Critical Infrastructure Protection XV
15th IFIP WG 11.10 International Conference, ICCIP 2021, Virtual Event, March 15-16, 2021, Revised Selected Papers
Published on 4. January 2022
XIV, 253 pages
978-3-030-93511-5 (ISBN)
Description
The information infrastructure - comprising computers, embedded devices, networks and software systems - is vital to operations in every sector: chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare and public health, information technology, nuclear reactors, materials and waste, transportation systems, and water and wastewater systems. Global business and industry, governments, indeed society itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed.
Critical Infrastructure Protection XV describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that willhelp secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: Industrial Control Systems Security; Telecommunications Systems Security; Infrastructure Security.
This book is the fourteenth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of 13 edited papers from the Fifteenth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, held as a virtual event during the spring of 2021.
Critical Infrastructure Protection XV is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security.
More details
Series
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Illustrations
XIV, 253 p. 69 illus.
File size
9,48 MB
ISBN-13
978-3-030-93511-5 (9783030935115)
DOI
10.1007/978-3-030-93511-5
Schweitzer Classification
Other editions
Additional editions
Jason Staggs | Sujeet Shenoi
Critical Infrastructure Protection XV
15th IFIP WG 11.10 International Conference, ICCIP 2021, Virtual Event, March 15-16, 2021, Revised Selected Papers
Book
01/2022
Springer
€90.94
Shipment within 7-9 days
Persons
Content
- Intro
- Contents
- Contributing Authors
- Preface
- THEMES AND ISSUES
- 1 CYBER SECURITY REQUIREMENTS INTHE NORWEGIAN ENERGY SECTOR
- 1. Introduction
- 2. Norwegian Electric Power Sector
- 3. Cyber Security Regulation Development
- 4. New Cyber Security Contingency Regulations
- 5. Development of Guidelines
- 6. Interoperability Principles
- 7. Cyber Security Policy Implementation
- 8. Regulatory Requirement Compliance
- 9. Audits
- 10. Potential Improvements
- 11. Conclusions
- Acknowledgements
- References
- 2 CYBER SECURITY AWARENESS REQUIREMENTS FOR OPERATIONAL TECHNOLOGY SYSTEMS
- 1. Introduction
- 2. CADOT Concept
- 3. Related Work
- 4. Cyber Security Awareness Requirements
- 5. Key Recommendations
- 5.1 CADOT User Types
- 5.2 CADOT Data Access and Display Needs
- 5.3 CADOT Cyber Security Baseline
- 5.4 Relevant Additional Information
- 5.5 CADOT Monitoring Frequencies
- 5.6 CADOT Query Support
- 5.7 CADOT Data Extensibility
- 5.8 Configurable CADOT Alerting
- 5.9 CADOT Design Constraints
- 6. CADOT Key Design Features
- 7. Commercially-Available Technologies
- 8. Conclusions
- Acknowledgements
- References
- 3 ANALYZING ADVANCED PERSISTENT THREATS USING GAME THEORY: A CRITICAL LITERATURE REVIEW
- 1. Introduction
- 2. Preliminaries
- 2.1 Advanced Persistent Threats
- 2.2 Information Security Risk Management
- 2.3 Game Theory
- 3. Literature Review
- 4. Application-Area-Based Classification
- 4.1 Resource Allocation
- 4.2 Cyber Deception
- 4.3 Information Leakage
- 4.4 Optimal Design
- 5. Metric-Based Classification
- 5.1 Mitigation Measures
- 5.2 Risk Management Stages
- 5.3 Advanced Persistent Threat Stages
- 5.4 Validation Methods
- 5.5 Model Assumptions
- 5.6 Tool Support
- 6. Critical Analysis
- 7. Conclusions
- References
- INDUSTRIAL CONTROLSYSTEMS SECURITY
- 4 ATTACKING THE IEC 61131 LOGIC ENGINE IN PROGRAMMABLE LOGIC CONTROLLERS
- 1. Introduction
- 2. Background and Related Work
- 2.1 Industrial Control Systems
- 2.2 Related Work
- 3. Attacking Control Logic Engines
- 4. Case Study 1: SEL-3505 RTAC
- 4.1 Controller Details
- 4.2 Vulnerabilities and Attacks
- 4.3 Experimental Evaluation
- 5. Case Study 2: Traditional Controllers
- 5.1 Case Study 2(a): Modicon M221
- 5.2 Case Study 2(b): MicroLogix 1100 and 1400
- 6. Mitigation
- 7. Conclusions
- Acknowledgements
- References
- 5 ANOMALY DETECTION IN AUTOMATION CONTROLLERS
- 1. Introduction
- 2. SEL-3505 RTAC Device
- 3. Anomaly Detection System
- 3.1 Workload
- 3.2 System Outputs
- 3.3 Tuning Parameters
- 3.4 Decision Algorithm
- 4. Experimental Design
- 4.1 Experimental Factors
- 4.2 Data Collection
- 4.3 Discriminator Selection
- 4.4 System Evaluation
- 5. Experimental Results
- 5.1 Anomaly Detection Rates
- 5.2 Improving Detection Rates
- 6. Conclusions
- References
- 6 DETECTING ANOMALOUS PROGRAMMABLE LOGIC CONTROLLER EVENTS USING PROCESS MINING
- 1. Introduction
- 2. Related Work
- 3. Process Mining
- 4. Overview
- 5. Proposed Methodology
- 5.1 Traffic Light System
- 5.2 Programmable Logic Controller Behavior
- 5.3 Petri Net Model
- 5.4 Invalid State Transition Detector
- 5.5 Anomalous Traffic Light Operations
- 5.6 Anomalous Behavior Detection
- 6. Conclusions
- References
- 7 SIMULATINGMEASUREMENTATTACKS IN A SCADA SYSTEM TESTBED
- 1. Introduction
- 2. Related Work
- 3. Gas System Model and Experimental Setup
- 3.1 Gas System Model
- 3.2 Experimental Setup
- 4. Single Point of Failure
- 5. Sophisticated Measurement Attack
- 6. Discussion
- 7. Future Work
- 8. Conclusions
- Acknowledgements
- References
- 8 A COMMUNICATIONS VALIDITYDETECTOR FOR SCADA NETWORKS
- 1. Introduction
- 2. Background and Related Work
- 2.1 SCADA Systems
- 2.2 SCADA Network Attacks
- 2.3 Language-Theoretic Security
- 2.4 SCADA System Forensics
- 2.5 Software-Defined Networks
- 2.6 Anomaly Detection
- 3. Tool Design
- 3.1 Design Techniques
- 3.2 Continuous Data Collection and Monitoring
- 3.3 Distributed Data Collection
- 3.4 Publish-Subscribe Minion Model
- 3.5 Detecting Syntactically-Invalid Packets
- 3.6 Setpoint Monitors
- 3.7 Detecting Semantically-Incorrect Packets
- 3.8 User Interfaces
- 4. Tool Evaluation
- 4.1 Parser Correctness
- 4.2 Resilience to Fuzzing
- 4.3 Crafted Packet Detection
- 4.4 Parser Performance
- 4.5 Visualization Capabilities
- 5. Discussion
- 6. Conclusions
- Acknowledgement
- References
- TELECOMMUNICATIONS SYSTEMS SECURITY
- 9 INFINIBAND NETWORK MONITORING: CHALLENGES AND POSSIBILITIES
- 1. Introduction
- 2. InfiniBand Architecture
- 2.1 InfiniBand Hardware
- 2.2 InfiniBand Software Architecture
- 2.3 InfiniBand Transport Services
- 3. Related Work
- 4. Experimental Setup and Case Studies
- 4.1 Experimental Setup
- 4.2 Network Monitoring Tools
- 4.3 Data Collection Metrics
- 4.4 Case Study 1
- 4.5 Case Study 2
- 4.6 Case Study 3
- 5. Results
- 5.1 Case Study 1 Results
- 5.2 Case Study 2 Results
- 5.3 Case Study 3 Results
- 6. Conclusions
- References
- 10 GPS SIGNAL AUTHENTICATION USING A CHAMELEON HASH KEYCHAIN
- 1. Introduction
- 2. Background and Related Work
- 2.1 GPS Signals
- 2.2 Chameleon Hashing
- 2.3 Related Work
- 3. GPS Signal Authentication
- 3.1 Threat Model and Assumptions
- 3.2 Chameleon Hash Keychain
- 3.3 Architecture Overview
- 4. Prototype Implementation
- 5. Evaluation Results and Discussion
- 5.1 Execution Time
- 5.2 Communications Overhead
- 5.3 Security Aspect
- 6. Conclusions
- References
- INFRASTRUCTURE SECURITY
- 11SECURITY ANALYSIS OF SOFTWARE UPDATES FOR INDUSTRIAL ROBOTS
- 1. Introduction
- 2. Collaborative Robot
- 3. Previous Work
- 4. Experiments and Results
- 4.1 Software Update File
- 4.2 Symmetric Key
- 4.3 Software Update Process Flow
- 5. Software Update Process Vulnerabilities
- 5.1 Malicious Software Update File Creation
- 5.2 Arbitrary Script Execution
- 5.3 Password Integrity
- 5.4 Arbitrary File Creation
- 6. Discussion
- 7. Conclusions
- Acknowledgement
- References
- 12 A SECURITY FRAMEWORK FOR RAILWAY SYSTEM DEPLOYMENTS
- 1. Introduction
- 2. Related Work
- 3. Security Framework
- 3.1 Procurement Phase
- 3.2 Testing Phase
- 3.3 Deployment Phase
- 3.4 Post-Deployment Phase
- 4. Conclusions
- References
