Cyber Security Standards, Practices and Industrial Applications

Cyber attacks launched by individuals and/or supported by nation states have increased due to the prevalence of information technologies at critical infrastructure of the states. In this chapter, such attacks and consecutive impacts are visited. In connection with this issue, evolution of cyber threats from annoying malware to serious weapons is studied by examples; hence, precautions against such threats are visited and usage of anti-malware applications as prevalent precautions is assessed within the scope. Selected information security standards and strategies of selected states and precautions for cyber security of Turkey are studied. Our findings underline that educated citizens and companies along with public institutions should cooperate to provide a nationwide cyber security. Consequently, it is defended that governments should play an affective role to protect, educate, and guide governmental and private companies and citizens on the cyber security by promoting the cyber security topic in the successive national development plans.

Download Full-text

Data Flow Based Cyber Security Defense-in-Depth Model of I&C System for Nuclear Power Plants

Volume 4: Nuclear Safety, Security, Non-Proliferation and Cyber Security; Risk Management ◽

10.1115/icone25-67918 ◽

2017 ◽

Author(s):

Bing Hu ◽

Longqiang Zhang ◽

Zhiwu Guo ◽

Youran Li ◽

Wei Sun ◽

...

Keyword(s):

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Nuclear Power Plants ◽

Data Flow ◽

Security Threat ◽

Technical Requirements ◽

Digital Instrumentation ◽

Defense In Depth ◽

Security Standards

With the introduction of digital instrumentation system, the cyber security threat to nuclear power plants is becoming more and more serious. The existing cyber security standards of nuclear power plants still need to be improved, and the technology practice of defensive strategies is lacking all over the world. In this paper, based on the comparison of domestic and foreign regulations and standards, combined with the technical practice of I&C system overall plan, a defense-in-depth model based on data flow is proposed. The overall technical requirements, hierarchy, network model, cyber security basic requirements, cyber security interface and protection of digital assets are introduced, the application of the model and the direction of research on cyber security of nuclear power plant are prospected.

Download Full-text

Federated Transfer Learning for Authentication and Privacy Preservation Using Novel Supportive Twin Delayed DDPG (S-TD3) Algorithm for IIoT

Sensors ◽

10.3390/s21237793 ◽

2021 ◽

Vol 21 (23) ◽

pp. 7793

Author(s):

Arumugam K ◽

Srimathi J ◽

Sudhanshu Maurya ◽

Senoj Joseph ◽

Anju Asokan ◽

...

Keyword(s):

Transfer Learning ◽

Privacy Preservation ◽

Industrial Applications ◽

Privacy And Security ◽

Industrial Transformation ◽

Automatic Data ◽

Authentication Mechanism ◽

Industrial Internet ◽

Security Standards ◽

The Given

The Industrial Internet of Things (IIoT) has led to the growth and expansion of various new opportunities in the new Industrial Transformation. There have been notable challenges regarding the security of data and challenges related to privacy when collecting real-time and automatic data while observing applications in the industry. This paper proposes an Federated Transfer Learning for Authentication and Privacy Preservation Using Novel Supportive Twin Delayed DDPG (S-TD3) Algorithm for IIoT. In FT-Block (Federated transfer learning blockchain), several blockchains are applied to preserve privacy and security for all types of industrial applications. Additionally, by introducing the authentication mechanism based on transfer learning, blockchains can enhance the preservation and security standards for industrial applications. Specifically, Novel Supportive Twin Delayed DDPG trains the user model to authenticate specific regions. As it is considered one of the most open and scalable interacting platforms of information, it successfully helps in the positive transfer of different kinds of data between devices in more significant and local operations of the industry. It is mainly due to a single authentication factor, and the poor adaptation to regular increases in the number of users and different requirements that make the current authentication mechanism suffer a lot in IIoT. As a result, it has been very clearly observed that the given solutions are very useful.

Download Full-text

Role of Cyber Security in Today's Scenario

Detecting and Mitigating Robotic Cyber Security Risks - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-2154-9.ch013 ◽

2017 ◽

pp. 177-191 ◽

Cited By ~ 7

Author(s):

Manju Khari ◽

Gulshan Shrivastava ◽

Sana Gupta ◽

Rashmi Gupta

Keyword(s):

Information Security ◽

Computer Security ◽

Cyber Security ◽

Cyber Attacks ◽

Cyber Attack ◽

Individual Property ◽

Security Breaches ◽

Information Tools ◽

History Of ◽

Security Standards

Cyber Security is generally used as substitute with the terms Information Security and Computer Security. This work involves an introduction to the Cyber Security and history of Cyber Security is also discussed. This also includes Cyber Security that goes beyond the limits of the traditional information security to involve not only the security of information tools but also the other assets, involving the person's own confidential information. In computer security or information security, relation to the human is basically to relate their duty(s) in the security process. In Cyber security, the factor has an added dimension, referring humans as the targets for the cyber-attacks or even becoming the part of the cyber-attack unknowingly. This also involves the details about the cybercriminals and cyber risks going ahead with the classification of the Cybercrimes which is against individual, property, organisation and society. Impacts of security breaches are also discussed. Countermeasures for computer security are discussed along with the Cyber security standards, services, products, consultancy services, governance and strategies. Risk management with the security architecture has also been discussed. Other section involves the regulation and certification controls; recovery and continuity plans and Cyber security skills.

Download Full-text

Role of Cyber Security in Today's Scenario

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch001 ◽

2018 ◽

pp. 1-15 ◽

Cited By ~ 1

Author(s):

Manju Khari ◽

Gulshan Shrivastava ◽

Sana Gupta ◽

Rashmi Gupta

Keyword(s):

Information Security ◽

Computer Security ◽

Cyber Security ◽

Cyber Attacks ◽

Cyber Attack ◽

Individual Property ◽

Security Breaches ◽

Information Tools ◽

History Of ◽

Security Standards

Cyber Security is generally used as substitute with the terms Information Security and Computer Security. This work involves an introduction to the Cyber Security and history of Cyber Security is also discussed. This also includes Cyber Security that goes beyond the limits of the traditional information security to involve not only the security of information tools but also the other assets, involving the person's own confidential information. In computer security or information security, relation to the human is basically to relate their duty(s) in the security process. In Cyber security, the factor has an added dimension, referring humans as the targets for the cyber-attacks or even becoming the part of the cyber-attack unknowingly. This also involves the details about the cybercriminals and cyber risks going ahead with the classification of the Cybercrimes which is against individual, property, organisation and society. Impacts of security breaches are also discussed. Countermeasures for computer security are discussed along with the Cyber security standards, services, products, consultancy services, governance and strategies. Risk management with the security architecture has also been discussed. Other section involves the regulation and certification controls; recovery and continuity plans and Cyber security skills.

Download Full-text

Consequent Formation in Security With Blockchain in Digital Transformation

Impact of Digital Transformation on Security Policies and Standards - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-2367-4.ch008 ◽

2020 ◽

pp. 122-144

Author(s):

Shanthi Makka ◽

Gagandeep Arora ◽

B. B. Sagar

Keyword(s):

Real Time ◽

Cyber Security ◽

Industrial Applications ◽

Peer To Peer ◽

Digital Transformation ◽

P2p Network ◽

High Demand ◽

Blockchain Technology ◽

The Future ◽

Digital Transactions

Blockchain technology makes use of a centralized, peer-to-peer (P2P) network of databases, also called nodes, to validate and record digital transactions between individual users located anywhere across the globe. These transactions often take place through the exchange of cryptocurrencies such as bitcoins, Ethereum, and Ripple, etc. The security and transparency that is inherently present in digital transactions place blockchain technology in high demand across various industrial applications. Each node updates its database in real-time as and when transactions occur. The transaction gets authorized only when a majority of the nodes in the network validate the transaction. Once the verification is complete, a block, consisting of hash and keys, is generated for each new transaction and is linked to previous transactions in every database. Every node updates its database with the new block. A hacker would have to break down every node in the system to commit fraud. Blockchain could play a major role in maintaining the cyber security of digital transactions in the future.

Download Full-text

The Impacts of DNS Protocol Security Weaknesses

Journal of Communications ◽

10.12720/jcm.15.10.722-728 ◽

2020 ◽

pp. 722-728

Author(s):

Willian A. Dimitrov ◽

◽

Galina S. Panayotova

Keyword(s):

Statistical Analysis ◽

Cyber Security ◽

Short Review ◽

The Internet ◽

Protocol Security ◽

Security Standards ◽

Security Incidents

Global DNS infrastructure is a major component for the services exposed in the internet. The purpose of the study is understanding the cyber security status of DNS ecosystem. As part of the research, a statistical analysis based on vulnerability repositories has been created to provide a view toward the level of DNS security in general. It can help organizations to understand, assess and mitigate DNS risks. It's made short review of most used attacks against DNS and mitigation: amplification, reflection, floods, DNS exploits, and analysis for the DNS security incidents trend. The statistics implicitly reflect the degree of adoption of new DNS security standards and technologies.

Download Full-text

Communication and Cyber Security Analysis of Advanced Metering Infrastructure of Smart Grid

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.325-326.637 ◽

2013 ◽

Vol 325-326 ◽

pp. 637-642

Author(s):

Zhong Wei Li ◽

Li Cheng ◽

Hong Li Zhang ◽

Wei Ming Tong

Keyword(s):

Communication Network ◽

Smart Grid ◽

Cyber Security ◽

Network Architecture ◽

Security Analysis ◽

Advanced Metering Infrastructure ◽

Security Measures ◽

Data Types ◽

Advanced Metering ◽

Security Standards

AMI (Advanced Metering Infrastructure) is the first step of the implementation of the smart grid. The communication network is the important part of AMI. The reasonable communication network architecture and effective cyber security measures are the keys of the realization of AMIs functions. The components, functions and communication network architecture are studied. Communication technologies that can be used in AMI are analyzed. Based on ZigBee, fieldbus/industrial EtherNet and GPRS, a typical AMI are constructed. The cyber security threats, communication data types and cyber security requirement of AMI are analyzed. The cyber security strategy and implementing scheme are offered. The communication standards and cyber security standards that can be referred while constructing AMI are analyzed. The necessity that publishes AMIs communication standard and cyber security is put forward.

Download Full-text

Cyber Security Standards

Wiley Handbook of Science and Technology for Homeland Security ◽

10.1002/9780470087923.hhs439 ◽

2009 ◽

Author(s):

Karen Scarfone ◽

Dan Benigni ◽

Tim Grance

Keyword(s):

Cyber Security ◽

Security Standards

Download Full-text

Cyber-Security of Smart Microgrids: A Survey

Energies ◽

10.3390/en14010027 ◽

2020 ◽

Vol 14 (1) ◽

pp. 27

Author(s):

Farzam Nejabatkhah ◽

Yun Wei Li ◽

Hao Liang ◽

Rouzbeh Reza Ahrabi

Keyword(s):

Cyber Security ◽

Smart Grids ◽

Frequency Control ◽

Cyber Attacks ◽

Mitigation Strategies ◽

Data Availability ◽

Defensive Strategies ◽

Protection Strategies ◽

Tightly Coupled ◽

Security Standards

In this paper, the cyber-security of smart microgrids is thoroughly discussed. In smart grids, the cyber system and physical process are tightly coupled. Due to the cyber system’s vulnerabilities, any cyber incidents can have economic and physical impacts on their operations. In power electronics-intensive smart microgrids, cyber-attacks can have much more harmful and devastating effects on their operation and stability due to low inertia, especially in islanded operation. In this paper, the cyber–physical systems in smart microgrids are briefly studied. Then, the cyber-attacks on data availability, integrity, and confidentiality are discussed. Since a false data injection (FDI) attack that compromises the data integrity in the cyber/communication network is one of the most challenging threats for smart microgrids, it is investigated in detail in this paper. Such FDI attacks can target state estimation, voltage and frequency control, and smart microgrids’ protection systems. The economic and physical/technical impacts of the FDI attacks on smart microgrids are also reviewed in this paper. The defensive strategies against FDI attacks are classified into protection strategies, in which selected meter measurements are protected, and detection/mitigation strategies, based on either static or dynamic detection. In this paper, implementation examples of FDI attacks’ construction and detection/mitigation in smart microgrids are provided. Samples of recent cyber-security projects in the world, and critical cyber-security standards of smart grids, are presented. Finally, future trends of cyber-security in smart microgrids are discussed.

Download Full-text