Applications of Expert Systems in Transport

BACKGROUND Experienced judgement and specialist knowledge are essential to the proper specification, understanding and interpretation of data and computer analyses. The human expert has traditionally supplied this knowledge and judgement with the computer doing the necessary number-crunching. However, artificial intelligence (AI) research provides ways of embodying this knowledge and judgement within computer programs. Despite an early lead in the field, UK research and developmnent into AI techniques was held back in the 1970s when the then Science Research Council took the view that the 'combinatorial explosion' of possibilities would be an insurmountable obstacle to AI developent. But in America and Japan research continued, and the surge of interest in the 1980s has been a consequence of the 'Fifth Generation Computer' research programme initiated by Japan (Feigenbaum and McCorduck; 1984). This led in Europe to the ESPRIT programme of advanced technology research, and in the UK to the Alvey programme (Department of Industry, 1982). As a result, all sectors of industry have been encouraged to consider how such advanced technology can be applied, and the transport industry is no exception. This paper sets out to explain some of the relevant techniques in simple terms, and to describe a number of situations in which transport planning and operations might be helped through their use, illustrating this by reference to the pioneering work going on in transport applications in the USA, Britain and Australia

Stealthy Deception Attacks Against SCADA Systems

SCADA protocols for Industrial Control Systems (ICS) are vulnerable to network attacks such as session hijacking. Hence, research focuses on network anomaly detection based on meta--data (message sizes, timing, command sequence), or on the state values of the physical process. In this work we present a class of semantic network-based attacks against SCADA systems that are undetectable by the above mentioned anomaly detection. After hijacking the communication channels between the Human Machine Interface (HMI) and Programmable Logic Controllers (PLCs), our attacks cause the HMI to present a fake view of the industrial process, deceiving the human operator into taking manual actions. Our most advanced attack also manipulates the messages generated by the operator's actions, reversing their semantic meaning while causing the HMI to present a view that is consistent with the attempted human actions. The attacks are totaly stealthy because the message sizes and timing, the command sequences, and the data values of the ICS's state all remain legitimate. We implemented and tested several attack scenarios in the test lab of our local electric company, against a real HMI and real PLCs, separated by a commercial-grade firewall. We developed a real-time security assessment tool, that can simultaneously manipulate the communication to multiple PLCs and cause the HMI to display a coherent system--wide fake view. Our tool is configured with message-manipulating rules written in an ICS Attack Markup Language (IAML) we designed, which may be of independent interest. Our semantic attacks all successfully fooled the operator and brought the system to states of blackout and possible equipment damage