Quantitative Evaluation of the Efficacy of Defence-in-Depth in Critical Infrastructures

This chapter reports on a model-based approach to assessing cyber-risks in a cyber-physical system (CPS), such as power-transmission systems. We demonstrate that quantitative cyber-risk assessment, despite its inherent difficulties, is feasible. In this regard: i) we give experimental evidence (using Monte-Carlo simulation) showing that the losses from a specific cyber-attack type can be established accurately using an abstract model of cyber-attacks – a model constructed without taking into account the details of the specific attack used in the study; ii) we establish the benefits from deploying defence-in-depth (DiD) against failures and cyber-attacks for two types of attackers: a) an attacker unaware of the nature of DiD, and b) an attacker who knows in detail the DiD they face in a particular deployment, and launches attacks sufficient to defeat DiD. This study provides some insight into the benefits of combining design-diversity – to harden some of the protection devices in a CPS – with periodic “proactive recovery” of protection devices. The results are discussed in the context of making evidence-based decisions about maximising the benefits from DiD in a particular CPS

Assessing and visualising hazard impacts to enhance the resilience of Critical Infrastructures to urban flooding

This is the final version. Available on open access from Elsevier via the DOI in this recordThe design, construction and maintenance of Critical Infrastructures (CI) is commonly based on standards that are rigorous, so as to withstand any climate or weather-linked pressures. However, due to climate change, climate characteristics may shift, resulting in increased frequency/magnitude of potential failures, or exposure to new unknown risks. As vital components for the normal functioning of modern societies, the resilience of CIs under climate stressors encompasses their structural integrity, their operational elements, and their capacity to maximize business output. In this work, we propose an integrated and participatory methodological approach to enhance the resilience of interconnected CIs to urban flooding under climate change, by assessing the risk and introducing adaptation measures. The main objectives of the proposed methodology and approach are: (i) to provide scientific evidence for better understanding of how future climate regimes might affect normal operation of interconnected CI in urban areas during their lifespan; (ii) to assess the cost-effectiveness of different adaptation measures; (iii) to involve local stakeholders and operators in the co-design of the approach, as well as the assessment and the evaluation of adaptation measures; (iv) to combine computational modelling with advanced 3D visualisation techniques for effectively engaging stakeholders in decision making; (v) to include risk assessment and damage functions co-designed by end-users and local stakeholders; (vi) to integrate all of the aforementioned components in a specifically designed cloud platform as a Decision Support System for end-users, (vii) to validate the DSS by the end users and local stakeholders. The paper presents the computational background and tools. Additionally, it describes a Case Study in Torbay, UK, where the full methodology and the proposed participatory approach have been applied, with all the specifics, i.e., the scenarios of extreme flooding, the numerical and visualization results, the response of the stakeholders and the evaluation of selected adaptation measures.European CommissionEuropean Union FP7Engineering and Physical Sciences Research Council (EPSRC

Preliminaries of orthogonal layered defence using functional and assurance controls in industrial control systems

Industrial Control Systems (ICSs) are responsible for the automation of different processes and the overall control of systems that include highly sensitive potential targets such as nuclear facilities, energy-distribution, water-supply, and mass-transit systems. Given the increased complexity and rapid evolvement of their threat landscape, and the fact that these systems form part of the Critical National infrastructure (CNI), makes them an emerging domain of conflict, terrorist attacks, and a playground for cyberexploitation. Existing layered-defence approaches are increasingly criticised for their inability to adequately protect against resourceful and persistent adversaries. It is therefore essential that emerging techniques, such as orthogonality, be combined with existing security strategies to leverage defence advantages against adaptive and often asymmetrical attack vectors. The concept of orthogonality is relatively new and unexplored in an ICS environment and consists of having assurance control as well as functional control at each layer. Our work seeks to partially articulate a framework where multiple functional and assurance controls are introduced at each layer of ICS architectural design to further enhance security while maintaining critical real-time transfer of command and control traffic

An Integrated Cybersecurity Risk Management (I-CSRM) Framework for Critical Infrastructure Protection

Risk management plays a vital role in tackling cyber threats within the Cyber-Physical System (CPS) for overall system resilience. It enables identifying critical assets, vulnerabilities, and threats and determining suitable proactive control measures to tackle the risks. However, due to the increased complexity of the CPS, cyber-attacks nowadays are more sophisticated and less predictable, which makes risk management task more challenging. This research aims for an effective Cyber Security Risk Management (CSRM) practice using assets criticality, predication of risk types and evaluating the effectiveness of existing controls. We follow a number of techniques for the proposed unified approach including fuzzy set theory for the asset criticality, machine learning classifiers for the risk predication and Comprehensive Assessment Model (CAM) for evaluating the effectiveness of the existing controls. The proposed approach considers relevant CSRM concepts such as threat actor attack pattern, Tactic, Technique and Procedure (TTP), controls and assets and maps these concepts with the VERIS community dataset (VCDB) features for the purpose of risk predication. Also, the tool serves as an additional component of the proposed framework that enables asset criticality, risk and control effectiveness calculation for a continuous risk assessment. Lastly, the thesis employs a case study to validate the proposed i-CSRM framework and i-CSRMT in terms of applicability. Stakeholder feedback is collected and evaluated using critical criteria such as ease of use, relevance, and usability. The analysis results illustrate the validity and acceptability of both the framework and tool for an effective risk management practice within a real-world environment. The experimental results reveal that using the fuzzy set theory in assessing assets' criticality, supports stakeholder for an effective risk management practice. Furthermore, the results have demonstrated the machine learning classifiers’ have shown exemplary performance in predicting different risk types including denial of service, cyber espionage, and Crimeware. An accurate prediction can help organisations model uncertainty with machine learning classifiers, detect frequent cyber-attacks, affected assets, risk types, and employ the necessary corrective actions for its mitigations. Lastly, to evaluate the effectiveness of the existing controls, the CAM approach is used, and the result shows that some controls such as network intrusion, authentication, and anti-virus show high efficacy in controlling or reducing risks. Evaluating control effectiveness helps organisations to know how effective the controls are in reducing or preventing any form of risk before an attack occurs. Also, organisations can implement new controls earlier. The main advantage of using the CAM approach is that the parameters used are objective, consistent and applicable to CPS

Methodological framework for an integrated multi-scale vulnerability and resilience assessment

The deliverable illustrates the methodological framework to assess vulnerability and resilience across different temporal and spatial scales, acknowledging the different domains where the latter may manifest, and in particular in the natural and the built environment, allocating a large importance to the so called “critical infrastructures”, in social and economic systems. A set of four matrices has been developed to identify what aspects should be looked at before the impact, that is to say what shows the potential ability or inability to cope with an extreme; at the impact, addressing in particular the capacity (or incapacity) to sustain various types of stresses (in the form of acceleration, pressure, heat…); in the time immediately after the impact, as the ability (or inability) to suffer losses and still continue functioning; and in the longer term of recovery, as the capacity to find a new state of equilibrium in which the fragilities manifested during and after the impact are addressed. Developing the framework, a particular attention has been paid to the relationships among systems within the same matrix and among matrices, across spatial and temporal scales. A set of matrices has been developed for different natural hazards, including in particular landslides and floods, trying to include as much as possible what past cases, the international literature and prior experience of involved partners have indicated as relevant parameters and factors to look at. In this regard, the project builds on the state of the art, embedding what has been learned until now in terms of response capacity to a variety of stresses and in the meantime identifying gaps to be addressed by future research

The social value of Earth observation: A new evaluation framework for public high-tech infrastructures

This paper addresses the main challenges of evaluating the socio-economic impact of high-tech infrastructures, using Earth observation (EO) as an example. EO is a critical domain of the space economy, providing valuable insights into planet Earth's natural and societal aspects. As national agencies invest in high-tech infrastructures like EO, there is a growing need for evaluate their socio-economic returns (not to be confused with their financial returns). However, there is no clear consensus on how to assess such social impact. Building on a new field of studies of social cost–benefit analysis of research infrastructures and the socio-economic impact of investment in the space economy, we propose a new evaluation framework that considers the various stakeholders along the EO value chain. This approach can be adapted to evaluate the socio-economic returns of other high-tech public infrastructures, such as telescopes, particle accelerators, genomic platforms, synchrotron light sources, supercomputers and cloud infrastructures

Redistributed manufacturing in healthcare: Creating new value through disruptive innovation

The RiHN White Paper is the first serious attempt to gather expertise and to explore applications in promising areas of healthcare that could benefit from RDM and covers early-stage user needs, challenges and priorities. The UK has an opportunity to lead in this area and RiHN has identified an extensive number of areas for fruitful R&D, crossing production technology, infrastructure, business and organisations. The paper serves as a foundation for discussing future technological roadmaps and engaging the wider community and stakeholders, as well as policy makers, in addressing the potential impact of RDM.The RiHN White Paper is of particular value to policy makers and funders seeking to specify action and to direct attention where it is needed. The White Paper is also useful for the research community, to support their proposals with credible research propositions and to show where collaboration with industry and the public sector will deliver the most benefits.In order to seize the opportunities presented by RDM RiHN proposes a bold new agenda that incorporates a whole healthcare system view of future implementation pathways and wider transformation implications. The priority areas for Future R&D can be summarised as follows: throughAutomated production platform technologies and supporting manufacturing infrastructuresAdvances in analytics and metrologyNew regulatory frameworks and governance pathwaysNew frameworks for business model and organisational transformationThe time to take action is now. Technologies are developing that have the potential to disrupt traditional healthcare pathways and offer therapies tailored to individual needs and physiological characteristics. The challenge is seizing this opportunity and make the UK a world leader in RDM

Marine Biotechnology: A New Vision and Strategy for Europe

Marine Board-ESF The Marine Board provides a pan-European platform for its member organisations to develop common priorities, to advance marine research, and to bridge the gap between science and policy in order to meet future marine science challenges and opportunities. The Marine Board was established in 1995 to facilitate enhanced cooperation between European marine science organisations (both research institutes and research funding agencies) towards the development of a common vision on the research priorities and strategies for marine science in Europe. In 2010, the Marine Board represents 30 Member Organisations from 19 countries. The Marine Board provides the essential components for transferring knowledge for leadership in marine research in Europe. Adopting a strategic role, the Marine Board serves its Member Organisations by providing a forum within which marine research policy advice to national agencies and to the European Commission is developed, with the objective of promoting the establishment of the European Marine Research Area

Optimising a defence-aware threat modelling diagram incorporating a defence-in-depth approach for the internet-of-things

Modern technology has proliferated into just about every aspect of life while improving the quality of life. For instance, IoT technology has significantly improved over traditional systems, providing easy life, time-saving, financial saving, and security aspects. However, security weaknesses associated with IoT technology can pose a significant threat to the human factor. For instance, smart doorbells can make household life easier, save time, save money, and provide surveillance security. Nevertheless, the security weaknesses in smart doorbells could be exposed to a criminal and pose a danger to the life and money of the household. In addition, IoT technology is constantly advancing and expanding and rapidly becoming ubiquitous in modern society. In that case, increased usage and technological advancement create security weaknesses that attract cybercriminals looking to satisfy their agendas. Perfect security solutions do not exist in the real world because modern systems are continuously improving, and intruders frequently attempt various techniques to discover security flaws and bypass existing security control in modern systems. In that case, threat modelling is a great starting point in understanding the threat landscape of the system and its weaknesses. Therefore, the threat modelling field in computer science was significantly improved by implementing various frameworks to identify threats and address them to mitigate them. However, most mature threat modelling frameworks are implemented for traditional IT systems that only consider software-related weaknesses and do not address the physical attributes. This approach may not be practical for IoT technology because it inherits software and physical security weaknesses. However, scholars employed mature threat modelling frameworks such as STRIDE on IoT technology because mature frameworks still include security concepts that are significant for modern technology. Therefore, mature frameworks cannot be ignored but are not efficient in addressing the threat associated with modern systems. As a solution, this research study aims to extract the significant security concept of matured threat modelling frameworks and utilise them to implement robust IoT threat modelling frameworks. This study selected fifteen threat modelling frameworks from among researchers and the defence-in-depth security concept to extract threat modelling techniques. Subsequently, this research study conducted three independent reviews to discover valuable threat modelling concepts and their usefulness for IoT technology. The first study deduced that integration of threat modelling approach software-centric, asset-centric, attacker-centric and data-centric with defence-in-depth is valuable and delivers distinct benefits. As a result, PASTA and TRIKE demonstrated four threat modelling approaches based on a classification scheme. The second study deduced the features of a threat modelling framework that achieves a high satisfaction level toward defence-in-depth security architecture. Under evaluation criteria, the PASTA framework scored the highest satisfaction value. Finally, the third study deduced IoT systematic threat modelling techniques based on recent research studies. As a result, the STRIDE framework was identified as the most popular framework, and other frameworks demonstrated effective capabilities valuable to IoT technology. Respectively, this study introduced Defence-aware Threat Modelling (DATM), an IoT threat modelling framework based on the findings of threat modelling and defence-in-depth security concepts. The steps involved with the DATM framework are further described with figures for better understatement. Subsequently, a smart doorbell case study is considered for threat modelling using the DATM framework for validation. Furthermore, the outcome of the case study was further assessed with the findings of three research studies and validated the DATM framework. Moreover, the outcome of this thesis is helpful for researchers who want to conduct threat modelling in IoT environments and design a novel threat modelling framework suitable for IoT technology