Evaluation of Traditional Security Solutions in the SCADA Environment

Supervisory Control and Data Acquisition (SCADA) systems control and monitor the electric power grid, water treatment facilities, oil and gas pipelines, railways, and other Critical Infrastructure (CI). In recent years, organizations that own and operate these systems have increasingly interconnected them with their enterprise network to take advantage of cost savings and operational benefits. This trend, however, has introduced myriad vulnerabilities associated with the networking environment. As a result, the once isolated systems are now susceptible to a wide range of threats that previously did not exist. To help address the associated risks, security professionals seek to incorporate mitigation solutions designed for traditional networking and Information Technology (IT) systems. Unfortunately, the operating parameters and security principles associated with traditional IT systems do not readily translate to the SCADA environment. Security solutions for IT systems focus primarily on protecting the confidentiality of system and user data. Alternatively, SCADA systems must adhere to strict safety and reliability requirements and rely extensively on system availability. Mitigation strategies designed for traditional IT systems must first be evaluated prior to deployment on a SCADA system or risk adverse operational impacts such as a catastrophic oil spill, poisoning a water supply, or the shutdown of an electrical grid. This research evaluates the suitability of deploying a Host-Based Intrusion Detection System (IDS) to the Department of Defense SCADA fuels system. The impacts of the Host Intrusion Prevention System (HIPS) installed on the SCADA network\u27s Human Machine Interface (HMI) is evaluated. Testing revealed that the HIPS agent interferes with the HMI\u27s system services during startup. Once corrected, the HMI and connected SCADA network inherit the protections of the HIPS security agent and defenses associated with the Host-Based Security System

Transmission Line Security Monitor: Final Report

The Electric Power Transmission Line Security Monitor System Operational Test is a project funded by the Technical Support Working Group (TSWG). TSWG operates under the Combating Terrorism Technical Support Office that functions under the Department of Defense. The Transmission Line Security Monitor System is based on technology developed by Idaho National Laboratory. The technology provides a means for real-time monitoring of physical threats and/or damage to electrical transmission line towers and conductors as well as providing operational parameters to transmission line operators to optimize transmission line operation. The end use is for monitoring long stretches of transmission lines that deliver electrical power from remote generating stations to cities and industry. These transmission lines are generally located in remote transmission line corridors where security infrastructure may not exist. Security and operational sensors in the sensor platform on the conductors take power from the transmission line and relay security and operational information to operations personnel hundreds of miles away without relying on existing infrastructure. Initiated on May 25, 2007, this project resulted in pre-production units tested in realistic operational environments during 2010. A technology licensee, Lindsey Manufacturing of Azusa California, is assisting in design, testing, and ultimately production. The platform was originally designed for a security monitoring mission, but it has been enhanced to include important operational features desired by electrical utilities

An Evaluation Schema for the Ethical Use of Autonomous Robotic Systems in Security Applications

We propose a multi-step evaluation schema designed to help procurement agencies and others to examine the ethical dimensions of autonomous systems to be applied in the security sector, including autonomous weapons systems

Post-Westgate SWAT : C4ISTAR Architectural Framework for Autonomous Network Integrated Multifaceted Warfighting Solutions Version 1.0 : A Peer-Reviewed Monograph

Police SWAT teams and Military Special Forces face mounting pressure and challenges from adversaries that can only be resolved by way of ever more sophisticated inputs into tactical operations. Lethal Autonomy provides constrained military/security forces with a viable option, but only if implementation has got proper empirically supported foundations. Autonomous weapon systems can be designed and developed to conduct ground, air and naval operations. This monograph offers some insights into the challenges of developing legal, reliable and ethical forms of autonomous weapons, that address the gap between Police or Law Enforcement and Military operations that is growing exponentially small. National adversaries are today in many instances hybrid threats, that manifest criminal and military traits, these often require deployment of hybrid-capability autonomous weapons imbued with the capability to taken on both Military and/or Security objectives. The Westgate Terrorist Attack of 21st September 2013 in the Westlands suburb of Nairobi, Kenya is a very clear manifestation of the hybrid combat scenario that required military response and police investigations against a fighting cell of the Somalia based globally networked Al Shabaab terrorist group.Comment: 52 pages, 6 Figures, over 40 references, reviewed by a reade

Process of designing robust, dependable, safe and secure software for medical devices: Point of care testing device as a case study

This article has been made available through the Brunel Open Access Publishing Fund.Copyright © 2013 Sivanesan Tulasidas et al. This paper presents a holistic methodology for the design of medical device software, which encompasses of a new way of eliciting requirements, system design process, security design guideline, cloud architecture design, combinatorial testing process and agile project management. The paper uses point of care diagnostics as a case study where the software and hardware must be robust, reliable to provide accurate diagnosis of diseases. As software and software intensive systems are becoming increasingly complex, the impact of failures can lead to significant property damage, or damage to the environment. Within the medical diagnostic device software domain such failures can result in misdiagnosis leading to clinical complications and in some cases death. Software faults can arise due to the interaction among the software, the hardware, third party software and the operating environment. Unanticipated environmental changes and latent coding errors lead to operation faults despite of the fact that usually a significant effort has been expended in the design, verification and validation of the software system. It is becoming increasingly more apparent that one needs to adopt different approaches, which will guarantee that a complex software system meets all safety, security, and reliability requirements, in addition to complying with standards such as IEC 62304. There are many initiatives taken to develop safety and security critical systems, at different development phases and in different contexts, ranging from infrastructure design to device design. Different approaches are implemented to design error free software for safety critical systems. By adopting the strategies and processes presented in this paper one can overcome the challenges in developing error free software for medical devices (or safety critical systems).Brunel Open Access Publishing Fund

Computer-Aided System for Wind Turbine Data Analysis

Context: The current work on wind turbine failure detection focuses on researching suitable signal processing algorithms and developing efficient diagnosis algorithms. The laboratory research would involve large and complex data, and it can be a daunting task. Aims: To develop a Computer-Aided system for assisting experts to conduct an efficient laboratory research on wind turbine data analysis. System is expected to provide data visualization, data manipulation, massive data processing and wind turbine failure detection. Method: 50G off-line SCADA data and 4 confident diagnosis algorithms were used in this project. Apart from the instructions from supervisor, this project also gained help from two experts from Engineering Department. Java and Microsoft SQL database were used to develop the system. Results: Data visualization provided 6 different charting solutions and together with robust user interactions. 4 failure diagnosis solutions and data manipulations were provided in the system. In addition, dedicated database server and Matlab API with Java RMI were used to resolve the massive data processing problem. Conclusions: Almost all of the deliverables were completed. Friendly GUI and useful functionalities make user feel more comfortable. The final product does enable experts to conduct an efficient laboratory research. The end of this project also gave some potential extensions of the system

Implementation and Development of Vehicle Tracking and Immobilization Technologies

Since the mid-1980s, limited use has been made of vehicle tracking using satellite communications to mitigate the security and safety risks created by the highway transportation of certain types of hazardous materials. However, vehicle-tracking technology applied to safety and security is increasingly being researched and piloted, and it has been the subject of several government reports and legislative mandates. At the same time, the motor carrier industry has been investing in and implementing vehicle tracking, for a number of reasons, particularly the increase in efficiency achieved through better management of both personnel (drivers) and assets (trucks or, as they are known, tractors; cargo loads; and trailers). While vehicle tracking and immobilization technologies can play a significant role in preventing truck-borne hazardous materials from being used as weapons against key targets, they are not a & ”silver bullet.” However, the experience of DTTS and the FMCSA and TSA pilot projects indicates that when these technologies are combined with other security measures, and when the information they provide is used in conjunction with information supplied outside of the tracking system, they can provide defensive value to any effort to protect assets from attacks using hazmat as a weapon. This report is a sister publication to MTI Report 09-03, Potential Terrorist Uses of Highway-Borne Hazardous Materials. That publication was created in response to the Department of Homeland Security´s request that the Mineta Transportation Institute´s National Transportation Security Center of Excellence provide research and insights regarding the security risks created by the highway transportation of hazardous materials