Critical Infrastructure Protection XI
11th IFIP WG 11.10 International Conference, ICCIP 2017, Arlington, VA, USA, March 13-15, 2017, Revised Selected Papers
Published on 20. November 2017
XVI, 338 pages
978-3-319-70395-4 (ISBN)
Description
The information infrastructure - comprising computers, embedded devices, networks and software systems - is vital to operations in every sector: chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare and public health, information technology, nuclear reactors, materials and waste, transportation systems, and water and wastewater systems. Global business and industry, governments, indeed society itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed.
Critical Infrastructure Protection XI describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: Infrastructure Protection, Infrastructure Modeling and Simulation, Industrial Control System Security, and Internet of Things Security.
This book is the eleventh volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of sixteen edited papers from the Eleventh Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, held at SRI International, Arlington, Virginia, USA in the spring of 2017.
Critical Infrastructure Protection XI is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security.
More details
Series
Edition
1st ed. 2017
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Illustrations
XVI, 338 p. 116 illus.
File size
16,84 MB
ISBN-13
978-3-319-70395-4 (9783319703954)
DOI
10.1007/978-3-319-70395-4
Schweitzer Classification
Other editions
Additional editions
Mason Rice | Sujeet Shenoi
Critical Infrastructure Protection XI
11th IFIP WG 11.10 International Conference, ICCIP 2017, Arlington, VA, USA, March 13-15, 2017, Revised Selected Papers
Book
11/2017
Springer
€53.49
Shipment within 10-15 days
Content
- Intro
- Contents
- Contributing Authors
- Preface
- I INFRASTRUCTURE PROTECTION
- PROTECTING THE TRANSPORTATION SECTOR FROM THE NEGATIVE IMPACTS OF CLIMATE CHANGE
- Abstract
- Keywords
- 1. Introduction
- 2. Transportation Sector
- 2.1 Climate Change Impacts on Transportation
- 3. Approaches for Climate Change Adaptation
- 3.1 Adaptation Assessment
- 3.2 Classification of Adaptation Options
- 3.3 Global Adaptation Initiatives
- 4. Adaptation in the Transportation Sector
- 4.1 Adaptation to Climate Change
- 4.2 Effective Governance for Adaptation
- 4.3 Infrastructure Design and Planning
- 4.4 Redundancies in Transportation Modes
- 4.5 Operational Contingency
- 4.6 Early Warning Systems
- 4.7 Building Adaptive Capacity
- 4.8 Comprehensive Collaboration
- 5. Conclusions
- References
- EVALUATION OF ADDITIVE AND SUBTRACTIVE MANUFACTURING FROM THE SECURITY PERSPECTIVE
- Abstract
- Keywords
- 1. Introduction
- 2. Related Work
- 2.1 Cyber-Physical System Security
- 2.2 Additive Manufacturing Security
- 3. Manufacturing Workflows
- 3.1 Additive Manufacturing Workflow
- 3.2 Subtractive Manufacturing Workflow
- 4. Attack Analysis Framework
- 4.1 Attacks
- 4.2 Security Threat Categories
- 5. Security Analysis
- 5.1 Attack Vectors
- 5.2 Compromised Elements
- 5.3 Manipulations
- 5.4 Effects
- 6. Conclusions
- References
- DETECTING DATA MANIPULATION ATTACKS ON T HE SUBSTATION INTERLOCKING FUNCTION USING DIRECT POWER FEEDBACK
- Abstract
- Keywords
- 1. Introduction
- 2. Related Work
- 3. Substation Interlocking
- 3.1 Substation Switching
- 3.2 Interlocking Function Operation
- 3.3 Substation Communication Protocols
- 4. Attack Description
- 5. Proposed Solution
- 5.1 Switchgear Event Detection
- 5.2 Switchgear State Identification
- 5.3 Interlocking Function Security Controller
- 6. Implementation and Results
- 6.1 Implementation
- 6.2 Results
- 7. Conclusions
- References
- NETWORK FORENSIC ANALYSIS OF ELECTRICAL SUBSTATION AUTOMATION TRAFFIC
- Abstract
- Keywords
- 1. Introduction
- 2. Problem Statement
- 3. Graph Construction
- 3.1 Model Graph Construction
- 3.2 Concrete Graph Construction
- 4. Time Series Analysis
- 5. Experimental Evaluation
- 6. Conclusions
- Acknowledgement
- References
- II INFRASTRUCTURE MODELING AND SIMULATION
- MULTIPLE SECURITY DOMAIN MODEL OF A VEHICLE IN AN AUTOMATED PLATOON
- Abstract
- Keywords
- 1. Introduction
- 2. System Model
- 3. Related Work
- 3.1 Confidentiality
- 3.2 Integrity
- 3.3 Availability
- 3.4 Multiple Security Domain Nondeducibility
- 4. Problem Statement
- 4.1 Case 1
- 4.2 Case 2
- 4.3 Case 3
- 4.4 Case 4
- 4.5 Case 5
- 5. Conclusions
- Acknowledgement
- References
- DISTRIBUTED DATA FUSION FOR SITUATIONAL AWARENESS IN CRITICAL INFRASTRUCTURES WITH LINK FAILURES
- Abstract
- Keywords
- 1. Introduction
- 2. Preliminaries
- 3. Distributed Data Fusion
- 4. Case Study
- 4.1 Problem Formulation
- 4.2 Dam and Hydroelectric Power Station
- 4.3 Power Distribution Station
- 4.4 Base Transceiver Station
- 4.5 Water Supply Network
- 4.6 Security Patrol
- 4.7 Numerical Example
- 5. Conclusions
- References
- EXPLOITING WEB ONTOLOGIES FOR AUTOMATED CRITICAL INFRASTRUCTURE DATA RETRIEVAL
- Abstract
- Keywords
- 1. Introduction
- 2. Ontological Approaches
- 2.1 Critical Infrastructure Modeling
- 2.2 Critical Infrastructure Simulation
- 2.3 Information Sharing
- 3. Ontology-Based Information Retrieval
- 3.1 Ontology Population
- 3.2 Ontology Matching
- 3.3 Data Retrieval
- 4. Conclusions
- References
- III INDUSTRIAL CONTROL SYSTEM SECURITY
- ENFORCING END-TO-END SECURITY IN SCADA SYSTEMS VIA APPLICATION-LEVEL CRYPTOGRAPHY
- Abstract
- Keywords
- 1. Introduction
- 2. Related Work
- 3. Problem Statement
- 4. Cryptographic Applications
- 4.1 PLC Architecture
- 4.2 Secure Application Architecture
- 5. Use Case Assessment and Results
- 5.1 System Analysis
- 5.2 Cryptographic Algorithms
- 5.3 Computational Time
- 5.4 Security Properties in Control Applications
- 6. Conclusions
- Acknowledgement
- References
- SOFTWARE DEFINED RESPONSE AND NETWORK RECONFIGURATION FOR INDUSTRIAL CONTROL SYSTEMS
- Abstract
- Keywords
- 1. Introduction
- 2. Related Work
- 3. Proposed Security Solution
- 3.1 Overview
- 3.2 Communications Tier
- 3.3 Application Tier
- 3.4 Supervision Tier
- 3.5 Implementation and Scalability
- 4. Experimental Results
- 5. Conclusions
- Acknowledgement
- References
- THREAT ANALYSIS OF AN ELEVATOR CONTROL SYSTEM
- Abstract
- Keywords
- 1. Introduction
- 2. Related Work
- 3. Threat Model
- 3.1 Confidentiality Threats
- 3.2 Integrity Threats
- 3.3 Availability Threats
- 4. Elevator System Case Study
- 4.1 Experimental Setup
- 4.2 S7 Base Protocol and Configuration
- 4.3 PLC Discovery Attack
- 4.4 False Command Injection Attack
- 4.5 Control Signal Injection Attack
- 4.6 Control Variable Injection Attack
- 4.7 Sensor Value Response Modification Attack
- 4.8 Discussion and Recommendations
- 5. Conclusions
- References
- GENERATING HONEYPOT TRAFFICFOR INDUSTRIAL CONTROL SYSTEMS
- Abstract
- Keywords
- 1. Introduction
- 2. Background
- 2.1 Control System Threats
- 2.2 Honeypots
- 2.3 Network Traffic Generation
- 2.4 Network Traffic Generators
- 3. Test Environment
- 3.1 Design Considerations
- 3.2 Network Topology
- 4. Pilot Studies
- 4.1 APOGEE Network Traffic Analysis
- 4.2 Identifying Honeypots
- 4.3 Tcpreplay Network Traffic Generation
- 5. Implementation
- 5.1 Traffic Matching
- 5.2 Honeypot Integration
- 5.3 Network Routing
- 6. Experiments
- 6.1 Metrics
- 6.2 Experimental Results
- 7. Conclusions
- Acknowledgement
- References
- CHALLENGES TO AUTOMATING SECURITY CONFIGURATIONCHECKLISTS IN MANUFACTURINGENVIRONMENTS
- Abstract
- Keywords
- 1. Introduction
- 2. Manufacturing Environments
- 3. SCAP Background
- 4. SCAP Reuse in Manufacturing Environments
- 5. Relevant Research and Standards
- 6. Conclusions
- Disclaimer
- References
- CATEGORIZATION OF CYBER TRAINING ENVIRONMENTS FOR INDUSTRIAL CONTROL SYSTEMS
- Abstract
- Keywords
- 1. Introduction
- 2. Incident Response Training Environments
- 2.1 U.S. Government
- 2.2 Industry
- 2.3 Academia
- 3. Bloom's Taxonomy
- 4. Relating the Taxonomy to Training Platforms
- 5. Training Environment Development
- 5.1 Preparation
- 5.2 Detection and Analysis
- 5.3 Containment, Eradication and Recovery
- 5.4 Post-Incident Activity
- 5.5 Training Administration
- 6. Training Environment Levels
- 6.1 Level 1 Training Environment
- 6.2 Level 2 Training Environment
- 6.3 Level 3 Training Environment
- 6.4 Level 4 Training Environment
- 7. Mapping Training Environment Levels
- 8. Example Training Environments
- 8.1 Level 1 Training Environments
- 8.2 Level 2 Training Environments
- 8.3 Level 3 Training Environments
- 8.4 Level 4 Training Environments
- 9. Conclusions
- Acknowledgement
- References
- MULTI-CONTROLLER EXERCISE ENVIRONMENTS FOR TRAINING INDUSTRIAL CONTROL SYSTEM FIRST RESPONDERS
- Abstract
- Keywords
- 1. Introduction
- 2. Background
- 3. Multi-PLC Training Platform
- 3.1 Design Considerations
- 3.2 Exercise Layout
- 4. Training Scenario
- 4.1 Segmentation Using a CompactLogix PLC
- 4.2 Segmentation Using a Siemens PLC
- 4.3 Segmentation Using a ControlLogix PLC
- 4.4 Scenario Selection and Alternate Scenarios
- 5. Results
- 5.1 Hardware Verification
- 5.2 Reliability Test
- 5.3 Timing Test
- 5.4 Functional Analysis Criteria
- 5.5 Limitations
- 6. Conclusions
- Acknowledgement
- References
- IV INTERNET OF THINGS SECURITY
- DEFENDING BUILDING AUTOMATION SYSTEMS USING DECOY NETWORKS
- Abstract
- Keywords
- 1. Introduction
- 2. Background
- 2.1 Automation Technologies
- 2.2 Honeypots for Building Automation Defense
- 3. Understanding INSTEON
- 3.1 INSTEON Documentation
- 3.2 Previous Research
- 3.3 Integrating Wireshark
- 3.4 Pilot Studies
- 3.5 INSTEON Protocol Summary
- 4. Experiments
- 4.1 Packet Capture Experiment
- 4.2 Functional Testing Experiment
- 5. Experimental Results
- 5.1 Packet Capture Experiment
- 5.2 Functional Testing Experiment
- 6. Limitations and Future Work
- 7. Conclusions
- Acknowledgement
- References
- SECURING BLUETOOTH LOW ENERGY LOCKS FROM UNAUTHORIZED ACCESS AND SURVEILLANCE
- Abstract
- Keywords
- 1. Introduction
- 2. Bluetooth Low Energy
- 3. User Behavioral Analytics
- 4. Bluetooth Security Vulnerabilities
- 4.1 Plaintext Passwords
- 4.2 Password Obfuscation
- 4.3 Brute Forcing
- 4.4 Command Fuzzing
- 4.5 Hard-Coded Passwords
- 4.6 Man-in-the-Middle Attack
- 5. Attack Scenario
- 6. Mitigation Techniques
- 6.1 Pairing and Bonding
- 6.2 Application Layer Encryption
- 6.3 Two-Way Authentication
- 6.4 Geofencing
- 6.5 Bluetooth Low Energy Guardian
- 7. Conclusions
- References
