Smart Metering Communication Protocols and Performance Under Cyber Security Vulnerabilities

The communication process is the key that characterizes the modern concept of smart grid, a new technology that introduced a “two-way communication” in energy measurement systems and can be best represented through the smart meters. Hence, the goal of smart metering communication is to ensure a secure and reliable transmission of information that can only be accessed by end users and energy supplying companies. With the goal of improving the information security in smart energy grids, the research presented in this work focused on studying different advanced metering infrastructure communication protocols and, it showcases a series of experiments performed on smart meters to evaluate their defenses against a set of cybersecurity attacks. A small-scale simulation of a smart metering system was performed in the cybersecurity laboratory in the department of Electrical and Computer Engineering at the University of Texas - Rio Grande Valley; and specialized software applications were developed to retrieve data in real time. Our experimental results demonstrated that security attacks have a considerable impact on the communication aspect of smart meters. This could help making smart meter manufacturing companies aware of the dangers caused by cyber-attacks and develop robust defenses against security attacks and enhance overall efficiency and reliability of the smart grid power delivery

Modeling Damage Spread, Assessment, and Recovery of Critical Systems

Critical infrastructure systems have recently become more vulnerable to attacks on their data systems through internet connectivity. If an attacker is successful in breaching a system’s defenses, it is imperative that operations are restored to the system as quickly as possible. This thesis focuses on damage assessment and recovery following an attack. A literature review is first conducted on work done in both database protection and critical infrastructure protection, then the thesis defines how damage affects the relationships between data and software. Then, the thesis proposes a model using a graph construction to show the cascading affects within a system after an attack. This thesis also presents an algorithm that uses the graph to compute an optimal recovery plan that prioritizes the most important damaged components first so that the vital modules of the system become functional as soon as possible. This allows for the most critical operations of a system to resume while recovery for less important components is still being performed. The thesis shows results from simulations using the recovery algorithm on data graphs with various parameters. After that, a second model is proposed that accounts for the time elapsed after an attack to perform a more precise damage assessment. By doing this, it can be determined how far damage can spread, then unaffected parts of the system can be released for possible use. Simulations are also done on this model to show the changes in damage assessment when different parameters are altered

Professional English. Fundamentals of Software Engineering

Посібник містить оригінальні тексти фахового змісту, які супроводжуються термінологічним тематичним вокабуляром та вправами різного методичного спрямування. Для студентів, які навчаються за напрямами підготовки: «Програмна інженерія», «Комп’ютерні науки» «Комп’ютерна інженерія»

Mathematics in Software Reliability and Quality Assurance

This monograph concerns the mathematical aspects of software reliability and quality assurance and consists of 11 technical papers in this emerging area. Included are the latest research results related to formal methods and design, automatic software testing, software verification and validation, coalgebra theory, automata theory, hybrid system and software reliability modeling and assessment

Security and Privacy for Modern Wireless Communication Systems

The aim of this reprint focuses on the latest protocol research, software/hardware development and implementation, and system architecture design in addressing emerging security and privacy issues for modern wireless communication networks. Relevant topics include, but are not limited to, the following: deep-learning-based security and privacy design; covert communications; information-theoretical foundations for advanced security and privacy techniques; lightweight cryptography for power constrained networks; physical layer key generation; prototypes and testbeds for security and privacy solutions; encryption and decryption algorithm for low-latency constrained networks; security protocols for modern wireless communication networks; network intrusion detection; physical layer design with security consideration; anonymity in data transmission; vulnerabilities in security and privacy in modern wireless communication networks; challenges of security and privacy in node–edge–cloud computation; security and privacy design for low-power wide-area IoT networks; security and privacy design for vehicle networks; security and privacy design for underwater communications networks

Security Enhanced Applications for Information Systems

Every day, more users access services and electronically transmit information which is usually disseminated over insecure networks and processed by websites and databases, which lack proper security protection mechanisms and tools. This may have an impact on both the users’ trust as well as the reputation of the system’s stakeholders. Designing and implementing security enhanced systems is of vital importance. Therefore, this book aims to present a number of innovative security enhanced applications. It is titled “Security Enhanced Applications for Information Systems” and includes 11 chapters. This book is a quality guide for teaching purposes as well as for young researchers since it presents leading innovative contributions on security enhanced applications on various Information Systems. It involves cases based on the standalone, network and Cloud environments

Corporate debt restructuring : evidence on lender coordination in financial distress

In the recent theoretical literature on lending risk, the coordination problem in multi-creditor relationships have been analyzed extensively. We address this topic empirically, relying on a unique panel data set that includes detailed credit-file information on distressed lending relationships in Germany. In particular, it includes information on creditor pools, a legal institution aiming at coordinating lender interests in borrower distress. We report three major findings. First, the existence of creditor pools increases the probability of workout success. Second, the results are consistent with coordination costs being positively related to pool size. Third, major determinants of pool formation are found to be the number of banks, the distribution of lending shares, and the severity of the distress shock

Japan's New Trade Policy:Good or Bad for ASEAN?

Because Japan is a primary investor and trading partner of all the troubled economies, in the midst of the crisis, Japan was called in to help the crisis-stricken countries by opening its market to cheaper imports from South East Asia. The article analyses the opening to trade of the Japanese economy with the help of a gravity equation on panel data using a Hausman-Taylor estimator. We show that there is no certainty that such a role, that is the opening of Japan, will have positive effects for the ASEAN countries, although no detrimental effects are expected. In the worst case scenario, this move and its impact on ASEAN countries would have neutral effect. This new Japanese policy, if applicable, appears to be not enough to (1) help ASEAN countries emerge from the financial crisis and (2) enable Japan to play the role it could and/or should in the region. Although many look at this solution – Japan opening its national market -- as the only one, on the contrary, Japanese help has been different and has proved to be very crucial to the ASEAN countries in need. In fact, the case of Malaysia is a good example of how Japan can help to foster the economy. Their experience shows that, next to trade ties, a greater emphasis can be put on a technical and/or other type of co-operation. Within this framework, Japan has helped Malaysia to recover faster from the crisis, without the former having to open wider its market to the latter. However, Japan is also driven by its own interests. Thus, if it wants to play a leading role in furthering ASEAN integration, especially in economic aspects, it will have to consider, soon or later, opening up its market to appear more reliable to its neighbours.Asian crisis – Hausman-Taylor – FDI, Gravity equation, Japan – ASEAN – Malaysia

A GENERIC ARCHITECTURE FOR INSIDER MISUSE MONITORING IN IT SYSTEMS

Intrusion Detection Systems (IDS) have been widely deployed within many organisations' IT nenvorks to delect network penetration attacks by outsiders and privilege escalation attacks by insiders. However, traditional IDS are ineffective for detecting o f abuse o f legitimate privileges by authorised users within the organisation i.e. the detection of misfeasance. In essence insider IT abuse does not violate system level controls, yet violates acceptable usage policy, business controls, or code of conduct defined by the organisation. However, the acceptable usage policy can vary from one organisation to another, and the acceptability o f user activities can also change depending upon the user(s), application, machine, data, and other contextual conditions associated with the entities involved. The fact that the perpetrators are authorised users and that the insider misuse activities do not violate system level controls makes detection of insider abuse more complicated than detection o f attacks by outsiders. The overall aim o f the research is to determine novel methods by which monitoring and detection may be improved to enable successful detection of insider IT abuse. The discussion begins with a comprehensive investigation o f insider IT misuse, encompassing the breadth and scale of the problem. Consideration is then given to the sufficiency of existing safeguards, with the conclusion that they provide an inadequate basis for detecting many o f the problems. This finding is used as the justification for considering research into alternative approaches. The realisation of the research objective includes the development of a taxonomy for identification o f various levels within the system from which the relevant data associated with each type of misuse can be collected, and formulation of a checklist for identification of applications that requires misfeasor monitoring. Based upon this foundation a novel architecture for monitoring o f insider IT misuse, has been designed. The design offers new analysis procedures to be added, while providing methods to include relevant contextual parameters from dispersed systems for analysis and reference. The proposed system differs from existing IDS in the way that it focuses on detecting contextual misuse of authorised privileges and legitimate operations, rather than detecting exploitation o f network protocols and system level \ailnerabilities. The main concepts of the new architecture were validated through a proof-of-concept prototype system. A number o f case scenarios were used to demonstrate the validity of analysis procedures developed and how the contextual data from dispersed databases can be used for analysis of various types of insider activities. This helped prove that the existing detection technologies can be adopted for detection o f insider IT misuse, and that the research has thus provided valuable contribution to the domain