scholarly journals Anomaly Detection Trusted Hardware Sensors for Critical Infrastructure Legacy Devices

Sensors ◽  
2020 ◽  
Vol 20 (11) ◽  
pp. 3092 ◽  
Author(s):  
Apostolos P. Fournaris ◽  
Charis Dimopoulos ◽  
Konstantinos Lampropoulos ◽  
Odysseas Koufopavlou
Keyword(s):  
Anomaly Detection ◽  
Case Studies ◽  
Power Plants ◽  
Critical Infrastructure ◽  
Test Site ◽  
Information Collection ◽  
Critical Infrastructures ◽  
Security Level ◽  
Protection Mechanisms ◽  
Evaluation Board

Critical infrastructures and associated real time Informational systems need some security protection mechanisms that will be able to detect and respond to possible attacks. For this reason, Anomaly Detection Systems (ADS), as part of a Security Information and Event Management (SIEM) system, are needed for constantly monitoring and identifying potential threats inside an Information Technology (IT) system. Typically, ADS collect information from various sources within a CI system using security sensors or agents and correlate that information so as to identify anomaly events. Such sensors though in a CI setting (factories, power plants, remote locations) may be placed in open areas and left unattended, thus becoming targets themselves of security attacks. They can be tampering and malicious manipulated so that they provide false data that may lead an ADS or SIEM system to falsely comprehend the CI current security status. In this paper, we describe existing approaches on security monitoring in critical infrastructures and focus on how to collect security sensor–agent information in a secure and trusted way. We then introduce the concept of hardware assisted security sensor information collection that improves the level of trust (by hardware means) and also increases the responsiveness of the sensor. Thus, we propose a Hardware Security Token (HST) that when connected to a CI host, it acts as a secure anchor for security agent information collection. We describe the HST functionality, its association with a host device, its expected role and its log monitoring mechanism. We also provide information on how security can be established between the host device and the HST. Then, we introduce and describe the necessary host components that need to be established in order to guarantee a high security level and correct HST functionality. We also provide a realization–implementation of the HST overall concept in a FPGA SoC evaluation board and describe how the HST implementation can be controlled. In addition, in the paper, two case studies where the HST has been used in practice and its functionality have been validated (one case study on a real critical infrastructure test site and another where a critical industrial infrastructure was emulated in our lab) are described. Finally, results taken from these two case studies are presented, showing actual measurements for the in-field HST usage.

scholarly journals Anomaly Detection Trusted Hardware Sensors for Critical Infrastructure Legacy Devices

2020 ◽  
Author(s):  
Apostolos P. Fournaris ◽  
Charalambos Dimopoulos ◽  
Konstantinos Lampropoulos ◽  
Odysseas Koufopavlou
Keyword(s):  
Anomaly Detection ◽  
Power Plants ◽  
Critical Infrastructure ◽  
Information Collection ◽  
Critical Infrastructures ◽  
Security Level ◽  
Trusted Hardware ◽  
Protection Mechanisms ◽  
Evaluation Board ◽  
Security Agent

Critical Infrastructures and associated real time Informational systems need some security protection mechanisms that will be able to detect and respond to possible attacks. For this reason, Anomaly Detection Systems (ADS), as part of a Security Information and Event Management (SIEM) system, are needed for constantly monitoring and identifying potential threats inside an Information Technology (IT) System. Typically, ADS collect information from various sources within a CI system using security sensors or agents and correlate those information so as to identify anomaly events. Such sensors though in a CI setting (factories, power plants, remote locations) may be placed in open areas and left unattended thus becoming targets themselves of security attacks. They can be tampering and malicious manipulated so that they provide false data that may lead an ADS or SIEM system to falsely comprehend the CI current security status. In this paper, we describe existing approaches on security monitoring in critical infrastructures and focus on how to collect security sensor - agent information in a secure and trusted way. We then introduce the concept of hardware assisted security sensor information collection that improve the level if trust (by hardware means) and also increase the responsiveness of the sensor. Thus, we propose a Hardware Security Token (HST) that when connected to a CI Host, it acts as a secure anchor for security agent information collection. We describe the HST functionality, its association with a host device, its expected role and its log monitoring mechanism. We also provide information on how security can be established between the Host device and the HST.Then, we introduce and describe the necessary Host components that need to be established in order to guarantee a high security level and correct HST functionality. We, also provide a realization-implementation of the HST overall concept in a FPGA SoC evaluation board and describe how the HST implementation can controlled. Finally, we provide indicative use case scenarios of how the HST can be used in practice to provide a variety of different security services beyond acting as a secure ADS sensor.

scholarly journals CYBER-SECURITY IN THE NEW ERA OF INTEGRATED OPERATIONAL – INFORMATIONAL TECHNOLOGY SYSTEMS

2021 ◽  
Vol 11 (1) ◽  
pp. 68-79
Author(s):  
Vlad Daniel Savin ◽  
Keyword(s):  
Information Technology ◽  
Cyber Security ◽  
Power Plants ◽  
New Technologies ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Digital Revolution ◽  
The Right ◽  
Technology Systems

Digital Revolution has forced previously isolated networks of critical infrastructures to become more digitally integrated. Recent cyber-attacks, including Stuxnet and Wiper, have exposed a new set of cybersecurity vulnerabilities in this field. This new environment has forced previously isolated networks of critical infrastructures like utilities or power plants to become more digitally integrated. This paper offers a view into the most efficient current defense solutions. It also offers a glimpse into the need for the further development of new protection mechanisms developed on the emerging new technologies. The risks posed by the integration of Information Technology solutions with Operational Technology systems have been a key topic also at the latest World Economic Forum conference, where cyber-attacks of critical infrastructures were discussed in the context of the most significant risks for the upcoming decade. The findings of this paper are applicable to other industries. The paper aims to highlight that by initially understanding the vulnerabilities of the IT components and by taking the right cybersecurity preventive measures, critical infrastructure can be protected against these kinds of threats. The research framework behind this paper was directed towards analysing the cyber risks associated with the convergence between the Information Technology solutions with the Operational Technology systems of critical infrastructure.

scholarly journals Attack Categorisation for IoT Applications in Critical Infrastructures, a Survey

2021 ◽  
Vol 11 (16) ◽  
pp. 7228
Author(s):  
Edward Staddon ◽  
Valeria Loscri ◽  
Nathalie Mitton
Keyword(s):  
Critical Infrastructure ◽  
Attack Detection ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Specific System ◽  
Iot Applications ◽  
War Zone ◽  
Clear Vision ◽  
The Internet Of Things ◽  
Do So

With the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the number of attack possibilities increases. Furthermore, with the incorporation of the IoT into Critical Infrastructure (CI) hardware and applications, the protection of not only the systems but the citizens themselves has become paramount. To do so, specialists must be able to gain a foothold in the ongoing cyber attack war-zone. By organising the various attacks against their systems, these specialists can not only gain a quick overview of what they might expect but also gain knowledge into the specifications of the attacks based on the categorisation method used. This paper presents a glimpse into the area of IoT Critical Infrastructure security as well as an overview and analysis of attack categorisation methodologies in the context of wireless IoT-based Critical Infrastructure applications. We believe this can be a guide to aid further researchers in their choice of adapted categorisation approaches. Indeed, adapting appropriated categorisation leads to a quicker attack detection, identification, and recovery. It is, thus, paramount to have a clear vision of the threat landscapes of a specific system.

scholarly journals Comparison of solar power measurements in alpine areas using a mobile dual-axis tracking system

2019 ◽  
Vol 2 (S1) ◽  
Author(s):  
Jelenko Karpić ◽  
Ekanki Sharma ◽  
Tamer Khatib ◽  
Wilfried Elmenreich
Keyword(s):  
High Altitude ◽  
Peak Power ◽  
Power Plants ◽  
Low Cost ◽  
Elevation Angle ◽  
Test Site ◽  
Maximum Power ◽  
Maximum Power Point ◽  
Photovoltaic Power ◽  
Power Point

Abstract The rising demand for sustainable energy requires to identify the sites for photovoltaic systems with the best performance. This paper tackles the question of feasibility of photovoltaic power plants at high altitude. A direct comparison between an alpine and an urban area site is conducted in the south of Austria. Two low-cost automatic photovoltaic power measurement devices with dual-axis sun tracking and maximum power point tracking are deployed at two test sites. The system periodically performs a scan over the southern semihemisphere and executes maximum power point adjustment in order to assess the performance for a given direction. The gathered data shows a higher photovoltaic power yield in the higher altitude test site. Furthermore, the high altitude photovoltaic power as a function of azimuth and elevation angle appears to be not only higher but also more flat than in lower altitudes. This indicates a lower power loss in case of deviation from the optimal solar angles. The results show that even on low-cost hardware a difference in photovoltaic power can be observed, even though in this experiment it amounts to less than 5% increase of peak power in higher altitudes. However, the measured peak powers on the mountain are more stable and therefore closer to a constant level than the heavily fluctuating peak power values at the low altitude site. Additionally, a slight shift in optimal elevation angles between altitudes can be observed, as the optimum angle turns out to be lower on the high altitude site. This angle shift could be caused by snow reflections on the mountainous test site.

Synthetic Environments for Investigating Collaborative Information Seeking: An Application in Emergency Restoration of Critical Infrastructures

2015 ◽  
Vol 12 (3) ◽  
Author(s):  
David Mendonça ◽  
William A. Wallace ◽  
Barbara Cutler ◽  
James Brooks
Keyword(s):  
Information Seeking ◽  
Large Scale ◽  
Critical Infrastructure ◽  
Future Research ◽  
Critical Infrastructures ◽  
Close Collaboration ◽  
Number Of Factors ◽  
Computer Based ◽  
Collaborative Information Seeking ◽  
Post Disaster

AbstractLarge-scale disasters can produce profound disruptions in the fabric of interdependent critical infrastructure systems such as water, telecommunications and electric power. The work of post-disaster infrastructure restoration typically requires information sharing and close collaboration across these sectors; yet – due to a number of factors – the means to investigate decision making phenomena associated with these activities are limited. This paper motivates and describes the design and implementation of a computer-based synthetic environment for investigating collaborative information seeking in the performance of a (simulated) infrastructure restoration task. The main contributions of this work are twofold. First, it develops a set of theoretically grounded measures of collaborative information seeking processes and embeds them within a computer-based system. Second, it suggests how these data may be organized and modeled to yield insights into information seeking processes in the performance of a complex, collaborative task. The paper concludes with a discussion of implications of this work for practice and for future research.

scholarly journals Application of Infrared Thermography in an Adequate Reusability Analysis of Photovoltaic Modules Affected by Hail

2022 ◽  
Vol 12 (2) ◽  
pp. 745
Author(s):  
Hrvoje Glavaš ◽  
Matej Žnidarec ◽  
Damir Šljivac ◽  
Nikola Veić
Keyword(s):  
Infrared Thermography ◽  
Power Plants ◽  
Test Site ◽  
Test Results ◽  
Pv System ◽  
Photovoltaic Modules ◽  
Complementary Method ◽  
Validity Criterion ◽  
Thermographic Analysis ◽  
Thermal Patterns

Infrared thermography, in the analysis of photovoltaic (PV) power plants, is a mature technical discipline. In the event of a hailstorm that leaves the PV system without the support of the power grid (and a significant portion of the generation potential), thermography is the easiest way to determine the condition of the modules and revive the existing system with the available resources. This paper presents research conducted on a 30 kW part of a 420 kW PV power plant, and demonstrates the procedure for inspecting visually correct modules that have suffered from a major natural disaster. The severity of the disaster is shown by the fact that only 14% of the PV modules at the test site remained intact. Following the recommendations of the standard IEC TS 62446-3, a thermographic analysis was performed. The thermographic analysis was preceded by an analysis of the I-V curve, which was presented in detail using two characteristic modules as examples. I-V curve measurements are necessary to relate the measured values of the radiation and the measured contact temperature of the module to the thermal patterns. The analysis concluded that soiled modules must be cleaned, regardless of the degree of soiling. The test results clearly indicated defective module elements that would result in a safety violation if reused. The research shows that the validity criterion defined on the basis of the analysis of the reference module can be supplemented, but can also be replaced by a statistical analysis of several modules. The comparison between the thermographic analysis and the visual inspection clearly confirmed thermography as a complementary method for testing PV-s.

Conceptualization of a Critical Infrastructure Network – Model for Flood Risk Assessments

2021 ◽  
Author(s):  
Roman Schotten ◽  
Daniel Bachmann
Keyword(s):  
Risk Analysis ◽  
Flood Risk ◽  
Critical Infrastructure ◽  
Risk Mitigation ◽  
Mitigation Measures ◽  
Critical Infrastructures ◽  
Flood Exposure ◽  
Infrastructure Network ◽  
Flood Risk Analysis ◽  
De Bruijn

<p><span>In flood risk analysis it is a key principle to predetermine consequences of flooding to assets, people and infrastructures. Damages to critical infrastructures are not restricted to the flooded area. The effects of directly affected objects cascades to other infrastructures, which are not directly affected by a flood. Modelling critical infrastructure networks is one possible answer to the question ‘how to include indirect and direct impacts to critical infrastructures?’.</span></p><p>Critical infrastructures are connected in very complex networks. The modelling of those networks has been a basis for different purposes (Ouyang, 2014). Thus, it is a challenge to determine the right method to model a critical infrastructure network. For this example, a network-based and topology-based method will be applied (Pant et al., 2018). The basic model elements are points, connectors and polygons which are utilized to resemble the critical infrastructure network characteristics.</p><p>The objective of this model is to complement the state-of-the-art flood risk analysis with a quantitative analysis of critical infrastructure damages and disruptions for people and infrastructures. These results deliver an extended basis to differentiate the flood risk assessment and to derive measures for flood risk mitigation strategies. From a technical point of view, a critical infrastructure damage analysis will be integrated into the tool ProMaIDes (Bachmann, 2020), a free software for a risk-based evaluation of flood risk mitigation measures.</p><p>The data on critical infrastructure cascades and their potential linkages is scars but necessary for an actionable modelling. The CIrcle method from Deltares delivers a method for a workshop that has proven to deliver applicable datasets for identifying and connecting infrastructures on basis of cascading effects (de Bruijn et al., 2019). The data gained from CIrcle workshops will be one compound for the critical infrastructure network model.</p><p>Acknowledgment: This work is part of the BMBF-IKARIM funded project PARADes (Participatory assessment of flood related disaster prevention and development of an adapted coping system in Ghana).</p><p>Bachmann, D. (2020). ProMaIDeS - Knowledge Base. https://promaides.myjetbrains.com</p><p>de Bruijn, K. M., Maran, C., Zygnerski, M., Jurado, J., Burzel, A., Jeuken, C., & Obeysekera, J. (2019). Flood resilience of critical infrastructure: Approach and method applied to Fort Lauderdale, Florida. Water (Switzerland), 11(3). https://doi.org/10.3390/w11030517</p><p>Ouyang, M. (2014). Review on modeling and simulation of interdependent critical infrastructure systems. Reliability Engineering and System Safety, 121, 43–60. https://doi.org/10.1016/j.ress.2013.06.040</p><p>Pant, R., Thacker, S., Hall, J. W., Alderson, D., & Barr, S. (2018). Critical infrastructure impact assessment due to flood exposure. Journal of Flood Risk Management, 11(1), 22–33. https://doi.org/10.1111/jfr3.12288</p>

Sign in / Sign up

Export Citation Format

Share Document