State of Alaska Election Security Project Phase 2 Report

A laska’s election system is among the most secure in the country, and it has a number of safeguards other states are now adopting. But the technology Alaska uses to record and count votes could be improved— and the state’s huge size, limited road system, and scattered communities also create special challenges for insuring the integrity of the vote. In this second phase of an ongoing study of Alaska’s election security, we recommend ways of strengthening the system—not only the technology but also the election procedures. The lieutenant governor and the Division of Elections asked the University of Alaska Anchorage to do this evaluation, which began in September 2007.Lieutenant Governor Sean Parnell. State of Alaska Division of Elections.List of Appendices / Glossary / Study Team / Acknowledgments / Introduction / Summary of Recommendations / Part 1 Defense in Depth / Part 2 Fortification of Systems / Part 3 Confidence in Outcomes / Conclusions / Proposed Statement of Work for Phase 3: Implementation / Reference

Secure Virtualization and Multicore Platforms State-of-the-Art report

SVaM

Comprehensive Security Framework for Global Threats Analysis

Cyber criminality activities are changing and becoming more and more professional. With the growth of financial flows through the Internet and the Information System (IS), new kinds of thread arise involving complex scenarios spread within multiple IS components. The IS information modeling and Behavioral Analysis are becoming new solutions to normalize the IS information and counter these new threads. This paper presents a framework which details the principal and necessary steps for monitoring an IS. We present the architecture of the framework, i.e. an ontology of activities carried out within an IS to model security information and User Behavioral analysis. The results of the performed experiments on real data show that the modeling is effective to reduce the amount of events by 91%. The User Behavioral Analysis on uniform modeled data is also effective, detecting more than 80% of legitimate actions of attack scenarios

Incident Analysis & Digital Forensics in SCADA and Industrial Control Systems

SCADA and industrial control systems have been traditionally isolated in physically protected environments. However, developments such as standardisation of data exchange protocols and increased use of IP, emerging wireless sensor networks and machine-to-machine communication mean that in the near future related threat vectors will require consideration too outside the scope of traditional SCADA security and incident response. In the light of the significance of SCADA for the resilience of critical infrastructures and the related targeted incidents against them (e.g. the development of stuxnet), cyber security and digital forensics emerge as priority areas. In this paper we focus on the latter, exploring the current capability of SCADA operators to analyse security incidents and develop situational awareness based on a robust digital evidence perspective. We look at the logging capabilities of a typical SCADA architecture and the analytical techniques and investigative tools that may help develop forensic readiness to the level of the current threat environment requirements. We also provide recommendations for data capture and retention

Examination of Regional Transit Service Under Contracting: A Case Study in the Greater New Orleans Region, Research Report 10-09

Many local governments and transit agencies in the United States face financial difficulties in providing adequate public transit service in individual systems, and in providing sufficient regional coordination to accommodate transit trips involving at least one transfer between systems. These difficulties can be attributed to the recent economic downturn, continuing withdrawal of the state and federal funds that help support local transit service, a decline in local funding for transit service in inner cities due to ongoing suburbanization, and a distribution of resources that responds to geographic equity without addressing service needs. This study examines two main research questions: (1) the effect of a “delegated management” contract on efficiency and effectiveness within a single transit system, and (2) the effects of a single private firm—contracted separately by more than one agency in the same region—on regional coordination, exploring the case in Greater New Orleans. The current situation in New Orleans exhibits two unique transit service conditions. First, New Orleans Regional Transit Authority (RTA) executed a “delegated management” contract with a multinational private firm, outsourcing more functions (e.g., management, planning, funding) to the contractor than has been typical in the U.S. Second, as the same contractor has also been contracted by another transit agency in an adjacent jurisdiction—Jefferson Transit (JeT), this firm may potentially have economic incentives to improve regional coordination, in order to increase the productivity and effectiveness of its own transit service provision. Although the limited amount of available operation and financial data has prevented us from drawing more definitive conclusions, the findings of this multifaceted study should provide valuable information on a transit service contracting approach new to the U.S.: delegated management. This study also identified a coherent set of indices with which to evaluate the regional coordination of transit service, the present status of coordination among U.S. transit agencies, and barriers that need to be resolved for regional transit coordination to be successful

An Assessment of PIER Electric Grid Research 2003-2014 White Paper

This white paper describes the circumstances in California around the turn of the 21st century that led the California Energy Commission (CEC) to direct additional Public Interest Energy Research funds to address critical electric grid issues, especially those arising from integrating high penetrations of variable renewable generation with the electric grid. It contains an assessment of the beneficial science and technology advances of the resultant portfolio of electric grid research projects administered under the direction of the CEC by a competitively selected contractor, the University of California’s California Institute for Energy and the Environment, from 2003-2014