Multi-PLC Exercise Environments for Training ICS First Responders

When systems are targeted by cyber attacks, cyber first responders must be able to react effectively, especially when dealing with critical infrastructure. Training for cyber first responders is lacking and most existing exercise platforms are expensive, inaccessible or ineffective. This paper presents a mobile training platform which incorporates a variety of programmable logic controllers into a single system which facilitates the development of the unique skills required of cyber first responders operating in the realm of industrial control systems. The platform is modeled after a jail in the northeastern United States and was developed to maximize realism. Example training scenarios are provided to address specific skills and techniques. Results show that the platform is robust enough to conduct sustained training exercises that address a curriculum that has been proposed for cyber first responders

Autonomous Capabilities for Small Unmanned Aerial Systems Conducting Radiological Response: Findings from a High-fidelity Discovery Experiment

This article presents a preliminary work domain theory and identifies autonomous vehicle, navigational, and mission capabilities and challenges for small unmanned aerial systems (SUASs) responding to a radiological disaster. Radiological events are representative of applications that involve flying at low altitudes and close proximities to structures. To more formally understand the guidance and control demands, the environment in which the SUAS has to function, and the expected missions, tasks, and strategies to respond to an incident, a discovery experiment was performed in 2013. The experiment placed a radiological source emitting at 10 times background radiation in the simulated collapse of a multistory hospital. Two SUASs, an AirRobot 100B and a Leptron Avenger, were inserted with subject matter experts into the response, providing high operational fidelity. The SUASs were expected by the responders to fly at altitudes between 0.3 and 30 m, and hover at 1.5 m from urban structures. The proximity to a building introduced a decrease in GPS satellite coverage, challenging existing vehicle autonomy. Five new navigational capabilities were identified: scan, obstacle avoidance, contour following, environment-aware return to home, andreturn to highest reading. Furthermore, the data-to-decision process could be improved with autonomous data digestion and visualization capabilities. This article is expected to contribute to a better understanding of autonomy in a SUAS, serve as a requirement document for advanced autonomy, and illustrate how discovery experimentation serves as a design tool for autonomous vehicles

Wireless body sensor networks for health-monitoring applications

This is an author-created, un-copyedited version of an article accepted for publication in Physiological Measurement. The publisher is not responsible for any errors or omissions in this version of the manuscript or any version derived from it. The Version of Record is available online at http://dx.doi.org/10.1088/0967-3334/29/11/R01

A Framework for Categorization of Industrial Control System Cyber Training Environments

First responders and professionals in hazardous occupations undergo training and evaluations for the purpose of mitigating risk and damage. For example, helicopter pilots train with multiple categorized simulations that increase in complexity before flying a real aircraft. However in the industrial control cyber incident response domain, where incident response professionals help detect, respond and recover from cyber incidents, no official categorization of training environments exist. To address this gap, this thesis provides a categorization of industrial control training environments based on realism. Four levels of environments are proposed and mapped to Blooms Taxonomy. This categorization will help organizations determine which training environment best aligns with their training needs and budgets

Exercise Handbook: What Transportation Security and Emergency Preparedness Leaders Need to Know to Improve Emergency Preparedness, MTI Report 12-08

The U.S. Department of Homeland Security (DHS) has provided extensive general guidance on developing training and exercise programs for public entities, but little had been done to focus that material on the transportation sector specifically. Transportation sector emergency managers have noted that there should be specific guidance for developing exercises that are focused on the operational work of their agencies, in addition to the Logistics Section functions that are usually the focus of transportation sector entities in multi-agency, multi-jurisdiction exercises. The first section of his report provides information on federal training and exercise requirements for transportation sector entities. It summarizes the changes to emergency management programs and requirements that grew out of the Presidential Policy Directive-8 (PPD-8) issuance in early 2011, and the challenges of adult training. The second section is a Homeland Security Exercise and Evaluation Program (HSEEP)-compliant practical handbook using the project management approach that guides transportation sector staff in the creation, development, implementation and wrap-up of federally mandated exercises. It includes scenarios and implementation guidance based on the actual experiences and work of the transportation sector

The future of mobile devices:security and mobility

Mobile computing has transformed the way we work, play and communicate in a very short space of time. Advances in mobile technology and the innovative uses of that technology have contributed to a multitude of social and political effects from new ecommerce enterprises to the London Riots. Alongside these innovations are security concerns which will underpin how we think about and develop mobile technology in the future. This two day workshop comprised of a conceptual discussion and two technical exercises. The conceptual discussion group discussed current trends, future possibilities and how mobile technology will impact our lives over the next 10 years and beyond. The technical groups were given two days to produce a demonstrable attack scenario using mobile technology

Reflections on design of active learning module for training emergency management professionals in virtual reality

Experiences gained through learning design projects can be used as the basis to build systematic knowledge of digitization and active leaning in higher education. One such project funded by the Norwegian Agency for Digital Learning in Higher Educations (Norgesuniversitetet) has explored the design and trialling of a new resource for Emergency Management education that is based on theories of Active Learning and applies an innovative use of virtual reality technologies (VR). The project de-velops an active learning module (ALM) in a specialized VR simulation. The ALM has the learning objective to aid Emergency Management and Health professional students in the training of communi-cations in management during a crisis situation. The student interactions in the virtual reality simulat-ed ALM are active learning, because they are required to make real-time decisions while (1) interact-ing with the simulated environment and (2) they are communicating with colleagues within profession and across professions. This paper is based on observed and collected data from two days of trials using the ALM, with non-professional students in April 2016 and with Emergency Management and Health professional students in March 2017. The purpose of this paper is not to report on the learning outcomes for the students participating in these particular trials. Rather, based on the experiences of the trial-runs, the educational module (ALM) designers will reflect on the educational challenges within the thematic area. We will describe and discuss the elements of the active learning design such as the learning activities, the assessment forms, and the organizational implementation within the thematic educational programs. We will discuss how technology plays a role in achieving or hindering active learning objectives. Finally, we will reflect on how future designs of ALM can be further devel-oped to better meet the learning needs of the primary target learning group. Keywords: active learning, virtual reality, emergency management trainingpublishedVersio

Establishing cyber situational awareness in industrial control systems

The cyber threat to industrial control systems is an acknowledged security issue, but a qualified dataset to quantify the risk remains largely unavailable. Senior executives of facilities that operate these systems face competing requirements for investment budgets, but without an understanding of the nature of the threat cyber security may not be a high priority. Operational managers and cyber incident responders at these facilities face a similarly complex situation. They must plan for the defence of critical systems, often unfamiliar to IT security professionals, from potentially capable, adaptable and covert antagonists who will actively attempt to evade detection. The scope of the challenge requires a coherent, enterprise-level awareness of the threat, such that organisations can assess their operational priorities, plan their defensive posture, and rehearse their responses prior to such an attack. This thesis proposes a novel combination of concepts found in risk assessment, intrusion detection, education, exercising, safety and process models, fused with experiential learning through serious games. It progressively builds a common set of shared mental models across an ICS operation to frame the nature of the adversary and establish enterprise situational awareness that permeates through all levels of teams involved in addressing the threat. This is underpinned by a set of coping strategies that identifies probable targets for advanced threat actors, proactively determining antagonistic courses of actions to derive an appropriate response strategy

Jack Voltaic 3.0 Cyber Research Report

The Jack Voltaic (JV) Cyber Research project is an innovative, bottom-up approach to critical infrastructure resilience that informs our understanding of existing cybersecurity capabilities and identifies gaps. JV 3.0 contributed to a repeatable framework cities and municipalities nationwide can use to prepare. This report on JV 3.0 provides findings and recommendations for the military, federal agencies, and policy makers