Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

A mechanized proof of loop freedom of the (untimed) AODV routing protocol

The Ad hoc On-demand Distance Vector (AODV) routing protocol allows the nodes in a Mobile Ad hoc Network (MANET) or a Wireless Mesh Network (WMN) to know where to forward data packets. Such a protocol is 'loop free' if it never leads to routing decisions that forward packets in circles. This paper describes the mechanization of an existing pen-and-paper proof of loop freedom of AODV in the interactive theorem prover Isabelle/HOL. The mechanization relies on a novel compositional approach for lifting invariants to networks of nodes. We exploit the mechanization to analyse several improvements of AODV and show that Isabelle/HOL can re-establish most proof obligations automatically and identify exactly the steps that are no longer valid.Comment: The Isabelle/HOL source files, and a full proof document, are available in the Archive of Formal Proofs, at http://afp.sourceforge.net/entries/AODV.shtm

Holistic analysis of mix protocols

Security protocols are often analysed in isolation as academic challenges. However, the real world can require various combinations of them, such as a certified email protocol executed over a resilient channel, or the key registration protocol to precede the purchase protocols of Secure Electronic Transactions (SET). We develop what appears to be the first scalable approach to specifying and analysing mix protocols. It expands on the Inductive Method by exploiting the simplicity with which inductive definitions can refer to each other. This lets the human analyst study each protocol separately first, and then derive holistic properties about the mix. The approach, which is demonstrated on the sequential composition of a certification protocol with an authentication one, is not limited by the features of the protocols, which can, for example, share message components such as cryptographic keys and nonces. It bears potential for the analysis of complex protocols constructed by general composition of others

A look at cloud architecture interoperability through standards

Enabling cloud infrastructures to evolve into a transparent platform while preserving integrity raises interoperability issues. How components are connected needs to be addressed. Interoperability requires standard data models and communication encoding technologies compatible with the existing Internet infrastructure. To reduce vendor lock-in situations, cloud computing must implement universal strategies regarding standards, interoperability and portability. Open standards are of critical importance and need to be embedded into interoperability solutions. Interoperability is determined at the data level as well as the service level. Corresponding modelling standards and integration solutions shall be analysed

Science for Global Ubiquitous Computing

This paper describes an initiative to provide theories that can underlie the development of the Global Ubiquitous Computer, the network of ubiquitous computing devices that will pervade the civilised world in the course of the next few decades. We define the goals of the initiative and the criteria for judging whether they are achieved; we then propose a strategy for the exercise. It must combine a bottom-up development of theories in directions that are currently pursued with success, together with a top-down approach in the form of collaborative projects relating these theories to engineered systems that exist or are imminent

Sketch-Based Interfaces to Support Collaborative Conceptual Design Learning

In order to gain a better understanding of online collaborative conceptual design processes this paper investigates how student designers make use of Lyceum, a shared virtual synchronous environment when engaged in conceptual design. The software enables users to talk to each other and share sketches when they are remotely located. The paper describes a novel methodology for observing and analysing collaborative design processes by adapting the concepts of grounded theory. Rather than concentrating on narrow aspects of the final artefacts, emerging 'themes' are generated that provide a broader picture of collaborative design process and context descriptions. Findings on the themes of 'grounding – mutual understanding' and 'support creativity' complement findings from other research, while important themes associated with 'near-synchrony' have not been emphasised in other research. From the study, a series of design recommendations are made for the development of tools to support online computer-supported collaborative work in design using a shared virtual environment