Continuous risk assessment in secure DevOps

DevOps (development and operations), has significantly changed the way to overcome deficiencies for delivering high-quality software to production environments. Past years witnessed an increased interest in embedding DevOps with cybersecurity in an approach dubbed secure DevOps. However, as the practices and guidance mature, teams must consider them within a broader risk context. We argue here how secure DevOps could profit from engaging with risk related activities within organisations. We focus on combining Risk Assessment (RA), particularly Threat Modelling (TM) and apply security considerations early in the software life-cycle. Our contribution provides a roadmap for enacting secure DevOps alongside risk objectives, devising informed ways to improve TM and establishing effective security underpinnings in organisations focusing on software products and services. We aim to outline proven methods over the literature on the subject discussing case studies, technologies, and tools. It presents a case study for a real-world inspired organisation employing the proposed approach with a discussion. Enforcing these novel mechanisms centred on security requires investment, training, and stakeholder engagement. It requires understanding the actual benefits of automation in light of Continuous Integration/Continuous Delivery settings that improve the overall quality of software solutions reaching the market

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

Cyber threat intelligence (CTI) is practical real-world information that is collected with the purpose of assessing threats in cyber-physical systems (CPS). A practical notation for sharing CTI is STIX. STIX offers facilities to create, visualise and share models; however, even a moderately simple project can be represented in STIX as a quite complex graph, suggesting to spread CTI across multiple simpler sub-projects. Our tool aims to enhance the STIX-based modelling task in contexts when such simplifications are infeasible. Examples can be the microgrid and, more in general, the smart grid.Comment: 11 pages, 8 figures, technical repor

Tools for modelling and simulating the Smart Grid

The Smart Grid (SG) is a Cyber-Physical System (CPS) considered a critical infrastructure divided into cyber (software) and physical (hardware) counterparts that complement each other. It is responsible for timely power provision wrapped by Information and Communication Technologies (ICT) for handling bi-directional energy flows in electric power grids. Enacting control and performance over the massive infrastructure of the SG requires convenient analysis methods. Modelling and simulation (M&S) is a performance evaluation technique used to study virtually any system by testing designs and artificially creating 'what-if' scenarios for system reasoning and advanced analysis. M&S avoids stressing the actual physical infrastructure and systems in production by addressing the problem in a purely computational perspective. Present work compiles a non-exhaustive list of tools for M&S of interest when tackling SG capabilities. Our contribution is to delineate available options for modellers when considering power systems in combination with ICT. We also show the auxiliary tools and details of most relevant solutions pointing out major features and combinations over the years

Unveiling the catalytic mechanism of a processive metalloaminopeptidase

Funding: C.M.C. is funded by the Wellcome Trust (210486/Z/18/Z and [204821/Z/16/Z] to the University of StAndrews). M.C.S.is funded by a PhD studentship from the University of St Andrews. B.E.B. acknowledges equipment funding by BBSRC (BB/R013780/1).Intracellular leucine aminopeptidases (PepA) are metalloproteases from the family M17. These enzymes catalyze peptide bond cleavage, removing N-terminal residues from peptide and protein substrates, with consequences for protein homeostasis and quality control. While general mechanistic studies using model substrates have been conducted on PepA enzymes from various organisms, specific information about their substrate preferences and promiscuity, choice of metal, activation mechanisms, and the steps that limit steady-state turnover remain unexplored. Here, we dissected the catalytic and chemical mechanisms of PaPepA: a leucine aminopeptidase from Pseudomonas aeruginosa. Cleavage assays using peptides and small-molecule substrate mimics allowed us to propose a mechanism for catalysis. Steady-state and pre-steady-state kinetics, pH rate profiles, solvent kinetic isotope effects, and biophysical techniques were used to evaluate metal binding and activation. This revealed that metal binding to a tight affinity site is insufficient for enzyme activity; binding to a weaker affinity site is essential for catalysis. Progress curves for peptide hydrolysis and crystal structures of free and inhibitor-bound PaPepA revealed that PaPepA cleaves peptide substrates in a processive manner. We propose three distinct modes for activity regulation: tight packing of PaPepA in a hexameric assembly controls substrate length and reaction processivity; the product leucine acts as an inhibitor, and the high concentration of metal ions required for activation limits catalytic turnover. Our work uncovers catalysis by a metalloaminopeptidase, revealing the intricacies of metal activation and substrate selection. This will pave the way for a deeper understanding of metalloenzymes and processive peptidases/proteases.Publisher PDFPeer reviewe

Estimating capacity and resource allocation in healthcare settings using business process modelling and simulation

Healthcare involves complex decision making from planning to resource management. Resources in hospitals are usually allocated by experienced managers,however, due to an inherent process complexity, decisions are surrounded by uncertainties, variabilities, and constraints. Information Systems must be robust enough to provide support to stakeholders, capable of controlling and support work flows. The present work explores the required synergy when combining business processes with discrete event simulation. The objective is to estimate performance indices and address capacity management of a surgical center as a case study.Postprin

cyberaCTIve: a STIX-based Tool for Cyber Threat Intelligence in Complex Models

Cyber threat intelligence (CTI) is practical real-world information that is collected with the purpose of assessing threats in cyber-physical systems (CPS). A practical notation for sharing CTI is STIX. STIX offers facilities to create, visualise and share models; however, even a moderately simple project can be represented in STIX as a quite complex graph, suggesting to spread CTI across multiple simpler sub-projects. Our tool aims to enhance the STIX-based modelling task in contexts when such simplifications are infeasible. Examples can be the microgrid and, more in general, the smart grid

Incorporating Cyber Threat Intelligence into Complex Cyber-Physical Systems: A STIX Model for Active Buildings

Active buildings can be briefly described as smart buildings with distributed and renewable energy resources able to energise other premises in their neighbourhood. As their energy capacity is significant, they can provide ancillary services to the traditional power grid. As such, they can be a worthy target of cyber-attacks potentially more devastating than if targeting traditional smart buildings. Furthermore, to handshake energy transfers, they need additional communications that add up to their attack surface. In such a context, security analysis would benefit from collection of cyber threat intelligence (CTI). To facilitate the analysis, we provide a base active building model in STIX in the tool cyberaCTIve that handles complex models. Active buildings are expected to implement standard network security measures, such as intrusion-detection systems. However, to timely respond to incidents, real-time detection should promptly update CTI, as it would significantly speed up the understanding of the nature of incidents and, as such, allow for a more effective response. To fill this gap, we propose an extension to the tool cyberaCTIve with a web service able to accept (incursion) feeds in real-time and apply the necessary modifications to a STIX model of interest

Aging and Rejuvenation Models of Load Changing Attacks in Micro-Grids

Recent cyber-attacks in critical infrastructures have highlighted the importance of investigating how to improve Smart-Grids (SG) resiliency. In the future, it is envisioned that grid connected micro-grids would have the ability of operating in 'islanded mode’ in the event of a grid-level failure. In this work, we propose a method for unfolding aging and rejuvenation models into their sequential counterparts to enable the computation of transient state probabilities in the proposed models. We have applied our methodology to one specific security attack scenario and four large campus micro-grids case studies. We have shown how to convert the software aging and rejuvenation, with cycles, to its unfolded counterpart. We then used the unfolded counterpart to support the survivability computation. We were able to analytically evaluate the transient failure probability and the associated Instantaneous Expected Energy Not Supplied metric, for each of the four case studies, from one specific attack. We envision several practical applications of the proposed methodology. First, because the micro-grid model is solved analytically, the approach can be used to support micro-grid engineering optimizations accounting for security intrusions. Second, micro-grid engineers could use the approach to detect security attacks by monitoring for unexpected deviations of the Energy Not Supplied metric

Modelling Load-Changing Attacks in Cyber-Physical Systems

Cyber-Physical Systems (CPS) are present in many settings addressing a myriad of purposes. Examples are Internet-of-Things (IoT) or sensing software embedded in appliances or even specialised meters that measure and respond to electricity demands in smart grids. Due to their pervasive nature, they are usually chosen as recipients for larger scope cyber-security attacks. Those promote system-wide disruptions and are directed towards one key aspect such as confidentiality, integrity, availability or a combination of those characteristics. Our paper focuses on a particular and distressing attack where coordinated malware infected IoT units are maliciously employed to synchronously turn on or off high-wattage appliances, affecting the grid's primary control management. Our model could be extended to larger (smart) grids, Active Buildings as well as similar infrastructures. Our approach models Coordinated Load-Changing Attacks (CLCA) also referred as GridLock or BlackIoT, against a theoretical power grid, containing various types of power plants. It employs Continuous-Time Markov Chains where elements such as Power Plants and Botnets are modelled under normal or attack situations to evaluate the effect of CLCA in power reliant infrastructures. We showcase our modelling approach in the scenario of a power supplier (e.g. power plant) being targeted by a botnet. We demonstrate how our modelling approach can quantify the impact of a botnet attack and be abstracted for any CPS system involving power load management in a smart grid. Our results show that by prioritising the type of power-plants, the impact of the attack may change: in particular, we find the most impacting attack times and show how different strategies impact their success. We also find the best power generator to use depending on the current demand and strength of attack

Securing the Electric Vehicle Charging Infrastructure

Electric Vehicles (EVs) can help alleviate our reliance on fossil fuels for transport and electricity systems. However, charging millions of EV batteries requires management to prevent overloading the electricity grid and minimise costly upgrades that are ultimately paid for by consumers. Managed chargers, such as Vehicle-to-Grid (V2G) chargers, allow control over the time, speed and direction of charging. Such control assists in balancing electricity supply and demand across a green electricity system and could reduce costs for consumers. Smart and V2G chargers connect EVs to the power grid using a charging device which includes a data connection to exchange information and control commands between various entities in the EV ecosystem. This introduces data privacy concerns and is a potential target for cyber-security attacks. Therefore, the implementation of a secure system is crucial to permit both consumers and electricity system operators to trust smart charging and V2G. In principle, we already have the technology needed for a connected EV charging infrastructure to be securely enabled, borrowing best practices from the Internet and industrial control systems. We must properly adapt the security technology to take into account the challenges peculiar to the EV charging infrastructure. Challenges go beyond technical considerations and other issues arise such as balancing trade-offs between security and other desirable qualities such as interoperability, scalability, crypto-agility, affordability and energy efficiency. This document reviews security and privacy topics relevant to the EV charging ecosystem with a focus on smart charging and V2G