Trends in industrial control systems in ST Division and at CERN

Since the 1970s, industrial systems have been introduced in ST Division and have formed the basis for the overwhelming majority of the equipment for which it is responsible. The first systems were independent and not integrated into the accelerator control networks. This first generation included the Technical Control Room (TCR) site and networks monitoring system supplied by Télémécanique. In 1980, this system was replaced by the BBC and the Landis & Gyr systems for the cooling and ventilation equipment. In 1979, the Sprecher & Schuh system for the control of the electrical generator sets (with CERN's first PLC) was installed. Since the 1980s, these systems have been gradually integrated, initially using G64s as the interface with the PLCs, then, with the introduction of FactoryLink to handle H1 communications based on TCP/IP and, finally, with the Technical Data Server (TDS) and the TCP/IP communication replacing H1

Safety alarms at CERN

In order to operate the CERN accelerators complex safely, the acquisition, transport and management of safety alarms is of crucial importance. The French regulatory authority [Direction de Sûreté des Installations Nucléaires de Base (INB)] defines them as Level 3 alarms; they represent as such a danger for the life and require an immediate intervention of the Fire Brigade. Safety alarms are generated by fire and flammable gas detection systems, electrical emergency stops, and other safety related systems. Level 3 alarms are transmitted for reliability reasons to their operation centre: the CERN Safety Control Room (SCR) using two different media: the hard-wired network and a computer based system. The hard-wired networks are connected to local panels summarizing in 34 security areas the overall CERN geography. The computer based system offers data management facilities such as alarm acquisition, distribution, archiving and information correlation. The Level 3 alarms system is in constant evolution in order to achieve better reliability and to integrate new safety turn-key systems provided by industry

Utility Promises of Self-Organising Maps in Privacy Preserving Data Mining

Data mining techniques are highly efficient in sifting through big data to extract hidden knowledge and assist evidence-based decisions. However, it poses severe threats to individuals’ privacy because it can be exploited to allow inferences to be made on sensitive data. Researchers have proposed several privacy-preserving data mining techniques to address this challenge. One unique method is by extending anonymisation privacy models in data mining processes to enhance privacy and utility. Several published works in this area have utilised clustering techniques to enforce anonymisation models on private data, which work by grouping the data into clusters using a quality measure and then generalise the data in each group separately to achieve an anonymisation threshold. Although they are highly efficient and practical, however guaranteeing adequate balance between data utility and privacy protection remains a challenge. In addition to this, existing approaches do not work well with high-dimensional data, since it is difficult to develop good groupings without incurring excessive information loss. Our work aims to overcome these challenges by proposing a hybrid approach, combining self organising maps with conventional privacy based clustering algorithms. The main contribution of this paper is to show that, dimensionality reduction techniques can improve the anonymisation process by incurring less information loss, thus producing a more desirable balance between privacy and utility properties

Data protection in Cloud scenarios

We present a brief overview of the main challenges related to data protection that need to be addressed when data are stored, processed, or managed in the cloud. We also discuss emerging approaches and directions to address such challenges

Data security issues in cloud scenarios

The amount of data created, stored, and processed has enormously increased in the last years. Today, millions of devices are connected to the Internet and generate a huge amount of (personal) data that need to be stored and processed using scalable, efficient, and reliable computing infrastructures. Cloud computing technology can be used to respond to these needs. Although cloud computing brings many benefits to users and companies, security concerns about the cloud still represent the major impediment for its wide adoption. We briefly survey the main challenges related to the storage and processing of data in the cloud. In particular, we focus on the problem of protecting data in storage, supporting fine-grained access, selectively sharing data, protecting query privacy, and verifying the integrity of computations

Privacy in Microdata Release: Challenges, Techniques, and Approaches

Releasing and disseminating useful microdata while ensuring that no personal or sensitive information is improperly exposed is a complex problem, heavily investigated by the scientific community in the past couple of decades. Various microdata protection approaches have then been proposed, achieving different privacy requirements through appropriate protection techniques. This chapter discusses the privacy risks that can arise in microdata release and illustrates some well-known privacy-preserving techniques and approaches

De-identifying a public use microdata file from the Canadian national discharge abstract database

<p>Abstract</p> <p>Background</p> <p>The Canadian Institute for Health Information (CIHI) collects hospital discharge abstract data (DAD) from Canadian provinces and territories. There are many demands for the disclosure of this data for research and analysis to inform policy making. To expedite the disclosure of data for some of these purposes, the construction of a DAD public use microdata file (PUMF) was considered. Such purposes include: confirming some published results, providing broader feedback to CIHI to improve data quality, training students and fellows, providing an easily accessible data set for researchers to prepare for analyses on the full DAD data set, and serve as a large health data set for computer scientists and statisticians to evaluate analysis and data mining techniques. The objective of this study was to measure the probability of re-identification for records in a PUMF, and to de-identify a national DAD PUMF consisting of 10% of records.</p> <p>Methods</p> <p>Plausible attacks on a PUMF were evaluated. Based on these attacks, the 2008-2009 national DAD was de-identified. A new algorithm was developed to minimize the amount of suppression while maximizing the precision of the data. The acceptable threshold for the probability of correct re-identification of a record was set at between 0.04 and 0.05. Information loss was measured in terms of the extent of suppression and entropy.</p> <p>Results</p> <p>Two different PUMF files were produced, one with geographic information, and one with no geographic information but more clinical information. At a threshold of 0.05, the maximum proportion of records with the diagnosis code suppressed was 20%, but these suppressions represented only 8-9% of all values in the DAD. Our suppression algorithm has less information loss than a more traditional approach to suppression. Smaller regions, patients with longer stays, and age groups that are infrequently admitted to hospitals tend to be the ones with the highest rates of suppression.</p> <p>Conclusions</p> <p>The strategies we used to maximize data utility and minimize information loss can result in a PUMF that would be useful for the specific purposes noted earlier. However, to create a more detailed file with less information loss suitable for more complex health services research, the risk would need to be mitigated by requiring the data recipient to commit to a data sharing agreement.</p

Protecting information privacy in the electronic society

The privacy of users, the confidentiality of organizations, and the protection of huge collections of sensitive information, possibly related to data that might be released publicly or semi-publicly for various purposes, are essential requirements for the today\u2019s Electronic Society. In this chapter, we discuss the main privacy concerns that arise when releasing information to third parties. In particular, we focus on the data publication and data outsourcing scenarios, illustrating the emerging trends in terms of privacy and data protection and identifying some research directions to be investigated