Modèles algorithmes et méthodologie pour la conception de systèmes de sécurité physique basés sur des microcontrôleurs protégés des attaques cyber-physiques

Un moyen d'assurer la sécurité de systèmes basés sur des micro-contrôleurs (mCS) est de considérer une approche de génération à partir de spécifications. Malheureusement, les approches existantes souffrent d'inconvénients, et le but de la méthodologie présentée dans cette thèse est de les éviter dans le cas particulier des mCS pour la sécurité physique (mCS-Sec). Les principaux résultats de ce travail sont le développement de modèles, d'algorithmes, et d'une méthodologie originale de création de mCS-Sec, et leur implémentation. L'applicabilité de la méthode a été évaluée sur un système de robot de surveillance d'une zone. Dans ce cas, notre évaluation a montré que l'approche développée satisfaisait toutes les contraintes imposées, tout en offrant certains avantages par rapport aux solutions existantes. Nous pensons que cette approche permettra de réduire le nombre de faiblesses et les problèmes d'architecture dans les mCS, ce qui en réduira la surface d'attaque.One of the possible ways to ensure the security of microcontroller-based systems is the implementation of security by design approach. Unfortunately, existing approaches are not without drawbacks, that is why this thesis is aimed at developing the new one. Moreover, among all possible systems, in this work, only physical security systems were chosen as an area of the application. The main findings of the work are containing original models, algorithms, methodology and software implementation. Their correctness was checked on a system of mobile robots for perimeter monitoring. The evaluation of the developed solution showed that it satisfies all requirements while having advantages over commercial and scientific analogues, which means that the goal of this work was reached. It is assumed that the use of the developed solution will help to reduce the number of weak places and architectural defects in microcontroller-based systems, thereby significantly reducing their attack surface

Condition Monitoring using a Low Power Wide Area Network based on LoRaWAN

The Internet of Things (IoT) offers opportunity for the reliable collection of data. Low power wide area networks (LPWANs) offer the establishment of IoT networks and devices with low power budgets. Some LPWANS like LoRaWAN also offer long distances connections, suitable to remote and widespread operating environments (Karimi & Atkinson 2013). This project investigates the rollout of a LoRaWAN network and the development of a compatible data collection device to enable condition monitoring of critical track circuit devices in Aurizon’s Network. Aurizon requires a solution to remotely gather the available diagnostic information from these devices. When track circuits fail, they prevent the safe running of trains, can delay road vehicles at level crossings and cost considerable amounts in lost revenue while they are repaired. Aurizon relies on a large number of EBI Track 200 track circuit devices known to fail during their operational lifetime. Prior research has shown that majority of nuisance failures can be predicted and prevented through condition monitoring of these devices (Rose 2009). Due to the geographically diverse roll-out of these track circuits, traditional computer-based serial communications are not possible. The first concept of the project was to source, purchase and modify a device capable of talking to the EBI Track 200 and broadcasting the data via LoRaWAN. Initial market research was undertaken to determine if an existing solution was available on the market that could be used to connect to an EBI Track 200 device and LoRaWAN. When no device could be found a Systems Engineering approach was undertaken to develop a device capable of reporting back condition information of EBI Track 200 devices over LoRaWAN. A proof of concept device was built using an Arduino Uno which can connect to the EBI Track 200 device via an RS-485 serial connection to collect condition data. The data is then collected, encrypted and broadcast wirelessly over a private LoRaWAN, after which it is passed over a conventional network to a virtual machine, which authenticates and unencrypts the data. The data is then forwarded to an InfluxDB database for the data to be stored and displayed. This project has achieved the collection and storage of condition data for critical track circuit devices utilising a proof of concept data logging device. The solution addresses the limitations of traditional serial communications. The collection of this data will allow for the implementation of proactive maintenance activities to reduce nuisance failures and improve the availability of train paths. Further work is required to improve end device features, such as the inclusion for battery backed transmission, which will allow for powered status messages to be transmitted under blackout conditions. In addition, extra development on the private LoRaWAN network connected to Aurizon’s internal data network, including performing field testing on active receivers will be required before site installation can occur

An approach for joint estimation of physical and logical security by semantic modelling

Key activities in critical systems are the monitoring, observation and comprehension of different phenomena, aimed at providing an updated and meaningful description of the monitored scenario, as well as its possible evolutions, to enable proper decisions and countermeasures for the protection and safety of people and things. The threats coming from many different sources, internally and externally. The diffusion of new technologies have made more accessible the assets of a system. In this thesis we demonstrate that the use of a semantic model for the information management it is suitable in order to meet these issues. In particular, thesis proposes and implement a methodology and approach for the early situation awareness recognizing a threat situation on time, for decision support to automatically activate recovery strategies. The threat on which the thesis focus on are regarded the logical and physical security. In particular for the logical security estimation will be presented a an approach guided by metrics. Then will be presented some results and example of real application

Algorithmic Jim Crow

This Article contends that current immigration- and security-related vetting protocols risk promulgating an algorithmically driven form of Jim Crow. Under the “separate but equal” discrimination of a historic Jim Crow regime, state laws required mandatory separation and discrimination on the front end, while purportedly establishing equality on the back end. In contrast, an Algorithmic Jim Crow regime allows for “equal but separate” discrimination. Under Algorithmic Jim Crow, equal vetting and database screening of all citizens and noncitizens will make it appear that fairness and equality principles are preserved on the front end. Algorithmic Jim Crow, however, will enable discrimination on the back end in the form of designing, interpreting, and acting upon vetting and screening systems in ways that result in a disparate impact

Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency (NATO COE-DAT Handbook 1)

In 2014 NATO’s Center of Excellence-Defence Against Terrorism (COE-DAT) launched the inaugural course on “Critical Infrastructure Protection Against Terrorist Attacks.” As this course garnered increased attendance and interest, the core lecturer team felt the need to update the course in critical infrastructure (CI) taking into account the shift from an emphasis on “protection” of CI assets to “security and resiliency.” What was lacking in the fields of academe, emergency management, and the industry practitioner community was a handbook that leveraged the collective subject matter expertise of the core lecturer team, a handbook that could serve to educate government leaders, state and private-sector owners and operators of critical infrastructure, academicians, and policymakers in NATO and partner countries. Enabling NATO’s Collective Defense: Critical Infrastructure Security and Resiliency is the culmination of such an effort, the first major collaborative research project under a Memorandum of Understanding between the US Army War College Strategic Studies Institute (SSI), and NATO COE-DAT. The research project began in October 2020 with a series of four workshops hosted by SSI. The draft chapters for the book were completed in late January 2022. Little did the research team envision the Russian invasion of Ukraine in February this year. The Russian occupation of the Zaporizhzhya nuclear power plant, successive missile attacks against Ukraine’s electric generation and distribution facilities, rail transport, and cyberattacks against almost every sector of the country’s critical infrastructure have been on world display. Russian use of its gas supplies as a means of economic warfare against Europe—designed to undermine NATO unity and support for Ukraine—is another timely example of why adversaries, nation-states, and terrorists alike target critical infrastructure. Hence, the need for public-private sector partnerships to secure that infrastructure and build the resiliency to sustain it when attacked. Ukraine also highlights the need for NATO allies to understand where vulnerabilities exist in host nation infrastructure that will undermine collective defense and give more urgency to redressing and mitigating those fissures.https://press.armywarcollege.edu/monographs/1951/thumbnail.jp