scholarly journals Sensitivity Analysis for Vulnerability Mitigation in Hybrid Networks

Electronics ◽  
2022 ◽  
Vol 11 (2) ◽  
pp. 238
Author(s):  
Attiq Ur-Rehman ◽  
Iqbal Gondal ◽  
Joarder Kamruzzaman ◽  
Alireza Jolfaei
Keyword(s):  
Mitigation Strategies ◽  
Hybrid Networks ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
It Systems ◽  
Wide Range ◽  
Assessment Techniques ◽  
Threat Strategies ◽  
Iot Devices ◽  
The Cost

The development of cyber-assured systems is a challenging task, particularly due to the cost and complexities associated with the modern hybrid networks architectures, as well as the recent advancements in cloud computing. For this reason, the early detection of vulnerabilities and threat strategies are vital for minimising the risks for enterprise networks configured with a variety of node types, which are called hybrid networks. Existing vulnerability assessment techniques are unable to exhaustively analyse all vulnerabilities in modern dynamic IT networks, which utilise a wide range of IoT and industrial control devices (ICS). This could lead to having a less optimal risk evaluation. In this paper, we present a novel framework to analyse the mitigation strategies for a variety of nodes, including traditional IT systems and their dependability on IoT devices, as well as industrial control systems. The framework adopts avoid, reduce, and manage as its core principles in characterising mitigation strategies. Our results confirmed the effectiveness of our mitigation strategy framework, which took node types, their criticality, and the network topology into account. Our results showed that our proposed framework was highly effective at reducing the risks in dynamic and resource constraint environments, in contrast to the existing techniques in the literature.

scholarly journals Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

2021 ◽  
Author(s):  
Quanqi Ye ◽  
Heng Chuan Tan ◽  
Daisuke Mashima ◽  
Binbin Chen ◽  
Zbigniew Kalbarczyk
Keyword(s):  
Control Systems ◽  
Position Paper ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
It Systems ◽  
System Maintenance ◽  
Execution Environment ◽  
Commercial Off The Shelf ◽  
Trusted Execution Environment

Industrial Control Systems (ICS) are traditionally designed to operate in an "air-gapped" environment. With the advent of digital technologies, many ICS are adopting IT solutions to improve interoperability and operational efficiency. Thus, the air-gap assumption no longer holds in practice. Most ICS devices today are modernized with networking capabilities to facilitate system maintenance, upgrades, and troubleshooting. Since these devices are connected to the Internet, ICS networks face the same security threats as regular IT systems. In addition, ICS operators can connect commercial off-the-shelf (COTS) equipment to ICS networks to perform operational tasks. Those COTS devices are usually personal computers or even mobile devices, which can be infected with malware and become weapons against ICS. In this position paper, we examine the design challenges of establishing trust between COTS equipment and ICS. We also present some commonly used security solutions and discuss their deployment challenges due to issues caused by legacy systems. Finally, we introduce the Trusted Execution Environment (TEE), a technology commonly available on modern COTS devices, as a trust anchor for establishing secure communications with the ICS infrastructure. We discuss some research gaps related to the use of TEE and propose some recommendations to guide future research.

scholarly journals Cyber Risks to Critical Smart Grid Assets of Industrial Control Systems

Energies ◽  
2021 ◽  
Vol 14 (17) ◽  
pp. 5501
Author(s):  
Chenyang Liu ◽  
Yazeed Alrowaili ◽  
Neetesh Saxena ◽  
Charalambos Konstantinou
Keyword(s):  
Smart Grid ◽  
Control Systems ◽  
Transmission Lines ◽  
Power Supply ◽  
Electric Grid ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
The Past ◽  
Failure To Protect ◽  
The Cost

Cybersecurity threats targeting industrial control systems (ICS) have significantly increased in the past years. Moreover, the need for users/operators to understand the consequences of attacks targeting these systems and protect all assets is vital. This work explores asset discovery in ICS and how to rank these assets based on their criticality. This paper also discusses asset discovery and its components. We further present existing solutions and tools for asset discovery. We implement a method to identify critical assets based on their connection and discuss related results and evaluation. The evaluation utilises four attack scenarios to stress the importance of protecting these critical assets since the failure to protect them can lead to serious consequences. Using a 12-bus system case, our results show that targeting such a system can increase and overload transmission lines values to 120% and 181% MVA, which can affect the power supply and disrupt service, and it can increase the cost up to 60%, affecting the productivity of this electric grid.

scholarly journals Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

2021 ◽  
Author(s):  
Quanqi Ye ◽  
Heng Chuan Tan ◽  
Daisuke Mashima ◽  
Binbin Chen ◽  
Zbigniew Kalbarczyk
Keyword(s):  
Control Systems ◽  
Position Paper ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
It Systems ◽  
System Maintenance ◽  
Execution Environment ◽  
Commercial Off The Shelf ◽  
Trusted Execution Environment

Industrial Control Systems (ICS) are traditionally designed to operate in an "air-gapped" environment. With the advent of digital technologies, many ICS are adopting IT solutions to improve interoperability and operational efficiency. Thus, the air-gap assumption no longer holds in practice. Most ICS devices today are modernized with networking capabilities to facilitate system maintenance, upgrades, and troubleshooting. Since these devices are connected to the Internet, ICS networks face the same security threats as regular IT systems. In addition, ICS operators can connect commercial off-the-shelf (COTS) equipment to ICS networks to perform operational tasks. Those COTS devices are usually personal computers or even mobile devices, which can be infected with malware and become weapons against ICS. In this position paper, we examine the design challenges of establishing trust between COTS equipment and ICS. We also present some commonly used security solutions and discuss their deployment challenges due to issues caused by legacy systems. Finally, we introduce the Trusted Execution Environment (TEE), a technology commonly available on modern COTS devices, as a trust anchor for establishing secure communications with the ICS infrastructure. We discuss some research gaps related to the use of TEE and propose some recommendations to guide future research.

scholarly journals Artificial Intelligence– Electronic Medical Records Framework to predict COVID-19 by using Wearable IoT Devices

2020 ◽  
Vol 9 (4) ◽  
pp. 89-91
Keyword(s):  
Artificial Intelligence ◽  
Big Data ◽  
Electronic Medical Records ◽  
Medical Records ◽  
Respiratory Infections ◽  
Wide Range ◽  
Difficulty Breathing ◽  
Iot Devices ◽  
The Cost ◽  
Improving Patient Care

Corona virus is an infectious disease that causes respiratory infections, producing fever, difficulty breathing, and dry cough, which may be more dangerous for people who suffer from chronic diseases. Wearable Devices (WD) have been recently adopted in a wide range of areas to show distinct potentials in the healthcare field. The different types of WDs can be one of the important steps towards improving patient care while reducing the cost based on artificial intelligence (AI) applications. These applications work on big data that arise from WDs despite the existence of various challenges such as user acceptance, security, ethics issues, big data, AI and interoperability. The purpose of this study is to drawthe possibility of utilizing the big data arising from integrating WDs with the electronic Medical records (EMR) through applying AI technologies which in turn will lead to the possibility of employing all of these technologies in predicting COVID-19 infection

scholarly journals Simulation model of autonomous module of digital PID controller

2021 ◽  
pp. 89-93
Author(s):  
Konstantin Anatolyevich Kuzmin ◽  
Sergey Mikhaylovich Morozov ◽  
Elena Vitalyevna Balmashnova ◽  
Diana Dmitrievna Zueva
Keyword(s):  
Control Systems ◽  
Pid Controller ◽  
Industrial Processes ◽  
Pid Controllers ◽  
Industrial Control ◽  
High Quality ◽  
Industrial Control Systems ◽  
Wide Range ◽  
Digital Pid

Three-channel PID controllers are widely used in industrial control systems. It is noted that the popularity of PID controllers in the control of industrial processes is explained by their ability to ensure high quality of processes in a wide range of modes, as well as functional simplicity that allows engineers to operate them without any problems.

Performance Enhancement of Limited-Bandwidth Industrial Control Systems

2013 ◽  
Vol 739 ◽  
pp. 608-615 ◽  
Author(s):  
Basem Al-Madani ◽  
Anas Al-Roubaiey ◽  
Mohammad F. Al-Hammouri
Keyword(s):  
Real Time ◽  
Manufacturing Systems ◽  
Performance Enhancement ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Limited Bandwidth ◽  
Network Bandwidth ◽  
Overall Performance ◽  
Data Distribution Service ◽  
The Cost

Due to its portability, reliability, flexibility, real time and rich set of QoS support, Data Distribution Service (DDs) middleware became one of the best solutions for real time distributed manufacturing systems. Most of these systems are composed of heterogeneous networked devices where network bandwidth represents a very important resource. Those devices include limited-resources devices, such as sensors, actuators and controllers. Thus, controlling such resource will significantly enhance the overall performance of the network in terms of resource utilization, delay, and throughput; moreover, it reduces the cost of using leased network bandwidth by limiting the amount of bandwidth as much as needed. In this paper we propose a solution for controlling the limited-bandwidth networked manufacturing systems by using DDS; and we describe the DDS QoS polices that support manufacturing systems to control network bandwidth. Furthermore, we evaluate DDS middleware performance over Bluetooth channel by measuring latency, throughput and jitter; and examining different QoS parameters to show their effect on improving the existing limited-bandwidth networks.

Modeling of ICS/SCADA Crypto-Viral Attacks in Cloud-Enabled Environments

2020 ◽  
pp. 108-130
Author(s):  
Aaron Zimba ◽  
Douglas Kunda
Keyword(s):  
Industry 4.0 ◽  
Mitigation Strategies ◽  
The Internet ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Control Networks ◽  
Detection Capabilities ◽  
Attack Surface ◽  
And Control ◽  
Intrusion Detection And Prevention

The production processes of critical infrastructures (CIs) are managed and monitored by Industrial Control Systems (ICS) such as SCADA (Supervisory Control and Data Acquisition). The resulting CIs networks are huge and complex, which have inadvertently called for the integration of other technologies such as the internet for efficiency. The integration of such unsecured technologies and the advent of new computing paradigms such as IoT (internet of things) and Cloud computing which are being integrated into current industrial environments, giving rise to Industry 4.0 have further expanded the attack surface. This chapter considers a new breed of security attacks, crypto-viral attacks (crypto mining and crypto ransomware attacks), which target both the production and control networks of CIs. The authors model these attacks and evaluate their impacts. Such modeling is crucial in understanding the extent of the scope and detection capabilities of the first line of defense (intrusion detection and prevention systems), and possible avenues for mitigation strategies are suggested.

Sinkhole Hazards

2016 ◽  
Author(s):  
Francisco Gutiérrez
Keyword(s):  
Human Activities ◽  
Human Life ◽  
Ground Surface ◽  
Cost Benefit ◽  
Mitigation Strategies ◽  
Anthropogenic Factors ◽  
Wide Range ◽  
Hazard And Risk ◽  
The Cost ◽  
Near Future

Sinkholes or dolines are closed depressions characteristic of terrains underlain by soluble rocks (carbonates and/or evaporites). They may be related to the differential dissolutional lowering of the ground surface (solution sinkholes) or to subsidence induced by subsurface karstification (subsidence sinkholes). Three main subsidence mechanisms may operate individually or in combination: collapse, sagging, and suffosion. Subsidence sinkholes may cause severe damage to human built structures, and the occurrence of catastrophic collapse sinkholes may lead to the loss of human life. Dissolution and subsidence processes involved in the development of subsidence sinkholes are controlled by a wide range of natural and anthropogenic factors. Recent literature reviews reveal that the vast majority of the damaging sinkholes are induced by human activities (e.g., water table decline, water input to the ground). The main steps in sinkhole hazard and risk assessment include: (a) construction of comprehensive sinkhole inventories and detailed sinkhole characterization; (b) development of independently tested sinkhole susceptibility and hazard models, preferably incorporating magnitude and frequency relationships; (c) assessing risk combining hazard and vulnerability data. Sinkhole risk models may be used as the basis to perform cost-benefit analyses that allow the cost-effectiveness of different mitigation strategies to be estimated. Three main concepts may be applied to reduce sinkhole risk: (a) avoiding sinkholes and sinkhole-prone areas (preventive planning); (b) diminishing the activity of dissolution and/or subsidence processes (hazard reduction); (c) incorporating special designs in the structures (vulnerability reduction). Although our capabilities to investigate sinkhole hazards and reduce the associated risks will continue to increase in the near future, the damage related to sinkholes will also increase, largely due to the adverse changes caused by human activities on the karst environments and the ineffective knowledge transfer between scientists, technicians, and decision-makers. This article presents the processes and factors involved in sinkhole development and reviews the main approaches used to assess and manage sinkhole hazards and risks.

scholarly journals CyBERT: Cybersecurity Claim Classification by Fine-Tuning the BERT Language Model

2021 ◽  
Vol 1 (4) ◽  
pp. 615-637
Author(s):  
Kimia Ameri ◽  
Michael Hempel ◽  
Hamid Sharif ◽  
Juan Lopez ◽  
Kalyan Perumalla
Keyword(s):  
Language Model ◽  
Network Models ◽  
Fine Tuning ◽  
Language Models ◽  
Data Sampling ◽  
Neural Network Models ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Wide Range ◽  
The Impact

We introduce CyBERT, a cybersecurity feature claims classifier based on bidirectional encoder representations from transformers and a key component in our semi-automated cybersecurity vetting for industrial control systems (ICS). To train CyBERT, we created a corpus of labeled sequences from ICS device documentation collected across a wide range of vendors and devices. This corpus provides the foundation for fine-tuning BERT’s language model, including a prediction-guided relabeling process. We propose an approach to obtain optimal hyperparameters, including the learning rate, the number of dense layers, and their configuration, to increase the accuracy of our classifier. Fine-tuning all hyperparameters of the resulting model led to an increase in classification accuracy from 76% obtained with BertForSequenceClassification’s original architecture to 94.4% obtained with CyBERT. Furthermore, we evaluated CyBERT for the impact of randomness in the initialization, training, and data-sampling phases. CyBERT demonstrated a standard deviation of ±0.6% during validation across 100 random seed values. Finally, we also compared the performance of CyBERT to other well-established language models including GPT2, ULMFiT, and ELMo, as well as neural network models such as CNN, LSTM, and BiLSTM. The results showed that CyBERT outperforms these models on the validation accuracy and the F1 score, validating CyBERT’s robustness and accuracy as a cybersecurity feature claims classifier.

scholarly journals Cyber Safety System by Implementing Integration of Expert Learning and Data Mining Concepts

2019 ◽  
Vol 8 (12S) ◽  
pp. 155-158
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Detection System ◽  
Cyber Attacks ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Essential Information ◽  
Continuous Growth ◽  
Cyber Safety ◽  
The Cost

the continuous growth in the rate of cyber-attacks in recent years uplifts the worry for the cyber security of industrial control systems. The current efforts of the cyber security system are depended on firewalls, data diodes and other basic methods for prevention of infringement. A cyber threat, intrusion or infringement detection system detects malicious or noxious activities by scanning a system and investigate digitally by employing “machine learning” and “data digging” techniques for handling dynamic and complex functioning of malicious assaults in computer systems and extracting essential information from an input data. In this research paper, the techniques we have used to complete this research may bring advancement in recognition rates, decrease the fault rate which also led to a decrease in the cost factor..

Sign in / Sign up

Export Citation Format

Share Document