Critical Infrastructure Protection XVI
16th IFIP WG 11.10 International Conference, ICCIP 2022, Virtual Event, March 14-15, 2022, Revised Selected Papers
Published on 29. November 2022
XIV, 300 pages
978-3-031-20137-0 (ISBN)
Description
The information infrastructure - comprising computers, embedded devices, networks and software systems - is vital to operations in every sector: chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare and public health, information technology, nuclear reactors, materials and waste, transportation systems, and water and wastewater systems. Global business and industry, governments, indeed society itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed.
Critical Infrastructure Protection XVI describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: Industrial Control Systems Security; Telecommunications Systems Security; Infrastructure Security.
This book is the 16th volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection.
The book contains a selection of 11 edited papers from the Fifteenth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, held as a virtual event during March, 2022.
Critical Infrastructure Protection XVI is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security.
More details
Series
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Illustrations
XIV, 300 p. 92 illus.
File size
8,22 MB
ISBN-13
978-3-031-20137-0 (9783031201370)
DOI
10.1007/978-3-031-20137-0
Schweitzer Classification
Other editions
Additional editions
Jason Staggs | Sujeet Shenoi
Critical Infrastructure Protection XVI
16th IFIP WG 11.10 International Conference, ICCIP 2022, Virtual Event, March 14-15, 2022, Revised Selected Papers
Book
11/2022
Springer
€171.19
Shipment within 15-20 days
Persons
Content
- Intro
- Contents
- Contributing Authors
- Preface
- I THEMES AND ISSUES
- Chapter 1 NATIONAL CYBER RESILIENCE AND ROLES FOR PUBLIC AND PRIVATE SECTOR STAKEHOLDERS
- 1. Introduction
- 2. Related Work
- 2.1 Cyber Infrastructure Threats
- 2.2 Cyber Infrastructure Resilience
- 3. Cyber Infrastructure and Threats
- 3.1 Cyber Infrastructure Model
- 3.2 Cyber Infrastructure Threats
- 4. National-Scale Resilience Model
- 4.1 Cyber Infrastructure and Resilience
- 4.2 Basic Resilience Model
- 4.3 Applying Resilience to Cyber Infrastructure
- 4.4 Measuring Practices in Cyber Infrastructure
- 5. Implementing the Resilience Model
- 5.1 Phase 1: Prepare
- 5.2 Phase 2: Implement
- 5.3 Phase 3: Test
- 5.4 Phase 4: Evaluate
- 6. Stakeholders and Roles
- 6.1 Cyber Resilience Government Stakeholders
- 6.2 Building Cyber Infrastructure Resilience
- 7. Conclusions
- References
- Chapter 2 ARE EUROPEAN SECURITY POLICIES READY FOR ADVANCED METERING SYSTEMS WITH CLOUD BACK-ENDS?
- 1. Introduction
- 2. Background
- 2.1 Advanced Metering System Evolution
- 2.2 European Union Cyber Security Legislation
- 3. Research Methodology Overview
- 4. Reference Model
- 5. Framework to Legislation Mapping
- 6. Cloud-Secure AMS Policy Framework
- 7. Conclusions
- Acknowledgements
- References
- II INDUSTRIAL CONTROL SYSTEMS SECURITY
- Chapter 3 IMPORTANCE OF CYBER SECURITY ANALYSIS IN THE OPERATIONAL TECHNOLOGY SYSTEM LIFECYCLE
- 1. Introduction
- 2. Project Background and Overview
- 3. Assessment Methodology
- 4. Research Findings
- 4.1 Device Command Processing
- 4.2 IMS/AMS Operator Workstations
- 4.3 Safety Instrumented SystemCommunications
- 4.4 Security Control Performance
- 4.5 Assessment Questions and Findings
- 4.6 Architecture Comparison
- 5. Recommendations
- 6. Discussion
- 7. Conclusions
- Acknowledgements
- References
- Chapter 4 TRUSTED VIRTUALIZATION-BASED PROGRAMMABLE LOGIC CONTROLLER RESILIENCE USING A BACKFIT APPROACH
- 1. Introduction
- 2. Related Work
- 3. Virtualization for Trust and Resilience
- 3.1 PLC Virtualization
- 3.2 Remote TPM-Based Attestation
- 4. Experiments and Results
- 4.1 Experimental Environment
- 4.2 Resilience Experiments and Results
- 5. Conclusions
- References
- III ADDITIVE MANUFACTURING SYSTEMS
- Chapter 5 ATTACK-DEFENSE MODELING OF MATERIAL EXTRUSION ADDITIVE MANUFACTURING SYSTEMS
- 1. Introduction
- 2. Additive Manufacturing Workflow
- 3. Additive Manufacturing Threats
- 3.1 Threats Leveraging Additive Manufacturing
- 3.2 Threats Against Additive Manufacturing
- 4. Material Extrusion Additive Manufacturing
- 5. Attack-Defense Modeling
- 6. Material Extrusion Attack-Defense Model
- 6.1 Design Phase Attack-Defense Model
- 6.2 Slicing Phase Attack-Defense Model
- 6.3 Printing Phase Attack-Defense Model
- 7. Material Extrusion Case Studies
- 7.1 Printer Annamieke
- 7.2 Printer Beatrijs
- 7.3 Printer Cathelijne
- 8. Material Extrusion Attacks
- 8.1 Design Phase Attack
- 8.2 Slicing Phase Attacks
- 8.3 Printing Phase Attack
- 9. Discussion
- 10. Conclusions
- Acknowledgement
- References
- Chapter 6 MANIPULATION OF G-CODE TOOLPATH FILES IN 3D PRINTERS: ATTACKS AND MITIGATIONS
- 1. Introduction
- 2. Background and Related Work
- 2.1 Additive Manufacturing Process Chain
- 2.2 Process Chain Attacks
- 3. G-Code Toolpath File Attack Surface
- 4. G-Code Toolpath File Exploitation
- 4.1 Software Execution Vulnerability
- 4.2 Software Execution Attack
- 5. G-Code Toolpath File Attacks
- 5.1 Temperature Modification Attacks
- 5.2 Infill Exclusion Attacks
- 6. Attack Results and Mitigations
- 6.1 Attack Effectiveness Experiments
- 6.2 Temperature Modification Experiments
- 6.3 Infill Exclusion Experiments
- 6.4 Discussion
- 7. Mitigations
- 8. Conclusions
- Acknowledgement
- References
- Chapter 7 DETECTING PART ANOMALIES INDUCED BY CYBER ATTACKS ON A POWDER BED FUSION ADDITIVE MANUFACTURING SYSTEM
- 1. Introduction
- 2. Related Work
- 3. Powder Bed Fusion
- 3.1 Powder Bed Fusion Process
- 3.2 Selective Laser Sintering Printer
- 4. Powder Bed Fusion Printer Anomalies
- 5. Anomaly Detection Method
- 5.1 Data Collection
- 5.2 Data Processing
- 5.3 Data Analysis
- 6. Anomaly Creation Attacks
- 7. Experimental Setup and Results
- 7.1 Experimental Setup
- 7.2 Anomaly Detection Results
- 8. Discussion
- 9. Conclusions
- Acknowledgement
- References
- Chapter 8 LOW-MAGNITUDE INFILL STRUCTURE MANIPULATION ATTACKS ON FUSED FILAMENT FABRICATION 3D PRINTERS
- 1. Introduction
- 2. Related Work
- 3. Low-Magnitude Infill Structure Attacks
- 3.1 Attack Success Criteria
- 3.2 Printing Accuracy
- 3.3 Attacking Infill Structures
- 4. Attack Implementation
- 4.1 Attack Overview
- 4.2 Attack Plan
- 5. Evaluation Results
- 5.1 Stealthiness Performance
- 5.2 Mechanical Strength Impacts
- 6. Analysis and Discussion
- 7. Attack Countermeasures
- 8. Conclusions
- Acknowledgement
- References
- IV INFRASTRUCTURE DEVICE SECURITY
- Chapter 9 LEVERAGING CONFIDENTIAL COMPUTING TO ENABLE SECURE INFORMATION SHARING
- 1. Introduction
- 2. Background and Related Work
- 2.1 Confidential Computing
- 2.2 RISC-V Instruction Set Architecture
- 2.3 Keystone Enclave
- 2.4 Related Work
- 3. Experimental Configuration
- 4. Proposed Development
- 5. Experimental Results and Analysis
- 6. Conclusions
- References
- Chapter 10 EVALUATING THE USE OF BOOT IMAGE ENCRYPTION ON THE TALOS II ARCHITECTURE
- 1. Introduction
- 2. Background
- 2.1 Talos II Architecture
- 2.2 PNOR Image Structure
- 2.3 Initial Program Load
- 2.4 Ciphers
- 2.5 Secure Key Management
- 3. Related Work
- 3.1 Secure Firmware Updates Using AES
- 3.2 Image Encryption
- 4. Experimental Setup
- 4.1 Microcontroller Setup
- 5. Experimental Methodology
- 5.1 Experimental Factors
- 5.2 Data Collection
- 5.3 Application Scenarios
- 5.4 Assumptions
- 6. Experimental Results and Analysis
- 6.1 Boot Image Encryption Performance Impact
- 6.2 Comparison of Encryption Methods
- 6.3 Encryption Ratio
- 7. Conclusions
- References
- V TELECOMMUNICATIONS SYSTEMS SECURITY
- Chapter 11 SECURING INFINIBAND TRAFFIC WITH BLUEFIELD-2 DATA PROCESSING UNITS
- 1. Introduction
- 2. Background and Related Work
- 2.1 InfiniBand Network Overview
- 2.2 Convergent Technologies
- 2.3 Security Concepts
- 3. Testbed Design
- 4. Experimental Scenarios
- 5. Experimental Results
- 6. Conclusions
- References
