Towards a Cyber-Physical Gaming System for Training in the Construction and Engineering Industry

Antidepressants are among the most commonly detected human pharmaceuticals in the aquatic environment. Since their mode of action is by modulating the neurotransmitters serotonin, dopamine, and norepinephrine, aquatic invertebrates who possess transporters and receptors sensitive to activation by these pharmaceuticals are potentially affected by them. We review the various types of antidepressants, their occurrence and concentrations in aquatic environments, and the actions of neurohormones modulated by antidepressants in molluscs and crustaceans. Recent studies on the effects of antidepressants on these two important groups show that molluscan reproductive and locomotory systems are affected by antidepressants at environmentally relevant concentrations. In particular, antidepressants affect spawning and larval release in bivalves and disrupt locomotion and reduce fecundity in snails. In crustaceans, antidepressants affect freshwater amphipod activity patterns, marine amphipod photo- and geotactic behavior, crayfish aggression, and daphnid reproduction and development. We note with interest the occurrence of non-monotonic dose responses curves in many studies on effects of antidepressants on aquatic animals, often with effects at low concentrations, but not at higher concentrations, and we suggest future experiments consider testing a broader range of concentrations. Furthermore, we consider invertebrate immune responses, genomic and transcriptomic sequencing of invertebrate genes, and the ever-present and overwhelming question of how contaminant mixtures could affect the action of neurohormones as topics for future study. In addressing the question, if antidepressants affect aquatic invertebrates at concentrations currently found in the environment, there is strong evidence to suggest the answer is yes. Furthermore, the examples highlighted in this review provide compelling evidence that the effects could be quite multifaceted across a variety of biological systems

QUANTIFYING CONSEQUENCES OF EXTERNALLY INDUCED FAILURES PROPAGATED THROUGH SYSTEMS DURING FUNCTIONAL SYSTEM DESIGN

Assessment of failure propagation and potential within complex systems is a field open for continued exploration in the arena of systems engineering. Risk assessment and failure modeling processes such as PRA, FTA, and FMEA/FMECA are more widely understood and utilized in industry, yet are not designed to fully address and objectively quantify the impact on systems when exposed to intentionally malicious attacks, particularly in early design stages where changes to system architectures are best effected. Further, current methods do not identify and standardize attack modes that are likely to affect systems during their life cycle. This work first defines “attacks” and discusses their difference from “failures.” The work then develops and discusses a hierarchical taxonomy of attack classes and mechanisms likely to affect a wide array of systems. Finally, it presents the Failure Path Length Method (FPLM) to quantify consequence on systems due to attacks on system functions by applying characteristics of those classified attacks to the functional architecture of a system. The author then implements the FPLM on a common EPS to verify applicability to realistic systems and objectively determine the consequence of an attack. The differences in consequence drive mitigating changes to the architecture of the EPS and validate the significant decision-making power provided to system designers by the proposed method during functional analysis and design.Lieutenant, United States NavyApproved for public release. Distribution is unlimited

Risk Assessment Framework for Evaluation of Cybersecurity Threats and Vulnerabilities in Medical Devices

Medical devices are vulnerable to cybersecurity exploitation and, while they can provide improvements to clinical care, they can put healthcare organizations and their patients at risk of adverse impacts. Evidence has shown that the proliferation of devices on medical networks present cybersecurity challenges for healthcare organizations due to their lack of built-in cybersecurity controls and the inability for organizations to implement security controls on them. The negative impacts of cybersecurity exploitation in healthcare can include the loss of patient confidentiality, risk to patient safety, negative financial consequences for the organization, and loss of business reputation. Assessing the risk of vulnerabilities and threats to medical devices can inform healthcare organizations toward prioritization of resources to reduce risk most effectively. In this research, we build upon a database-driven approach to risk assessment that is based on the elements of threat, vulnerability, asset, and control (TVA-C). We contribute a novel framework for the cybersecurity risk assessment of medical devices. Using a series of papers, we answer questions related to the risk assessment of networked medical devices. We first conducted a case study empirical analysis that determined the scope of security vulnerabilities in a typical computerized medical environment. We then created a cybersecurity risk framework to identify threats and vulnerabilities to medical devices and produce a quantified risk assessment. These results supported actionable decision making at managerial and operational levels of a typical healthcare organization. Finally, we applied the framework using a data set of medical devices received from a partnering healthcare organization. We compare the assessment results of our framework to a commercial risk assessment vulnerability management system used to analyze the same assets. The study also compares our framework results to the NIST Common Vulnerability Scoring System (CVSS) scores related to identified vulnerabilities reported through the Common Vulnerability and Exposure (CVE) program. As a result of these studies, we recognize several contributions to the area of healthcare cybersecurity. To begin with, we provide the first comprehensive vulnerability assessment of a robotic surgical environment, using a da Vinci surgical robot along with its supporting computing assets. This assessment supports the assertion that networked computer environments are at risk of being compromised in healthcare facilities. Next, our framework, known as MedDevRisk, provides a novel method for risk quantification. In addition, our assessment approach uniquely considers the assets that are of value to a medical organization, going beyond the medical device itself. Finally, our incorporation of risk scenarios into the framework represents a novel approach to medical device risk assessment, which was synthesized from other well-known standards. To our knowledge, our research is the first to apply a quantified assessment framework to the problem area of healthcare cybersecurity and medical networked devices. We would conclude that a reduction in the uncertainty about the riskiness of the cybersecurity status of medical devices can be achieved using this framework

Integrating Resilience in Time-based Dependency Analysis: A Large-Scale Case Study for Urban Critical Infrastructures

As critical systems shall withstand different types of perturbations affecting their functionalities and their service level, resilience is a very important requirement. Especially in an urban critical infrastructures where the occurrence of natural events may influence the state of other dependent infrastructures from various different sectors, the overall resilience of such infrastructures against large scale failures is even more important. When a perturbation occurs in a system, the quality (level) of the service provided by the affected system will be reduced and a recovery phase will be triggered to restore the system to its normal operation level. According to the implemented recovery controls, the restoration phase may follow a different growth model. This paper extends a previous time-based dependency risk analysis methodology by integrating and assessing the effect of recovery controls. The main goal is to dynamically assess the evolution of recovery over time, in order to identify how the expected recovery plans will eventually affect the overall risk of the critical paths. The proposed recovery-aware time-based dependency analysis methodology was integrated into the CIPCast Decision Support System that enables risk forecast due to natural events to identify vulnerable and disrupted assets (e.g., electric substations, telecommunication components) and measure the expected risk paths. Thus, CIPCast can be valuable to Critical Infrastructure Operators and other Emergency Managers involved in a crisis assessment to evaluate the effect of natural and anthropic threats affecting critical assets and plan proper countermeasures to reduce the overall risk of degradation of services. The proposed methodology is evaluated in a real scenario, which utilizes several infrastructures and Points of Interest of the city of Rome

Quantifying Impact of Cyber Actions on Missions or Business Processes: A Multilayer Propagative Approach

Ensuring the security of cyberspace is one of the most significant challenges of the modern world because of its complexity. As the cyber environment is getting more integrated with the real world, the direct impact of cybersecurity problems on actual business frequently occur. Therefore, operational and strategic decision makers in particular need to understand the cyber environment and its potential impact on business. Cyber risk has become a top agenda item for businesses all over the world and is listed as one of the most serious global risks with significant financial implications for businesses. Risk analysis is one of the primary tools used in this endeavor. Impact assessment, as an integral part of risk analysis, tries to estimate the possible damage of a cyber threat on business. It provides the main insight into risk prioritization as it incorporates business requirements into risk analysis for a better balance of security and usability. Moreover, impact assessment constitutes the main body of information flow between technical people and business leaders. Therefore, it requires the effective synergy of technological and business aspects of cybersecurity for protection against cyber threats. The purpose of this research is to develop a methodology to quantify the impact of cybersecurity events, incidents, and threats. The developed method addresses the issue of impact quantification from an interdependent system of systems point of view. The objectives of this research are (1) developing a quantitative model to determine the impact propagation within a layer of an enterprise (i.e., asset, service or business process layer); (2) developing a quantitative model to determine the impact propagation among different layers within an enterprise; (3) developing an approach to estimate the economic cost of a cyber incident or event. Although there are various studies in cybersecurity risk quantification, only a few studies focus on impact assessment at the business process layer by considering ripple effects at both the horizontal and vertical layers. This research develops an approach that quantifies the economic impact of cyber incidents, events and threats to business processes by considering the horizontal and vertical interdependencies and impact propagation within and among layers

Scale Inside-Out: Rapid Mitigation of Cloud DDoS Attacks

The distributed denial of service (DDoS) attacks in cloud computing requires quick absorption of attack data. DDoS attack mitigation is usually achieved by dynamically scaling the cloud resources so as to quickly identify the onslaught features to combat the attack. The resource scaling comes with an additional cost which may prove to be a huge disruptive cost in the cases of longer, sophisticated, and repetitive attacks. In this work, we address an important problem, whether the resource scaling during attack, always result in rapid DDoS mitigation? For this purpose, we conduct real-time DDoS attack experiments to study the attack absorption and attack mitigation for various target services in the presence of dynamic cloud resource scaling. We found that the activities such as attack absorption which provide timely attack data input to attack analytics, are adversely compromised by the heavy resource usage generated by the attack. We show that the operating system level local resource contention, if reduced during attacks, can expedite the overall attack mitigation. The attack mitigation would otherwise not be completed by the dynamic scaling of resources alone. We conceived a novel relation which terms “Resource Utilization Factor” for each incoming request as the major component in forming the resource contention. To overcome these issues, we propose a new “Scale Inside-out” approach which during attacks, reduces the “Resource Utilization Factor” to a minimal value for quick absorption of the attack. The proposed approach sacrifices victim service resources and provides those resources to mitigation service in addition to other co-located services to ensure resource availability during the attack. Experimental evaluation shows up to 95 percent reduction in total attack downtime of the victim service in addition to considerable improvement in attack detection time, service reporting time, and downtime of co-located services