scholarly journals Anomaly Detection Trusted Hardware Sensors for Critical Infrastructure Legacy Devices

2020 ◽  
Author(s):  
Apostolos P. Fournaris ◽  
Charalambos Dimopoulos ◽  
Konstantinos Lampropoulos ◽  
Odysseas Koufopavlou
Keyword(s):  
Anomaly Detection ◽  
Power Plants ◽  
Critical Infrastructure ◽  
Information Collection ◽  
Critical Infrastructures ◽  
Security Level ◽  
Trusted Hardware ◽  
Protection Mechanisms ◽  
Evaluation Board ◽  
Security Agent

Critical Infrastructures and associated real time Informational systems need some security protection mechanisms that will be able to detect and respond to possible attacks. For this reason, Anomaly Detection Systems (ADS), as part of a Security Information and Event Management (SIEM) system, are needed for constantly monitoring and identifying potential threats inside an Information Technology (IT) System. Typically, ADS collect information from various sources within a CI system using security sensors or agents and correlate those information so as to identify anomaly events. Such sensors though in a CI setting (factories, power plants, remote locations) may be placed in open areas and left unattended thus becoming targets themselves of security attacks. They can be tampering and malicious manipulated so that they provide false data that may lead an ADS or SIEM system to falsely comprehend the CI current security status. In this paper, we describe existing approaches on security monitoring in critical infrastructures and focus on how to collect security sensor - agent information in a secure and trusted way. We then introduce the concept of hardware assisted security sensor information collection that improve the level if trust (by hardware means) and also increase the responsiveness of the sensor. Thus, we propose a Hardware Security Token (HST) that when connected to a CI Host, it acts as a secure anchor for security agent information collection. We describe the HST functionality, its association with a host device, its expected role and its log monitoring mechanism. We also provide information on how security can be established between the Host device and the HST.Then, we introduce and describe the necessary Host components that need to be established in order to guarantee a high security level and correct HST functionality. We, also provide a realization-implementation of the HST overall concept in a FPGA SoC evaluation board and describe how the HST implementation can controlled. Finally, we provide indicative use case scenarios of how the HST can be used in practice to provide a variety of different security services beyond acting as a secure ADS sensor.

scholarly journals Anomaly Detection Trusted Hardware Sensors for Critical Infrastructure Legacy Devices

Sensors ◽  
2020 ◽  
Vol 20 (11) ◽  
pp. 3092 ◽  
Author(s):  
Apostolos P. Fournaris ◽  
Charis Dimopoulos ◽  
Konstantinos Lampropoulos ◽  
Odysseas Koufopavlou
Keyword(s):  
Anomaly Detection ◽  
Case Studies ◽  
Power Plants ◽  
Critical Infrastructure ◽  
Test Site ◽  
Information Collection ◽  
Critical Infrastructures ◽  
Security Level ◽  
Protection Mechanisms ◽  
Evaluation Board

Critical infrastructures and associated real time Informational systems need some security protection mechanisms that will be able to detect and respond to possible attacks. For this reason, Anomaly Detection Systems (ADS), as part of a Security Information and Event Management (SIEM) system, are needed for constantly monitoring and identifying potential threats inside an Information Technology (IT) system. Typically, ADS collect information from various sources within a CI system using security sensors or agents and correlate that information so as to identify anomaly events. Such sensors though in a CI setting (factories, power plants, remote locations) may be placed in open areas and left unattended, thus becoming targets themselves of security attacks. They can be tampering and malicious manipulated so that they provide false data that may lead an ADS or SIEM system to falsely comprehend the CI current security status. In this paper, we describe existing approaches on security monitoring in critical infrastructures and focus on how to collect security sensor–agent information in a secure and trusted way. We then introduce the concept of hardware assisted security sensor information collection that improves the level of trust (by hardware means) and also increases the responsiveness of the sensor. Thus, we propose a Hardware Security Token (HST) that when connected to a CI host, it acts as a secure anchor for security agent information collection. We describe the HST functionality, its association with a host device, its expected role and its log monitoring mechanism. We also provide information on how security can be established between the host device and the HST. Then, we introduce and describe the necessary host components that need to be established in order to guarantee a high security level and correct HST functionality. We also provide a realization–implementation of the HST overall concept in a FPGA SoC evaluation board and describe how the HST implementation can be controlled. In addition, in the paper, two case studies where the HST has been used in practice and its functionality have been validated (one case study on a real critical infrastructure test site and another where a critical industrial infrastructure was emulated in our lab) are described. Finally, results taken from these two case studies are presented, showing actual measurements for the in-field HST usage.

scholarly journals CYBER-SECURITY IN THE NEW ERA OF INTEGRATED OPERATIONAL – INFORMATIONAL TECHNOLOGY SYSTEMS

2021 ◽  
Vol 11 (1) ◽  
pp. 68-79
Author(s):  
Vlad Daniel Savin ◽  
Keyword(s):  
Information Technology ◽  
Cyber Security ◽  
Power Plants ◽  
New Technologies ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Digital Revolution ◽  
The Right ◽  
Technology Systems

Digital Revolution has forced previously isolated networks of critical infrastructures to become more digitally integrated. Recent cyber-attacks, including Stuxnet and Wiper, have exposed a new set of cybersecurity vulnerabilities in this field. This new environment has forced previously isolated networks of critical infrastructures like utilities or power plants to become more digitally integrated. This paper offers a view into the most efficient current defense solutions. It also offers a glimpse into the need for the further development of new protection mechanisms developed on the emerging new technologies. The risks posed by the integration of Information Technology solutions with Operational Technology systems have been a key topic also at the latest World Economic Forum conference, where cyber-attacks of critical infrastructures were discussed in the context of the most significant risks for the upcoming decade. The findings of this paper are applicable to other industries. The paper aims to highlight that by initially understanding the vulnerabilities of the IT components and by taking the right cybersecurity preventive measures, critical infrastructure can be protected against these kinds of threats. The research framework behind this paper was directed towards analysing the cyber risks associated with the convergence between the Information Technology solutions with the Operational Technology systems of critical infrastructure.

scholarly journals Attack Categorisation for IoT Applications in Critical Infrastructures, a Survey

2021 ◽  
Vol 11 (16) ◽  
pp. 7228
Author(s):  
Edward Staddon ◽  
Valeria Loscri ◽  
Nathalie Mitton
Keyword(s):  
Critical Infrastructure ◽  
Attack Detection ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Specific System ◽  
Iot Applications ◽  
War Zone ◽  
Clear Vision ◽  
The Internet Of Things ◽  
Do So

With the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the number of attack possibilities increases. Furthermore, with the incorporation of the IoT into Critical Infrastructure (CI) hardware and applications, the protection of not only the systems but the citizens themselves has become paramount. To do so, specialists must be able to gain a foothold in the ongoing cyber attack war-zone. By organising the various attacks against their systems, these specialists can not only gain a quick overview of what they might expect but also gain knowledge into the specifications of the attacks based on the categorisation method used. This paper presents a glimpse into the area of IoT Critical Infrastructure security as well as an overview and analysis of attack categorisation methodologies in the context of wireless IoT-based Critical Infrastructure applications. We believe this can be a guide to aid further researchers in their choice of adapted categorisation approaches. Indeed, adapting appropriated categorisation leads to a quicker attack detection, identification, and recovery. It is, thus, paramount to have a clear vision of the threat landscapes of a specific system.

Synthetic Environments for Investigating Collaborative Information Seeking: An Application in Emergency Restoration of Critical Infrastructures

2015 ◽  
Vol 12 (3) ◽  
Author(s):  
David Mendonça ◽  
William A. Wallace ◽  
Barbara Cutler ◽  
James Brooks
Keyword(s):  
Information Seeking ◽  
Large Scale ◽  
Critical Infrastructure ◽  
Future Research ◽  
Critical Infrastructures ◽  
Close Collaboration ◽  
Number Of Factors ◽  
Computer Based ◽  
Collaborative Information Seeking ◽  
Post Disaster

AbstractLarge-scale disasters can produce profound disruptions in the fabric of interdependent critical infrastructure systems such as water, telecommunications and electric power. The work of post-disaster infrastructure restoration typically requires information sharing and close collaboration across these sectors; yet – due to a number of factors – the means to investigate decision making phenomena associated with these activities are limited. This paper motivates and describes the design and implementation of a computer-based synthetic environment for investigating collaborative information seeking in the performance of a (simulated) infrastructure restoration task. The main contributions of this work are twofold. First, it develops a set of theoretically grounded measures of collaborative information seeking processes and embeds them within a computer-based system. Second, it suggests how these data may be organized and modeled to yield insights into information seeking processes in the performance of a complex, collaborative task. The paper concludes with a discussion of implications of this work for practice and for future research.

Conceptualization of a Critical Infrastructure Network – Model for Flood Risk Assessments

2021 ◽  
Author(s):  
Roman Schotten ◽  
Daniel Bachmann
Keyword(s):  
Risk Analysis ◽  
Flood Risk ◽  
Critical Infrastructure ◽  
Risk Mitigation ◽  
Mitigation Measures ◽  
Critical Infrastructures ◽  
Flood Exposure ◽  
Infrastructure Network ◽  
Flood Risk Analysis ◽  
De Bruijn

<p><span>In flood risk analysis it is a key principle to predetermine consequences of flooding to assets, people and infrastructures. Damages to critical infrastructures are not restricted to the flooded area. The effects of directly affected objects cascades to other infrastructures, which are not directly affected by a flood. Modelling critical infrastructure networks is one possible answer to the question ‘how to include indirect and direct impacts to critical infrastructures?’.</span></p><p>Critical infrastructures are connected in very complex networks. The modelling of those networks has been a basis for different purposes (Ouyang, 2014). Thus, it is a challenge to determine the right method to model a critical infrastructure network. For this example, a network-based and topology-based method will be applied (Pant et al., 2018). The basic model elements are points, connectors and polygons which are utilized to resemble the critical infrastructure network characteristics.</p><p>The objective of this model is to complement the state-of-the-art flood risk analysis with a quantitative analysis of critical infrastructure damages and disruptions for people and infrastructures. These results deliver an extended basis to differentiate the flood risk assessment and to derive measures for flood risk mitigation strategies. From a technical point of view, a critical infrastructure damage analysis will be integrated into the tool ProMaIDes (Bachmann, 2020), a free software for a risk-based evaluation of flood risk mitigation measures.</p><p>The data on critical infrastructure cascades and their potential linkages is scars but necessary for an actionable modelling. The CIrcle method from Deltares delivers a method for a workshop that has proven to deliver applicable datasets for identifying and connecting infrastructures on basis of cascading effects (de Bruijn et al., 2019). The data gained from CIrcle workshops will be one compound for the critical infrastructure network model.</p><p>Acknowledgment: This work is part of the BMBF-IKARIM funded project PARADes (Participatory assessment of flood related disaster prevention and development of an adapted coping system in Ghana).</p><p>Bachmann, D. (2020). ProMaIDeS - Knowledge Base. https://promaides.myjetbrains.com</p><p>de Bruijn, K. M., Maran, C., Zygnerski, M., Jurado, J., Burzel, A., Jeuken, C., & Obeysekera, J. (2019). Flood resilience of critical infrastructure: Approach and method applied to Fort Lauderdale, Florida. Water (Switzerland), 11(3). https://doi.org/10.3390/w11030517</p><p>Ouyang, M. (2014). Review on modeling and simulation of interdependent critical infrastructure systems. Reliability Engineering and System Safety, 121, 43–60. https://doi.org/10.1016/j.ress.2013.06.040</p><p>Pant, R., Thacker, S., Hall, J. W., Alderson, D., & Barr, S. (2018). Critical infrastructure impact assessment due to flood exposure. Journal of Flood Risk Management, 11(1), 22–33. https://doi.org/10.1111/jfr3.12288</p>

A comparative literature review of the methodologies to evaluate risk of NaTech disasters and Critical Infrastructure affected by natural hazard

2021 ◽  
Author(s):  
Margherita D'Ayala ◽  
Riccardo Giusti ◽  
Marcello Arosio ◽  
Mario Martina
Keyword(s):  
Natural Hazards ◽  
Natural Hazard ◽  
Critical Infrastructure ◽  
Critical Infrastructures ◽  
Industrial Accident ◽  
Technological Disasters ◽  
Natural Event ◽  
Similarities And Differences ◽  
Change Framework ◽  
Oil Gas

<p>In a climate change framework extreme natural events are going to occur more frequently and intensively as a result of global warming. Therefore, the effects and consequences of climate-related natural hazards, such as flooding, heatwaves, drought, landslides and others, have the potential to become more disastrous and extensive. Consequences of such events are of particular concern considering that today’s societies are interconnected in complex and dynamic socio-technological networks and, hence, dependent more than before on Critical Infrastructures (CI) systems (such as transport, energy, water, ICT systems, etc.). Furthermore, there are also events of Natural Hazards Trigger Technological Disasters (also known as NaTech events), whereby an industrial accident caused by a natural event could affect people, the environment, and other facilities and systems. This work reviews studies in the fields of risk assessment of CI systems affected by natural hazards and NaTech events.</p><p>This study identifies and classifies: the methodologies applied (qualitative or quantitative), the type of infrastructures exposed (transport, electricity, oil, gas, water and waste water and telecommunications systems, industrial or nuclear plant) and hazard considered (flood, earthquake, lighting, landslide, avalanche, storm surge, heat and cold waves, wind), the scale of application and the level of spatial resolution.</p><p>The work provides a comparison of the scientific studies, the objectives and analysis methods to assess risk employed in the fields of CI systems and NaTech events in order to highlight similarities and differences and to guide the most suitable approach for each application case.</p>

Modelling Economic Consequences of ICT Infrastructure Failure in Support of Critical Infrastructure Protection Policies

2013 ◽  
pp. 115-138
Author(s):  
Olaf Jonkeren ◽  
David Ward
Keyword(s):  
Critical Infrastructure ◽  
Large Body ◽  
Economic Consequences ◽  
Critical Infrastructures ◽  
Critical Infrastructure Protection ◽  
Infrastructure Protection ◽  
Modelling Methodology ◽  
Infrastructure Failure ◽  
Ict Infrastructure ◽  
Made In

There is a large body of work and effort been made in the modelling of critical infrastructures (CI’s) by academia, enterprises, stakeholders, operators, etc.; however, their endeavours have received mixed success so far. This can be traced back to several difficult and historical hurdles in CI modeling such as the chronic unavailability of reliable and recognised data, the specificity of the resulting model, and therefore, its application, the underlying mathematics, narrow-mindedness and lack of awareness of the consequences of infrastructure failure, the recognition and dissemination of the modelling methodology-knowledge, etc. Consequently, bridging theory and application and providing tools for analysing CI’s is key to ensuring that such modelling delivers the benefits voiced and satisfies the needs raised. This chapter sets out to tackle several of these issues.

Sign in / Sign up

Export Citation Format

Share Document