Supporting the clinical trial recruitment process through the grid

Patient recruitment for clinical trials and studies is a large-scale task. To test a given drug for example, it is desirable that as large a pool of suitable candidates is used as possible to support reliable assessment of often moderate effects of the drugs. To make such a recruitment campaign successful, it is necessary to efficiently target the petitioning of these potential subjects. Because of the necessarily large numbers involved in such campaigns, this is a problem that naturally lends itself to the paradigm of Grid technology. However the accumulation and linkage of data sets across clinical domain boundaries poses challenges due to the sensitivity of the data involved that are atypical of other Grid domains. This includes handling the privacy and integrity of data, and importantly the process by which data can be collected and used, and ensuring for example that patient involvement and consent is dealt with appropriately throughout the clinical trials process. This paper describes a Grid infrastructure developed as part of the MRC funded VOTES project (Virtual Organisations for Trials and Epidemiological Studies) at the National e-Science Centre in Glasgow that supports these processes and the different security requirements specific to this domain

Towards a Secure Smart Grid Storage Communications Gateway

This research in progress paper describes the role of cyber security measures undertaken in an ICT system for integrating electric storage technologies into the grid. To do so, it defines security requirements for a communications gateway and gives detailed information and hands-on configuration advice on node and communication line security, data storage, coping with backend M2M communications protocols and examines privacy issues. The presented research paves the road for developing secure smart energy communications devices that allow enhancing energy efficiency. The described measures are implemented in an actual gateway device within the HORIZON 2020 project STORY, which aims at developing new ways to use storage and demonstrating these on six different demonstration sites.Comment: 6 pages, 2 figure

Analysis of secure TCP/IP profile in 61850 based substation automation system for smart grids

Smart grid is the term used to describe modern power grids. It aims at achieving efficient, sustainable, economic, and secure delivery of electricity supplies. In order to achieve these goals, communication between different components within the grid and control centers is required. In a rapidly growing world, the demands for substation automation are increasing. Recently, two trends have been changing Substation Automation Systems: IEC 61850 and the need for cybersecurity. IEC 61850 specifies very strict performance requirements for message transfer time. The security for the smart grid must be designed to satisfy both performance and reliability requirements. In this paper, we address a study about secure communication in the substation real-time environment, complying with the IEC 61850 specifications. We mainly focus on analyzing the proposed Secure TCP/IP profile for MMS, testing different cipher suite combinations and examining whether by applying TLS we can still achieve the strict performance requirements of IEC 61850 or not. As a result of the study, we propose a list of cipher suite combinations that should be used. The importance of this study lies mainly on future scenarios, because IEC 61850 is thought to support smart metering communications.This work has been funded by the Spanish Ministry of Science and Innovation (MINECO) through the Project Incident Monitoring in Smart Communities (INRlSCO), TEC2014-54335-C4-2-R

Cybersecurity Paradigm Shift: The Risks of Net Neutrality Repeal to Energy Reliability, Public Safety, and Climate Change Solutions

This Article contends that the Federal Communications Commission’s (FCC) January 2018 repeal of net neutrality rules created a “zero-day” cybersecurity vulnerability for the energy sector and other criti¬¬¬cal infrastructure. “A zero-day cybersecurity vulnerability is a previously unknown flaw in a computer program that exposes the program to external manipulation.” The flaw may also reside in compromised hardware that creates a “back door” into the internet-connected device. This Article argues that cybersecurity has been primarily viewed from a “hacker paradigm” that obscures systemic threats an Internet Service Provider (ISP) can create to energy reliability and cybersecurity through paid priority and other ISP practices… This Article contends that federal regulators, responsible entities under the FPA, and state energy sector regulators must act to identify and mitigate risks triggered by the FCC’s repeal of net neutrality rules. The energy sector’s state and federal legal duties do not allow it to rely on the market and unenforceable ISP promises to protect reliability, cybersecurity, and public safety. An open and neutral internet—the goal of net neutrality—is necessary to protect energy reliability crucial to America’s economy, public safety, national security, and deployment of climate change solutions. Following this introduction, section two of this Article discusses the ISP’s gatekeeper position on the internet and introduces the “hacker paradigm” and “cat video paradigm” that pervade internet and cybersecurity regulation. Section three provides an overview of federal energy sector reliability standards, highlighting the states’ role in energy reliability for the distribution segment of the energy grid. Section four discusses models for energy sector and critical infrastructure cybersecurity governance. Section five provides an overview of mandatory federal cybersecurity standards for the energy sector’s BPS. Section six explores the “hacker-focused” paradigm of many cybersecurity standards including the NERC standards FERC enforces for the energy sector. Section seven examines the Energy-Internet nexus, emphasizing the internet’s increasing integration into the energy sector. Section eight discusses simulations that test the electric grid for communications-induced faults and cascading failures. Section nine analyzes the consequences of FERC’s net neutrality repeal on energy sector reliability, cybersecurity, renewable energy deployment, and public safety. Finally, section ten recommends that FERC and state public utility commissions conduct grid simulations to test the effect of ISP-induced communications delays on grid reliability and renewable integration. It recommends that state energy regulators initiate proceedings to examine cybersecurity requirements for distribution-level energy resources. Those proceedings should request data from energy sector jurisdictional entities about ISP contracts and conduct, and then consider whether to limit contracts with such entities to ISPs that observe net neutrality. FERC should examine net neutrality repeal as a cybersecurity, reliability and resiliency risk in its Grid Resiliency and Reliability docket. Federal and state law require energy sector participants and regulators to ensure ISPs do not degrade Energy-Internet traffic or violate market manipulation rules and thereby compromise reliability, public safety, just and reasonable rates, the environment, and realization of climate change solutions

Cybersecurity Paradigm Shift, The RIsk of Net Neutrality Repeal to Energy Reliability, PUblic Safety, and Climate Change Solutions

This Article contends that the Federal Communications Commission’s (FCC) January 2018 repeal of net neutrality rules creates cybersecurity vulnerabilities for the energy sector and other critical infrastructure. Unbridled from enforceable net neutrality rules, Internet Service Providers (ISPs) create systemic supply chain risks as the Internet has become embedded into the energy sector’s distributed ecosystem. This Article argues that cybersecurity has been primarily viewed from a “hacker paradigm” that obscures systemic threats such as those posed by an ISP since firewalls and traditional cybersecurity techniques do not protect against ISP conduct. The Article contends that the FCC’s failure to consider the consequences of net neutrality repeal on public safety and critical infrastructure facilities and services constitutes arbitrary and capricious decision-making under the Administrative Procedures Act. The Article recommends that the D.C. Circuit vacate the FCC’s net neutrality repeal order and remand it to the FCC for analysis of cybersecurity, critical infrastructure protection, and public safety issues. To protect energy reliability, safety, resiliency, renewable integration, just and reasonable rates, and the environment, this article recommends that regulators and energy grid laboratories test the effect of ISP-induced communications delays on electric reliability, safety, and distributed energy generation. This article urges regulators, energy operators, and academics to address ISP and FCC-induced energy-sector cybersecurity risks