Security hardened remote terminal units for SCADA networks.

Remote terminal units (RTUs) are perimeter supervisory control and data acquisition (SCADA) devices that measure and control actual physical devices. Cyber security was largely ignored in SCADA for many years, and the cyber security issues that now face SCADA and DCS, specifically RTU security, are investigated in this research. This dissertation presents a new role based access control model designed specifically for RTUs and process control. The model is developed around the process control specific data element called a point, and point operations. The model includes: assignment constraints that limit the RTU operations that a specific role can be assigned and activation constraints that allow a security administrator to specify conditions when specific RTU roles or RTU permissions cannot be used. RTU enforcement of the new access control model depends on, and is supported by, the protection provided by an RTU\u27s operating system. This dissertation investigates two approaches for using minimal kernels to reduce potential vulnerabilities in RTU protection enforcement and create a security hardened RTU capable of supporting the new RTU access control model. The first approach is to reduce a commercial OS kernel to only those components needed by the RTU, removing any known or unknown vulnerabilities contained in the eliminated code and significantly reducing the size of the kernel. The second approach proposes using a microkernel that supports partitioning as the basis for an RTU specific operating system which isolates network related RTU software, the RTU attack surface, from critical RTU operational software such as control algorithms and analog and digital input and output. In experimental analysis of a prototype hardened RTU connected to real SCADA hardware, a reduction of over 50% was obtained in reducing a 2.4 Linux kernel to run on actual RTU hardware. Functional testing demonstrated that different users were able to carryout assigned tasks with the limited set of permissions provided by the security hardened RTU and a series of simulated insider attacks were prevented by the RTU role based access control system. Analysis of communication times indicated response times would be acceptable for many SCADA and DCS application areas. Investigation of a partitioning microkernel for an RTU identified the L4 microkernel as an excellent candidate. Experimental evaluation of L4 on real hardware found the IPC overhead for simulated critical RTU operations protected by L4 partitioning to be sufficiently small to warrant continued investigation of the approach

The Java Management Extensions (JMX): Is Your Cluster Ready for Evolution?

The arrival of commodity hardware configurations with performance rivaling that offered by RISC workstations is resulting in important advances in the state of the art of building and running very large scalable clusters at "mass market" pricing levels. However, cluster middleware layers are still considered as static infrastructures which are not ready for evolution. In this paper, we claim that middleware layers based on both agent and Java technologies offer new opportunities to support clusters where services can be dynamically added, removed and reconfigured. To support this claim, we present the Java Management Extensions (JMX), a new Java agent based technology, and its application to implement two disjoint cluster management middleware services (a remote reboot service and a distributed infrastructure for collecting Log events) which share a unique agent-based infrastructure

The DS-Pnet modeling formalism for cyber-physical system development

This work presents the DS-Pnet modeling formalism (Dataflow, Signals and Petri nets), designed for the development of cyber-physical systems, combining the characteristics of Petri nets and dataflows to support the modeling of mixed systems containing both reactive parts and data processing operations. Inheriting the features of the parent IOPT Petri net class, including an external interface composed of input and output signals and events, the addition of dataflow operations brings enhanced modeling capabilities to specify mathematical data transformations and graphically express the dependencies between signals. Data-centric systems, that do not require reactive controllers, are designed using pure dataflow models. Component based model composition enables reusing existing components, create libraries of previously tested components and hierarchically decompose complex systems into smaller sub-systems. A precise execution semantics was defined, considering the relationship between dataflow and Petri net nodes, providing an abstraction to define the interface between reactive controllers and input and output signals, including analog sensors and actuators. The new formalism is supported by the IOPT-Flow Web based tool framework, offering tools to design and edit models, simulate model execution on the Web browser, plus model-checking and software/hardware automatic code generation tools to implement controllers running on embedded devices (C,VHDL and JavaScript). A new communication protocol was created to permit the automatic implementation of distributed cyber-physical systems composed of networks of remote components communicating over the Internet. The editor tool connects directly to remote embedded devices running DS-Pnet models and may import remote components into new models, contributing to simplify the creation of distributed cyber-physical applications, where the communication between distributed components is specified just by drawing arcs. Several application examples were designed to validate the proposed formalism and the associated framework, ranging from hardware solutions, industrial applications to distributed software applications

A Governance Reference Model For Service-oriented Architecture-based Common Data Initialization A Case Study Of Military Simulation Federation Systems

Military simulation and command and control federations have become large, complex distributed systems that integrate with a variety of legacy and current simulations, and real command and control systems locally as well as globally. As these systems continue to become increasingly more complex so does the data that initializes them. This increased complexity has introduced a major problem in data initialization coordination which has been handled by many organizations in various ways. Serviceoriented architecture (SOA) solutions have been introduced to promote easier data interoperability through the use of standards-based reusable services and common infrastructure. However, current SOA-based solutions do not incorporate formal governance techniques to drive the architecture in providing reliable, consistent, and timely information exchange. This dissertation identifies the need to establish governance for common data initialization service development oversight, presents current research and applicable solutions that address some aspects of SOA-based federation data service governance, and proposes a governance reference model for development of SOA-based common data initialization services in military simulation and command and control federations

A flexible object orientated design approach for the realisation of assistive technology

This thesis contributes to a growing body of research conducted by the Interactive Systems Research Group (ISRG) at Nottingham Trent University within the fields of accessibility and accessible technologies. Core to this research is the exploration of how interactive technologies can be developed and applied as platforms for education, rehabilitation and social inclusion. To this end the group has been actively evolving the User Sensitive and Inclusive Design (USID) methodology for the design, development and evaluation of accessible software and related technologies. This thesis contributes to the further development of the USID method with a focus on its application for the design of assistive technology

Framework for supporting JavaScript-Based Mobile Agents

The evolution of technology in interconnection solutions, such as networks or the Internet, and the emergence both of wireless sensors networks and distributed systems allowed many communication architectures to appear, being the Client-server architecture the most common. Here, we present a dissertation work about the mobile agents computing paradigm. A middleware and a mobile agent framework have been developed using the JavaScript language that allows the development, execution and the ability to move JavaScript mobile agents through the local network and Internet using Node.js for desktop operating systems and React Native for mobile operating systems, such as Android and iOS. This initiative arose as a way of dealing with problems raised by the considerable amount of existing Java based mobile agents platforms, which force the installation of the Java Virtual Machine on the devices, making complicated its execution in operating systems like macOS, iOS and others operating systems not compatible with Java

Smart Sensor Webs For Environmental Monitoring Integrating Ogc Standards

Sensor webs are the most recent generation of data acquisition systems. The research presented looks at the concept of sensor webs from three perspectives: node, user, and data. These perspectives are different but are nicely complementary, and all extend an enhanced, usually wireless, sensor network. From the node perspective, sensor nodes collaborate in response to environmental phenomena in intelligent ways; this is referred to as the collaborative aspect. From the user perspective, a sensor web makes its sensor nodes and resources accessible via the WWW (World Wide Web); this is referred to as the accessible aspect. From the data perspective, sensor data is annotated with metadata to produce contextual information; this is referred to as the semantic aspect. A prototype that is a sensor web in all three senses has been developed. The prototype demonstrates theability of managing information in different knowledge domains. From the low-level weather data, information about higher-level weather concepts can be inferred and transferred to other knowledge domains, such as specific human activities. This produces an interesting viewpoint of situation awareness in the scope of traditional weather data

AmbiGaze:direct control of ambient devices by gaze

Eye tracking offers many opportunities for direct device control in smart environments, but issues such as the need for calibration and the Midas touch problem make it impractical. In this paper, we propose AmbiGaze, a smart environment that employs the animation of targets to provide users with direct control of devices by gaze only through smooth pursuit tracking. We propose a design space of means of exposing functionality through movement and illustrate the concept through four prototypes. We evaluated the system in a user study and found that AmbiGaze enables robust gaze-only interaction with many devices, from multiple positions in the environment, in a spontaneous and comfortable manner

Analyzing audit trails in a distributed and hybrid intrusion detection platform

Efforts have been made over the last decades in order to design and perfect Intrusion Detection Systems (IDS). In addition to the widespread use of Intrusion Prevention Systems (IPS) as perimeter defense devices in systems and networks, various IDS solutions are used together as elements of holistic approaches to cyber security incident detection and prevention, including Network-Intrusion Detection Systems (NIDS) and Host-Intrusion Detection Systems (HIDS). Nevertheless, specific IDS and IPS technology face several effectiveness challenges to respond to the increasing scale and complexity of information systems and sophistication of attacks. The use of isolated IDS components, focused on one-dimensional approaches, strongly limits a common analysis based on evidence correlation. Today, most organizations’ cyber-security operations centers still rely on conventional SIEM (Security Information and Event Management) technology. However, SIEM platforms also have significant drawbacks in dealing with heterogeneous and specialized security event-sources, lacking the support for flexible and uniform multi-level analysis of security audit-trails involving distributed and heterogeneous systems. In this thesis, we propose an auditing solution that leverages on different intrusion detection components and synergistically combines them in a Distributed and Hybrid IDS (DHIDS) platform, taking advantage of their benefits while overcoming the effectiveness drawbacks of each one. In this approach, security events are detected by multiple probes forming a pervasive, heterogeneous and distributed monitoring environment spread over the network, integrating NIDS, HIDS and specialized Honeypot probing systems. Events from those heterogeneous sources are converted to a canonical representation format, and then conveyed through a Publish-Subscribe middleware to a dedicated logging and auditing system, built on top of an elastic and scalable document-oriented storage system. The aggregated events can then be queried and matched against suspicious attack signature patterns, by means of a proposed declarative query-language that provides event-correlation semantics