Cyber Security Framework for Critical Infrastructure

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Download Full-text

Cyber Attacks on Critical Infrastructure

Advances in Digital Crime, Forensics, and Cyber Terrorism - Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance ◽

10.4018/978-1-4666-6324-4.ch001 ◽

2015 ◽

pp. 1-18 ◽

Cited By ~ 1

Author(s):

Ana Kovacevic ◽

Dragana Nikolic

Keyword(s):

Control Systems ◽

Cyber Security ◽

Critical Infrastructure ◽

Cyber Attacks ◽

Cyber Attack ◽

Future Directions ◽

Infrastructure Systems ◽

Cyber Threats ◽

Scada Systems ◽

Insight Into

We are facing the expansion of cyber incidents, and they are becoming more severe. This results in the necessity to improve security, especially in the vulnerable field of critical infrastructure. One of the problems in the security of critical infrastructures is the level of awareness related to the effect of cyberattacks. The threat to critical infrastructure is real, so it is necessary to be aware of it and anticipate, predict, and prepare against a cyber attack. The main reason for the escalation of cyberattacks in the field of Critical Infrastructure (CI) may be that most control systems used for CI do not utilise propriety protocols and software anymore; they instead utilise standard solutions. As a result, critical infrastructure systems are more than ever before becoming vulnerable and exposed to cyber threats. It is important to get an insight into what attack types occur, as this may help direct cyber security efforts. In this chapter, the authors present vulnerabilities of SCADA systems against cyber attack, analyse and classify existing cyber attacks, and give future directions to achieve better security of SCADA systems.

Download Full-text

Maturity and Process Capability Models and Their Use in Measuring Resilience in Critical Infrastructure Protection Sectors

Transportation Systems and Engineering ◽

10.4018/978-1-4666-8473-7.ch025 ◽

2015 ◽

pp. 506-526

Author(s):

Clemith J. Houston Jr. ◽

Douglas C. Sicker

Keyword(s):

Risk Management ◽

Cyber Security ◽

Critical Infrastructure ◽

Process Capability ◽

Critical Infrastructure Protection ◽

Maturity Models ◽

Infrastructure Protection ◽

Management Capabilities ◽

Use Of Models ◽

Measurement Capabilities

This paper provides a literature review and survey of maturity and process capability models, Critical Infrastructure Protection (CIP) tools and frameworks to identify strategies for assessing and measuring resilience and risk management capabilities, with a specific focus on the electricity generating sector. The focus is on the use of models such as CERT-RMM, and others, as a means of addressing challenges associated with cyber security and risk management. Foundational concepts, terminology and definitions are provided; examples of maturity and process capability models are presented and discussed, tools that enable process capability and resilience are identified, including those specific to the electricity generating sector. The evolution of models and how they have addressed challenges is presented, in addition to the characteristics and differences of models and the growth in domains where they can be used. The benefits of the application of process capability and maturity models in maintaining and enhancing resilience and cyber security protection is supported in this paper and recommendations for research opportunities that may yield further insight and measurement capabilities are offered.

Download Full-text

Cyber Attacks and Preliminary Steps in Cyber Security in National Protection

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch013 ◽

2018 ◽

pp. 213-229

Author(s):

Faruk Aydin ◽

O. Tolga Pusatli

Keyword(s):

Cyber Security ◽

Information Technologies ◽

Critical Infrastructure ◽

National Development ◽

Cyber Attacks ◽

Public Institutions ◽

Private Companies ◽

Nation States ◽

Development Plans ◽

Security Standards

Cyber attacks launched by individuals and/or supported by nation states have increased due to the prevalence of information technologies at critical infrastructure of the states. In this chapter, such attacks and consecutive impacts are visited. In connection with this issue, evolution of cyber threats from annoying malware to serious weapons is studied by examples; hence, precautions against such threats are visited and usage of anti-malware applications as prevalent precautions is assessed within the scope. Selected information security standards and strategies of selected states and precautions for cyber security of Turkey are studied. Our findings underline that educated citizens and companies along with public institutions should cooperate to provide a nationwide cyber security. Consequently, it is defended that governments should play an affective role to protect, educate, and guide governmental and private companies and citizens on the cyber security by promoting the cyber security topic in the successive national development plans.

Download Full-text

Efficient Cyber Security Framework for Smart Cities

Secure Cyber-Physical Systems for Smart Cities - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-7189-6.ch006 ◽

2019 ◽

pp. 130-157 ◽

Cited By ~ 2

Author(s):

Amtul Waheed ◽

Jana Shafi

Keyword(s):

Cyber Security ◽

Smart City ◽

Smart Cities ◽

Cost Effective ◽

Cyber Attacks ◽

Security And Privacy ◽

Sensitive Information ◽

Security Framework ◽

Smart Transportation ◽

Security Issues

Smart cities are established on some smart components such as smart governances, smart economy, science and technology, smart politics, smart transportation, and smart life. Each and every smart object is interconnected through the internet, challenging the security and privacy of citizen's sensitive information. A secure framework for smart cities is the only solution for better and smart living. This can be achieved through IoT infrastructure and cloud computing. The combination of IoT and Cloud also increases the storage capacity and computational power and make services pervasive, cost-effective, and accessed from anywhere and any device. This chapter will discuss security issues and challenges of smart city along with cyber security framework and architecture of smart cities for smart infrastructures and smart applications. It also presents a general study about security mechanism for smart city applications and security protection methodology using IOT service to stand against cyber-attacks.

Download Full-text