!! "# $%!& $!$ +) * ', -./01.//1233/ "4, -./01.//12223 *, 565
|
|
- Josephine Deborah Goodwin
- 8 years ago
- Views:
Transcription
1 !! "# $%!& '(!)**+* $!$ +) * ', -./01.//1233/ "4, -./01.//12223 *, 565 1
2 Content CRUTIAL testbeds - objectives The Telecontrol Testbed platform Critical scenarios - plotted demo Experimental results The future - research/industry/policy 2
3 Objectives identify critical aspects of ICT-power dependencies assess the control infrastructure vulnerability to plausible cyber attacks, as well as the severity of potential damages to the power infrastructure support cyber risk assessment and model based evaluation of power control systems with statistics from experiments 3
4 Platforms CESI RICERCA Macrogrid teleoperation testbed: power substation controllers on real-time control networks, interconnected to control centre operation networks in turn connected to corporate networks K.U.Leuven Microgrid control testbed: power electronic converters controlled from PCs interconnected over an open communication network Perform repeatable and controlled security experiments on simulation platforms of industrial infrastructures 4
5 Macrogrid Teleoperation Testbed
6 Communication protocols 6
7 HMI 7
8 8
9 RCC, normal status 9
10 Security Analysis Tool 10
11 Risk Management, /! " "! "! Experimental plan. # " $%& # " $%& ' $%& Experiment setting - " $%$(& )!! Experiment running " * Data collection. + ' Data publication /, 0 Experiment development cycle 11
12 Experimental plan Denial of the supervision functions Preclusion of the operator s intervention Extra-ordinary maintenance Pre-emergency defence Failure of automatic defence actions in emergency conditions 12
13 Experiment setting Parameter Type Technique Tool Target Number of attackers Number of attack Gateway architecture WAN emulation Communication protocol Setting DoS, intrusion, infection, malware packet replying, packet flooding UDP flooding, syn flooding, TCP replay, ping <IP address port number> <n> <n> IP forward, firewall, VPN, redundant channels Hub Ethernet network 10Mbps, switched Ethernet 10/100 Mbps TCP/IP, IEC
14 Plotted demo Scenario cyber attacks to Automatic Load Shedding Assess the security of the TSO-DSO communications for the actuation of the defence plan Evaluate the impact of attacks in emergency conditions DoS attacks to the teleoperation communications, generated by enemies located on the third party Telecom IP backbone 14
15 Experiment setting Parameter Type Technique Tool Target Number of attackers Number of attack Gateway architecture WAN emulation Communication protocol Setting DoS packet flooding UDP flooding Substation gateway 2 1 VPN switched Ethernet 10/100 Mbps IEC
16 Automatic Load Shedding DSO CC TSO CC TSO Substation/ Sentinel DSO Substation 16
17 Normal Operation 2. Signals and Measurements DSO CC TSO CC 1. Signals and Measurements 1. Signals and Measurements TSO Substation/ Sentinel 1. Test DSO Substation 17
18 Pre-emergency TSO CC Pre-emergency condition triggers evaluation of load shedding strategy 5. Signals and Measurements 2. ArmSub 1-n DSO CC 1. Signals and Measurements TSO Substation/ Sentinel 1. Test Armed 3.Arming Sub x++ 4. Signals and DSO Substation Measurements 18
19 Emergency TSO CC 4. Signals and Measurements DSO CC 1. Signals and Measurements Emergency condition triggers load shedding TSO Substation/ Sentinel 2. Load Shedding Detached 3. Signals and DSO Substation Measurements 19
20 Attack during pre-emergency 5. Signals and Measurements TSO CC Pre-emergency condition triggers evaluation of load shedding strategy 3. ArmSub 1 DSO CC 2. Signals and Measurements TSO Substation/ Sentinel 1. Attack to Sub 1 Not Armed 4.Arming Sub 1 DSO Substation 20
21
22 Attack during pre-emergency TSO CC Pre-emergency condition triggers evaluation of load shedding strategy 3. ArmSub 1-n DSO CC 1. Signals and Measurements 2. Attack to Centre TSO Substation/ Sentinel Not Armed DSO Substation 22
23 Attack during emergency 5. Signals and Measurements 2. ArmSub 1-n DSO CC TSO CC Pre-emergency condition triggers evaluation of load shedding strategy 1. Signals and Measurements 7. Signals and Measurements 5. Attack to Sub x-y 3.Arming Sub x 4. Signals and Measurements Emergency condition triggers load shedding TSO Substation/ Sentinel 6. Test Not Armed 8. Load Shedding Not detached DSO Substation 23
24
25 Experimental measures IMT Inter Message Time IRT Inter Reconnection Time TTF Time To Failure 25
26 Experimental measures NLM Number of Lost Messages TNLM Total Number of Lost Messages NR Number of reconnections 26
27 Achievements Highlighted power-ict dependencies on critical scenarios - a corrective control action the defence plan involving TSO and DSO infrastructures Assessed the effects of DoS cyber attacks to control infrastrucures, as well as the severity of potential damages IEC communications (ref. Part 7 of IEC 62351) Elaborated measures from experimental statistics 27
28 Testbed evolution Additional experiments - new attacks, protocols, architectural patterns, enhanced counter-measures Exploit testbed measures to feed a modeling framework for quantitative evaluations of the effects of cyber attacks on the ICT and power infrastructures Integrate Power System Simulators into the testbed Develop other CRUTIAL scenarios involving bulk power generation infrastructures Integrate Macrogrid Teleoperation and Microgrid Control -> towards SmartGrids Push-up updates of power systems regulations and grid codes in the power sector 28
29 Applied research New applications in system operation and control for detection and mitigation of system conditions Systematic test over the defence plan life cycle of the to accommodate continued system and scheme expansions when necessary Implementation of advanced wide-area defence systems i) improvement of the existing decentralised subsystems to utilize advanced algorithms making local decisions based on local measurements and/or selected remote information ii) fully developed information interchange and communication infrastructures to link all the monitoring, control and protection devices together Self healing grid technology The key to a successful solution is rapid detection fast and powerful control devices efficient and reliable communication systems smart algorithms 29
30 Basic research )* 7 * 8* ** * 79 )* )* 7 7 : : 7 * 7 8 8* 7 * * 7' 7" 7 7 7* 30
31 31 Power risk assessment ( ) 1 ) ( F K F K F K T F T F T V F V F V C F R Ι = ω π ω π ω π ( ) 2 ), ( ) Pr( ) Pr( ) (,,,, = i j f t i f t j t i f t P X E Sev X X E X R The perspective is to develop a unified framework correlating Risk Indexes at the different layers
32 Applied research Security assessment - gap reduction between short term operation planning (off-line analysis) and real time operation (on-line analysis) Benchmark resiliency of power control systems Joined training to TSOs, DSOs, GENCOs, others 32
33 What is needed Power system security/adequacy needs flexible/multioperated defence plans Defence plan operation triggered by comprehensive risk assessment The architecture of multiple defence lines including multilayer ICT protection mechanisms/controls 33
34 Where we are Power system security/adequacy needs flexible/multioperated defence plans Defence plan operation triggered by comprehensive risk assessment The architecture of multiple defence lines including multilayer ICT protection mechanisms/controls 34
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationCYBER ATTACKS EXPLAINED: PACKET CRAFTING
CYBER ATTACKS EXPLAINED: PACKET CRAFTING Protect your FOSS-based IT infrastructure from packet crafting by learning more about it. In the previous articles in this series, we explored common infrastructure
More informationProject no.: IST-FP6-STREP - 027513 Critical Utility InfrastructurAL Resilience. Start date of the project: 01/01/2006 Duration: 39 months
Final Activity Report Page i Project no.: IST-FP6-STREP - 027513 Project full title: Project Acronym: Critical Utility InfrastructurAL Resilience CRUTIAL Start date of the project: 01/01/2006 Duration:
More informationSmart Substation Security
Smart Substation Security SmartSec Europe 2014 Amsterdam 29/01/2014 Agenda Context Elia Introduction to the substation environment in Elia Security design and measures in the substation Near and far future
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More information1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationEuropean Network for Cyber Security
European Network for Cyber Security Cyber Security: a fundamental basis for Smart Grids Project Summary December 19, 2014 Introduction Smart grids are crucial to support the use of more sustainable energy
More informationNetwork Security: A Practical Approach. Jan L. Harrington
Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationCYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.
21, rue d Artois, F-75008 PARIS D2-102 CIGRE 2012 http : //www.cigre.org CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS Massimo Petrini (*), Emiliano Casale
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationCyber Security Where Do I Begin?
ISPE Automation Forum Cyber Security Where Do I Begin? Don Dickinson Project Engineer Phoenix Contact ..50% more infected Web pages Click in the on one last and three you months won t of notice 2008 than
More informationSecure Networking for Critical Infrastructure. Ilan Barda March 2014
Secure Networking for Critical Infrastructure Ilan Barda March 2014 RADiFlow as part of the RAD Group The Access Company Secure Ruggedized Communication Solutions Wireless Mobile Backhaul Group Distributor
More informationFirewall Defaults and Some Basic Rules
Firewall Defaults and Some Basic Rules ProSecure UTM Quick Start Guide This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSecure Unified
More informationRisk and Security Assessment. Zbigniew Kalbarczyk
Risk and Security Assessment Zbigniew Kalbarczyk 1 TCIPG Cluster Arrangement Communication and Data Delivery for Wide-Area Monitoring and Control Trustworthy cyber infrastructure and technologies for wide-area
More informationSmartGrids SRA 2035. Summary of Priorities for SmartGrids Research Topics
SmartGrids SRA 2035 Summary of Priorities for SmartGrids Research Topics Version 19 June 2013 Setting Priorities related to SRA 2035 research areas and topics The following section reports on the conclusions
More informationGlasnost or Tyranny? You Can Have Secure and Open Networks!
AT&T is a proud sponsor of StaySafe Online Glasnost or Tyranny? You Can Have Secure and Open Networks! Steven Hurst CISSP Director - AT&T Security Services and Technology AT&T Chief Security Office 2009
More informationIntrusion Detection for SCADA Systems
Intrusion Detection for SCADA Systems Dr Kieran McLaughlin CSIT, Queen s University Belfast Outline Background & Motivation Experience with IEC 60870-5-104 SCADA-IDS approach SPARKS mini-project targeting
More informationNetwork System Design Lesson Objectives
Network System Design Lesson Unit 1: INTRODUCTION TO NETWORK DESIGN Assignment Customer Needs and Goals Identify the purpose and parts of a good customer needs report. Gather information to identify network
More informationPacket Sniffing on Layer 2 Switched Local Area Networks
Packet Sniffing on Layer 2 Switched Local Area Networks Ryan Spangler ryan@packetwatch.net Packetwatch Research http://www.packetwatch.net December 2003 Abstract Packet sniffing is a technique of monitoring
More informationStress Testing and Distributed Denial of Service Testing of Network Infrastructures
Faculty of Electrical Engineering and Communication Brno University of Technology Technická 12, CZ-616 00 Brno, Czechia http://www.six.feec.vutbr.cz Stress Testing and Distributed Denial of Service Testing
More informationCyber Security Implications of SIS Integration with Control Networks
Cyber Security Implications of SIS Integration with Control Networks The LOGIIC SIS Project Standards Certification Education & Training Publishing Conferences & Exhibits Presenter Zach Tudor is a Program
More informationFirewall VPN Router. Quick Installation Guide M73-APO09-380
Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,
More informationWHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems
WHITE PAPER FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems Abstract: Denial of Service (DoS) attacks have been a part of the internet landscape for
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationMulti-Homing Dual WAN Firewall Router
Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet
More information- Introduction to PIX/ASA Firewalls -
1 Cisco Security Appliances - Introduction to PIX/ASA Firewalls - Both Cisco routers and multilayer switches support the IOS firewall set, which provides security functionality. Additionally, Cisco offers
More informationNetwork Technology CMP-354-TE. TECEP Test Description
Network Technology CMP-354-TE This TECEP tests knowledge of the fundamental concepts of data communications. Topics covered include: network architectures, topologies, media and devices, protocols, types
More informationA Model-based Methodology for Developing Secure VoIP Systems
A Model-based Methodology for Developing Secure VoIP Systems Juan C Pelaez, Ph. D. November 24, 200 VoIP overview What is VoIP? Why use VoIP? Strong effect on global communications VoIP will replace PSTN
More informationHow To Create An Ics Network With A Network Of Nodes
A Connection Pattern-based Approach to Detect Network Traffic Anomalies in Critical Infrastructures Béla Genge 1, Dorin Adrian Rusu 2, Piroska Haller 1 1 Petru Maior University of Tîrgu Mureş, Romania
More informationIP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life
Overview Dipl.-Ing. Peter Schrotter Institute of Communication Networks and Satellite Communications Graz University of Technology, Austria Fundamentals of Communicating over the Network Application Layer
More informationLOGIIC Remote Access. Final Public Report. June 2015 1 LOGIIC - APPROVED FOR PUBLIC DISTRIBUTION
LOGIIC Remote Access June 2015 Final Public Report Document Title LOGIIC Remote Monitoring Project Public Report Version Version 1.0 Primary Author A. McIntyre (SRI) Distribution Category LOGIIC Approved
More informationFirewall Defaults, Public Server Rule, and Secondary WAN IP Address
Firewall Defaults, Public Server Rule, and Secondary WAN IP Address This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSafe Wireless-N
More informationRepresenting the CRUTIAL project domain by means of UML diagrams
Representing the CRUTIAL project domain by means of UML diagrams Davide Cerotti 1, Daniele Codetta-Raiteri 2, Susanna Donatelli 3, C. Brasca 4, Giovanna Dondossola 4, Fabrizio Garrone 4 1 Dipartimento
More informationEnabling the SmartGrid through Cloud Computing
Enabling the SmartGrid through Cloud Computing April 2012 Creating Value, Delivering Results 2012 eglobaltech Incorporated. Tech, Inc. All rights reserved. 1 Overall Objective To deliver electricity from
More informationDDoS DETECTING. DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. [ Executive Brief ] Your data isn t safe. And neither is your website or your business.
[ Executive Brief ] DDoS DETECTING DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. Your data isn t safe. And neither is your website or your business. Hacking has become more prevalent and more sophisticated
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationCisco Intrusion Prevention System Advanced Integration Module for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers
Cisco Intrusion Prevention System Advanced Integration Module for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers The Cisco Intrusion Prevention System Advanced Integration Module
More informationVirtual Privacy vs. Real Security
Virtual Privacy vs. Real Security Certes Networks at a glance Leader in Multi-Layer Encryption Offices throughout North America, Asia and Europe Growing installed based with customers in 37 countries Developing
More informationCyber Security of the Power Grid
Cyber Security of the Power Grid Chen-Ching Ching Liu Professor of Power Systems University College Dublin Research for Ireland s Future Ireland -Country of natural beauty -Quality of life ranked among
More informationNetworking Technology Online Course Outline
Networking Technology Online Course Outline Introduction Networking Technology Introduction Welcome to InfoComm University About InfoComm International About Networking Technology Network Technology Course
More informationDenial of Service Attacks
2 Denial of Service Attacks : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 13 August 2013 its335y13s2l06, Steve/Courses/2013/s2/its335/lectures/malicious.tex,
More informationCybersecurity Risk Assessment in Smart Grids
Cybersecurity Risk Assessment in Smart Grids Lucie Langer, Paul Smith, Thomas Hecht firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Symposium 2014 Sept 30, 2014 1 Risk Assessment:
More informationTABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY
IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...
More informationFOXBORO. I/A Series SOFTWARE Product Specifications. I/A Series Intelligent SCADA SCADA Platform PSS 21S-2M1 B3 OVERVIEW
I/A Series SOFTWARE Product Specifications Logo I/A Series Intelligent SCADA SCADA Platform PSS 21S-2M1 B3 The I/A Series Intelligent SCADA Platform takes the traditional SCADA Master Station to a new
More informationIndustrial Network Security and Connectivity. Tunneling Process Data Securely Through Firewalls. A Solution To OPC - DCOM Connectivity
Industrial Network Security and Connectivity Tunneling Process Data Securely Through Firewalls A Solution To OPC - DCOM Connectivity Manufacturing companies have invested billions of dollars in industrial
More informationCyber Range Training Services
Cyber Range Training Services Table of Contents Train Like You Fight... 2 The Global Cyber Range Imperative... 3 Why Traditional Approaches Have Failed... 3 A Pragmatic Strategy for Arming and Training
More informationINTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM
INTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM Okumoku-Evroro Oniovosa Lecturer, Department of Computer Science Delta State University, Abraka, Nigeria Email: victorkleo@live.com ABSTRACT Internet security
More informationNominee: Barracuda Networks
Nominee: Barracuda Networks Nomination title: Barracuda Next Generation Firewall The Barracuda NG (Next Generation) Firewall is much more than a traditional firewall. It is designed to protect network
More informationpacket retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.
Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System
More informationCritical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn
Critical Infrastructure Security: The Emerging Smart Grid Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn Overview Assurance & Evaluation Security Testing Approaches
More informationLoadMaster Application Delivery Controller Security Overview
LoadMaster Application Delivery Controller Security Overview SSL Offload/Acceleration, Intrusion Prevention System (IPS) and Denial of Service (DOS) Overview Small-to-medium sized businesses (SMB) are
More informationTHE FUTURE OF SMART GRID COMMUNICATIONS
THE FUTURE OF SMART GRID COMMUNICATIONS KENNETH C. BUDKA CTO STRATEGIC INDUSTRIES MAY 2014 THE GRID OF THE FUTURE WIDE-SCALE DEPLOYMENT OF RENEWABLES INCREASED ENERGY EFFICIENCY PEAK POWER REDUCTION, DEMAND
More informationFirewall. User Manual
Firewall User Manual 1 IX. Firewall This chapter introduces firewall general policy, access rule, and content filter settings to ensure network security. 9.1 General Policy The firewall is enabled by default.
More informationTk20 Network Infrastructure
Tk20 Network Infrastructure Tk20 Network Infrastructure Table of Contents Overview... 4 Physical Layout... 4 Air Conditioning:... 4 Backup Power:... 4 Personnel Security:... 4 Fire Prevention and Suppression:...
More informationCampus LAN at NKN Member Institutions
Campus LAN at NKN Member Institutions RS MANI rsm@nkn.in 1/7/2015 3 rd Annual workshop 1 Efficient utilization Come from: Good Campus LAN Speed Segregation of LANs QoS Resilient Access Controls ( L2 and
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationIP Telephony Management
IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationIxLoad-Attack: Network Security Testing
IxLoad-Attack: Network Security Testing IxLoad-Attack tests network security appliances determining that they effectively and accurately block attacks while delivering high end-user quality of experience
More informationAutomotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri
Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing
More informationEffective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Taking your IT security to the next level, you have to consider a paradigm shift. In the past companies mostly
More informationDNP Serial SCADA to SCADA Over IP: Standards, Regulations Security and Best Practices
DNP SCADA to SCADA Over : Standards, Regulations Security and Best Practices Earl Emerson, Director Systems Engineering RAD Data Communications 2014 Utilities Telecom Council of Canada Motivations for
More informationAdvance Malware protection in distribution and manufacturing environments. Rob Dolci, April 2016, copyright aizoon USA.
Advance Malware protection in distribution and manufacturing environments Rob Dolci, April 2016, copyright aizoon USA. aizoon at a glance Bologna New York, NY Cuneo USA Troy, MI Lewiston, ME Cambridge,
More informationConvergence Technologies Professional (CTP) Course 1: Data Networking
Convergence Technologies Professional (CTP) Course 1: Data Networking The Data Networking course teaches you the fundamentals of networking. Through hands-on training, you will learn the vendor-independent
More informationDevelopment of a Network Intrusion Detection System
Development of a Network Intrusion Detection System (I): Agent-based Design (FLC1) (ii): Detection Algorithm (FLC2) Supervisor: Dr. Korris Chung Please visit my personal homepage www.comp.polyu.edu.hk/~cskchung/fyp04-05/
More informationOn the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks
CIBSI 2013 Panama City, Panama, October 30 th, 2013 On the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks Paulo Simões, Tiago Cruz, Jorge Gomes, Edmundo Monteiro psimoes@dei.uc.pt
More informationNetwork layer: Overview. Network layer functions IP Routing and forwarding
Network layer: Overview Network layer functions IP Routing and forwarding 1 Network layer functions Transport packet from sending to receiving hosts Network layer protocols in every host, router application
More informationTraffic Management Solutions for Social Innovation Business
Traffic Management Solutions for Social Innovation Business Hitachi Review Vol. 63 (2014), No. 1 51 Tatsuya Shimizu Yusuke Shomura, Dr. Eng. Hirofumi Masukawa Yukiko Takeda OVERVIEW: The spread of smartphones
More informationVoice Over IP (VoIP) Denial of Service (DoS)
Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based
More informationCSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required
CSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required Current Catalog Description: Computer network architectures and their application to industry needs.
More informationCourse Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
More informationHow to Choose the Right Industrial Firewall: The Top 7 Considerations. Li Peng Product Manager
How to Choose the Right Industrial Firewall: The Top 7 Considerations Li Peng Product Manager The right industrial firewall can strengthen the safety and reliability of control systems Central to industrial
More informationFirewall Introduction Several Types of Firewall. Cisco PIX Firewall
Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls
More informationIEEE TRANSACTIONS ON SMART GRID, VOL. 4, NO. 2, JUNE 2013 847
IEEE TRANSACTIONS ON SMART GRID, VOL. 4, NO. 2, JUNE 2013 847 Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid Adam Hahn, Student Member, IEEE, Aditya Ashok, Student
More informationWhy an Intelligent WAN Solution is Essential for Mission Critical Networks
Why an Intelligent WAN Solution is Essential for Mission Critical Networks White Paper Series WP100135 Charles Tucker Director of Marketing June 1, 2006 Abstract: Reliable Internet connectivity is now
More informationA HELPING HAND TO PROTECT YOUR REPUTATION
OVERVIEW SECURITY SOLUTIONS A HELPING HAND TO PROTECT YOUR REPUTATION CONTENTS INFORMATION SECURITY MATTERS 01 TAKE NOTE! 02 LAYERS OF PROTECTION 04 ON GUARD WITH OPTUS 05 THREE STEPS TO SECURITY PROTECTION
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationSecuring Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.
Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources
More informationSafeguards Against Denial of Service Attacks for IP Phones
W H I T E P A P E R Denial of Service (DoS) attacks on computers and infrastructure communications systems have been reported for a number of years, but the accelerated deployment of Voice over IP (VoIP)
More informationBEng (Hons) Telecommunications. Examinations for 2011 2012 / Semester 1
BEng (Hons) Telecommunications Cohort: BTEL/10A/FT Examinations for 2011 2012 / Semester 1 MODULE: IP Telephony MODULE CODE: TELC3107 Duration: 2 Hours Reading time: 15 Minutes Instructions to Candidates:
More informationEmbedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation
Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation Industrial controllers and HMIs today mostly lack protective functions for their IT and network
More informationIRENE. Intelligence between POS terminal and authorization system. Gateway. Increased security, availability and transparency.
Gateway IRENE INTELLIGENT ROUTER FOR ENHANCED NETWORKING WITH ETHERNET PROTOCOLS Intelligence between POS terminal and authorization system Increased security, availability and transparency. »»» MORE INSIGHT
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More information10 Configuring Packet Filtering and Routing Rules
Blind Folio 10:1 10 Configuring Packet Filtering and Routing Rules CERTIFICATION OBJECTIVES 10.01 Understanding Packet Filtering and Routing 10.02 Creating and Managing Packet Filtering 10.03 Configuring
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More information(U) Financial Sector Cyber Security
(U) Financial Sector Cyber Security UNCLASSIFED//FOUO (U) Cyber Event: (U) 15 August Foreign cyber actors targeted a foreign oil company in a large-scale coordinated cyber attack, incidentally attacking
More informationJOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01
JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT Test Code: 4514 Version: 01 Specific Competencies and Skills Tested in this Assessment: PC Principles Identify physical and equipment
More informationUnderstand Wide Area Networks (WANs)
Understand Wide Area Networks (WANs) Lesson Overview In this lesson, you will review: Dial-up Integrated services digital networks (ISDN) Leased lines Virtual private networks (VPN) Wide area networks
More informationCompTIA Network+ (Exam N10-005)
CompTIA Network+ (Exam N10-005) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationNetwork Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media
IT 4823 Information Security Concepts and Administration March 17 Network Threats Notice: This session is being recorded. Happy 50 th, Vanguard II March 17, 1958 R.I.P. John Backus March 17, 2007 Copyright
More informationNetwork Security. 1 Pass the course => Pass Written exam week 11 Pass Labs
Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet
More informationRole of Firewall in Network. Security. Syed S. Rizvi. CS 872: Computer Network Security. Fall 2005
Role of Firewall in Network Security By Syed S. Rizvi CS 872: Computer Network Security Fall 2005 Outline o Background o What is a Firewall? o What does a Firewall do? o Implementation of Firewall o Interaction
More informationSecure Networking for Critical Infrastructure Using Service-aware switches for Defense-in-Depth deployment
Secure Networking for Critical Infrastructure Using Service-aware switches for Defense-in-Depth deployment Introduction 1 Distributed SCADA security 2 Radiflow Defense-in-Depth tool-set 4 Network Access
More informationArchitecting and Development of the SecureCyber: A SCADA Security platform Over Energy Smart Grid
Architecting and Development of the SecureCyber: A SCADA Security platform Over Energy Smart Grid Shahir Majed Advance Informatics School, Shahir.majed@mimos.my Suhaimi Ibrahim Advance Informatics School,
More informationSCADA System Overview
Introduction SCADA systems are critical to the control and monitoring of complex cyber-physical systems. Now with advanced computer and communications technologies, SCADA systems are connected to networks
More informationNAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives
NAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives Center of excellence for secure integration, deployment and sustainment of Industrial Control Systems and Operational Technology
More information