A survey on cyber security for smart grid communications

A smart grid is a new form of electricity network with high fidelity power-flow control, self-healing, and energy reliability and energy security using digital communications and control technology. To upgrade an existing power grid into a smart grid, it requires significant dependence on intelligent and secure communication infrastructures. It requires security frameworks for distributed communications, pervasive computing and sensing technologies in smart grid. However, as many of the communication technologies currently recommended to use by a smart grid is vulnerable in cyber security, it could lead to unreliable system operations, causing unnecessary expenditure, even consequential disaster to both utilities and consumers. In this paper, we summarize the cyber security requirements and the possible vulnerabilities in smart grid communications and survey the current solutions on cyber security for smart grid communications. © 2012 IEEE

Design-Time Quantification of Integrity in Cyber-Physical-Systems

In a software system it is possible to quantify the amount of information that is leaked or corrupted by analysing the flows of information present in the source code. In a cyber-physical system, information flows are not only present at the digital level, but also at a physical level, and to and fro the two levels. In this work, we provide a methodology to formally analyse a Cyber-Physical System composite model (combining physics and control) using an information flow-theoretic approach. We use this approach to quantify the level of vulnerability of a system with respect to attackers with different capabilities. We illustrate our approach by means of a water distribution case study

Cyber warfare: threats and opportunities

Relatório apresentado à Universidade Fernando Pessoa como parte dos requisitos para o cumprimento do programa de Pós-Doutoramento em Ciências da InformaçãoCybersecurity has gone through several changes that have presented new challenges in recent years, complicated by the rise of cybercrime and digital warfare. With the introduction of militarizing the space domain, it has become apparent that we must consider multidomain concepts. Thus, the threat landscape has again shifted, and defenders must become knowledgeable about how the cyber domain crosses into maritime, land, air, and space. The traditional thinking of protecting enterprise systems locked away in a building is no longer. Thus, we have the emergence of cyber warfare and cyber as a fifth domain that brings together maritime, land, space, and air. These domains are not just for the military but the civilian sector as well. Understanding the role of cyber and how it can be used to take advantage or secure the remaining domains will give entities the upper hand in strategy. The technological advancements that pave the way to the mass implementation of the Internet of Things (IoT) and Internet connectivity to everyday devices have led to an explosion in cyberattacks such as breaches resulting in millions of accounts being compromised. (Dawson, Eltayeb, & Omar, 2016). Bad actors such as those focused on criminal activities regarding human trafficking and espionage navigate these domains to circumvent law enforcement agencies globally. We must understand how exploitation, circumvention, and defense needs to occur in a multidomain concept. However, knowing that the cyber domain is a domain that goes through land, maritime, space, and air can be an area that serves as a central point for realizing assured security. Executive Orders (EO), laws, policies, doctrine, and other directives have shaped the landscape of cybersecurity. New EOs have been released that allow a cyber-attack with responsive measures such as one that involves military force. Laws created that impose rights for Personal Identifiable Information (PII) being breached, leaving millions of individuals unprotected. One of these most well-known items is General Data Protection Regulation (GDPR) as it relates to the European Union (EU) and the evolving threats with hyperconnectivity (Martínez, 2019a; Martínez, 2019b). Understanding the role of cybercrime and digital warfare and how they continue to play in shaping the technological landscape is critical. These various actions change the spectrum regarding combating nefarious actors or design errors that leave the system susceptible. As attacks continue to rise from bad actors such as nation-states, terrorists, and other entities, it is essential to understand the threat landscape and select cybersecurity methodologies that can be put in place to provide adequate measures. This document presents the work form a post-doctoral project that provides a perspective of cybersecurity under a information science perspective. This six-month project allows to stress the broadly importance that information and its management (not just within the information security context), and the urgent need to deal with cybersecurity as a societal challenge. The document is organized in four main chapters presenting different but complementary issues, going from high level to a more operational level: National Cybersecurity Education: Bridging Defense to Offense, stressing the importance of societal awareness and education. Emerging Technologies in the Fourth Industrial Revolution, stressing the importance to consider cybersecurity issues as core ones, even to economic and production areas. Nefarious Activities within the Deep Layers of the Internet, stressing the need to be part of digital places where information is traded, shared and, even sometimes, created. The fourth chapter provide a few hints and issues related with software development and test: Software Security Considerations. A final session presents several remarks as Final Thoughts, closing the work pointing out some of the current challenges that we are facing of.N/

An Approach to Optimize the Management of Information Security in Public Organizations of Ecuador

The problems of information security in public organizations in Ecuador are evident, which, as a result, have led to corruptions that are present at all levels of operational, tactical and strategic management. The objective of this chapter is to analyze the available information found in different media, written, spoken, among others. The deductive method was used for the collection of information and observation techniques. It turned out the improve in the administrative processes, prototype diagram of sequence of access of users and services, prototype of integration of technologies of security of the information for public organizations of Ecuador. It was concluded that to avoid corruption in a country change should happen at all levels: the way of thinking and culture of the inhabitants, laws, penalties to politicians without parliamentary immunity, application of information and communications technologies (ICT) in an appropriate manner, and complying with international standards in information security. To improve information security, administrative policies on information security must be changed, and technologies related to immutable security algorithms, Ledger, Hyperledger, etc., must be used

Restructuring and Automation of Security Model for Sustainable Development in Nigeria

Nigeria has on daily basis experienced an upsurge of activities that threatens and endangers its national security. In recent times, the Nigerian nation suddenly metamorphosed into an abode of insecurity. Security is presently a major challenge in Nigeria especially in Northern Nigeria. Nigerians and non-Nigerians are killed on daily basis and in their numbers even the United Nations building and the Police Headquarters at the Federal Capital were bombed. Though the government claims to be on top of the situation, the problem persists. Despite its abundant oil wealth, there has been unimaginable level of lack of infrastructure, automated security amenities and negligible development generally. One of the major setbacks to development in Nigeria is insecurity. Until very recently, plethora of explanations on the crawling pace of development in Nigeria tends to pay infinitesimal attention to the centrality of security to national development. It is no surprise therefore that since 1999 when Nigeria returned to civil rule insecurity tends to have hampered national development. Security is evidently the pillar upon which every meaningful development could be achieved and sustained. In view of this scenario, the paper basically analyses and recommends ways of ascertaining the impact of automated and improved security model for sustainable development in Nigeria. It therefore concludes and recommends amongst others, the formulation and effective implementation of policies capable of addressing the root causes of insecurity in Nigeria. Keywords: Restructuring, Automation, Security Model, Development

Bad, mad, and cooked: Moral responsibility for civilian harms in human-AI military teams

This chapter explores moral responsibility for civilian harms by human-artificial intelligence (AI) teams. Although militaries may have some bad apples responsible for war crimes and some mad apples unable to be responsible for their actions during a conflict, increasingly militaries may 'cook' their good apples by putting them in untenable decision-making environments through the processes of replacing human decision-making with AI determinations in war making. Responsibility for civilian harm in human-AI military teams may be contested, risking operators becoming detached, being extreme moral witnesses, becoming moral crumple zones or suffering moral injury from being part of larger human-AI systems authorised by the state. Acknowledging military ethics, human factors and AI work to date as well as critical case studies, this chapter offers new mechanisms to map out conditions for moral responsibility in human-AI teams. These include: 1) new decision responsibility prompts for critical decision method in a cognitive task analysis, and 2) applying an AI workplace health and safety framework for identifying cognitive and psychological risks relevant to attributions of moral responsibility in targeting decisions. Mechanisms such as these enable militaries to design human-centred AI systems for responsible deployment.Comment: 30 pages, accepted for publication in Jan Maarten Schraagen (Ed.) 'Responsible Use of AI in Military Systems', CRC Press [Forthcoming

Regional integration in South Asia : what role for trade facilitation ?

The trade performance of countries in South Asia over the past two decades has been poor relative to other regions. Exports from South Asia have doubled over the past 20 years to approximately USD 100 billion. In contrast, East Asia's exports grew ten times over the same period. The low level of intraregional trade has contributed to weak export performance in South Asia. The empirical analysis in this paper demonstrates gains to trade in the region from reform and capacity building in trade facilitation at the regional level. When considering intraregional trade, if countries in South Asia raise capacity halfway to East Asia's average, trade is estimated to rise by USD 2.6 billion. This is approximately 60 percent of the total intraregional trade in South Asia. Countries in the region also have a stake in the success of efforts to promote capacity building outside its borders. If South Asia and the rest of the world were to raise their levels of trade facilitation halfway to the East Asian average, the gains to the region would be estimated at USD 36 billion. Out of those gains, about 87 percent of the total would be generated from South Asia's own efforts (leaving the rest of the world unchanged). In summary, we find that the South Asian region's expansion of trade can be substantially advanced with programs of concrete action to address barriers to trade facilitation to advance regional goals.Transport Economics Policy&Planning,Transport and Trade Logistics,Common Carriers Industry,Trade Policy,Free Trade