Search CORE

23,584 research outputs found

Threat awareness for critical infrastructures resilience

Author: Busby Jeremy Simon
Gouglidis Antonios
Green Benjamin
Hutchison David
Rouncefield Mark Francis
Schauer Stefan
Publication venue: 'Institute of Electrical and Electronics Engineers (IEEE)'
Publication date: 13/09/2016
Field of study

Utility networks are part of every nation’s critical infrastructure, and their protection is now seen as a high priority objective. In this paper, we propose a threat awareness architecture for critical infrastructures, which we believe will raise security awareness and increase resilience in utility networks. We first describe an investigation of trends and threats that may impose security risks in utility networks. This was performed on the basis of a viewpoint approach that is capable of identifying technical and non-technical issues (e.g., behaviour of humans). The result of our analysis indicated that utility networks are affected strongly by technological trends, but that humans comprise an important threat to them. This provided evidence and confirmed that the protection of utility networks is a multi-variable problem, and thus, requires the examination of information stemming from various viewpoints of a network. In order to accomplish our objective, we propose a systematic threat awareness architecture in the context of a resilience strategy, which ultimately aims at providing and maintaining an acceptable level of security and safety in critical infrastructures. As a proof of concept, we demonstrate partially via a case study the application of the proposed threat awareness architecture, where we examine the potential impact of attacks in the context of social engineering in a European utility company

Lancaster E-Prints

Incident Analysis & Digital Forensics in SCADA and Industrial Control Systems

Author: May John H R
Spyridopoulos Theodoros
Tryfonas Theo
Publication venue: 'Institution of Engineering and Technology (IET)'
Publication date: 01/01/2013
Field of study

SCADA and industrial control systems have been traditionally isolated in physically protected environments. However, developments such as standardisation of data exchange protocols and increased use of IP, emerging wireless sensor networks and machine-to-machine communication mean that in the near future related threat vectors will require consideration too outside the scope of traditional SCADA security and incident response. In the light of the significance of SCADA for the resilience of critical infrastructures and the related targeted incidents against them (e.g. the development of stuxnet), cyber security and digital forensics emerge as priority areas. In this paper we focus on the latter, exploring the current capability of SCADA operators to analyse security incidents and develop situational awareness based on a robust digital evidence perspective. We look at the logging capabilities of a typical SCADA architecture and the analytical techniques and investigative tools that may help develop forensic readiness to the level of the current threat environment requirements. We also provide recommendations for data capture and retention

Crossref

Online Research @ Cardiff

Explore Bristol Research

Protecting Critical Infrastructure in the EU

Author: Haemmerli Bernard
Renda Andrea
Publication venue
Publication date: 01/01/2010
Field of study

Policy Documentation Center

Recommended from our members

Current capabilities, requirements and a proposed strategy for interdependency analysis in the UK

Author: Bloomfield R. E.
Chozos N.
Salako K.
Publication venue: 'Springer Science and Business Media LLC'
Publication date: 01/01/2009
Field of study

The UK government recently commissioned a research study to identify the state-of-the-art in Critical Infrastructure modelling and analysis, and the government/industry requirements for such tools and services. This study (Cetifs) concluded with a strategy aiming to bridge the gaps between the capabilities and requirements, which would establish interdependency analysis as a commercially viable service in the near future. This paper presents the findings of this study that was carried out by CSR, City University London, Adelard LLP, a safety/security consultancy and Cranfield University, defense academy of the UK

City Research Online

Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things

Author: Johnson Chris
Publication venue
Publication date: 01/01/2016
Field of study

In the past, industrial control systems were ‘air gapped’ and isolated from more conventional networks. They used specialist protocols, such as Modbus, that are very different from TCP/IP. Individual devices used proprietary operating systems rather than the more familiar Linux or Windows. However, things are changing. There is a move for greater connectivity – for instance so that higher-level enterprise management systems can exchange information that helps optimise production processes. At the same time, industrial systems have been influenced by concepts from the Internet of Things; where the information derived from sensors and actuators in domestic and industrial components can be addressed through network interfaces. This paper identifies a range of cyber security and safety concerns that arise from these developments. The closing sections introduce potential solutions and identify areas for future research

Enlighten

The future of Cybersecurity in Italy: Strategic focus area

Author: Anglano C.
Aniello L.
Antinori A.
Armando A.
Aversa R.
Baldi Marco
Baldoni R.
Barili A.
Bartoletti M.
Bellini M.
Bergadano F.
Bernardeschi C.
Bianchi E.
Biancotti C.
Bistarelli S.
Blefari Melazzi N.
Boetti M.
Bondavalli A.
Bonomi .
Buccafurri F.
Cambiaso E.
Caputo B.
Carminati B.
Cataliotti F. S.
Catarci T.
Ceccarelli A.
Cesa Bianchi N.
Chiaraluce F.
Colajanni M.
Conti M.
Conti M.
Coppolino L.
Costa G.
Costamagna V.
Cotroneo D.
Crispo B.
Cucchiara R.
Damiani E.
De Nicola R.
De Nicola R.
De Santis A.
Degiovanni I. P.
Demetrescu C.
Di Battista G.
Di Corinto A.
Di Luna A.
Di Martino B.
Di Natale G.
Dini G.
D’Antonio S.
Evangelisti M.
Falcinelli D.
Ferretti M.
Ficco M.
Figà G.
Flocchini P.
Flottes M.
Focardi R.
Franchina . Furfaro
Girdinio P.
Guida F.
Italiano G. F.
Lain D.
Laurenti N.
Lioy A.
Loreti M.
Malerba D.
Mancini L. V.
Marchetti Spaccamela A.
Marcialis G.
Margheri A.
Marrella A.
Martinelli F.
Martinelli M.
Martino L.
Massacci F.
Mayer M.
Mecella M.
Mensi M.
Merlo A.
Miculan M.
Montanari L.
Morana M.
Mosco G. D.
Mostarda L.
Murino V.
Nardi D.
Navigli R.
Palazzi A.
Palmieri F.
Panetta I. C.
Passarella A.
Pellegrini A.
Pellegrino G.
Pelosi G.
Pirlo G.
Piuri V.
Pizzonia M.
Pogliani M.
Polino M.
Pontil M.
Prinetto P.
Prinetto P.
Quaglia F.
Quattrociocchi W.
Querzoni L.
Rak M.
Ranise S.
Ricci E.
Rossi L.
Rota P.
Russo L. O.
Samarati P.
Santoro N.
Santucci B.
Sassone V.
Scala A.
Scotti F.
Servida A.
Spagnoletti P.
Spalazzi L.
Spidalieri F.
Spoto A.
Squarcina M.
Stefanelli S.
Vecchio A.
Venticinque S.
Villoresi P.
Visaggio A.
Vitaletti A.
Zanero S.
Publication venue
Publication date: 01/01/2018
Field of study

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Archivio della ricerca- Università di Roma La Sapienza