Smart Grid Threat Modelling Tool Documentation

publishedVersio

A method for threat modelling of industrial control systems

In this paper, we propose a new method for threat modelling of industrial control systems (ICS). The method is designed to be flexible and easy to use. Model elements inspired by IEC 62443 and Data Flow Diagrams (DFD) are used to create a model of the ICS under consideration. Starting from this model, threats are identified by investigating how the confidentiality, integrity and availability of different functions in the ICS can be attacked. Finally, threats are prioritised and mitigations are proposed for those threats that are not accepted by the ICS owner. We briefly illustrate the use of the method on a simplified and fictitious power grid secondary substation case.acceptedVersio

A Survey on Infrastructure-as-Code Solutions for Cloud Development

Cloud software is increasingly written according to the DevOps paradigm, where use of virtualization and Infrastructure-as-Code is prevalent. This paper surveys the state of the art of IaC cloud development, and proposes a combination of Cloud-Native software to build an on-premise PaaS for a Security Lab.acceptedVersio

Quality Evaluations and algorithmic Improvement of the next Generation Video Coding - HEVC

The increased processing power and screen sizes of mobile devices has made it desirable to watch multimedia presentations on the go. On such devices the data network bandwidth is usually the limiting factor, which imposes a tradeoff between quality and resolution on the presented content. A new video compression system called High Efficiency Video Coding (HEVC) is currently under development. The vision of HEVC is to create a compression system that achieves the same quality at half the bit rate compared to the existing H.264/AVC standard [2].The goal of this thesis is to investigate how HEVC performs compared to H.264/AVC using mobile platforms and sport content as the scenario. The subjective test was conducted on an Apple iPad. It indicated that HEVC has a clear gain in compression compared to H.264/AVC. On average at a resolution of 640x368, HEVC achieved a good quality rating at approximately 550 kilobit per second while H.264/AVC did almost reach this quality at 1000 kilobit per second. However, it was shown that subjective quality gain varied over content.The objective measurements showed an overall reduction in bit rate of 32% forthe luma component. However, the reduction of bit rate was highly variable over content and resolution. A high correlation between the subjective and objective measurements was found, which indicates that it was almost a linear relationship between the reported subjective and objective results.In addition, a proposed deblocking filter was implemented. The filter applies a new filter function of the luma samples and performs line based filtering decision. On average the reduction in bit rate was reported to be 0.4%, with a maximum reduction of 0.8% for the luma component. The decoding time relative to the second version of the HEVC test model was reported to be 1.5% higher. This is most likely due to the line based filtering decision. The general impression of HEVC is that it has the ability to reach the stated vision, and perhaps even surpass, when finalized

Tool-assisted Threat Modeling for Smart Grid Cyber Security

Threat modeling is about identifying architectural flaws and weaknesses in a system in order to mitigate them and avoid unwanted incidents caused by an attacker. Tool assisted threat modeling has seen limited use in complex cyber physical systems involving both Information Technology (IT) and Operational Technology (OT) systems. In this paper, we investigate the applicability of tool-assisted threat modeling to the complex cyber-physical system that is the smart grid, and present a new Smart Grid template for the Microsoft Threat Modeling Tool. We demonstrate benefits of our smart grid threat modeling template on a use-case, and discuss limitations.acceptedVersio

Hamiltonian approach to hybrid plasma models

The Hamiltonian structures of several hybrid kinetic-fluid models are identified explicitly, upon considering collisionless Vlasov dynamics for the hot particles interacting with a bulk fluid. After presenting different pressure-coupling schemes for an ordinary fluid interacting with a hot gas, the paper extends the treatment to account for a fluid plasma interacting with an energetic ion species. Both current-coupling and pressure-coupling MHD schemes are treated extensively. In particular, pressure-coupling schemes are shown to require a transport-like term in the Vlasov kinetic equation, in order for the Hamiltonian structure to be preserved. The last part of the paper is devoted to studying the more general case of an energetic ion species interacting with a neutralizing electron background (hybrid Hall-MHD). Circulation laws and Casimir functionals are presented explicitly in each case.Comment: 27 pages, no figures. To appear in J. Phys.

Cybersecurity in railway - alternatives of independent assessors’ involvement in cybersecurity assurance

Cybersecurity and related security management become important issues in railway projects and operations when implementing new digitalised technology. The railway industry is facing an increasing degree of digitalisation like else in society. CENELEC issued the CLC/TS 50701 in 2021 that may become the most important basis for the railway actors to manage railway cybersecurity in context of the RAMS lifecycle processes. By connecting cybersecurity to the railway application lifecycles, CLC/TS 50701 supports the identification of system requirements related to cybersecurity, and preparation of the associated documentation for security assurance and system acceptance. Like the role of an independent safety assessor acting in the safety domain of railway, the authors believe in, and suggest an independent cybersecurity assessor to be involved in system assurance and acceptance with regards to cybersecurity. This paper presents alternatives to such involvement of an assessor and discusses the possible advantages and disadvantages of alternatives based on a set of parameters and criteria. Recommendations with respect to involvement are fully based on qualitative evaluations of the mentioned criteria. Preliminary results are derived from discussions among SINTEF researchers, as well as discussions with actors from the railway industry. The alternatives have been balanced and validated against findings in the literature, that also covered approaches seen in other industrial domains.publishedVersio

Kinetic energy-free Hartree–Fock equations: an integral formulation

We have implemented a self-consistent feld solver for Hartree–Fock calculations, by making use of Multiwavelets and Multiresolution Analysis. We show how such a solver is inherently a preconditioned steepest descent method and therefore a good starting point for rapid convergence. A distinctive feature of our implementation is the absence of any reference to the kinetic energy operator. This is desirable when Multiwavelets are employed, because diferential operators such as the Laplacian in the kinetic energy are challenging to represent correctly. The theoretical framework is described in detail and the implemented algorithm is both presented in the paper and made available as a Python notebook. Two simple examples are presented, highlighting the main features of our implementation: arbitrary predefned precision, rapid and robust convergence, absence of the kinetic energy operator