Forensic Attacks Analysis and the Cyber Security of Safety-Critical Industrial Control Systems

Industrial Control Systems (ICS) and SCADA (Supervisory Control And Data Acquisition) applications monitor and control a wide range of safety-related functions. These include energy generation where failures could have significant, irreversible consequences. They also include the control systems that are used in the manufacture of safety-related products. In this case bugs in an ICS/SCADA system could introduce flaws in the production of components that remain undetected before being incorporated into safety-related applications. Industrial Control Systems, typically, use devices and networks that are very different from conventional IP-based infrastructures. These differences prevent the re-use of existing cyber-security products in ICS/SCADA environments; the architectures, file formats and process structures are very different. This paper supports the forensic analysis of industrial control systems in safety-related applications. In particular, we describe how forensic attack analysis is used to identify weaknesses in devices so that we can both protect components but also determine the information that must be analyzed during the aftermath of a cyber-incident. Simulated attacks detect vulnerabilities; a risk-based approach can then be used to assess the likelihood and impact of any breach. These risk assessments are then used to justify both immediate and longer-term countermeasures

Qualitative and quantitative analysis of mixtures of compounds containing both hydrogen and deuterium

Method allows qualitative and quantitative analysis of mixtures of partially deuterated compounds. Nuclear magnetic resonance spectroscopy determines location and amount of deuterium in organic compounds but not fully deuterated compounds. Mass spectroscopy can detect fully deuterated species but not the location

Measuring the landscape of civil war : evaluating geographic coding decisions with historic data from the Mau Mau rebellion

This research has been supported by grants from the Air Force Office of Scientific Research (FA9550-09-1-0314) and the Department of Defense Minerva Initiative through the Office of Naval Research (N00014-14-0071).Subnational conflict research increasingly utilizes georeferenced event datasets to understand contentious politics and violence. Yet, how exactly locations are mapped to particular geographies, especially from unstructured text sources such as newspaper reports and archival records, remains opaque and few best practices exist for guiding researchers through the subtle but consequential decisions made during geolocation. We begin to address this gap by developing a systematic approach to georeferencing that articulates the strategies available, empirically diagnoses problems of bias created by both the data-generating process and researcher-controlled tasks, and provides new generalizable tools for simultaneously optimizing both the recovery and accuracy of coordinates. We then empirically evaluate our process and tools against new microlevel data on the Mau Mau Rebellion (Colonial Kenya 1952-1960), drawn from 20,000 pages of recently declassified British military intelligence reports. By leveraging a subset of this data that includes map codes alongside natural language location descriptions, we demonstrate how inappropriately georeferencing data can have important downstream consequences in terms of systematically biasing coefficients or altering statistical significance and how our tools can help alleviate these problems.PostprintPeer reviewe

Defending Against Firmware Cyber Attacks on Safety-Critical Systems

In the past, it was not possible to update the underlying software in many industrial control devices. Engineering teams had to ‘rip and replace’ obsolete components. However, the ability to make firmware updates has provided significant benefits to the companies who use Programmable Logic Controllers (PLCs), switches, gateways and bridges as well as an array of smart sensor/actuators. These updates include security patches when vulnerabilities are identified in existing devices; they can be distributed by physical media but are increasingly downloaded over Internet connections. These mechanisms pose a growing threat to the cyber security of safety-critical applications, which are illustrated by recent attacks on safety-related infrastructures across the Ukraine. Subsequent sections explain how malware can be distributed within firmware updates. Even when attackers cannot reverse engineer the code necessary to disguise their attack, they can undermine a device by forcing it into a constant upload cycle where the firmware installation never terminates. In this paper, we present means of mitigating the risks of firmware attack on safety-critical systems as part of wider initiatives to secure national critical infrastructures. Technical solutions, including firmware hashing, must be augmented by organizational measures to secure the supply chain within individual plants, across companies and throughout safety-related industries

Presidential address 2017 William Harkness FRCS October 10th 2017 Denver, Co USA: 2017—annus mirabilis, a global view of neurosurgery for children

The following presidential address was delivered at the 45th Annual Meeting of the ISPN held in Denver, CO, USA in October 2017

Respondents' ratings of expressions from response scales: a two-country, two-language investigation on equivalence and translation

"The paper presents German-American research on expressions from response scales used in cross-national and cross-lingual survey research. Respondents in the United States and Germany were asked to rate expression for the degrees of intensity they were held to express. The scales used were scales of agreement, importance and for/against. The findings of the study raise as many questions as they answer. Translation-based pairings of expressions across English and German work well but not perfectly. Symmetrical response scales often lead to artificial-sounding 'scalespeak' constructions: their effect on scale responses is unknown. Well-matched translation pairings were sometimes differently scored across the populations. Germans and Americans differed in the range of scale points they employed and in the range of vocabulary used to 'explain' expressions. The study is seen as a first step towards understanding cross-national response scale issues." (author's abstract

Letter from William Harkness, Rear Admiral U.S. Navy to Andrew Inglis Clark, Hobart, Tasmania, 1898.

Letter from William Harkness, Rear Admiral U.S. Navy to Andrew Inglis Clark, Hobart, Tasmania, 1898 congratulating him on his elevation to the Supreme Court and recounting Harkness' illness. C4/C19