11 research outputs found
Розробка підходу до проектування, моделювання та дослідження критичної ІТ-інфраструктури
The object of research is a critical IT infrastructure. One of the most problematic places in the study of critical IT infrastructures is the complete lack of approaches, methodology and tools for designing, modeling and researching critical IT infrastructures that could be used in the form in which they are offered.On the basis of expanded open hybrid automata, an approach is proposed that will allow to compactly describe the components, critical IT infrastructure systems and their interrelations, both internal and external. Its peculiarity is the use of an extended set of parameters, which makes it possible to provide probabilistic and qualitative features to models of components and systems of a critical IT infrastructure.In the course of the research, the Matlab software package is used, which allows to check the proposed approach and models for workability.The resulting models are fairly compact and completely reflect the necessary logic of the work of the relevant components and critical IT infrastructure systems. It is shown that this is achieved due to the flexibility of the proposed mathematical apparatus, namely the possibility of creating compositions from simple models for the formation of more complex ones.In the future, the proposed approach and the creation of a library of models for all major systems and critical IT infrastructure components will provide a convenient tool for a wide range of researchers whose work is related to all aspects of researching critical IT infrastructures.Предложен подход, который позволяет разработать точные модели компонентов критической ИТ-инфраструктуры и объединить их на базе их зависимостей. Этот подход дает инструмент для создания более масштабных и сложных взаимосвязанных моделей. Применяя определенные настройки, используя различные условия эксплуатации, предложенный инструментарий позволяет изучить каскадные эффекты взаимозависимости компонентов или целых систем, провести детальную оценку их уязвимости и осуществить широкое планирование.Запропоновано підхід, який дозволяє розробити точні моделі компонентів критичної ІТ-інфраструктури та об’єднати їх на базі їхніх залежностей. Цей підхід дає інструмент для створення більш масштабних і складніших взаємозалежних моделей. Застосовуючи певні налаштування, використовуючи різні умови експлуатації, запропонований інструментарій дозволяє вивчити каскадні ефекти взаємозалежності компонентів або цілих систем, провести детальну оцінку їхньої вразливості та здійснити широке планування
Critical entities resilience failure indication
The adoption of the new Directive (EU) 2022/2557 on the resilience of critical entities has raised the question of how to assess the level of resilience of these entities in relation to current security threats. Until now, approaches have focused only on assessing the resilience of critical infrastructure elements. However, the new Directive exemplifies the need to pay attention not only to the element resilience, but also and more importantly to the resilience of their owners and operators, i.e., critical entities. Based on this fact, the authors of the article created a tool for Critical Entities Resilience Failure Indication (CERFI Tool). The essence of this tool is a probabilistic algorithm that predicts the relationship between the threat intensity and the protective part of critical entity resilience through indicators (to be created by the assessors themselves). The result of this prediction is an indication of the critical point of failure of the critical entity's resilience in phases of prevention and absorption of impacts. The CERFI Tool thus contributes to increasing the safety of technically oriented infrastructures, especially those of an energy and transport nature. The paper concludes with an example of the practical application of the developed tool on a selected critical entity in the energy sector.Ministerstvo Vnitra České Republiky, (SP2023/086, VK01030014)Ministry of the Interior of the Czech Republic [VK01030014]; VSB - Technical University in Ostrava [SP2023/086
Quantitative dependability and interdependency models for large-scale cyber-physical systems
Cyber-physical systems link cyber infrastructure with physical processes through an integrated network of physical components, sensors, actuators, and computers that are interconnected by communication links. Modern critical infrastructures such as smart grids, intelligent water distribution networks, and intelligent transportation systems are prominent examples of cyber-physical systems. Developed countries are entirely reliant on these critical infrastructures, hence the need for rigorous assessment of the trustworthiness of these systems. The objective of this research is quantitative modeling of dependability attributes -- including reliability and survivability -- of cyber-physical systems, with domain-specific case studies on smart grids and intelligent water distribution networks. To this end, we make the following research contributions: i) quantifying, in terms of loss of reliability and survivability, the effect of introducing computing and communication technologies; and ii) identifying and quantifying interdependencies in cyber-physical systems and investigating their effect on fault propagation paths and degradation of dependability attributes.
Our proposed approach relies on observation of system behavior in response to disruptive events. We utilize a Markovian technique to formalize a unified reliability model. For survivability evaluation, we capture temporal changes to a service index chosen to represent the extent of functionality retained. In modeling of interdependency, we apply correlation and causation analyses to identify links and use graph-theoretical metrics for quantifying them. The metrics and models we propose can be instrumental in guiding investments in fortification of and failure mitigation for critical infrastructures. To verify the success of our proposed approach in meeting these goals, we introduce a failure prediction tool capable of identifying system components that are prone to failure as a result of a specific disruptive event. Our prediction tool can enable timely preventative actions and mitigate the consequences of accidental failures and malicious attacks --Abstract, page iii
Survivability modeling for cyber-physical systems subject to data corruption
Cyber-physical critical infrastructures are created when traditional physical infrastructure is supplemented with advanced monitoring, control, computing, and communication capability. More intelligent decision support and improved efficacy, dependability, and security are expected. Quantitative models and evaluation methods are required for determining the extent to which a cyber-physical infrastructure improves on its physical predecessors. It is essential that these models reflect both cyber and physical aspects of operation and failure. In this dissertation, we propose quantitative models for dependability attributes, in particular, survivability, of cyber-physical systems. Any malfunction or security breach, whether cyber or physical, that causes the system operation to depart from specifications will affect these dependability attributes. Our focus is on data corruption, which compromises decision support -- the fundamental role played by cyber infrastructure. The first research contribution of this work is a Petri net model for information exchange in cyber-physical systems, which facilitates i) evaluation of the extent of data corruption at a given time, and ii) illuminates the service degradation caused by propagation of corrupt data through the cyber infrastructure. In the second research contribution, we propose metrics and an evaluation method for survivability, which captures the extent of functionality retained by a system after a disruptive event. We illustrate the application of our methods through case studies on smart grids, intelligent water distribution networks, and intelligent transportation systems. Data, cyber infrastructure, and intelligent control are part and parcel of nearly every critical infrastructure that underpins daily life in developed countries. Our work provides means for quantifying and predicting the service degradation caused when cyber infrastructure fails to serve its intended purpose. It can also serve as the foundation for efforts to fortify critical systems and mitigate inevitable failures --Abstract, page iii
Security risk assessment in industrial control systems
Funkcija daljinskog upravljanja industrijskim sistemom postavlja specifične zahteve za
informacionu i komunikacionu infrastrukturu, koja treba da obezbedi procesiranje i
siguran prenos heterogenih informacija sa različitim zahtevima za kvalitet servisa.
Komunikacija se ostvaruje između centra upravljanja i objekata industrijskog sistema,
kao i između distribuiranih centara upravljanja. Usvajanje otvorenih komunikacionih
standarda, korišćenje otvorenih softverskih platformi, povezanost sistema upravljanja sa
drugim mrežama, daljinski pristup i dostupnost tehničkih informacija su razlozi zbog
kojih je informaciona i komunikaciona infrastruktura savremenih industrijskih sistema
daljinskog upravljnja, a posebno SCADA (Supervisory Control and Data Acquisition)
sistema podložna različitim vrstama napada.
Uzimajući u obzir evidentnu potrebu za implementacijom specifičnih mehanizama
zaštite u mreži industrijskih sistema daljinskog upravljanja, poželjno je da se, pri
projektovanju bezbednosnih sistema i kasnije u toku eksploatacije, izvrši procena
bezbednosnog rizika, sa ciljem da se odredi racionalan nivo ulaganja u zaštitu.
U disertaciji je prvo utvrđen stepen degradacije ključnih performansi telekomunikacione
mreže SCADA sistema, simulacijom različitih uslova distribuiranih napada kao što je
napad koji prouzrokuje odbijanje servisa (DDoS – Distributed Denial of Service). Zatim
su predložena dva nova metoda procene bezbednosnog rizika u slučaju DDoS napada na
infrastrukturu SCADA sistema. Prvi, osnovni metod, zasniva se na analizi arhivskih
podataka, a pretpostavlja proračun povrata investicija u zaštitu pomoću skupa težinskih
faktora, koji kvantifikuju uslove u kojima se dogodio napad. Drugi, hibridni metod,
pored analize arhivskih podataka, uzima u obzir subjektivnu ocenu stručnjaka dobijenu
na osnovu odgovarajućih anketa. U zavisnosti od primene metoda predložena su dva
načina izražavanja mere rizika, kvalitativno i monetarno. Na kraju su predloženi
postupci cost/benefit analize za preporučenu primenu IDPS (Intrusion Detection and
Prevention System) mehanizama zaštite na osnovu procenjene mere rizika. Definisanje
prihvatljivog praga za povrat investicija u zaštitu omogućuje donošenje odluke o
racionalnom ulaganju u bezbednost SCADA sistema.
Za testiranje predloženih metoda definisane su dve studije slučaja: studija slučaja u
realnom okruženju protočne hidroelektrane i studija slučaja SCADA sistema u
modelovanom magistralnom gasovodu. Rezultati studija slučaja su pokazali da su
metodi pogodni za identifikaciju ranjivosti (vulnerability) sistema, praktični i
primenljivi u različitim industrijskim sektorima. Pored toga, pokazalo se da su metodi
efikasni u proceni mere bezbednosnog rizika od infrastukturnog napada i proceni
isplativosti ulaganja u poboljšanje bezbednosti infrastrukture SCADA mreža. Studija
slučaja u magistralnom gasovodu pokazala je da je drugi metod primenljiv i u fazi
projektovanja sistema, kada arhive sa relevantnim podacima nisu dostupne.
Na kraju disertacije, na bazi rezultata istraživanja, predložene su mere za ograničavanje
bezbednosnog rizika u industrijskim sistemima daljinskog upravljanja.Remote control of industrial system poses specific requirements for information and
communication infrastructure, which has to provide processing and secure transmission
of heterogeneous information with different requirements for Quality of Service.
Communication takes place between control center and industrial system devices, as
well as among distributed control centers. Information and communication
infrastructure of modern Supervisory Control and Data Acquisition (SCADA) systems
is particularly vulnerable to different cyber security threats due to following reasons:
adoption of open communication standards, use of open software platforms,
connectivity with other networks, remote access, and availability of technical
information.
There is an evident need to implement specific security mechanisms in industrial
control networks; hence, in order to determine a cost-effective level of investment, it is
desirable to assess security risk during network design phase, as well as during network
operation.
In this thesis, we first investigate the level of network performance degradation in
SCADA systems by simulation of different conditions of distributed attacks such as
Distributed Denial of Service (DDoS). Further, two novel methods for security risk
assessment are proposed for the case of DDoS attack on the SCADA system
infrastructure. The first, basic method relies on the analysis of historical data, and
assumes calculating return on security investment as a function of the set of weighting
factors that quantify the attack conditions. The second, hybrid method takes into
account both hictorical data and subjective assessment of experts, provided by
appropriate questionnaires. Depending on method application two ways (qualitative and
monetary) for expressing the risk measure are proposed. Finally, techniques of
cost/benefit analysis are also proposed for recommended application of intrusion
detection and prevention system, based on the assessed risk measure. Definition of
acceptable threshold for return on security investment allows making decision about
cost-effective level of investment in security of SCADA system.
For testing of proposed risk assessment methods, two case studies are defined: the first
one considers real environment of a run-off-river hydropower plant, and the second one
investigates the SCADA system in a simulated main pipeline. The results of case
studies have shown that proposed methods are suitable for identification of system’s
vulnerability, useful and applicable in different industrial sectors. Besides, proposed
methods are efficient in security risk assessment regarding infrastructure attacks as well
as in analysis of investment feasibility regarding enhancement of the SCADA network
infrastructure security. Case study of the main pipeline also shows that the second
method is applicable in the system design phase when relevant historical data are not
available
Vulnérabilité, interdépendance et analyse des risques des postes sources et des modes d’exploitation décentralisés des réseaux électriques
In view of the increasing use of Information and Communication Technol-ogies in power systems, it is essential to study the interdependencies between these coupled heterogeneous systems. This thesis focuses on the modeling of multi- infrastructure systems. This includes interdependencies and the three major failures families: common mode, escalat-ing and cascading. It is indeed necessary to identify the weaknesses that can trigger one or multiple failure(s) and cascade through these interdependent infrastructures, causing unex-pected and increasingly more serious failures to other infrastructures. In this context, different approaches, based on the theory of Complex Networks, are developed to identify the most critical components in the coupled heterogeneous system. One of the major scientific barriers addressed in this thesis is the development of a unified mathematical model to represent the behavior.Au vu de l’utilisation croissante des technologies de l’information et de la communication dans les réseaux électriques, il est indispensable d’étudier l’étroite liaison entre ces infrastructures et d’avoir une vision intégrée du système couplé. Cette thèse porte ainsi sur la modélisation des systèmes multi-infrastructures. Cela inclut les interdépendances et les trajectoires de défaillances de type modes communs, aggravations et cascades. Il est en effet nécessaire d’identifier les points de faiblesse qui peuvent déclencher une ou de multiples défaillance(s), se succéder en cascade au travers de ces infrastructures liées et ainsi entrainer des défaillances inattendues et de plus en plus graves dans des autres infrastructures. Dans cette optique, différents modèles basés sur la théorie des Réseaux Complexes sont développés afin d’identifier les composants les plus importantes, et pourtant critiques, dans le système interconnecté. Un des principaux verrous scientifiques levé dans cette thèse est relatif au développement d'un modèle mathématique « unifié » afin de représenter les comportements des multiples infrastructures non-homogènes qui ont des interdépendances asymétriques
STRUMENTI E PRATICHE DI PIANIFICAZIONE ENERGETICA VERSO LE SMART CITIES - Proposta di Strumenti Regolamentari, Metodologici e Considerazioni Progettuali
Il termine Smart Cities è ormai di uso comune e diffuso nei paesi sviluppati (America ed Europa in primis) quanto nei Paesi emergenti, Asia (Cina, India) ed Emirati Arabi. Nel contesto internazionale, risulta però difficile individuare una definizione univoca di ciò che si intende per “smart city”. La letteratura scientifica a riguardo, molto prolifica negli ultimi anni, evidenzia il carattere tecnologico/digitale e al contempo sociale di tale aggettivo, cadendo spesso nell’identificazione di “definizioni etichetta” prive di un reale significato. La tesi espone dettagliatamente i punti cardine che hanno guidato la nascita del concetto di smart city e che, superando le mode, rimangono centrali all’obiettivo di sviluppare “realtà intelligenti”.
Inoltre, attraverso casi studio di letteratura e casi sperimentali, l’elaborato cerca di contribuire al processo d’individuazione di metodologie e strumenti utili a guidare gli Enti Locali nella transizione da una pianificazione urbana tradizionale ad una pianificazione smart. In linea, quindi, con la lettura di "pianificazione energetica smart" sposata dall’UE, i contenuti dell’elaborato cercano di evidenziare metodologie e strumenti per uno sviluppo smart a livello locale che, partendo dall'utilizzo di strumenti pianificatori esistenti e da dati per lo più già acquisiti dalle Amministrazioni Locali, indirizzino la pianificazione verso una visione multi-ambito; lo scopo di tale approccio è di offrire dei criteri utili all’analisi dei differenti ambienti (isole, città o distretti) e alla definizione di strumenti per la pianificazione d’infrastrutture fisiche e immateriali di facile applicazione