Cyber security for smart grid: a human-automation interaction framework

Abstract-- Power grid cyber security is turning into a vital concern, while we are moving from the traditional power grid toward modern Smart Grid (SG). To achieve the smart grid objectives, development of Information Technology (IT) infrastructure and computer based automation is necessary. This development makes the smart grid more prone to the cyber attacks. This paper presents a cyber security strategy for the smart grid based on Human Automation Interaction (HAI) theory and especially Adaptive Autonomy (AA) concept. We scheme an adaptive Level of Automation (LOA) for Supervisory Control and Data Acquisition (SCADA) systems. This level of automation will be adapted to some environmental conditions which are presented in this paper. The paper presents a brief background, methodology (methodology design), implementation and discussions. Index Terms—smart grid, human automation interaction, adaptive autonomy, cyber security, performance shaping facto

Reducing the Software Risk in Ground Systems

Presentation to provide and overview of software's role in ground systems and how the security of the software is important and how it can be improved

Understanding ethnic minority differences in access to and outcomes of psychological therapies for first episode psychosis and severe mental illness

Context: Prevalence rates of severe mental illnesses (SMI) such as psychosis differ between ethnic groups disproportionately. Disparities also exist when exploring access and outcomes to psychological therapies based on ethnicity. The literature suggests that individuals from ethnic minority groups with SMI are less likely to be offered a psychology therapy. Methods: The broad aim of the thesis was to explore the effectiveness and accessibility of psychological therapies for ethnic minority groups who experience a SMI. A systematic review explored the effectiveness of psychological therapies for ethnic minority groups who experienced a SMI. Secondly, an empirical paper investigated whether sociodemographic factors, including ethnicity, influenced the offer and uptake of psychological therapies in a sample of service users who experienced first episode psychosis. Results: Our systematic review included nine studies for analysis, with seven reporting significant improvements in SMI symptom severity. Seven studies made cultural adaptations which led to a reduction in SMI symptom severity compared to treatment as usual. However the quality and risk of bias varied between studies, reducing the strength of the findings. In our empirical paper we found that service users in ‘White Other’ and ‘Other’ ethnic minority groups were less likely to be offered a psychological therapy compared to the white British reference group (‘White other’ OR = .48, CI .26 – .89, p = .04, ‘Other’ OR = .38, CI .17- .87, p = .02). Presenting to Early Intervention Services increased the likelihood being offered a psychological therapy. Conclusions: Our evidence highlights that whilst psychological therapies may be useful for ethnic minority groups with SMI, the availability is mixed depending on the service accessed. Future research is needed to explore the frequency and use of culturally adapted therapies in clinical settings. Research is needed that allows comparisons to be made between culturally adapted and standard therapies

Networking vendor strategy and competition and their impact on enterprise network design and implementation

Thesis (M.B.A.)--Massachusetts Institute of Technology, Sloan School of Management; and, (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science; in conjunction with the Leaders for Manufacturing Program at MIT, 2006.Includes bibliographical references (leaves 93-99).While a significant amount of literature exists that discuss platform strategies used by general IT vendors, less of it has to do with corporate networking technology vendors specifically. However, many of the same strategic principles that are used to analyze general IT vendors can also be used to analyze networking vendors. This paper extends the platform model that was developed by Michael Cusumano and Annabel Gawer to networking vendors, outlining the unique strategic aspects that the networking market possesses. The paper then reviews the strategy of the first dominant corporate datacom vendor, IBM, how it achieved its dominance, and how it lost it. The paper then discusses the strategies of various vendors who attempted to replace IBM as the dominant networking platform vendor and how they failed to do so. Finally, the paper discusses Cisco Systems, a vendor who did manage to achieve a level of dominance that parallels IBM's, and how that company has utilized its strategy to achieve and maintain its current dominance. Finally, Cisco's current strategic challenges are discussed. The impact of the strategies of the various vendors on the evolution of corporate networking is also discussed.by Ray Fung.S.M.M.B.A

Cross-layer Optimization for Video Delivery over Wireless Networks

As video streaming is becoming the most popular application of Internet mo- bile, the design and the optimization of video communications over wireless networks is attracting increasingly attention from both academia and indus- try. The main challenges are to enhance the quality of service support, and to dynamically adapt the transmitted video streams to the network condition. The cross-layer methods, i.e., the exchange of information among different layers of the system, is one of the key concepts to be exploited to achieve this goals. In this thesis we propose novel cross-layer optimization frameworks for scalable video coding (SVC) delivery and for HTTP adaptive streaming (HAS) application over the downlink and the uplink of Long Term Evolution (LTE) wireless networks. They jointly address optimized content-aware rate adaptation and radio resource allocation (RRA) with the aim of maximiz- ing the sum of the achievable rates while minimizing the quality difference among multiple videos. For multi-user SVC delivery over downlink wireless systems, where IP/TV is the most representative application, we decompose the optimization problem and we propose the novel iterative local approxi- mation algorithm to derive the optimal solution, by also presenting optimal algorithms to solve the resulting two sub-problems. For multiple SVC de- livery over uplink wireless systems, where healt-care services are the most attractive and challenging application, we propose joint video adaptation and aggregation directly performed at the application layer of the transmit- ting equipment, which exploits the guaranteed bit-rate (GBR) provided by the low-complexity sub-optimal RRA solutions proposed. Finally, we pro- pose a quality-fair adaptive streaming solution to deliver fair video quality to HAS clients in a LTE cell by adaptively selecting the prescribed (GBR) of each user according to the video content in addition to the channel condi- tion. Extensive numerical evaluations show the significant enhancements of the proposed strategies with respect to other state-of-the-art frameworks

A Survey on Industrial Control System Testbeds and Datasets for Security Research

The increasing digitization and interconnection of legacy Industrial Control Systems (ICSs) open new vulnerability surfaces, exposing such systems to malicious attackers. Furthermore, since ICSs are often employed in critical infrastructures (e.g., nuclear plants) and manufacturing companies (e.g., chemical industries), attacks can lead to devastating physical damages. In dealing with this security requirement, the research community focuses on developing new security mechanisms such as Intrusion Detection Systems (IDSs), facilitated by leveraging modern machine learning techniques. However, these algorithms require a testing platform and a considerable amount of data to be trained and tested accurately. To satisfy this prerequisite, Academia, Industry, and Government are increasingly proposing testbed (i.e., scaled-down versions of ICSs or simulations) to test the performances of the IDSs. Furthermore, to enable researchers to cross-validate security systems (e.g., security-by-design concepts or anomaly detectors), several datasets have been collected from testbeds and shared with the community. In this paper, we provide a deep and comprehensive overview of ICSs, presenting the architecture design, the employed devices, and the security protocols implemented. We then collect, compare, and describe testbeds and datasets in the literature, highlighting key challenges and design guidelines to keep in mind in the design phases. Furthermore, we enrich our work by reporting the best performing IDS algorithms tested on every dataset to create a baseline in state of the art for this field. Finally, driven by knowledge accumulated during this survey's development, we report advice and good practices on the development, the choice, and the utilization of testbeds, datasets, and IDSs

Protecting an Industrial AC Drive Application against Cyber Sabotage

Vuonna 2010 havaittua, erittäin kehittynyttä tietokonevirusta nimeltä Stuxnet on kuvailtu myös ensimmäiseksi kybersodan aseeksi, koska eri lähteiden mukaan se tuhosi vähintään 1 000 uraania rikastavaa kaasusentrifugia Iranissa. Tämä kybersabotaasi suoritettiin tunkeutumalla teolliseen ohjausjärjestelmään, kytkemällä sentrifugeja ohjaavien taajuusmuuttajien suojatoiminnot pois päältä ja pyörittämällä niitä niin suurilla nopeuksilla, että keskipakoisvoimat aiheuttivat roottoreiden repeämisen. Dekantterit ovat toisenlaisia sentrifugeja, joita käytetään erottamaan kiinteät aineet nestemäisistä useilla eri teollisuudenaloilla, kuten esimerkiksi vedenkäsittelyssä ja kaivostoiminnassa. Dekantterisentrifugit, eli tarkemmin kiinteärumpuiset, ruuvipurkuiset lingot, käyvät usein epätahtikoneilla ja taajuusmuuttajilla. Olettaen, että Stuxnet-tapauksen kaltainen tuho voidaan estää sopivilla turvajärjestelmillä, toimenpiteitä dekantterilingon suojelemiseksi tutkittiin käyttäen kirjallisuutta ja nykyistä tietoturva- ja henkilöturvaominaisuustarjontaa seuraavilta uudenaikaisilta taajuusmuuttajilta, joissa on Ethernet-pohjainen kenttäväyläyhteys: ABB ACS880-01, Rockwell Allen-Bradley PowerFlex 755 ja Siemens SINAMICS S110. Rajoitetun arvioinnin tuloksena taajuusmuuttajien pahin kyberturvallisuuteen liittyvä haavoittuvuus on tyypillinen monille kenttäväyliä käyttäville automaatiolaitteille: täysivaltainen asetusten muutos on mahdollista oletusarvoisesti ilman minkäänlaista käyttäjähallintaa. Kuitenkin toiminnallisen turvallisuuden asetukset voidaan suojata salasanalla, joten standardoitu turvafunktio nimeltä turvallisesti rajoitettu nopeus on toteuttamiskelpoinen ratkaisu dekantterilingon suojelemiseksi kybersabotaasilta. Liitteenä olevaa tarkistuslistaa seuraamalla dekanttereissa käytettävät taajuusmuuttajat voidaan konfiguroida mahdollisimman hyvin kyberturvallisuuden kannalta.Discovered in 2010, the highly advanced computer virus called Stuxnet, also described as the first weapon of cyber warfare, reportedly destroyed at least 1,000 gas centrifuges enriching uranium in Iran. This kind of act of cyber sabotage was conducted by compromising the industrial control system, disabling protection functions of AC drives running the centrifuges, and making them spin at such high speeds that centrifugal forces caused their rotors to rupture. Decanters are another type of centrifuges used to separate solids from liquids in many industries including water treatment and mining for example. Also known as solid-bowl, scroll-discharge centrifuges, decanters are commonly powered by induction motors and AC drives. Assuming havoc similar to the Stuxnet case can be prevented with suitable safety systems, a review was conducted on the protection methods for decanter centrifuges based on literature and the current security and safety features of the following modern AC drives with Ethernet-based fieldbus connectivity: ABB ACS880-01, Rockwell Allen-Bradley PowerFlex 755, and Siemens SINAMICS S110. As a result of the limited assessment, the worst vulnerability related to cybersecurity of the AC drives is typical to many automation devices using fieldbuses: total configuration is possible remotely without any authentication by default. However, the functional safety configuration can be protected by means of a password, therefore allowing a standardized safety function called safely-limited speed (SLS) to become a viable solution for protecting the decanter centrifuge against cyber sabotage. By following the supplied checklist, it is possible to configure AC drives used with decanters optimally in terms of cybersecurity

Anomaly-based Correlation of IDS Alarms

An Intrusion Detection System (IDS) is one of the major techniques for securing information systems and keeping pace with current and potential threats and vulnerabilities in computing systems. It is an indisputable fact that the art of detecting intrusions is still far from perfect, and IDSs tend to generate a large number of false IDS alarms. Hence human has to inevitably validate those alarms before any action can be taken. As IT infrastructure become larger and more complicated, the number of alarms that need to be reviewed can escalate rapidly, making this task very difficult to manage. The need for an automated correlation and reduction system is therefore very much evident. In addition, alarm correlation is valuable in providing the operators with a more condensed view of potential security issues within the network infrastructure. The thesis embraces a comprehensive evaluation of the problem of false alarms and a proposal for an automated alarm correlation system. A critical analysis of existing alarm correlation systems is presented along with a description of the need for an enhanced correlation system. The study concludes that whilst a large number of works had been carried out in improving correlation techniques, none of them were perfect. They either required an extensive level of domain knowledge from the human experts to effectively run the system or were unable to provide high level information of the false alerts for future tuning. The overall objective of the research has therefore been to establish an alarm correlation framework and system which enables the administrator to effectively group alerts from the same attack instance and subsequently reduce the volume of false alarms without the need of domain knowledge. The achievement of this aim has comprised the proposal of an attribute-based approach, which is used as a foundation to systematically develop an unsupervised-based two-stage correlation technique. From this formation, a novel SOM K-Means Alarm Reduction Tool (SMART) architecture has been modelled as the framework from which time and attribute-based aggregation technique is offered. The thesis describes the design and features of the proposed architecture, focusing upon the key components forming the underlying architecture, the alert attributes and the way they are processed and applied to correlate alerts. The architecture is strengthened by the development of a statistical tool, which offers a mean to perform results or alert analysis and comparison. The main concepts of the novel architecture are validated through the implementation of a prototype system. A series of experiments were conducted to assess the effectiveness of SMART in reducing false alarms. This aimed to prove the viability of implementing the system in a practical environment and that the study has provided appropriate contribution to knowledge in this field

Frontiers in psychodynamic neuroscience

he term psychodynamics was introduced in 1874 by Ernst von Brücke, the renowned German physiologist and Freud’s research supervisor at the University of Vienna. Together with Helmholtz and others, Brücke proposed that all living organisms are energy systems, regulated by the same thermodynamic laws. Since Freud was a student of Brücke and a deep admirer of Helmholtz, he adopted this view, thus laying the foundations for his metapsychology. The discovery of the Default Network and the birth of Neuropsychoanalysis, twenty years ago, facilitated a deep return to this classical conception of the brain as an energy system, and therefore a return to Freud's early ambition to establish psychology as natural science. Our current investigations of neural networks and applications of the Free Energy Principle are equally ‘psychodynamic’ in Brücke’s original sense of the term. Some branches of contemporary neuroscience still eschew subjective data and therefore exclude the brain’s most remarkable property – its selfhood – from the field, and many neuroscientists remain skeptical about psychoanalytic methods, theories, and concepts. Likewise, some psychoanalysts continue to reject any consideration of the structure and functions of the brain from their conceptualization of the mind in health and disease. Both cases seem to perpetuate a Cartesian attitude in which the mind is linked to the brain in some equivocal relationship and an attitude that detaches the brain from the body -- rather than considering it an integral part of the complex and dynamic living organism as a whole. Evidence from psychodynamic neuroscience suggests that Freudian constructs can now be realized neurobiologically. For example, Freud’s notion of primary and secondary processes is consistent with the hierarchical organization of self-organized cortical and subcortical systems, and his description of the ego is consistent with the functions of the Default Network and its reciprocal exchanges with subordinate brain systems. Moreover, thanks to new methods of measuring brain entropy, we can now operationalize the primary and secondary processes and therefore test predictions arising from these Freudian constructs. All of this makes it possible to deepen the dialogue between neuroscience and psychoanalysis, in ways and to a degree that was unimaginable in Freud's time, and even compared to twenty years ago. Many psychoanalytical hypotheses are now well integrated with contemporary neuroscience. Other Freudian and post-Freudian hypotheses about the structure and function of the mind seem ripe for the detailed and sophisticated development that modern psychodynamic neuroscience can offer. This Research Topic aims to provide comprehensive coverage of the latest advances in psychodynamic neuroscience and neuropsychoanalysis. Potential authors are invited to submit papers (original research, case reports, review articles, commentaries) that deploy, review, compare or develop the methods and theories of psychodynamic neuroscience and neuropsychoanalysis. Potential authors include researchers, psychoanalysts, and neuroscientists