51,238 research outputs found
Assessing and augmenting SCADA cyber security: a survey of techniques
SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability
Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 1
This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. Part 2: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines
Post-Westgate SWAT : C4ISTAR Architectural Framework for Autonomous Network Integrated Multifaceted Warfighting Solutions Version 1.0 : A Peer-Reviewed Monograph
Police SWAT teams and Military Special Forces face mounting pressure and
challenges from adversaries that can only be resolved by way of ever more
sophisticated inputs into tactical operations. Lethal Autonomy provides
constrained military/security forces with a viable option, but only if
implementation has got proper empirically supported foundations. Autonomous
weapon systems can be designed and developed to conduct ground, air and naval
operations. This monograph offers some insights into the challenges of
developing legal, reliable and ethical forms of autonomous weapons, that
address the gap between Police or Law Enforcement and Military operations that
is growing exponentially small. National adversaries are today in many
instances hybrid threats, that manifest criminal and military traits, these
often require deployment of hybrid-capability autonomous weapons imbued with
the capability to taken on both Military and/or Security objectives. The
Westgate Terrorist Attack of 21st September 2013 in the Westlands suburb of
Nairobi, Kenya is a very clear manifestation of the hybrid combat scenario that
required military response and police investigations against a fighting cell of
the Somalia based globally networked Al Shabaab terrorist group.Comment: 52 pages, 6 Figures, over 40 references, reviewed by a reade
A Security Pattern for Cloud service certification
Cloud computing is interesting from the economic, operational and even energy consumption perspectives but it still raises concerns regarding
the security, privacy, governance and compliance of the data and software services offered through it. However, the task of verifying security
properties in services running on cloud is not trivial. We notice the provision and security of a cloud service is sensitive. Because of the
potential interference between the features and behavior of all the inter-dependent services in all layers of the cloud stack (as well as dynamic
changes in them). Besides current cloud models do not include support for trust-focused communication between layers. We present a
mechanism to implement cloud service certification process based on the usage of Trusted Computing technology, by means of its Trusted Computing Platform (TPM) implementation of its architecture. Among many security security features it is a tamper proof resistance built in device and provides a root of trust to affix our certification mechanism. We present as a security pattern the approach for service certification based on the use TPM.Universidad de Málaga. Campus de Excelencia Internacional AndalucÃa Tec
- …