Cybersecurity of Industrial Cyber-Physical Systems: A Review

Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the "physics" data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the "security by obscurity" principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition while the most common ones are related to weak boundary protection. Although there are existing surveys in this context, very little is mentioned regarding these reports. This paper bridges this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. We also identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.Comment: 32 pages, 10 figure

A Cognitive Framework to Secure Smart Cities

The advancement in technology has transformed Cyber Physical Systems and their interface with IoT into a more sophisticated and challenging paradigm. As a result, vulnerabilities and potential attacks manifest themselves considerably more than before, forcing researchers to rethink the conventional strategies that are currently in place to secure such physical systems. This manuscript studies the complex interweaving of sensor networks and physical systems and suggests a foundational innovation in the field. In sharp contrast with the existing IDS and IPS solutions, in this paper, a preventive and proactive method is employed to stay ahead of attacks by constantly monitoring network data patterns and identifying threats that are imminent. Here, by capitalizing on the significant progress in processing power (e.g. petascale computing) and storage capacity of computer systems, we propose a deep learning approach to predict and identify various security breaches that are about to occur. The learning process takes place by collecting a large number of files of different types and running tests on them to classify them as benign or malicious. The prediction model obtained as such can then be used to identify attacks. Our project articulates a new framework for interactions between physical systems and sensor networks, where malicious packets are repeatedly learned over time while the system continually operates with respect to imperfect security mechanisms

Economic issues in distributed computing

textOn the Internet, one of the essential characteristics of electronic commerce is the integration of large-scale computer networks and business practices. Commercial servers are connected through open and complex communication technologies, and online consumers access the services with virtually unpredictable behavior. Both of them as well as the e-Commerce infrastructure are vulnerable to cyber attacks. Among the various network security problems, the Distributed Denial-of-Service (DDoS) attack is a unique example to illustrate the risk of commercial network applications. Using a massive junk traffic, literally anyone on the Internet can launch a DDoS attack to flood and shutdown an eCommerce website. Cooperative technological solutions for Distributed Denial-of-Service (DDoS) attacks are already available, yet organizations in the best position to implement them lack incentive to do so, and the victims of DDoS attacks cannot find effective methods to motivate the organizations. Chapter 1 discusses two components of the technological solutions to DDoS attacks: cooperative filtering and cooperative traffic smoothing by caching, and then analyzes the broken incentive chain in each of these technological solutions. As a remedy, I propose usage-based pricing and Capacity Provision Networks, which enable victims to disseminate enough incentive along attack paths to stimulate cooperation against DDoS attacks. Chapter 2 addresses possible Distributed Denial-of-Service (DDoS) attacks toward the wireless Internet including the Wireless Extended Internet, the Wireless Portal Network, and the Wireless Ad Hoc network. I propose a conceptual model for defending against DDoS attacks on the wireless Internet, which incorporates both cooperative technological solutions and economic incentive mechanisms built on usage-based fees. Cost-effectiveness is also addressed through an illustrative implementation scheme using Policy Based Networking (PBN). By investigating both technological and economic difficulties in defense of DDoS attacks which have plagued the wired Internet, our aim here is to foster further development of wireless Internet infrastructure as a more secure and efficient platform for mobile commerce. To avoid centralized resources and performance bottlenecks, online peer-to-peer communities and online social network have become increasingly popular. In particular, the recent boost of online peer-to-peer communities has led to exponential growth in sharing of user-contributed content which has brought profound changes to business and economic practices. Understanding the dynamics and sustainability of such peer-to-peer communities has important implications for business managers. In Chapter 3, I explore the structure of online sharing communities from a dynamic process perspective. I build an evolutionary game model to capture the dynamics of online peer-to-peer communities. Using online music sharing data collected from one of the IRC Channels for over five years, I empirically investigate the model which underlies the dynamics of the music sharing community. Our empirical results show strong support for the evolutionary process of the community. I find that the two major parties in the community, namely sharers and downloaders, are influencing each other in their dynamics of evolvement in the community. These dynamics reveal the mechanism through which peer-to-peer communities sustain and thrive in a constant changing environment.Information, Risk, and Operations Management (IROM

The 2004 election in Spain : terrorism, accountability, and voting

In this paper the electoral consequences of the Islamist terrorist attacks on March 11, 2004 are analysed. According to a quantitative analysis based on a post-electoral survey, we show the causal mechanisms that transform voters' reactions to the bombings into a particular electoral behaviour and estimate their relevance in the electoral results on March 14, 200

SoK: Security of Programmable Logic Controllers

Billions of people rely on essential utility and manufacturing infrastructures such as water treatment plants, energy management, and food production. Our dependence on reliable infrastructures makes them valuable targets for cyberattacks. One of the prime targets for adversaries attacking physical infrastructures are Programmable Logic Controllers (PLCs) because they connect the cyber and physical worlds. In this study, we conduct the first comprehensive systematization of knowledge that explores the security of PLCs: We present an in-depth analysis of PLC attacks and defenses and discover trends in the security of PLCs from the last 17 years of research. We introduce a novel threat taxonomy for PLCs and Industrial Control Systems (ICS). Finally, we identify and point out research gaps that, if left ignored, could lead to new catastrophic attacks against critical infrastructures.Comment: 25 pages, 13 figures, Extended version February 2024, A shortened version is to be published in the 33rd USENIX Security Symposium, for more information, see https://efrenlopez.org

Cybersecurity of industrial cyber-physical systems: a review

Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the “physics” data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the “security by obscurity” principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition. Although there are existing surveys in this context, very little is mentioned regarding the outputs of these reports. While these reports show that the most exploited vulnerabilities occur due to weak boundary protection, these vulnerabilities also occur due to limited or ill defined security policies. However, current literature focuses on intrusion detection systems (IDS), network traffic analysis (NTA) methods, or anomaly detection techniques. Hence, finding a solution for the problems mentioned in these reports is relatively hard. We bridge this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. Finally, we identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions

Wildland Firefighter Smoke Exposure Study

This report addresses exposure to smoke from wildland and prescribed fires encountered by wildland firefighters. Smoke from vegetation as well as off-gasses from equipment such as chain saws, pumps, and drip torches are accounted for. Section II provides an overview of industrial hygiene science and techniques. Section III is a discussion and literature review of the components in wildland smoke, and section IV identifies the health concerns associated with smoke inhalation and a review of the current literature on exposure to inhalation irritants. Section V covers research that has been done on wildland firefighter smoke exposure. Section VI is an overview of the Wildland Firefighter Smoke Exposure Study, a project I have managed since 2009. This final section describes the objectives, methods, data collection, and analysis of the study. In its entirety, this report can be used to identify locations, times, and firefighter activities that have a high probability of causing high exposures as well as to identify management actions that can mitigate these exposures. Wildland firefighters work in a dynamic environment and are often faced with a variety of hazards from fire to fire and shift to shift. One of the most common, but often overlooked, hazards is exposure to potentially harmful levels of contaminants in wildland smoke. This may also be one of the least understood risks of wildland firefighting (Reisen et al., 2009). With a growing body of information regarding the potential health effects of vegetative smoke to respiratory and cardiovascular systems, it became apparent to United States Forest Service (USFS) fire management officials that more research needed to be done. The USFS realized the need for current, valid data to accurately assess the exposure wildland firefighters and personnel at fire camps experience during their work shift. Unlike municipal firefighters, wildland firefighters do not wear respiratory protection equipment such as a self-contained breathing apparatus (SCBA). Without SCBA, wildland firefighters are subject to exposure from a variety of inhalation irritants ranging from carbon monoxide, aldehydes, particulate matter, crystalline silica, and polycyclic aromatic hydrocarbons. Some of the compounds in wildland fire smoke are known or suspected carcinogens. Health effects include short-term conditions such as headaches, fatigue, and nausea, while long-term health effects may include an increased risk of cardio-vascular disease. In order to assess the long-term risks associated with wildland firefighting, a comprehensive study of exposure was necessary. By identifying the conditions and activities that lead to high exposure, firefighters and fire managers can be better prepared to reduce these exposures. This study focused on wildland firefighters engaged in the suppression of wildland fires and working on prescribed fires primarily on federally-managed lands (forests and rangelands) throughout the United States. Study subjects included any firefighter employed by the following federal land management agencies: US Forest Service, National Park Service, Fish and Wildlife Service, Bureau of Indian Affairs, and the Bureau of Land Management, as well as employees contracted by these federal agencies. Firefighters employed by various states are also included in the study, as well as those engaged in initial attack and project fires. Study subjects also included fire support personnel who work at incident command posts (ICPs) and spike camps. Fire suppression and management of prescribed fires involves many different activities. In order to successfully account for differences in exposure among firefighters, these activities were monitored and recorded during the data collection phase

Continuous variable direct secure quantum communication using Gaussian states

Continuous variable one-way and controlled-two-way secure direct quantum communication schemes have been designed using Gaussian states. Specifically, a scheme for continuous variable quantum secure direct communication and another scheme for continuous variable controlled quantum dialogue are proposed using single-mode squeezed coherent states. The security of the proposed schemes against a set of attacks (e.g., Gaussian quantum cloning machine and intercept resend attacks) has been proved. Further, it is established that the proposed schemes do not require two-mode squeezed states which are essential for a set of existing proposals. The controlled two-way communication scheme is shown to be very general in nature as it can be reduced to schemes for various relatively simpler cryptographic tasks like controlled deterministic secure communication, quantum dialogue, quantum key distribution. In addition, it is briefly discussed that the proposed schemes can provide us tools to design quantum cryptographic solutions for several socioeconomic problems.Comment: Continuous Variable protocols are designed for one-way and controlled-two-way secure direct quantum communication using single-mode squeezed coherent state