily on mitigating the threats brought about by untrusted code, leveraging theory in the vehicle evaluation field, and conducting program analysis techniques in the cybersecurity area. Our study provides guidelines and suggested practice for the future design of open AV platforms

Malware in the Future? Forecasting of Analyst Detection of Cyber Events

There have been extensive efforts in government, academia, and industry to anticipate, forecast, and mitigate cyber attacks. A common approach is time-series forecasting of cyber attacks based on data from network telescopes, honeypots, and automated intrusion detection/prevention systems. This research has uncovered key insights such as systematicity in cyber attacks. Here, we propose an alternate perspective of this problem by performing forecasting of attacks that are analyst-detected and -verified occurrences of malware. We call these instances of malware cyber event data. Specifically, our dataset was analyst-detected incidents from a large operational Computer Security Service Provider (CSSP) for the U.S. Department of Defense, which rarely relies only on automated systems. Our data set consists of weekly counts of cyber events over approximately seven years. Since all cyber events were validated by analysts, our dataset is unlikely to have false positives which are often endemic in other sources of data. Further, the higher-quality data could be used for a number for resource allocation, estimation of security resources, and the development of effective risk-management strategies. We used a Bayesian State Space Model for forecasting and found that events one week ahead could be predicted. To quantify bursts, we used a Markov model. Our findings of systematicity in analyst-detected cyber attacks are consistent with previous work using other sources. The advanced information provided by a forecast may help with threat awareness by providing a probable value and range for future cyber events one week ahead. Other potential applications for cyber event forecasting include proactive allocation of resources and capabilities for cyber defense (e.g., analyst staffing and sensor configuration) in CSSPs. Enhanced threat awareness may improve cybersecurity.Comment: Revised version resubmitted to journa

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

State of the Industry 4.0 in the Andalusian food sector

The food industry is a key issue in the economic structure of Andalusia, due to both the weight and position of this industry in the economy and its advantages and potentials. The term Industry 4.0 carries many meanings. It seeks to describe the intelligent factory, with all the processes interconnected by Internet of things (IOT). Early advances in this field have involved the incorporation of greater flexibility and individualization of the manufacturing processes. The implementation of the framework proposed by Industry 4.0. is a need for the industry in general, and for Andalusian food industry in particular, and should be seen as a great opportunity of progress for the sector. It is expected that, along with others, the food and beverage industry will be pioneer in the adoption of flexible and individualized manufacturing processes. This work constitutes the state of the art, through bibliographic review, of the application of the proposed paradigm by the Industry 4.0. to the food industry.Telefónica, through the “Cátedra de Telefónica Inteligencia en la Red”Paloma Luna Garrid

STOP-IT: strategic, tactical, operational protection of water infrastructure against cyberphysical threats

Water supply and sanitation infrastructures are essential for our welfare, but vulnerable to several attack types facilitated by the ever-changing landscapes of the digital world. A cyber-attack on critical infrastructures could for example evolve along these threat vectors: chemical/biological contamination, physical or communications disruption between the network and the supervisory SCADA. Although conceptual and technological solutions to security and resilience are available, further work is required to bring them together in a risk management framework, strengthen the capacities of water utilities to systematically protect their systems, determine gaps in security technologies and improve risk management approaches. In particular, robust adaptable/flexible solutions for prevention, detection and mitigation of consequences in case of failure due to physical and cyber threats, their combination and cascading effects (from attacks to other critical infrastructure, i.e. energy) are still missing. There is (i) an urgent need to efficiently tackle cyber-physical security threats, (ii) an existing risk management gap in utilities’ practices and (iii) an un-tapped technology market potential for strategic, tactical and operational protection solutions for water infrastructure: how the H2020 STOP-IT project aims to bridge these gaps is presented in this paper.Postprint (published version

The Law Commission presumption concerning the dependability of computer evidence

We consider the condition set out in section 69(1)(b) of the Police and Criminal Evidence Act 1984 (PACE 1984) that reliance on computer evidence should be subject to proof of its correctness, and compare it to the 1997 Law Commission recommendation that acommon law presumption be used that a computer operated correctly unless there is explicit evidence to the contrary (LC Presumption). We understand the LC Presumption prevails in current legal proceedings. We demonstrate that neither section 69(1)(b) of PACE 1984 nor the LC presumption reflects the reality of general software-based system behaviour