Cybersecurity Alert Prioritization in a Critical High Power Grid With Latent Spaces

High-Power electric grid networks require extreme security in their associated telecommunication network to ensure protection and control throughout power transmission. Accordingly, supervisory control and data acquisition systems form a vital part of any critical infrastructure, and the safety of the associated telecommunication network from intrusion is crucial. Whereas events related to operation and maintenance are often available and carefully documented, only some tools have been proposed to discriminate the information dealing with the heterogeneous data from intrusion detection systems and to support the network engineers. In this work, we present the use of deep learning techniques, such as Autoencoders or conventional Multiple Correspondence Analysis, to analyze and prune the events on power communication networks in terms of categorical data types often used in anomaly and intrusion detection (such as addresses or anomaly description). This analysis allows us to quantify and statistically describe highseverity events. Overall, portions of alerts around 5-10% have been prioritized in the analysis as first to handle by managers. Moreover, probability clouds of alerts have been shown to configure explicit manifolds in latent spaces. These results offer a homogeneous framework for implementing anomaly detection prioritization in power communication networks

An Analysis of Information Asset Valuation (IAV) Quantification Methodology for Application with Cyber Information Mission Impact Assessment (CIMIA)

The purpose of this research is to develop a standardized Information Asset Valuation (IAV) methodology. The IAV methodology proposes that accurate valuation for an Information Asset (InfoA) is the convergence of information tangible, intangible, and flow attributes to form a functional entity that enhances mission capability. The IAV model attempts to quantify an InfoA to a single value through the summation of weighted criteria. Standardizing the InfoA value criteria will enable decision makers to comparatively analyze dissimilar InfoAs across the tactical, operational, and strategic domains. This research develops the IAV methodology through a review of existing military and non-military valuation methodologies. IAV provides the Air Force (AF) and Department of Defense (DoD) with a standardized methodology that may be utilized enterprise wide when conducting risk and damage assessment and risk management. The IAV methodology is one of the key functions necessary for the Cyber Incident Mission Impact Assessment (CIMIA) program to operationalize a scalable, semi-automated Decision Support System (DSS) tool. The CIMIA DSS intends to provide decision makers with near real-time cyber awareness prior to, during, and post cyber incident situations through documentation of relationships, interdependencies, and criticalities among information assets, the communications infrastructure, and the operations mission impact

Persation: an IoT Based Personal Safety Prediction Model Aided Solution

The number of attacks on innocent victims in moving vehicles, and abduction of individuals in their vehicles has risen alarmingly in the past few years. One common scenario evident from the modus operandi of this kind of attack is the random motion of these vehicles, due to the driver's unpredictable behaviours. To save the victims in such kinds of assault, it is essential to offer help promptly. An effective strategy to save victims is to predict the future location of the vehicles so that the rescue mission can be actioned at the earliest possibility. We have done a comprehensive survey of the state-of-the-art personal safety solutions and location prediction technologies and proposes an Internet of Things (IoT) based personal safety model, encompassing a prediction framework to anticipate the future vehicle locations by exploiting complex analytics of current and past data variables including the speed, direction and geolocation of the vehicles. Experiments conducted based on real-world datasets demonstrate the feasibility of our proposed framework in accurately predicting future vehicle locations. In this paper, we have a risk assessment of our safety solution model based on the OCTAVE ALLEGRO model and the implementation of our prediction model

Cybersecurity Paradigm Shift: The Risks of Net Neutrality Repeal to Energy Reliability, Public Safety, and Climate Change Solutions

This Article contends that the Federal Communications Commission’s (FCC) January 2018 repeal of net neutrality rules created a “zero-day” cybersecurity vulnerability for the energy sector and other criti¬¬¬cal infrastructure. “A zero-day cybersecurity vulnerability is a previously unknown flaw in a computer program that exposes the program to external manipulation.” The flaw may also reside in compromised hardware that creates a “back door” into the internet-connected device. This Article argues that cybersecurity has been primarily viewed from a “hacker paradigm” that obscures systemic threats an Internet Service Provider (ISP) can create to energy reliability and cybersecurity through paid priority and other ISP practices… This Article contends that federal regulators, responsible entities under the FPA, and state energy sector regulators must act to identify and mitigate risks triggered by the FCC’s repeal of net neutrality rules. The energy sector’s state and federal legal duties do not allow it to rely on the market and unenforceable ISP promises to protect reliability, cybersecurity, and public safety. An open and neutral internet—the goal of net neutrality—is necessary to protect energy reliability crucial to America’s economy, public safety, national security, and deployment of climate change solutions. Following this introduction, section two of this Article discusses the ISP’s gatekeeper position on the internet and introduces the “hacker paradigm” and “cat video paradigm” that pervade internet and cybersecurity regulation. Section three provides an overview of federal energy sector reliability standards, highlighting the states’ role in energy reliability for the distribution segment of the energy grid. Section four discusses models for energy sector and critical infrastructure cybersecurity governance. Section five provides an overview of mandatory federal cybersecurity standards for the energy sector’s BPS. Section six explores the “hacker-focused” paradigm of many cybersecurity standards including the NERC standards FERC enforces for the energy sector. Section seven examines the Energy-Internet nexus, emphasizing the internet’s increasing integration into the energy sector. Section eight discusses simulations that test the electric grid for communications-induced faults and cascading failures. Section nine analyzes the consequences of FERC’s net neutrality repeal on energy sector reliability, cybersecurity, renewable energy deployment, and public safety. Finally, section ten recommends that FERC and state public utility commissions conduct grid simulations to test the effect of ISP-induced communications delays on grid reliability and renewable integration. It recommends that state energy regulators initiate proceedings to examine cybersecurity requirements for distribution-level energy resources. Those proceedings should request data from energy sector jurisdictional entities about ISP contracts and conduct, and then consider whether to limit contracts with such entities to ISPs that observe net neutrality. FERC should examine net neutrality repeal as a cybersecurity, reliability and resiliency risk in its Grid Resiliency and Reliability docket. Federal and state law require energy sector participants and regulators to ensure ISPs do not degrade Energy-Internet traffic or violate market manipulation rules and thereby compromise reliability, public safety, just and reasonable rates, the environment, and realization of climate change solutions

Cybersecurity Paradigm Shift, The RIsk of Net Neutrality Repeal to Energy Reliability, PUblic Safety, and Climate Change Solutions

This Article contends that the Federal Communications Commission’s (FCC) January 2018 repeal of net neutrality rules creates cybersecurity vulnerabilities for the energy sector and other critical infrastructure. Unbridled from enforceable net neutrality rules, Internet Service Providers (ISPs) create systemic supply chain risks as the Internet has become embedded into the energy sector’s distributed ecosystem. This Article argues that cybersecurity has been primarily viewed from a “hacker paradigm” that obscures systemic threats such as those posed by an ISP since firewalls and traditional cybersecurity techniques do not protect against ISP conduct. The Article contends that the FCC’s failure to consider the consequences of net neutrality repeal on public safety and critical infrastructure facilities and services constitutes arbitrary and capricious decision-making under the Administrative Procedures Act. The Article recommends that the D.C. Circuit vacate the FCC’s net neutrality repeal order and remand it to the FCC for analysis of cybersecurity, critical infrastructure protection, and public safety issues. To protect energy reliability, safety, resiliency, renewable integration, just and reasonable rates, and the environment, this article recommends that regulators and energy grid laboratories test the effect of ISP-induced communications delays on electric reliability, safety, and distributed energy generation. This article urges regulators, energy operators, and academics to address ISP and FCC-induced energy-sector cybersecurity risks

The role of communication systems in smart grids: Architectures, technical solutions and research challenges

The purpose of this survey is to present a critical overview of smart grid concepts, with a special focus on the role that communication, networking and middleware technologies will have in the transformation of existing electric power systems into smart grids. First of all we elaborate on the key technological, economical and societal drivers for the development of smart grids. By adopting a data-centric perspective we present a conceptual model of communication systems for smart grids, and we identify functional components, technologies, network topologies and communication services that are needed to support smart grid communications. Then, we introduce the fundamental research challenges in this field including communication reliability and timeliness, QoS support, data management services, and autonomic behaviors. Finally, we discuss the main solutions proposed in the literature for each of them, and we identify possible future research directions

Software Defined Networks based Smart Grid Communication: A Comprehensive Survey

The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid a.k.a., smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SG communication (SGC) system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. This article serves as a comprehensive survey on SDN-based SGC. In this article, we first discuss taxonomy of advantages of SDNbased SGC.We then discuss SDN-based SGC architectures, along with case studies. Our article provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.Comment: Accepte

Wireless Sensor Data Transport, Aggregation and Security

abstract: Wireless sensor networks (WSN) and the communication and the security therein have been gaining further prominence in the tech-industry recently, with the emergence of the so called Internet of Things (IoT). The steps from acquiring data and making a reactive decision base on the acquired sensor measurements are complex and requires careful execution of several steps. In many of these steps there are still technological gaps to fill that are due to the fact that several primitives that are desirable in a sensor network environment are bolt on the networks as application layer functionalities, rather than built in them. For several important functionalities that are at the core of IoT architectures we have developed a solution that is analyzed and discussed in the following chapters. The chain of steps from the acquisition of sensor samples until these samples reach a control center or the cloud where the data analytics are performed, starts with the acquisition of the sensor measurements at the correct time and, importantly, synchronously among all sensors deployed. This synchronization has to be network wide, including both the wired core network as well as the wireless edge devices. This thesis studies a decentralized and lightweight solution to synchronize and schedule IoT devices over wireless and wired networks adaptively, with very simple local signaling. Furthermore, measurement results have to be transported and aggregated over the same interface, requiring clever coordination among all nodes, as network resources are shared, keeping scalability and fail-safe operation in mind. Furthermore ensuring the integrity of measurements is a complicated task. On the one hand Cryptography can shield the network from outside attackers and therefore is the first step to take, but due to the volume of sensors must rely on an automated key distribution mechanism. On the other hand cryptography does not protect against exposed keys or inside attackers. One however can exploit statistical properties to detect and identify nodes that send false information and exclude these attacker nodes from the network to avoid data manipulation. Furthermore, if data is supplied by a third party, one can apply automated trust metric for each individual data source to define which data to accept and consider for mentioned statistical tests in the first place. Monitoring the cyber and physical activities of an IoT infrastructure in concert is another topic that is investigated in this thesis.Dissertation/ThesisDoctoral Dissertation Electrical Engineering 201