Trends in Process Control Systems Security

The protection of critical infrastructure systems is a hotly debated topic. The very label critical infrastructure implies that these systems are important, and they are: they support our everyday lives, from the water and food in our homes to our physical and financial welfare. This article explores the recent evolution of programmable logic controllers (PCSs) and their environments, explains the need for improved security in these systems, and describes some of the emerging research areas that offer promise in PCS security

Trustworthy Computing Needs

The very label critical infrastructure implies that such systems are important. They are. Within the US alone, there are approximately 28,600 networked Federal Deposit Insurance Corporation (FDIC) institutions, 2 million miles of oil/gas pipelines, 2,800 power plants with 300,000 production sites, 104 nuclear power plants, 80,000 dams, 60,000 chemical plants, 87,000 food processing plants, and 1,600 water treatment plants. And, this is just part of our national infrastructure. Add to this telecommunications and other everyday utilities and the scope is enormous. Most of these systems, alone, would qualify as a network-centric system; that is, a system of systems (SoS) whose totality provides additional functionality over each of the aggregate systems - in other words, an SoS is truly greater than the sum of each of its parts. For example, in the electric power grid, a utility can trade power daily (even hourly) with its neighbors, thereby assuring its customers of continued service. This connectivity provides robustness of service; unfortunately, it also provides an access point for interdependency which can lead to a cascading failure, - the domino effect that was seen in the 14 August 2003 blackout and numerous other incidents. With the realization that most network-centric systems are critical comes the acceptance that we need to make these systems more trustworthy . Given the complexity and scale of these systems, zero-defect software (while admirable) is a daunting goal. Trustworthiness, however, may be achievable. By trustworthiness we mean that as humans we expect that the non-human system will behave in some reliable, predictable form with reasonable recovery techniques when problems are encountered. This paper highlights the network-centric system attributes which should be considered in any integration effort, as well as commercial off-the-shelf (COTS) encapsulation techniques, and other engineering trade-offs in .a large-scale design and development effort

A Schooling on Their Implications for Software Engineering [Trends]

A discussion is presented on trends in software engineering. This can be done by simply extrapolating some of the popular, current trends. And, in fact, we examine a few of these obvious indicators. However, software engineering has had new approaches that are more revolutionary than evolutionary. In particular, we try to discern trends in software engineering based on trends in delivered software systems

A Semantic Agent Framework for Cyber-Physical Systems

The development of accurate models for cyber-physical systems (CPSs) is hampered by the complexity of these systems, fundamental differences in the operation of cyber and physical components, and significant interdependencies among these components. Agent-based modeling shows promise in overcoming these challenges, due to the flexibility of software agents as autonomous and intelligent decision-making components. Semantic agent systems are even more capable, as the structure they provide facilitates the extraction of meaningful content from the data provided to the software agents. In this book chapter, we present a multi-agent model for a CPS, where the semantic capabilities are underpinned by sensor networks that provide information about the physical operation to the cyber infrastructure. As a specific example of the semantic interpretation of raw sensor data streams, we present a failure detection ontology for an intelligent water distribution network as a model CPS. The ontology represents physical entities in the CPS, as well as the information extraction, analysis and processing that takes place in relation to these entities. The chapter concludes with introduction of a semantic agent framework for CPS, and presentation of a sample implementation of the framework using C++

Optimal Energy-Delay Routing Protocol with Trust Levels for Wireless Ad Hoc Networks

This paper presents the Trust Level Routing (TLR) pro- tocol, an extension of the optimized energy-delay rout- ing (OEDR) protocol, focusing on the integrity, reliability and survivability of the wireless network. TLR is similar to OEDR in that they both are link state routing proto- cols that run in a proactive mode and adopt the concept of multi-point relay (MPR) nodes. However, TLR aims at incorporating trust levels into routing by frequently changing the MPR nodes as well as authenticating the source node and contents of control packets. TLR calcu- lates the link costs based on a composite metric (delay incurred, energy available at the neighbor node, energy spent during transmission and the number of packets sent on each link) for the selection ofMPR nodes. We highlight the vulnerabilities in OEDR and show ways to counter the possible attacks by using authentication and traffic par- tition as a basis for mitigating the effects of malicious activity. Network simulator NS2 results show that TLR delivers the packets with a noticeable decrease in the av- erage end-to-end delay with a small increase in the power consumed due to the additional computational overhead attributed to the security extension

Taxonomy of Systems-of-Systems

The study of systems-of-systems is an increasingly important topic in systems engineering. Though there is not complete agreement, a more precise definition of what these highly evolved systems are and what attributes they possess has certainly emerged. However, there are still areas in the study where the topic can be advanced by a more rigorous presentation of the basic elements. One such area is the taxonomy of systems-ofsystems. This paper will begin with the definition of systems-of-systems as it currently stands and will present the taxonomy from a broader view with additional considerations for classification. These taxonomic categories will consider dimensions in the classification of systems-ofsystems based on their acquisition strategy, operational mode, and problem domain with examples in each case

Blueprint for Iteratively Hardening Power Grids Employing Unified Power Flow Controllers

A stable electricity supply is vital for modern society. However, many parts of our power transmission grid are operating near their operational limits. Such stressed systems are vulnerable to cascading failures, where a few small faults can induce a cascade of failures potentially leading to a major blackout The unified power flow controller (UPFC), the most powerful highspeed, semi-conductor based power flow device, can be used as a theoretical model to study how these devices can be used to improve power grid resilience. The blueprint presented here can be used to iteratively identify critical weaknesses in power grids and to recommend a means of fixing these weaknesses via the installation of UPFCs. This approach to hardening the power transmission grid will make it less prone to blackouts and better able to forestall or reduce the severity of unavoidable blackouts

System Evaluation and Description Using Abstract Relation Types (ART)

Two abstract relation types (ART) are developed to represent, describe and establish a computational framework for a system. An abstract relation type is closely related to and builds upon two fundamental ideas. The first idea is the binary relation and structural modeling techniques developed by John N. Warfield. The second idea is the concept of abstract data types. These two ideas are combined to create an abstract relation type that provides a structured representation and computational method for systems and system components. The complete system description approach is based on six abstract relation types: context, concept, functions, requirements, architecture, and test (CCFRAT). When combined with digraphs and other graphical representations of the matrix form, ART provides a powerful tool for the communication of complex system interactions to large system design teams