In Quest of Benchmarking Security Risks to Cyber-Physical Systems

Size: px
Start display at page:

Download "In Quest of Benchmarking Security Risks to Cyber-Physical Systems"

Transcription

1 In Quest of Benchmarkng Securty Rsks to Cyber-Physcal Systems Saurabh Amn, Massachusetts Insttute of Technology Galna A. Schwartz, Unversty of Calforna at Berkeley Alefya Hussan, Unversty of Southern Calforna Abstract We present a generc yet practcal framework for assessng securty rsks to cyberphyscal systems (CPSs). Our framework can be used to benchmark securty rsks when nformaton s less than perfect, and nterdependences of physcal and computatonal components may result n correlated falures. Such envronments are prone to externaltes, and can cause huge socetal losses. We focus on the rsks that arse from nterdependent relablty falures (faults) and securty falures (attacks). We advocate that a sound assessment of these rsks requres explct modelng of the effects of both technology-based defenses and nsttutons necessary for supportng them. Thus, we consder technology-based securty defenses grounded n nformaton securty tools and fault-tolerant control n conjuncton wth nsttutonal structures. Our game-theoretc approach to estmatng securty rsks facltates more effectve defenses, especally aganst correlated falures. Survvablty of crtcal nfrastructures n the presence of securty attacks and random faults s of natonal mportance. These nfrastructures are spatally dstrbuted across large physcal areas, and consst of heterogeneous cyber-physcal components nterconnected by communcaton networks wth complex peerng and herarches. Networked control systems (NCSs) and supervsory control and data acquston (SCADA) systems are wdely used to montor, control, and remotely manage nfrastructures over prvate or shared communcaton networks. Such cyber-physcal systems (CPSs) permt synergstc nteractons between physcal dynamcs and computatonal processes. Wde deployment of nformaton and communcaton technologes (ICT) n CPSs results n hgher relablty and lower operatonal costs relatve to the tradtonal propretary and closed systems. However, as recent ncdents ndcate, today s CPSs face new securty threats drven by ther exposure to ICT nsecurtes. Securty Threats To develop a classfcaton of securty threats to CPSs, we frst outlne how the operator(s) of modern CPSs typcally approach the montorng, control, and management of nfrastructures. As shown n Fg. 1, they use a layered archtecture consstng of regulatory control (layer 1), supervsory control (layer 1), and a management level (layer 3). Ths archtecture enables robust composton of multlevel controllers, and permts CPS operators to use defenses to lmt the effects of falures caused by faults and/or attacks. The regulatory control layer drectly nteracts wth the underlyng physcal nfrastructure dynamcs through a network of sensors and actuators. These feld devces are connected to programmable logc controllers (PLCs) or remote termnal unts (RTUs), and mplement detecton and regulaton mechansms that are prmarly reactve n nature. These mechansms can also respond to localzed falures of feld devces and communcaton lnks. The regulatory controllers (or PLCs) nteract wth the supervsory controllers va a control network. At the supervsory control layer, model-based dagnostc tools are combned wth optmal control-based tools to ensure on-tme response to dstrbuted falures. The supervsory workstatons are used for data loggng, dagnostc functons such as fault dagnoss, and supervsory control computatons such as set-pont control and controller reconfguratons. Lastly, the management (topmost) layer focuses on strateges that maxmze the operator s proft whle mnmzng ts losses due to securty and relablty falures. The CPS operator and other authorzed remote users can access nformaton about the CPS processes and send specfcatons to the controllers at lower layers va the Internet or a corporate network. Securty threats to herarchcally managed CPSs arse from four channels. Frst, CPSs nhert vulnerabltes from embedded commercal off-the-shelf ICT devces, and are subject to correlated software bugs and hardware malfunctons. Second, the propretary protocols and closed networks are beng replaced wth standard open Internet protocols and shared networks. Malcous attackers capable of explotng protocol and network nsecurtes can target CPS operatons. Thrd, numerous partes generate, use, and modfy CPS data. Ths poses new challenges n access control and authorzaton among the strategc players such as the operators, SCADA and ICT vendors, and end users of the system. Fourth, CPSs employ a large number of remote feld devces that can be accessed va short-range communcatons. Thus, CPSs are vulnerable to adversaral manpulaton, both remote and local. Adversares can explot the aforementoned threat channels va denal-of-servce (DoS) and decepton attacks, whch result n losses of avalablty and ntegrty of sensor-control data, /13/$ IEEE 19

2 Electrc power Water and gas Relablty and securty rsk management Internet Layer 3 Dagnoss, response, and reconfguraton Control network Detecton and regulaton Sensor actuator network Physcal nfrastructures Layer 2 Layer 1 Attacks Defenses Faults Buldngs Transportaton Fgure 1. A layered archtecture for management of CPS. respectvely. In Table 1, we present examples of securty attacks on the regulatory and supervsory control layers. Attacks at the management level are smlar to attacks on computer networks. We refer the reader to [1, 2] for specfc dscussons on securty attacks to smart grd nfrastructures. Classfcaton of Correlated Falures The danger of correlated falures becomes especally profound n CPSs due to the tght couplng of typcally contnuous physcal dynamcs and dscrete dynamcs of embedded computng processes. Correlated falures orgnate from one or more of the followng events: Smultaneous attacks: Targeted cyber attacks (e.g., falures due to Stuxnet); non-targeted cyber attacks (e.g., falures due to Slammer worm, dstrbuted DoS attacks [3], congeston n shared networks); coordnated physcal attacks (e.g., falures caused by terrorsts) Smultaneous faults: Common-mode falures (e.g., falure of multple ICT components n an dentcal manner [4], programmng errors); random falures (e.g., natural events such as earthquakes and tropcal cyclones, and operator errors such as an ncorrect frmware upgrade) Cascadng falures: Falure of a fracton of nodes (components) n one CPS subnetwork can lead to progressve escalaton of falures n other subnetworks (e.g., power network blackouts affectng communcaton networks, and vce versa) [5]. The above classfcaton s nether fully dsjont nor exhaustve. Stll, we envson that t wll be useful for CPS rsk assessment. We term correlated falures caused by smultaneous attacks as securty falures and smultaneous faults as relablty falures. Due to the tght cyber-physcal nteractons, t s extremely dffcult (and often prohbtvely tme-consumng) to solate the cause of any specfc falure usng the dagnostc nformaton, whch, n general, s mperfect and ncomplete. Thus, relablty and securty falures n CPSs are nherently ntertwned. We beleve that the quest to fnd a mutually exclusve and jontly exhaustve partton of falure events must be abandoned. Instead, the research emphass should shft to the analyss of nterdependent relablty and securty falures, and rsk assessment. Informaton and CPS Rsks The Interplay of Technologcal Defenses and Insttutons There are two types of technologcal means to reduce CPS rsks: ICT securty tools and control-theoretc tools. The ICT securty tools nclude authentcaton and access control mechansms, network ntruson detecton systems, patch management, and securty certfcaton. In practce, the effectveness of these securty tools s lmted by CPS relablty and cost consderatons. For example, the frequency of securty patch updates s lmted by the real-tme constrants on the avalablty of CPS data; common crtera certfcaton s lmted by the resources for CPS securty and so on. The control-theoretc tools nclude model-based attack/fault detecton and solaton, robust control strateges that mantan closed-loop stablty and performance guarantees under a class of DoS/decepton attacks, and reconfgurable (swtchng) control strateges to lmt the effect of correlated falures. Recently, several organzatons (e.g., NIST, NERC, DHS) have proposed securty standards and recommendatons that combne the ICT-specfc securty defenses wth control theoretc tools. Whle technology-based defenses for CPS are the man channel to mprove ther survvablty aganst correlated falures, the mere exstence of these defenses s not suffcent. It s well establshed that the lack of prvate partes ncentves for securty mprovements s a severe mpedment to achevng socally desrable mprovements of CPS securty [6]. Indeed, large-scale crtcal nfrastructures are typcally managed by proft-drven prvate enttes. Proper mplementaton of technologcal defenses and reslent operaton requres complance of relevant enttes. Below we hghlght the nformatonal defcences that negatvely affect the ncentves for securty. Informatonal Defcences Due to the prohbtvely hgh costs of nformaton acquston, t s often too costly to determne the followng: Whch hardware malfunctons and software bugs have caused a system falure Whether the system falure was caused by a relablty falure or securty falure or both In many cases, ths nformaton vares sgnfcantly across dfferent enttes (players), such as CPS operators, SCADA and ICT vendors, network servce provders, users, and local/ federal regulatory agences (or government). Informaton defcences arse from the conflctng nterests of ndvdual players whose choces affect the CPS rsks. One may say that nterdependent falures cause externaltes that result n msalgned player ncentves (.e., the ndvdually optmal CPS securty defenses dverge from the socally optmal ones). Moreover, n envronments wth ncomplete and also asymmetrc (and prvate) nformaton, the socetal costs of a correlated CPS falure typcally exceed the losses of the ndvdual players whose products and servces affect CPS operatons, and on whose actons the CPS rsks depend. Specfcally, nterdependences between securty and relablty falures n CPS are lkely to cause negatve externaltes. In such envronments, the ndvdual players tend to undernvest n securty relatve to a socally optmal benchmark. Ths requres desgn of nsttutonal means to realgn the ndvdual players ncentves to make adequate nvestments n securty. Examples of nsttutonal means nclude regulatons that requre players to certfy that they possess certan securty capabltes, and legal rules whch mandate that players share nformaton about securty ncdents wth government agences and/or the publc through establshed channels. 20

3 Control layer Decepton attacks DoS attacks Regulatory control Spoofng, replay Measurement substtuton Physcal jammng Increase n latency Table 1. Cyber-attacks to CPS control layers. Clearly, these ndvdual players cannot completely elmnate the rsk of CPS falures even n the presence of advanced technologcal defenses and nsttutonal measures, whch am to reduce (or even elmnate) ncentve msalgnment between ndvdual and socally optmal securty choces. For example, consder a benchmark case when securty defenses are optmally chosen by the socal planner for a gven technologcal and nsttutonal envronment. There stll remans a resdual rsk drven by fundamental physcal lmts. Indeed, when securty defenses are chosen by ndvdual players, the rsk s only hgher. Thus, non-neglgble (publc) resdual rsks are characterstc for CPSs that are subjected to correlated falures. So far, the occurrence of extreme correlated falures have been statstcally rare. However, wth the emergence of organzed cyber-crme groups capable of conductng ntrusons nto NCS/SCADA systems, the rsks of such rare falure events cannot be gnored. Unsurprsngly, cyber-warfare s projected to become the future of armed conflct, and managng CPS rsks must be at the core of any proactve defense program. Benchmarkng CPS Rsks Due to the aforementoned challenges, benchmarkng CPS rsks s a hard problem, and several questons reman unanswered [7 9]. Our goal n ths artcle s twofold: We suggest a game-theoretc framework that assesses securty rsks by quantfyng the msalgnment between ndvdually and socally optmal securty nvestment decsons when the CPS comprses nterdependent NCS. We advocate that better nformaton about these rsks s a prerequste to mprovement of CPS securty va a combnaton of more sophstcated technology-based defenses and the advancement of ther supportng nsttutons. Improved assessment of the CPS rsks wll lead to several benefcal developments, such as mproved rsk management at both the ndvdual and socetal levels. Thus, a standardzed framework should be establshed that can assess and compare dfferent technologcal and nsttutonal means for rsk management. At the very least, better knowledge of CPS rsks wll permt the players to make more nformed (and therefore better and cheaper) choces of securty defenses, thus mprovng the socetal welfare. Framework to Benchmark CPS Rsks Supervsory control Set-pont change Controller substtuton Network floodng Operatonal dsrupton We now present a rsk assessment framework from the perspectve of CPS operators. Our setup can readly be adapted to assess rsks from the perspectve of other players. CPS wth a Centralzed Control System Consder a CPS wth m ndependent components managed by a sngle operator (.e., centralzed control system). For the th component, let W denote the set of all hardware flaws, software bugs, and vulnerablty ponts that can be compromsed durng any relablty and/or securty falure event. The falure events form a collecton of subsets of W, whch we denote by F. Let the random varables X R : W Æ R and X S : W Æ R represent the relablty and securty levels of the -th component, respectvely, wth jont (cumulatve) dstrbuton functon: F X R,X S (x R, x S ) = P{w ŒW Ô X R (w) x R, X S (w) x S }, where the measure P assgns probabltes to falure events. Notce that the relablty level X R and securty level X S are defned on the same measure space (W, F ), and they are not mutually ndependent, that s, F XR,XS (x R, x S ) F XR (x R ). F XS (x S ). Unfortunately, the CPS operator does not have perfect knowledge of these dstrbutons. Reasonable estmates of F XR (x R ) may be obtaned from hstorcal falure data. However, estmatng the jont dstrbuton F XR,XS (x R, x S ) s dffcult as attackers contnue to fnd new ways to compromse securty vulnerabltes. In general, the random vector (X R, X S ) s nfluenced by: Acton set of the CPS operator A = U» V, where U : = {U 1, U m } and V : = {V 1,, V m } denote the set of control and securty choces, respectvely Acton set of other players B, such as vendors, attackers, servce provders, users, and regulatory agences Envronment E, ncludng the technologcal, organzatonal, and nsttutonal factors For gven relablty and securty levels x R, x S, let the functon L (x R, x S ) denote the losses faced by the CPS operator when the th component fals (e.g., the cost of servce dsruptons, mantenance/recovery costs, and penaltes for users sufferng). Then, for CPS wth m ndependent components, the aggregate rsk can be expressed as: 1 ( ) m R= R L ( X R, X S ), = 1 where the functonal R assgns a numercal value to each random varable L wth dstrbuton functon FL. Henceforth, we use the expected (mean) value of loss, m(l ) = E[L (X R, X S )], as a metrc of R, but cauton that t s nadequate to capture rsk of extreme falure events. 2 From Eq. 1, we observe that the aggregate rsk s also nfluenced by actons A, B, and envronment E. To emphasze ths dependence, we wll use R(A, B, E) to denote the aggregate CPS rsk. For a gven envronment E and fxed choces B of other players, the CPS operator s objectve s to choose securty actons V and control actons U to mnmze the total expected cost J(U, V) of operatng the system: J(U, V) = J I (V) + J II (U, V), (2) where J I (V) : = S m =1 l (V ) denotes the operator s cost of employng securty choces V, and J II (U, V) s the expected 1 The assumpton of ndependent components can easly be relaxed to nclude parallel, seres, and nterlnked components. 2 Other commonly used choces of rsk R nclude the mean-varance model: m(l ) + l s(l ), where l > 0 and s(l ) s the standard devaton of L ; and the value-of-rsk model: VaR a (L ) = mn {z F L(z) a }, whch s the same as a -quantle n dstrbuton of L. (1) 21

4 l so 1 l so 2 and and {S,N} and l so 2 and l so 2 and l so 1 l so 1 l so 2 l so 2 (a) (b) Fgure 2. Indvdual optma (Nash equlbra) and socal optma. operatonal cost. From Eq. 2, when the CPS operator s securty choces are V, s/he chooses control actons U = m*(v) to mnmze total expected cost, where m*(v) s an optmal control polcy. Let the CPS operator s mnmum cost for the case when securty choces are V and { } (.e., no securty defenses) be defned as J (V) : = J(m*(V),V) and J 0 : = J(m*({ }), { }), respectvely. To evaluate the effectveness of V, we use the dfference of correspondng expected costs: D(V) : = J 0 J (V). (3) CPS wth Interdependent Networked Control Systems Let us focus on the ssue of msalgnment between ndvdual and socally optmal actons n the case when a CPS comprses multple NCSs communcatng over a shared network. In contrast to the above, we now assume that each NCS s managed by a separate operator. The NCS operators choose ther securty levels to safeguard aganst network-nduced rsks (e.g., due to dstrbuted DoS attacks). Each NCS s modeled by a dscrete-tme stochastc lnear system, whch s controlled over a lossy communcaton network: Thus, D(V) denotes the CPS operator s gan from employng securty choces V. It can be vewed as the reducton of operator s rsk when s/he chooses V over no defenses, that s, xt + 1 = Axt + vt But + wt yt = γ t Cxt + vt t N 0, M, (5) R(A 0, B, E) R(A(V), B, E) = D(V), (4) where A(V) and A 0 denote the acton set correspondng to securty choces V and { }, respectvely. The problem of choosng optmal securty choces V* can now be vewed as an optmzaton problem over the set of securty defenses: max Δ( V), subject to the constrant J( V) K, v where K s the avalable budget for securty nvestments. The resdual rsk after the mplementaton of optmal securty choces V* can be obtaned as R(A 0, B, E) D(V*). Rsks from falure events (those resultng from securty attacks, random faults, cascadng falures, etc.) can thus be estmated and compared, and the best securty defenses V correspondng to antcpated falure types can be selected by the CPS operator. The above analyss assumes that the choces B of other players do not change n response to the CPS operator s choces A. When players are strategc, the optmal securty choces must be computed as best responses to the other players (Nash) strateges. Fnally, government or regulatory agences can also nfluence the envronment E. where M denotes the number of players, x t Œ R d the state, u t Œ R m the nput, w t Œ R d the process nose, y t Œ R p the measured output, and v t Œ R p the measurement nose, for player P at the tth tme step. Let the standard assumptons of lnear quadratc Gaussan (LQG) theory hold. The random varables g t (resp. n t ) are..d. Bernoull wth the falure probablty ~ g (resp. ~ n ), and model a lossy sensor (resp. control) channel. We formulate the problem of securty choces of the ndvdual players as a non-cooperatve two-stage game [10]. In the frst stage, each P chooses to make a securty nvestment (S) or not (N). The set of player securty choces s denoted V : = {V 1,, V m }, where V = S f P nvests n securty and N f not. Once player securty choces are made, they are rreversble and observable by all the players. In the second stage, each P chooses a control nput sequence U : = {u t, t Œ N 0 } to mantan optmal closed-loop performance. The objectve of each P s to mnmze hs/her total cost: J (V, U) = J I(V) + J II(V, U), Œ M, (6) where the frst stage cost s denoted J I(V): = (1 I )l, and J II(V, U) denotes second stage cost (the average LQG cost). Here l > 0 s the securty nvestment ncurred by P only f 22

5 s/he has chosen S, and the ndcator functon I = 0 when V = S, and I = 1 otherwse. In order to reflect securty nterdependences, n our model, the falure probabltes ~ g and ~ n depend on the P s own securty choce V and on the other players securty choces {V j, j }. Followng [10], we assume P[g t = 0 Ô V] = ~ g (V) := I g + (1 I g )a(h ). In Eq. 7, the frst term reflects the probablty of a drect falure, and the second term reflects the probablty of an ndrect falure. The nterdependence term a(h ) ncreases as the number of players, excludng P, who have chosen N ncrease, where h : = S j I j ; smlarly for n t. The socal planner objectve s to mnmze the aggregate cost: m SO J ( V, U) = J ( V, U). (8) = 1 Consder a two-player game, where the nterdependent falure probabltes are gven by Eq. 8. To derve optmal player actons (securty choces V ), we dstngush the followng two cases: ncreasng ncentves and decreasng ncentves. For the case of ncreasng ncentves, f a player secures, other player s gan from securng ncreases, that s, J II *() J II *({S, N}) J II * () J II * (), where J II * (.) denotes the optmal second stage cost. Smlarly, for the case of decreasng ncentves, a player s gan from nvestng n securty decreases when the other player nvests n securty, that s, J* II () J* II () J* II () J* II (). Fgure 2a (resp. Fg. 2b) characterzes the Nash equlbra (ndvdually optmal choces) and socally optmal choces of the game for the case of ncreasng (resp. decreasng) ncentves, where we assume l SO 1 < l 1 (resp. l 2 > l SO 2 ). For Œ {1, 2}, the thresholds l, l, l SO, and l SO are gven n [10]. Consder the case of ncreasng ncentves (Fg. 2a). If l < (resp. l > l 1 ), the symmetrc Nash equlbrum (resp. ) s unque. Thus, (resp. l 1 ) s the cutoff cost below (resp. above) whch both players nvest (resp. nether player nvests) n securty. If l l 1, both and are ndvdually optmal. However, f < & > l 1 (resp. > & < ), the asymmetrc strategy (resp. ) s an equlbrum. Now, f l < l SO 1 (resp. l > l SO 1 ), the socally optmal choces are (resp. ). If l SO 1 & l SO (resp. l SO 1 & l SO 1 ), socally optmal choces are (resp. ). Smlarly, we can descrbe ndvdually and socally optmal choces for the case of decreasng ncentves (Fg. 2b). For both cases, we observe that the presence of nterdependent securty causes a negatve externalty. The ndvdual players are subject to network-nduced rsks and tend to under-nvest n securty relatve to the socal optmum. From our results, for a wde parameter range, regulatory mpostons to ncentvze hgher securty nvestments are desrable (dscussed later). The effectveness of such mpostons on the respectve rsks faced by ndvdual players (NCS operators) can be evaluated n a manner smlar to Eqs Challenges n CPS Rsk Assessment Technologcal Challenges A sgnfcant challenge for the practcal mplementaton of our CPS rsk assessment framework s to develop data-drven, stochastc CPS models, whch account for dynamcs of CPS wth nterdependent relablty and securty falures. Each of these sngular/basc models should account for CPS dynamcs and focus on a specfc falure scenaro. The basc models can be composed nto a composte model to represent varous correlated falure scenaros, ncludng smultaneous attacks, common-mode falures, and cascadng falures. By usng of quanttatve technques from statstcal estmaton, modelbased dagnoss, stochastc smulaton, and predctve control, we can automatcally generate new falure scenaros from realtme sensor-control data. These technques enable the synthess of operatonal securty strateges and provde estmates of resdual rsks n envronments wth hghly correlated falures and less than perfect nformaton. Thus, theoretcal guarantees and computatonal tools are needed for the followng: Compostons of stochastc fault and attack models Inference and learnng of new falure scenaros Fast and accurate smulaton of CPS dynamcs Detecton and dentfcaton of falure events Operatonal ICT and control based strateges The DETERLab testbed [11] provdes the capablty to conduct experments wth a dverse set of CPS falure scenaros, where the controllable varables range from IP-level dynamcs to ntroducton of malcous enttes such as dstrbuted DoS attacks. The cyber-physcal aspects of large-scale nfrastructures can be ntegrated together on DETERLab to provde an expermental envronment for assessng CPS rsks. Specfcally, the DETERLab provdes a programmable network emulaton envronment, and a sute of tools that allow a user to descrbe the expermentaton apparatus, and montor and control the expermentaton procedure. Multple expermentatons can be executed at the same tme by dfferent users f computatonal resources are avalable. The man challenge for CPS expermentaton on the DETERLab testbed s to compose physcal system dynamcs (real/smulated/emulated) wth communcaton system emulaton. The expermentaton apparatus should model the communcaton network, the physcal network, and ther dynamc nteractons. The expermentaton procedure should descrbe the sensng and actuaton polces that are the best responses to strategc actons of other players. Insttutonal Challenges The desgn of nsttutonal means s a chcken-and-egg problem. On one hand, nsttutonal means such as mposton of legal lablty, mandatory ncdent dsclosure, and nsurance nstruments mprove the nformaton about CPS rsks. On the other hand, substantal knowledge of CPS rsks s requred for ther desgn and successful deployment. Gven the lmtatons of currently avalable rsk assessment tools, the CPS operators fnd t hard (and, as a result, costly) to manage ther rsks. Ths problem s especally acute for rsk management va fnancal means, such as dversfcaton, reallocaton to other partes, and nsurance. For example, nsurance nstruments of CPS rsks management are meager: the premums of cyber-securty contracts are not condtoned on the securty parameters. It would be no exaggeraton to say that so far, the cyber-nsurance market has faled to develop. For example, the volume of underwrtten contracts s essentally unchanged n a decade, despte multple predctons of ts growth by ndependent researchers and ndustry analysts. In fact, even the exstng superfcal market s largely sustaned by non-market (regulatory) forces. Indeed, the leadng reason for CPS operators to acqure nsurance polces at the prevalng exuberant prces s ther need to comply wth federal requrements for government contractors. Ctzens (.e., federal and state taxpayers) are the fnal bearers of these costs. We expect that ths stuaton wll reman as s unless nformaton on CPS rsks drastcally mproves. 23

6 Another related problem s that of suboptmal provder ncentves (as seen n Fg. 2). A CPS operator s estmates of hs/her own rsk tend to be understated (relatve to socetal ones), even when falure probabltes are known to hm/her. In such cases, the gap between ndvdually and socally optmal ncentves could be reduced va adjustments of legal and regulatory nsttutons. For example, t would be socally desrable to ntroduce lmted lablty (.e., a due care standard) for ndvdual enttes whose products and servces are employed n CPSs. Ths would mprove provders ncentves to nvest n ther products securty and relablty. However, due to nformaton ncompleteness, currently there s no lablty regme for provders of CPS components and servces, for nether securty nor relablty drven falures. Indeed, any lablty regme s based on knowng (the estmate[s] of) falure probabltes and the nduced losses. Ths agan requres benchmarkng of CPS rsks. Concludng Remarks Benchmarkng of CPS rsks s a hard problem. It s harder than the tradtonal rsk assessment problems for nfrastructure relablty or ICT securty, whch so far have been consdered n solaton. Estmaton of CPS rsks by navely aggregatng rsks due to relablty and securty falures does not capture the externaltes, and can lead to grossly suboptmal responses to CPS rsks. Such msspecfed CPS rsks lead to based securty choces and reduce the effectveness of securty defenses. Modern, and especally upcomng, CPSs are subjected to complex rsks, of whch very lttle s known despte the realzaton of ther sgnfcance. In ths artcle we are callng on our colleagues to embark on the hard task of assessng nterdependent CPS rsks. The effectveness of securty defenses can be ncreased only when our knowledge of CPS rsks mproves. Acknowledgments We are grateful to the anonymous revewers for ther feedback, and thank Professors S. Shankar Sastry (UC Berkeley) and Joseph M. Sussman (MIT) for useful dscussons. References [1] Y. Mo et al., Cyber-Physcal Securty of A Smart Grd Infrastructure, Proc. IEEE, vol. 100, no. 1, Jan. 2012, pp [2] S. Srdhar, A. Hahn, and M. Govndarasu, Cyber-Physcal System Securty for the Electrc Power Grd, Proc. IEEE, vol. 100, no. 1, Jan. 2012, pp [3] A. Hussan, J. Hedemann, and C. Papadopoulos, A Framework for Classfyng Denal of Servce Attacks, Proc ACM Conf. Applcatons, Technologes, Archtectures, and Protocols for Computer Communcatons, 2003, pp [4] S. Amn et al., Cyber Securty of Water SCADA Systems Part II: Attack Detecton Usng Enhanced Hydrodynamc Models, IEEE Trans. Control Systems Technology, [5] S. Buldyrev et al., Catastrophc Cascade of Falures n Interdependent Networks, Nature, vol. 464, no. 7291, Apr. 2010, pp [6] C. Hall et al., Reslence of the Internet Interconnecton Ecosystem, Proc. 10th Wksp. Economcs of Informaton Securty, June [7] T. Alpcan and T. Basar, Network Securty: A Decson and Game Theoretc Approach, Cambrdge Unv. Press, [8] P. Gross and H. Kunreuther, Catastrophe Modelng: A New Approach to Managng Rsk, Sprnger, 2005, vol. 25. [9] Y. Y. Hames, Rsk Modelng, Assessment, and Management, 3rd ed., Wley, [10] S. Amn, G. A. Schwartz, and S. S. Sastry, On the Interdependence of Relablty and Securty n Networked Control Systems, CDC-ECE, IEEE, 2011, pp [11] T. Benzel, The Scence of Cyber Securty Expermentaton: The Deter Project, Proc. 27th ACM Annual Computer Securty Applcatons Conf., 2011, pp Bographes SAURABH AMIN s an assstant professor n the Department of Cvl and Envronmental Engneerng, Massachusetts Insttute of Technology (MIT). Hs research focuses on the desgn and mplementaton of hgh-confdence network control algorthms for crtcal nfrastructures, ncludng transportaton, water, and energy dstrbuton systems. He receved hs B.Tech. n cvl engneerng from the Indan Insttute of Technology Roorkee n 2002, M.S. n transportaton engneerng from the Unversty of Texas at Austn n 2004, and Ph.D. n systems engneerng from the Unversty of Calforna at Berkeley n GALINA A. SCHWARTZ s a research economst n the Department of Electrcal Engneerng and Computer Scences at the Unversty of Calforna, Berkeley. Her prmary expertse s game theory and mcroeconomcs. She has publshed on the subjects of network neutralty, cyber rsk management and modelng of cyber-nsurance markets, and securty and prvacy of cyber-physcal systems. In her earler research, she has appled contract theory to study the nterplay between nformaton, transacton costs, nsttutons and regulatons. She has been on the faculty n the Ross School of Busness at the Unversty of Mchgan, Ann-Arbor, and has taught n the Economcs Departments at the Unversty of Calforna, Davs and Berkeley. She receved her M.S. n mathematcal physcs from Moscow Insttute of Engneerng Physcs, Russa, and Ph.D. n economcs from Prnceton Unversty n ALEFIYA HUSSAIN s a computer scentst at the Unversty of Southern Calforna s Informaton Scences Insttute (USC/ISI). Her research nterests nclude statstcal sgnal processng, protocol desgn, cyber securty, and network measurement systems. She receved her B.E. n computer engneerng from the Unversty of Pune, Inda, n 1997 and Ph.D. n computer scence from Unversty of Southern Calforna n Pror to jonng USC/ISI, she was a senor prncpal scentst at Sparta Inc. 24

An Alternative Way to Measure Private Equity Performance

An Alternative Way to Measure Private Equity Performance An Alternatve Way to Measure Prvate Equty Performance Peter Todd Parlux Investment Technology LLC Summary Internal Rate of Return (IRR) s probably the most common way to measure the performance of prvate

More information

A Secure Password-Authenticated Key Agreement Using Smart Cards

A Secure Password-Authenticated Key Agreement Using Smart Cards A Secure Password-Authentcated Key Agreement Usng Smart Cards Ka Chan 1, Wen-Chung Kuo 2 and Jn-Chou Cheng 3 1 Department of Computer and Informaton Scence, R.O.C. Mltary Academy, Kaohsung 83059, Tawan,

More information

Multiple-Period Attribution: Residuals and Compounding

Multiple-Period Attribution: Residuals and Compounding Multple-Perod Attrbuton: Resduals and Compoundng Our revewer gave these authors full marks for dealng wth an ssue that performance measurers and vendors often regard as propretary nformaton. In 1994, Dens

More information

benefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ).

benefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ). REVIEW OF RISK MANAGEMENT CONCEPTS LOSS DISTRIBUTIONS AND INSURANCE Loss and nsurance: When someone s subject to the rsk of ncurrng a fnancal loss, the loss s generally modeled usng a random varable or

More information

ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING

ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING Matthew J. Lberatore, Department of Management and Operatons, Vllanova Unversty, Vllanova, PA 19085, 610-519-4390,

More information

AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE

AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE Yu-L Huang Industral Engneerng Department New Mexco State Unversty Las Cruces, New Mexco 88003, U.S.A. Abstract Patent

More information

The Development of Web Log Mining Based on Improve-K-Means Clustering Analysis

The Development of Web Log Mining Based on Improve-K-Means Clustering Analysis The Development of Web Log Mnng Based on Improve-K-Means Clusterng Analyss TngZhong Wang * College of Informaton Technology, Luoyang Normal Unversty, Luoyang, 471022, Chna wangtngzhong2@sna.cn Abstract.

More information

Feature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College

Feature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College Feature selecton for ntruson detecton Slobodan Petrovć NISlab, Gjøvk Unversty College Contents The feature selecton problem Intruson detecton Traffc features relevant for IDS The CFS measure The mrmr measure

More information

Analysis of Premium Liabilities for Australian Lines of Business

Analysis of Premium Liabilities for Australian Lines of Business Summary of Analyss of Premum Labltes for Australan Lnes of Busness Emly Tao Honours Research Paper, The Unversty of Melbourne Emly Tao Acknowledgements I am grateful to the Australan Prudental Regulaton

More information

Efficient Project Portfolio as a tool for Enterprise Risk Management

Efficient Project Portfolio as a tool for Enterprise Risk Management Effcent Proect Portfolo as a tool for Enterprse Rsk Management Valentn O. Nkonov Ural State Techncal Unversty Growth Traectory Consultng Company January 5, 27 Effcent Proect Portfolo as a tool for Enterprse

More information

Chapter 11 Practice Problems Answers

Chapter 11 Practice Problems Answers Chapter 11 Practce Problems Answers 1. Would you be more wllng to lend to a frend f she put all of her lfe savngs nto her busness than you would f she had not done so? Why? Ths problem s ntended to make

More information

Credit Limit Optimization (CLO) for Credit Cards

Credit Limit Optimization (CLO) for Credit Cards Credt Lmt Optmzaton (CLO) for Credt Cards Vay S. Desa CSCC IX, Ednburgh September 8, 2005 Copyrght 2003, SAS Insttute Inc. All rghts reserved. SAS Propretary Agenda Background Tradtonal approaches to credt

More information

Robust Design of Public Storage Warehouses. Yeming (Yale) Gong EMLYON Business School

Robust Design of Public Storage Warehouses. Yeming (Yale) Gong EMLYON Business School Robust Desgn of Publc Storage Warehouses Yemng (Yale) Gong EMLYON Busness School Rene de Koster Rotterdam school of management, Erasmus Unversty Abstract We apply robust optmzaton and revenue management

More information

Can Auto Liability Insurance Purchases Signal Risk Attitude?

Can Auto Liability Insurance Purchases Signal Risk Attitude? Internatonal Journal of Busness and Economcs, 2011, Vol. 10, No. 2, 159-164 Can Auto Lablty Insurance Purchases Sgnal Rsk Atttude? Chu-Shu L Department of Internatonal Busness, Asa Unversty, Tawan Sheng-Chang

More information

PAS: A Packet Accounting System to Limit the Effects of DoS & DDoS. Debish Fesehaye & Klara Naherstedt University of Illinois-Urbana Champaign

PAS: A Packet Accounting System to Limit the Effects of DoS & DDoS. Debish Fesehaye & Klara Naherstedt University of Illinois-Urbana Champaign PAS: A Packet Accountng System to Lmt the Effects of DoS & DDoS Debsh Fesehaye & Klara Naherstedt Unversty of Illnos-Urbana Champagn DoS and DDoS DDoS attacks are ncreasng threats to our dgtal world. Exstng

More information

Course outline. Financial Time Series Analysis. Overview. Data analysis. Predictive signal. Trading strategy

Course outline. Financial Time Series Analysis. Overview. Data analysis. Predictive signal. Trading strategy Fnancal Tme Seres Analyss Patrck McSharry patrck@mcsharry.net www.mcsharry.net Trnty Term 2014 Mathematcal Insttute Unversty of Oxford Course outlne 1. Data analyss, probablty, correlatons, vsualsaton

More information

The Current Employment Statistics (CES) survey,

The Current Employment Statistics (CES) survey, Busness Brths and Deaths Impact of busness brths and deaths n the payroll survey The CES probablty-based sample redesgn accounts for most busness brth employment through the mputaton of busness deaths,

More information

On-Line Fault Detection in Wind Turbine Transmission System using Adaptive Filter and Robust Statistical Features

On-Line Fault Detection in Wind Turbine Transmission System using Adaptive Filter and Robust Statistical Features On-Lne Fault Detecton n Wnd Turbne Transmsson System usng Adaptve Flter and Robust Statstcal Features Ruoyu L Remote Dagnostcs Center SKF USA Inc. 3443 N. Sam Houston Pkwy., Houston TX 77086 Emal: ruoyu.l@skf.com

More information

Effective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints

Effective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints Effectve Network Defense Strateges aganst Malcous Attacks wth Varous Defense Mechansms under Qualty of Servce Constrants Frank Yeong-Sung Ln Department of Informaton Natonal Tawan Unversty Tape, Tawan,

More information

Risk-based Fatigue Estimate of Deep Water Risers -- Course Project for EM388F: Fracture Mechanics, Spring 2008

Risk-based Fatigue Estimate of Deep Water Risers -- Course Project for EM388F: Fracture Mechanics, Spring 2008 Rsk-based Fatgue Estmate of Deep Water Rsers -- Course Project for EM388F: Fracture Mechancs, Sprng 2008 Chen Sh Department of Cvl, Archtectural, and Envronmental Engneerng The Unversty of Texas at Austn

More information

LIFETIME INCOME OPTIONS

LIFETIME INCOME OPTIONS LIFETIME INCOME OPTIONS May 2011 by: Marca S. Wagner, Esq. The Wagner Law Group A Professonal Corporaton 99 Summer Street, 13 th Floor Boston, MA 02110 Tel: (617) 357-5200 Fax: (617) 357-5250 www.ersa-lawyers.com

More information

Fault tolerance in cloud technologies presented as a service

Fault tolerance in cloud technologies presented as a service Internatonal Scentfc Conference Computer Scence 2015 Pavel Dzhunev, PhD student Fault tolerance n cloud technologes presented as a servce INTRODUCTION Improvements n technques for vrtualzaton and performance

More information

Understanding the physical and economic consequences of attacks on control systems

Understanding the physical and economic consequences of attacks on control systems I N T E R N A T I O N A L J O U R N A L O F C R I T I C A L I N F R A S T R U C T U R E P R O T E C T I O N 2 ( 2 0 0 9 ) 7 3 8 3 avalable at www.scencedrect.com journal homepage: www.elsever.com/locate/jcp

More information

Institute of Informatics, Faculty of Business and Management, Brno University of Technology,Czech Republic

Institute of Informatics, Faculty of Business and Management, Brno University of Technology,Czech Republic Lagrange Multplers as Quanttatve Indcators n Economcs Ivan Mezník Insttute of Informatcs, Faculty of Busness and Management, Brno Unversty of TechnologCzech Republc Abstract The quanttatve role of Lagrange

More information

Module 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur

Module 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur Module LOSSLESS IMAGE COMPRESSION SYSTEMS Lesson 3 Lossless Compresson: Huffman Codng Instructonal Objectves At the end of ths lesson, the students should be able to:. Defne and measure source entropy..

More information

Number of Levels Cumulative Annual operating Income per year construction costs costs ($) ($) ($) 1 600,000 35,000 100,000 2 2,200,000 60,000 350,000

Number of Levels Cumulative Annual operating Income per year construction costs costs ($) ($) ($) 1 600,000 35,000 100,000 2 2,200,000 60,000 350,000 Problem Set 5 Solutons 1 MIT s consderng buldng a new car park near Kendall Square. o unversty funds are avalable (overhead rates are under pressure and the new faclty would have to pay for tself from

More information

RELIABILITY, RISK AND AVAILABILITY ANLYSIS OF A CONTAINER GANTRY CRANE ABSTRACT

RELIABILITY, RISK AND AVAILABILITY ANLYSIS OF A CONTAINER GANTRY CRANE ABSTRACT Kolowrock Krzysztof Joanna oszynska MODELLING ENVIRONMENT AND INFRATRUCTURE INFLUENCE ON RELIABILITY AND OPERATION RT&A # () (Vol.) March RELIABILITY RIK AND AVAILABILITY ANLYI OF A CONTAINER GANTRY CRANE

More information

What is Candidate Sampling

What is Candidate Sampling What s Canddate Samplng Say we have a multclass or mult label problem where each tranng example ( x, T ) conssts of a context x a small (mult)set of target classes T out of a large unverse L of possble

More information

Fragility Based Rehabilitation Decision Analysis

Fragility Based Rehabilitation Decision Analysis .171. Fraglty Based Rehabltaton Decson Analyss Cagdas Kafal Graduate Student, School of Cvl and Envronmental Engneerng, Cornell Unversty Research Supervsor: rcea Grgoru, Professor Summary A method s presented

More information

A Novel Methodology of Working Capital Management for Large. Public Constructions by Using Fuzzy S-curve Regression

A Novel Methodology of Working Capital Management for Large. Public Constructions by Using Fuzzy S-curve Regression Novel Methodology of Workng Captal Management for Large Publc Constructons by Usng Fuzzy S-curve Regresson Cheng-Wu Chen, Morrs H. L. Wang and Tng-Ya Hseh Department of Cvl Engneerng, Natonal Central Unversty,

More information

Application of Multi-Agents for Fault Detection and Reconfiguration of Power Distribution Systems

Application of Multi-Agents for Fault Detection and Reconfiguration of Power Distribution Systems 1 Applcaton of Mult-Agents for Fault Detecton and Reconfguraton of Power Dstrbuton Systems K. Nareshkumar, Member, IEEE, M. A. Choudhry, Senor Member, IEEE, J. La, A. Felach, Senor Member, IEEE Abstract--The

More information

A Design Method of High-availability and Low-optical-loss Optical Aggregation Network Architecture

A Design Method of High-availability and Low-optical-loss Optical Aggregation Network Architecture A Desgn Method of Hgh-avalablty and Low-optcal-loss Optcal Aggregaton Network Archtecture Takehro Sato, Kuntaka Ashzawa, Kazumasa Tokuhash, Dasuke Ish, Satoru Okamoto and Naoak Yamanaka Dept. of Informaton

More information

A Replication-Based and Fault Tolerant Allocation Algorithm for Cloud Computing

A Replication-Based and Fault Tolerant Allocation Algorithm for Cloud Computing A Replcaton-Based and Fault Tolerant Allocaton Algorthm for Cloud Computng Tork Altameem Dept of Computer Scence, RCC, Kng Saud Unversty, PO Box: 28095 11437 Ryadh-Saud Araba Abstract The very large nfrastructure

More information

A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-Things

A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-Things A Game-Theoretc Approach for Mnmzng Securty Rsks n the Internet-of-Thngs George Rontds, Emmanoul Panaouss, Aron Laszka, Tasos Daguklas, Pasquale Malacara, and Tansu Alpcan Hellenc Open Unversty, Greece

More information

An Analysis of Central Processor Scheduling in Multiprogrammed Computer Systems

An Analysis of Central Processor Scheduling in Multiprogrammed Computer Systems STAN-CS-73-355 I SU-SE-73-013 An Analyss of Central Processor Schedulng n Multprogrammed Computer Systems (Dgest Edton) by Thomas G. Prce October 1972 Techncal Report No. 57 Reproducton n whole or n part

More information

Optimal Bidding Strategies for Generation Companies in a Day-Ahead Electricity Market with Risk Management Taken into Account

Optimal Bidding Strategies for Generation Companies in a Day-Ahead Electricity Market with Risk Management Taken into Account Amercan J. of Engneerng and Appled Scences (): 8-6, 009 ISSN 94-700 009 Scence Publcatons Optmal Bddng Strateges for Generaton Companes n a Day-Ahead Electrcty Market wth Rsk Management Taken nto Account

More information

Kiel Institute for World Economics Duesternbrooker Weg 120 24105 Kiel (Germany) Kiel Working Paper No. 1120

Kiel Institute for World Economics Duesternbrooker Weg 120 24105 Kiel (Germany) Kiel Working Paper No. 1120 Kel Insttute for World Economcs Duesternbrooker Weg 45 Kel (Germany) Kel Workng Paper No. Path Dependences n enture Captal Markets by Andrea Schertler July The responsblty for the contents of the workng

More information

Network Security Situation Evaluation Method for Distributed Denial of Service

Network Security Situation Evaluation Method for Distributed Denial of Service Network Securty Stuaton Evaluaton Method for Dstrbuted Denal of Servce Jn Q,2, Cu YMn,2, Huang MnHuan,2, Kuang XaoHu,2, TangHong,2 ) Scence and Technology on Informaton System Securty Laboratory, Bejng,

More information

Cyber-Insurance for Cyber-Security A Solution to the Information Asymmetry Problem

Cyber-Insurance for Cyber-Security A Solution to the Information Asymmetry Problem Cyber-Insurance for Cyber-Securty A Soluton to the Informaton Asymmetry Problem Ranjan Pal Unversty of Southern Calforna Emal: rpal@usc.edu Abstract Internet users such as ndvduals and organzatons are

More information

Coordinated Denial-of-Service Attacks in IEEE 802.22 Networks

Coordinated Denial-of-Service Attacks in IEEE 802.22 Networks Coordnated Denal-of-Servce Attacks n IEEE 82.22 Networks Y Tan Department of ECE Stevens Insttute of Technology Hoboken, NJ Emal: ytan@stevens.edu Shamk Sengupta Department of Math. & Comp. Sc. John Jay

More information

SQUARE Project: Cost/Benefit Analysis Framework for Information Security Improvement Projects in Small Companies

SQUARE Project: Cost/Benefit Analysis Framework for Information Security Improvement Projects in Small Companies SQUARE Project: Cost/Beneft Analyss Framework for Informaton Securty Improvement Projects n Small Companes System Qualty Requrements Engneerng (SQUARE) Team Nck (Nng) Xe Nancy R. Mead, Advsor Contrbutors:

More information

Methodology to Determine Relationships between Performance Factors in Hadoop Cloud Computing Applications

Methodology to Determine Relationships between Performance Factors in Hadoop Cloud Computing Applications Methodology to Determne Relatonshps between Performance Factors n Hadoop Cloud Computng Applcatons Lus Eduardo Bautsta Vllalpando 1,2, Alan Aprl 1 and Alan Abran 1 1 Department of Software Engneerng and

More information

MAPP. MERIS level 3 cloud and water vapour products. Issue: 1. Revision: 0. Date: 9.12.1998. Function Name Organisation Signature Date

MAPP. MERIS level 3 cloud and water vapour products. Issue: 1. Revision: 0. Date: 9.12.1998. Function Name Organisation Signature Date Ttel: Project: Doc. No.: MERIS level 3 cloud and water vapour products MAPP MAPP-ATBD-ClWVL3 Issue: 1 Revson: 0 Date: 9.12.1998 Functon Name Organsaton Sgnature Date Author: Bennartz FUB Preusker FUB Schüller

More information

Optimization Model of Reliable Data Storage in Cloud Environment Using Genetic Algorithm

Optimization Model of Reliable Data Storage in Cloud Environment Using Genetic Algorithm Internatonal Journal of Grd Dstrbuton Computng, pp.175-190 http://dx.do.org/10.14257/gdc.2014.7.6.14 Optmzaton odel of Relable Data Storage n Cloud Envronment Usng Genetc Algorthm Feng Lu 1,2,3, Hatao

More information

Answer: A). There is a flatter IS curve in the high MPC economy. Original LM LM after increase in M. IS curve for low MPC economy

Answer: A). There is a flatter IS curve in the high MPC economy. Original LM LM after increase in M. IS curve for low MPC economy 4.02 Quz Solutons Fall 2004 Multple-Choce Questons (30/00 ponts) Please, crcle the correct answer for each of the followng 0 multple-choce questons. For each queston, only one of the answers s correct.

More information

Survey on Virtual Machine Placement Techniques in Cloud Computing Environment

Survey on Virtual Machine Placement Techniques in Cloud Computing Environment Survey on Vrtual Machne Placement Technques n Cloud Computng Envronment Rajeev Kumar Gupta and R. K. Paterya Department of Computer Scence & Engneerng, MANIT, Bhopal, Inda ABSTRACT In tradtonal data center

More information

Dynamic Pricing for Smart Grid with Reinforcement Learning

Dynamic Pricing for Smart Grid with Reinforcement Learning Dynamc Prcng for Smart Grd wth Renforcement Learnng Byung-Gook Km, Yu Zhang, Mhaela van der Schaar, and Jang-Won Lee Samsung Electroncs, Suwon, Korea Department of Electrcal Engneerng, UCLA, Los Angeles,

More information

Week 6 Market Failure due to Externalities

Week 6 Market Failure due to Externalities Week 6 Market Falure due to Externaltes 1. Externaltes n externalty exsts when the acton of one agent unavodably affects the welfare of another agent. The affected agent may be a consumer, gvng rse to

More information

METHODOLOGY TO DETERMINE RELATIONSHIPS BETWEEN PERFORMANCE FACTORS IN HADOOP CLOUD COMPUTING APPLICATIONS

METHODOLOGY TO DETERMINE RELATIONSHIPS BETWEEN PERFORMANCE FACTORS IN HADOOP CLOUD COMPUTING APPLICATIONS METHODOLOGY TO DETERMINE RELATIONSHIPS BETWEEN PERFORMANCE FACTORS IN HADOOP CLOUD COMPUTING APPLICATIONS Lus Eduardo Bautsta Vllalpando 1,2, Alan Aprl 1 and Alan Abran 1 1 Department of Software Engneerng

More information

IMPACT ANALYSIS OF A CELLULAR PHONE

IMPACT ANALYSIS OF A CELLULAR PHONE 4 th ASA & μeta Internatonal Conference IMPACT AALYSIS OF A CELLULAR PHOE We Lu, 2 Hongy L Bejng FEAonlne Engneerng Co.,Ltd. Bejng, Chna ABSTRACT Drop test smulaton plays an mportant role n nvestgatng

More information

An RFID Distance Bounding Protocol

An RFID Distance Bounding Protocol An RFID Dstance Boundng Protocol Gerhard P. Hancke and Markus G. Kuhn May 22, 2006 An RFID Dstance Boundng Protocol p. 1 Dstance boundng Verfer d Prover Places an upper bound on physcal dstance Does not

More information

A hybrid global optimization algorithm based on parallel chaos optimization and outlook algorithm

A hybrid global optimization algorithm based on parallel chaos optimization and outlook algorithm Avalable onlne www.ocpr.com Journal of Chemcal and Pharmaceutcal Research, 2014, 6(7):1884-1889 Research Artcle ISSN : 0975-7384 CODEN(USA) : JCPRC5 A hybrd global optmzaton algorthm based on parallel

More information

HP Mission-Critical Services

HP Mission-Critical Services HP Msson-Crtcal Servces Delverng busness value to IT Jelena Bratc Zarko Subotc TS Support tm Mart 2012, Podgorca 2010 Hewlett-Packard Development Company, L.P. The nformaton contaned heren s subject to

More information

Calculation of Sampling Weights

Calculation of Sampling Weights Perre Foy Statstcs Canada 4 Calculaton of Samplng Weghts 4.1 OVERVIEW The basc sample desgn used n TIMSS Populatons 1 and 2 was a two-stage stratfed cluster desgn. 1 The frst stage conssted of a sample

More information

"Research Note" APPLICATION OF CHARGE SIMULATION METHOD TO ELECTRIC FIELD CALCULATION IN THE POWER CABLES *

Research Note APPLICATION OF CHARGE SIMULATION METHOD TO ELECTRIC FIELD CALCULATION IN THE POWER CABLES * Iranan Journal of Scence & Technology, Transacton B, Engneerng, ol. 30, No. B6, 789-794 rnted n The Islamc Republc of Iran, 006 Shraz Unversty "Research Note" ALICATION OF CHARGE SIMULATION METHOD TO ELECTRIC

More information

INVESTIGATION OF VEHICULAR USERS FAIRNESS IN CDMA-HDR NETWORKS

INVESTIGATION OF VEHICULAR USERS FAIRNESS IN CDMA-HDR NETWORKS 21 22 September 2007, BULGARIA 119 Proceedngs of the Internatonal Conference on Informaton Technologes (InfoTech-2007) 21 st 22 nd September 2007, Bulgara vol. 2 INVESTIGATION OF VEHICULAR USERS FAIRNESS

More information

A Hierarchical Reliability Model of Service-Based Software System

A Hierarchical Reliability Model of Service-Based Software System 2009 33rd Annual IEEE Internatonal Computer Software and Applcatons Conference A Herarchcal Relablty Model of Servce-Based Software System Lun Wang, Xaoyng Ba, Lzhu Zhou Department of Computer Scence and

More information

Traffic-light a stress test for life insurance provisions

Traffic-light a stress test for life insurance provisions MEMORANDUM Date 006-09-7 Authors Bengt von Bahr, Göran Ronge Traffc-lght a stress test for lfe nsurance provsons Fnansnspetonen P.O. Box 6750 SE-113 85 Stocholm [Sveavägen 167] Tel +46 8 787 80 00 Fax

More information

Statistical Methods to Develop Rating Models

Statistical Methods to Develop Rating Models Statstcal Methods to Develop Ratng Models [Evelyn Hayden and Danel Porath, Österrechsche Natonalbank and Unversty of Appled Scences at Manz] Source: The Basel II Rsk Parameters Estmaton, Valdaton, and

More information

Study on Model of Risks Assessment of Standard Operation in Rural Power Network

Study on Model of Risks Assessment of Standard Operation in Rural Power Network Study on Model of Rsks Assessment of Standard Operaton n Rural Power Network Qngj L 1, Tao Yang 2 1 Qngj L, College of Informaton and Electrcal Engneerng, Shenyang Agrculture Unversty, Shenyang 110866,

More information

The Safety Board recommends that the Penn Central Transportation. Company and the American Railway Engineering Association revise

The Safety Board recommends that the Penn Central Transportation. Company and the American Railway Engineering Association revise V. RECOWNDATONS 4.! The Safety Board recommends that the Penn Central Transportaton Company and the Amercan Ralway Engneerng Assocaton revse ther track nspecton and mantenance standards or recommended

More information

Research Article A Time Scheduling Model of Logistics Service Supply Chain with Mass Customized Logistics Service

Research Article A Time Scheduling Model of Logistics Service Supply Chain with Mass Customized Logistics Service Hndaw Publshng Corporaton Dscrete Dynamcs n Nature and Socety Volume 01, Artcle ID 48978, 18 pages do:10.1155/01/48978 Research Artcle A Tme Schedulng Model of Logstcs Servce Supply Chan wth Mass Customzed

More information

Project Networks With Mixed-Time Constraints

Project Networks With Mixed-Time Constraints Project Networs Wth Mxed-Tme Constrants L Caccetta and B Wattananon Western Australan Centre of Excellence n Industral Optmsaton (WACEIO) Curtn Unversty of Technology GPO Box U1987 Perth Western Australa

More information

Open Access A Load Balancing Strategy with Bandwidth Constraint in Cloud Computing. Jing Deng 1,*, Ping Guo 2, Qi Li 3, Haizhu Chen 1

Open Access A Load Balancing Strategy with Bandwidth Constraint in Cloud Computing. Jing Deng 1,*, Ping Guo 2, Qi Li 3, Haizhu Chen 1 Send Orders for Reprnts to reprnts@benthamscence.ae The Open Cybernetcs & Systemcs Journal, 2014, 8, 115-121 115 Open Access A Load Balancng Strategy wth Bandwdth Constrant n Cloud Computng Jng Deng 1,*,

More information

Forecasting the Direction and Strength of Stock Market Movement

Forecasting the Direction and Strength of Stock Market Movement Forecastng the Drecton and Strength of Stock Market Movement Jngwe Chen Mng Chen Nan Ye cjngwe@stanford.edu mchen5@stanford.edu nanye@stanford.edu Abstract - Stock market s one of the most complcated systems

More information

Power-of-Two Policies for Single- Warehouse Multi-Retailer Inventory Systems with Order Frequency Discounts

Power-of-Two Policies for Single- Warehouse Multi-Retailer Inventory Systems with Order Frequency Discounts Power-of-wo Polces for Sngle- Warehouse Mult-Retaler Inventory Systems wth Order Frequency Dscounts José A. Ventura Pennsylvana State Unversty (USA) Yale. Herer echnon Israel Insttute of echnology (Israel)

More information

DEFINING %COMPLETE IN MICROSOFT PROJECT

DEFINING %COMPLETE IN MICROSOFT PROJECT CelersSystems DEFINING %COMPLETE IN MICROSOFT PROJECT PREPARED BY James E Aksel, PMP, PMI-SP, MVP For Addtonal Informaton about Earned Value Management Systems and reportng, please contact: CelersSystems,

More information

An Interest-Oriented Network Evolution Mechanism for Online Communities

An Interest-Oriented Network Evolution Mechanism for Online Communities An Interest-Orented Network Evoluton Mechansm for Onlne Communtes Cahong Sun and Xaopng Yang School of Informaton, Renmn Unversty of Chna, Bejng 100872, P.R. Chna {chsun,yang}@ruc.edu.cn Abstract. Onlne

More information

Overview of monitoring and evaluation

Overview of monitoring and evaluation 540 Toolkt to Combat Traffckng n Persons Tool 10.1 Overvew of montorng and evaluaton Overvew Ths tool brefly descrbes both montorng and evaluaton, and the dstncton between the two. What s montorng? Montorng

More information

Intra-year Cash Flow Patterns: A Simple Solution for an Unnecessary Appraisal Error

Intra-year Cash Flow Patterns: A Simple Solution for an Unnecessary Appraisal Error Intra-year Cash Flow Patterns: A Smple Soluton for an Unnecessary Apprasal Error By C. Donald Wggns (Professor of Accountng and Fnance, the Unversty of North Florda), B. Perry Woodsde (Assocate Professor

More information

Internet can be trusted and that there are no malicious elements propagating in the Internet. On the contrary, the

Internet can be trusted and that there are no malicious elements propagating in the Internet. On the contrary, the Prcng and Investments n Internet Securty 1 A Cyber-Insurance Perspectve Ranjan Pal, Student Member, IEEE, Leana Golubchk, Member, IEEE, arxv:submt/0209632 [cs.cr] 8 Mar 2011 Abstract Internet users such

More information

The Application of Fractional Brownian Motion in Option Pricing

The Application of Fractional Brownian Motion in Option Pricing Vol. 0, No. (05), pp. 73-8 http://dx.do.org/0.457/jmue.05.0..6 The Applcaton of Fractonal Brownan Moton n Opton Prcng Qng-xn Zhou School of Basc Scence,arbn Unversty of Commerce,arbn zhouqngxn98@6.com

More information

Ameriprise Financial Services, Inc. or RiverSource Life Insurance Company Account Registration

Ameriprise Financial Services, Inc. or RiverSource Life Insurance Company Account Registration CED0105200808 Amerprse Fnancal Servces, Inc. 70400 Amerprse Fnancal Center Mnneapols, MN 55474 Incomng Account Transfer/Exchange/ Drect Rollover (Qualfed Plans Only) for Amerprse certfcates, Columba mutual

More information

Enterprise Master Patient Index

Enterprise Master Patient Index Enterprse Master Patent Index Healthcare data are captured n many dfferent settngs such as hosptals, clncs, labs, and physcan offces. Accordng to a report by the CDC, patents n the Unted States made an

More information

Outsourcing inventory management decisions in healthcare: Models and application

Outsourcing inventory management decisions in healthcare: Models and application European Journal of Operatonal Research 154 (24) 271 29 O.R. Applcatons Outsourcng nventory management decsons n healthcare: Models and applcaton www.elsever.com/locate/dsw Lawrence Ncholson a, Asoo J.

More information

A Hierarchical Anomaly Network Intrusion Detection System using Neural Network Classification

A Hierarchical Anomaly Network Intrusion Detection System using Neural Network Classification IDC IDC A Herarchcal Anomaly Network Intruson Detecton System usng Neural Network Classfcaton ZHENG ZHANG, JUN LI, C. N. MANIKOPOULOS, JAY JORGENSON and JOSE UCLES ECE Department, New Jersey Inst. of Tech.,

More information

iavenue iavenue i i i iavenue iavenue iavenue

iavenue iavenue i i i iavenue iavenue iavenue Saratoga Systems' enterprse-wde Avenue CRM system s a comprehensve web-enabled software soluton. Ths next generaton system enables you to effectvely manage and enhance your customer relatonshps n both

More information

Design and Development of a Security Evaluation Platform Based on International Standards

Design and Development of a Security Evaluation Platform Based on International Standards Internatonal Journal of Informatcs Socety, VOL.5, NO.2 (203) 7-80 7 Desgn and Development of a Securty Evaluaton Platform Based on Internatonal Standards Yuj Takahash and Yoshm Teshgawara Graduate School

More information

A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION. Michael E. Kuhl Radhamés A. Tolentino-Peña

A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION. Michael E. Kuhl Radhamés A. Tolentino-Peña Proceedngs of the 2008 Wnter Smulaton Conference S. J. Mason, R. R. Hll, L. Mönch, O. Rose, T. Jefferson, J. W. Fowler eds. A DYNAMIC CRASHING METHOD FOR PROJECT MANAGEMENT USING SIMULATION-BASED OPTIMIZATION

More information

RESEARCH ON DUAL-SHAKER SINE VIBRATION CONTROL. Yaoqi FENG 1, Hanping QIU 1. China Academy of Space Technology (CAST) yaoqi.feng@yahoo.

RESEARCH ON DUAL-SHAKER SINE VIBRATION CONTROL. Yaoqi FENG 1, Hanping QIU 1. China Academy of Space Technology (CAST) yaoqi.feng@yahoo. ICSV4 Carns Australa 9- July, 007 RESEARCH ON DUAL-SHAKER SINE VIBRATION CONTROL Yaoq FENG, Hanpng QIU Dynamc Test Laboratory, BISEE Chna Academy of Space Technology (CAST) yaoq.feng@yahoo.com Abstract

More information

Portfolio Loss Distribution

Portfolio Loss Distribution Portfolo Loss Dstrbuton Rsky assets n loan ortfolo hghly llqud assets hold-to-maturty n the bank s balance sheet Outstandngs The orton of the bank asset that has already been extended to borrowers. Commtment

More information

A Novel Auction Mechanism for Selling Time-Sensitive E-Services

A Novel Auction Mechanism for Selling Time-Sensitive E-Services A ovel Aucton Mechansm for Sellng Tme-Senstve E-Servces Juong-Sk Lee and Boleslaw K. Szymansk Optmaret Inc. and Department of Computer Scence Rensselaer Polytechnc Insttute 110 8 th Street, Troy, Y 12180,

More information

RequIn, a tool for fast web traffic inference

RequIn, a tool for fast web traffic inference RequIn, a tool for fast web traffc nference Olver aul, Jean Etenne Kba GET/INT, LOR Department 9 rue Charles Fourer 90 Evry, France Olver.aul@nt-evry.fr, Jean-Etenne.Kba@nt-evry.fr Abstract As networked

More information

Feasibility of Using Discriminate Pricing Schemes for Energy Trading in Smart Grid

Feasibility of Using Discriminate Pricing Schemes for Energy Trading in Smart Grid Feasblty of Usng Dscrmnate Prcng Schemes for Energy Tradng n Smart Grd Wayes Tushar, Chau Yuen, Bo Cha, Davd B. Smth, and H. Vncent Poor Sngapore Unversty of Technology and Desgn, Sngapore 138682. Emal:

More information

Single and multiple stage classifiers implementing logistic discrimination

Single and multiple stage classifiers implementing logistic discrimination Sngle and multple stage classfers mplementng logstc dscrmnaton Hélo Radke Bttencourt 1 Dens Alter de Olvera Moraes 2 Vctor Haertel 2 1 Pontfíca Unversdade Católca do Ro Grande do Sul - PUCRS Av. Ipranga,

More information

Risk Model of Long-Term Production Scheduling in Open Pit Gold Mining

Risk Model of Long-Term Production Scheduling in Open Pit Gold Mining Rsk Model of Long-Term Producton Schedulng n Open Pt Gold Mnng R Halatchev 1 and P Lever 2 ABSTRACT Open pt gold mnng s an mportant sector of the Australan mnng ndustry. It uses large amounts of nvestments,

More information

Capacity-building and training

Capacity-building and training 92 Toolkt to Combat Traffckng n Persons Tool 2.14 Capacty-buldng and tranng Overvew Ths tool provdes references to tranng programmes and materals. For more tranng materals, refer also to Tool 9.18. Capacty-buldng

More information

Calculating the high frequency transmission line parameters of power cables

Calculating the high frequency transmission line parameters of power cables < ' Calculatng the hgh frequency transmsson lne parameters of power cables Authors: Dr. John Dcknson, Laboratory Servces Manager, N 0 RW E B Communcatons Mr. Peter J. Ncholson, Project Assgnment Manager,

More information

Fuzzy Set Approach To Asymmetrical Load Balancing In Distribution Networks

Fuzzy Set Approach To Asymmetrical Load Balancing In Distribution Networks Fuzzy Set Approach To Asymmetrcal Load Balancng n Dstrbuton Networks Goran Majstrovc Energy nsttute Hrvoje Por Zagreb, Croata goran.majstrovc@ehp.hr Slavko Krajcar Faculty of electrcal engneerng and computng

More information

Efficient Bandwidth Management in Broadband Wireless Access Systems Using CAC-based Dynamic Pricing

Efficient Bandwidth Management in Broadband Wireless Access Systems Using CAC-based Dynamic Pricing Effcent Bandwdth Management n Broadband Wreless Access Systems Usng CAC-based Dynamc Prcng Bader Al-Manthar, Ndal Nasser 2, Najah Abu Al 3, Hossam Hassanen Telecommuncatons Research Laboratory School of

More information

APPLICATION OF PROBE DATA COLLECTED VIA INFRARED BEACONS TO TRAFFIC MANEGEMENT

APPLICATION OF PROBE DATA COLLECTED VIA INFRARED BEACONS TO TRAFFIC MANEGEMENT APPLICATION OF PROBE DATA COLLECTED VIA INFRARED BEACONS TO TRAFFIC MANEGEMENT Toshhko Oda (1), Kochro Iwaoka (2) (1), (2) Infrastructure Systems Busness Unt, Panasonc System Networks Co., Ltd. Saedo-cho

More information

Many e-tailers providing attended home delivery, especially e-grocers, offer narrow delivery time slots to

Many e-tailers providing attended home delivery, especially e-grocers, offer narrow delivery time slots to Vol. 45, No. 3, August 2011, pp. 435 449 ssn 0041-1655 essn 1526-5447 11 4503 0435 do 10.1287/trsc.1100.0346 2011 INFORMS Tme Slot Management n Attended Home Delvery Nels Agatz Department of Decson and

More information

Data Broadcast on a Multi-System Heterogeneous Overlayed Wireless Network *

Data Broadcast on a Multi-System Heterogeneous Overlayed Wireless Network * JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 24, 819-840 (2008) Data Broadcast on a Mult-System Heterogeneous Overlayed Wreless Network * Department of Computer Scence Natonal Chao Tung Unversty Hsnchu,

More information

Research of Network System Reconfigurable Model Based on the Finite State Automation

Research of Network System Reconfigurable Model Based on the Finite State Automation JOURNAL OF NETWORKS, VOL., NO. 5, MAY 24 237 Research of Network System Reconfgurable Model Based on the Fnte State Automaton Shenghan Zhou and Wenbng Chang School of Relablty and System Engneerng, Behang

More information

Lei Liu, Hua Yang Business School, Hunan University, Changsha, Hunan, P.R. China, 410082. Abstract

Lei Liu, Hua Yang Business School, Hunan University, Changsha, Hunan, P.R. China, 410082. Abstract , pp.377-390 http://dx.do.org/10.14257/jsa.2016.10.4.34 Research on the Enterprse Performance Management Informaton System Development and Robustness Optmzaton based on Data Regresson Analyss and Mathematcal

More information

Frequency Selective IQ Phase and IQ Amplitude Imbalance Adjustments for OFDM Direct Conversion Transmitters

Frequency Selective IQ Phase and IQ Amplitude Imbalance Adjustments for OFDM Direct Conversion Transmitters Frequency Selectve IQ Phase and IQ Ampltude Imbalance Adjustments for OFDM Drect Converson ransmtters Edmund Coersmeer, Ernst Zelnsk Noka, Meesmannstrasse 103, 44807 Bochum, Germany edmund.coersmeer@noka.com,

More information

An Integrated Scheduling Mechanism for Fault-Tolerant Modular Avionics Systems

An Integrated Scheduling Mechanism for Fault-Tolerant Modular Avionics Systems An Integrated Schedulng Mechansm for Fault-Tolerant Modular Avoncs Systems Yann-Hang Lee Mohamed Youns Jeff Zhou CISE Department Unversty of Florda Ganesvlle, FL 326 yhlee@cse.ufl.edu Advanced System Technology

More information

When Network Effect Meets Congestion Effect: Leveraging Social Services for Wireless Services

When Network Effect Meets Congestion Effect: Leveraging Social Services for Wireless Services When Network Effect Meets Congeston Effect: Leveragng Socal Servces for Wreless Servces aowen Gong School of Electrcal, Computer and Energy Engeerng Arzona State Unversty Tempe, AZ 8587, USA xgong9@asuedu

More information

Proactive Secret Sharing Or: How to Cope With Perpetual Leakage

Proactive Secret Sharing Or: How to Cope With Perpetual Leakage Proactve Secret Sharng Or: How to Cope Wth Perpetual Leakage Paper by Amr Herzberg Stanslaw Jareck Hugo Krawczyk Mot Yung Presentaton by Davd Zage What s Secret Sharng Basc Idea ((2, 2)-threshold scheme):

More information

Genetic Algorithm Based Optimization Model for Reliable Data Storage in Cloud Environment

Genetic Algorithm Based Optimization Model for Reliable Data Storage in Cloud Environment Advanced Scence and Technology Letters, pp.74-79 http://dx.do.org/10.14257/astl.2014.50.12 Genetc Algorthm Based Optmzaton Model for Relable Data Storage n Cloud Envronment Feng Lu 1,2,3, Hatao Wu 1,3,

More information