Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Performance evaluation of dynamic source routing protocol with variation in transmission power and speed

Mobile ad-hoc network (MANET) is a set of mobile wireless nodes (devices) which is not rely on a fixed infrastructure. In MANETs, each device is responsible for routing its data according to a specific routing protocol. The three most common MANET routing protocols are: dynamic source routing protocol (DSR), optimized link state routing protocol (OLSR), and ad-hoc on-demand distance vector (AODV). This paper proposes an efficient evaluation of DSR protocol by testing the MANETs routing protocol with variation in transmission power at different speeds. The performance analysis has been given using optimized network engineering tools (OPNET) modeler simulations and evaluated using metrics of average end to end delay and throughput. The results show that the throughput increases as the transmission power increases up to a certain value after which the throughput decreases, also the network work optimally at a certain transmission power which varied at different speed

Modelling the Integrated QoS for Wireless Sensor Networks with Heterogeneous Data Traffic

The future of Internet of Things (IoT) is envisaged to consist of a high amount of wireless resource-constrained devices connected to the Internet. Moreover, a lot of novel real-world services offered by IoT devices are realized by wireless sensor networks (WSNs). Integrating WSN to the Internet has therefore brought forward the requirements of an end-to-end quality of service (QoS) guarantee. In this paper, the QoS requirements for the WSN-Internet integration are investigated by first distinguishing the Internet QoS from the WSN QoS. Next, this study emphasizes on WSN applications that involve traffic with different levels of importance, thus the way realtime traffic and delay-tolerant traffic are handled to guarantee QoS in the network is studied. Additionally, an overview of the integration strategies is given, and the delay-tolerant network (DTN) gateway, being one of the desirable approaches for integrating WSNs to the Internet, is discussed. Next, the implementation of the service model is presented, by considering both traffic prioritization and service differentiation. Based on the simulation results in OPNET Modeler, it is observed that real-time traffic achieve low bound delay while delay-tolerant traffic experience a lower packet dropped, hence indicating that the needs of real-time and delay-tolerant traffic can be better met by treating both packet types differently. Furthermore, a vehicular network is used as an example case to describe the applicability of the framework in a real IoT application environment, followed by a discussion on the future work of this research

Best strategy to control data on internet-of-robotic-things in heterogeneous networks

The control and transmission of huge data constitute an immense challenge in various types of networks (wired and wireless). Congestion caused by the high traffic and low throughput of huge data continues to be major problems in a heterogeneous platforms such as internet of things (IoT) technology and internet-of-robotic-things (IoRT). The heterogeneous network requires new models and mechanisms to deal with the increased challenges posed by IoT and IoRT. Accordingly, eliminating the issues that emerge has compelled finding improved solutions as a new strategy. This study proposed a new strategy called routing information and distance vector (RIDV) to create the best improvement of a heterogeneous network. The RIDV strategy activates the routing information protocol (RIPv2) on a router in wire network parallel with the ad-hoc on-demand distance vector (AODV) protocol on the wireless network. The RIDV strategy is used to solve the problems of the diversity of heterogeneous networks as the basis of the infrastructure IoRT technology. Hence, this strategy can reduce or avoid congestion through the use of enhanced and effective best routing protocols. Simulation results using OPNET show that the proposed method improved the quality of service (QoS) compared with other related strategies and AODV and RIPv1 protocols in terms of data drop, traffic drop, queue delay, and throughput

Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments

Business analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from multiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).Comment: Submitted to the 20th IEEE International Conference on High Performance Computing and Communications 2018 (HPCC2018), 28-30 June 2018, Exeter, U

FCS-MBFLEACH: Designing an Energy-Aware Fault Detection System for Mobile Wireless Sensor Networks

Wireless sensor networks (WSNs) include large-scale sensor nodes that are densely distributed over a geographical region that is completely randomized for monitoring, identifying, and analyzing physical events. The crucial challenge in wireless sensor networks is the very high dependence of the sensor nodes on limited battery power to exchange information wirelessly as well as the non-rechargeable battery of the wireless sensor nodes, which makes the management and monitoring of these nodes in terms of abnormal changes very difficult. These anomalies appear under faults, including hardware, software, anomalies, and attacks by raiders, all of which affect the comprehensiveness of the data collected by wireless sensor networks. Hence, a crucial contraption should be taken to detect the early faults in the network, despite the limitations of the sensor nodes. Machine learning methods include solutions that can be used to detect the sensor node faults in the network. The purpose of this study is to use several classification methods to compute the fault detection accuracy with different densities under two scenarios in regions of interest such as MB-FLEACH, one-class support vector machine (SVM), fuzzy one-class, or a combination of SVM and FCS-MBFLEACH methods. It should be noted that in the study so far, no super cluster head (SCH) selection has been performed to detect node faults in the network. The simulation outcomes demonstrate that the FCS-MBFLEACH method has the best performance in terms of the accuracy of fault detection, false-positive rate (FPR), average remaining energy, and network lifetime compared to other classification methods

Automation, Protection and Control of Substation Based on IEC 61850

Reliability of power system protection system has been a key issue in the substation operation due to the use of multi-vendor equipment of proprietary features, environmental issues, and complex fault diagnosis. Failure to address these issues could have a significant effect on the performance of the entire electricity grid. With the introduction of IEC 61850 standard, substation automation system (SAS) has significantly altered the scenario in utilities and industries as indicated in this thesis

Evaluation of ZigBee Topology Effect on Throughput and End to End Delay Due to Different Transmission Bands for IoT Applications

ZigBee is widely used in wireless network in Internet of Things (IoT) applications to remotely sensing and automation due to its unique characteristics compared to other wireless networks. According to ZigBee classification of IEEE 802.15.4 standard, the network consists of four layers. The ZigBee topology is represented in second layer. Furthermore, the ZigBee topology consists of three topologies, star, tree and mesh. Also there are many transmission bands allowed in physical layer, such as 2.4 GHz, 915 MHz, 868 MHz. The aim of this paper is to evaluate the effect of ZigBee topologies on End to End delay and throughput for different transmission bands. Riverbed Modeler is used to simulate multiple ZigBee proposed scenarios and collect the results. The results of the study recommend which topology should be used at each transmission band to provide lowest End to End delay or obtain maximum throughput, which is case sensitive in some IoT applications that required for example minimum delay time or sending high amount of data

ZigBee-Based wireless sensor network topologies using one and multiple coordinators

Wireless Sensor Networks (WSN) have been a cost-effective and feasible solution for a wide range of applications, such as communications infrastructure, traffic networks, telecommunications systems, military operations and so forth. IEEE804.15.4 ZigBee network model is ideally suited to the constraints of WSN in terms of bandwidth, processing power and battery capacity. This paper investigated tree and mesh routing in WSN with multiple coordinators and the failure of single coordinator using OPNET Modeler v14 which is an efficient computational platform for data networks simulation. Throughput, delay, traffic received, MAC Load are studied in this system and the results showed that tree routing was better suited for WSN than mesh routing and mobility of end node in multiple coordinator network was the best