ebook img

Critical Infrastructure Protection PDF

393 Pages·2007·9.817 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Critical Infrastructure Protection

Critical Infrastructure Protection IFIP – The International Federation for Information Processing IFIP was founded in 1960 under the auspices of UNESCO, following the First World Computer Congress held in Paris the previous year. An umbrella organization for societies working in information processing, IFIP's aim is two-fold: to support information processing within its member countries and to encourage technology transfer to developing nations. As its mission statement clearly states, IFIP's mission is to be the leading, truly international, apolitical organization which encourages and assists in the development, exploitation and application of information technology for the benefit of all people. IFIP is a non-profitmaking organization, run almost solely by 2500 volunteers. It operates through a number of technical committees, which organize events and publications. IFIP's events range from an international congress to local seminars, but the most important are: • The IFIP World Computer Congress, held every second year; • Open conferences; • Working conferences. The flagship event is the IFIP World Computer Congress, at which both invited and contributed papers are presented. Contributed papers are rigorously refereed and the rejection rate is high. As with the Congress, participation in the open conferences is open to all and papers may be invited or submitted. Again, submitted papers are stringently refereed. The working conferences are structured differently. They are usually run by a working group and attendance is small and by invitation only. Their purpose is to create an atmosphere conducive to innovation and development. Refereeing is less rigorous and papers are subjected to extensive group discussion. Publications arising from IFIP events vary. The papers presented at the IFIP World Computer Congress and at open conferences are published as conference proceedings, while the results of the working conferences are often published as collections of selected and edited papers. Any national society whose primary activity is in information may apply to become a full member of IFIP, although full membership is restricted to one society per country. Full members are entitled to vote at the annual General Assembly, National societies preferring a less committed involvement may apply for associate or corresponding membership. Associate members enjoy the same benefits as full members, but without voting rights. Corresponding members are not represented in IFIP bodies. Affiliated membership is open to non-national societies, and individual and honorary membership schemes are also offered. E. Goetz and S. Shenoi Editors Critical Infrastructure Protection ABC Eric Goetz Sujeet Shenoi 13P, Dartmouth College University of Tulsa Hanover, New Hampshire Tulsa, Oklahoma USA USA Library of Congress Control Number: 2007938897 Critical Infrastructure Protection Edited by E. Goetz and S. Shenoi p. cm. (IFIP International Federation for Information Processing, a Springer Series in Computer Science) ISSN: 1571-5736 / 1861-2288 (Internet) ISBN: 978-0-387-75461-1 eISBN: 978-0-387-75462-8 Printed on acid-free paper Copyright © 2008 by International Federation for Information Processing. All rights reserved. This work may not be translated or copied in whole or in part without the written permission of the publisher (Springer Science+Business Media, LLC, 233 Spring Street, New York, NY 10013, USA), except for brief excerpts in connection with reviews or scholarly analysis. Use in connection with any form of information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed is forbidden. The use in this publication of trade names, trademarks, service marks and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. 9 8 7 6 5 4 3 2 1 springer.com Contents Contributing Authors ix Preface xix PART I THEMES AND ISSUES 1 On the Security Implications of Disruptive Technologies 3 Neil Robinson and Lorenzo Valeri 2 Cyber Security: Are Economic Incentives Adequate? 15 Scott Dynes, Eric Goetz and Michael Freeman 3 Government Intervention in Information Infrastructure Protection 29 Dan Assaf PART II INFRASTRUCTURE SECURITY 4 Security of Information Flow in the Electric Power Grid 43 Han Tang and Bruce McMillin 5 Securing Positive Train Control Systems 57 Mark Hartong, Rajni Goel and Duminda Wijesekera 6 Lessons Learned from the Maroochy Water Breach 73 Jill Slay and Michael Miller 7 Reducing Risk in Oil and Gas Production Operations 83 Stig Johnsen, Rune Ask and Randi Roisli vi CRITICAL INFRASTRUCTURE PROTECTION PART III CONTROL SYSTEMS SECURITY 8 Securing Current and Future Process Control Systems 99 Robert Cunningham, Steven Cheung, Martin Fong, Ulf Lindqvist, David Nicol, Ronald Pawlowski, Eric Robinson, William Sanders, Sankalp Singh, Alfonso Valdes, Bradley Woodworth and Michael Zhivich 9 Security Strategies for SCADA Networks 117 Rodrigo Chandia, Jesus Gonzalez, Tim Kilpatrick, Mauricio Papa and Sujeet Shenoi 10 Security Enhancements for Distributed Control Systems 133 Jeffrey Hieb, James Graham and Sandip Patel 11 Security Challenges of Reconfigurable Devices in the Power Grid 147 Suvda Myagmar, Roy Campbell and Marianne Winslett 12 Intrusion Detection and Event Monitoring in SCADA Networks 161 Paul Oman and Matthew Phillips 13 Passive Scanning in Modbus Networks 175 Jesus Gonzalez and Mauricio Papa 14 Formal Modeling and Analysis of the Modbus Protocol 189 Bruno Dutertre 15 Security Analysis of Multilayer SCADA Protocols 205 Janica Edmonds, Mauricio Papa and Sujeet Shenoi 16 Remote Forensic Analysis of Process Control Systems 223 RegisFriendCassidy,AdrianChavez,JasonTrentandJorgeUrrea 17 Creating a European SCADA Security Testbed 237 Henrik Christiansson and Eric Luiijf Contents vii PART IV NETWORK INFRASTRUCTURE SECURITY 18 Protecting Internet Services from Low-Rate DoS Attacks 251 Yajuan Tang, Xiapu Luo and Rocky Chang 19 Detecting Wormhole Attacks in Wireless Sensor Networks 267 Yurong Xu, Guanling Chen, James Ford and Fillia Makedon 20 Detecting Non-Discoverable Bluetooth Devices 281 Daniel Cross, Justin Hoeckle, Michael Lavine, Jason Rubin and Kevin Snow PART V INFRASTRUCTURE INTERDEPENDENCIES 21 Risk Analysis in Interdependent Infrastructures 297 Yacov Haimes, Joost Santos, Kenneth Crowther, Matthew Henry, Chenyang Lian and Zhenyu Yan 22 Analysis of Interdependencies Between Italy’s Economic Sectors 311 Roberto Setola 23 The ISE Metamodel for Critical Infrastructures 323 Felix Flentge and Uwe Beyer 24 Multigraph Dependency Models for Heterogeneous Infrastructures 337 Nils Svendsen and Stephen Wolthusen 25 Visualizing Cascading Failures in Critical Cyber Infrastructures 351 Jason Kopylec, Anita D’Amico and John Goodall PART VI RISK ASSESSMENT 26 A Service-Oriented Approach for Assessing Infrastructure Security 367 Marcelo Masera and Igor Nai Fovino viii CRITICAL INFRASTRUCTURE PROTECTION 27 Analysis of Electrical Power and Oil and Gas Pipeline Failures 381 Jeffrey Simonoff, Carlos Restrepo, Rae Zimmerman and Zvia Naphtali Contributing Authors Rune Ask is a Senior Consultant at Det Norske Veritas, Oslo, Norway. His research interests include information security, risk assessment, vulnerability assessment and information technology management. Dan AssafisacandidatefortheDoctorofJuridicalScience(S.J.D.)degreeat the University of Toronto, Toronto, Canada. His research interests are in the intersection of law, economics and security, in particular, the regulation and governance of security. Uwe Beyer is the Department Head of Process Intelligence and Head of Security at the Fraunhofer Institute for Intelligent Analysis and Information Systems, Sankt Augustin, Germany. His research interests include new secu- rity technologies, future C3 systems and large-scale software architectures. Roy Campbell is a Sohaib and Sara Abbasi Professor at the University of Illinois at Urbana-Champaign, Urbana, Illinois. His research interests include security, distributed operating systems and ubiquitous computing. Rodrigo Chandia is a Ph.D. student in Computer Science at the University of Tulsa, Tulsa, Oklahoma. His research interests include SCADA security, computer security and open source software development methodologies. Rocky Chang is an Associate Professor in the Department of Computing at Hong Kong Polytechnic University, Kowloon, Hong Kong, China. His research interests include network security, measurement, operations, management and economics. Adrian Chavez is a Computer Software Researcher and Developer at San- dia National Laboratories, Albuquerque, New Mexico. His research interests include critical infrastructure protection, cryptology and algorithm design and development. x CRITICAL INFRASTRUCTURE PROTECTION GuanlingChenisanAssistantProfessorofComputerScienceattheUniversity of Massachusetts-Lowell, Lowell, Massachusetts. His research interests include wirelessnetworks andcomputersecurity. Steven Cheung is a Computer Scientist at SRI International, Menlo Park, California. His research interests include network security, intrusion detection, alert correlation and sensor networks. Henrik Christiansson is a Senior Scientist at the Swedish Defence Research Agency, Stockholm, Sweden. His research interests include information assur- ance and critical infrastructure protection. Daniel Cross is an M.S. student at the Information Security Institute, Johns HopkinsUniversity,Baltimore,Maryland. Hisresearchinterestsincludecritical infrastructure protection, network security and digital forensics. Kenneth Crowther is a Research Assistant Professor in the Department of Systems and Information Engineering at the University of Virginia, Char- lottesville, Virginia. His research interests include risk analysis of regional and multiregional interdependent systems, geodatabase systems and regional strategic preparedness. Robert Cunningham is the Associate Leader of the Information Systems Technology Group at MIT Lincoln Laboratory, Lexington, Massachusetts. His researchinterestsincludeintrusiondetection,analysisofmalicioussoftwareand automated fault detection in mission-critical software. Anita D’Amico is the Director of Secure Decisions, a division of Applied Visions, Inc., Northport, New York. Her research interests include situational awareness and visualization, information security, cognitive task analysis and technology transition. Bruno Dutertre is a Senior Computer Scientist at SRI International, Menlo Park,California. Hisresearchinterestsincludeformalmethods,softwarearchi- tectures,andtheapplicationoftheoremprovingandmodelcheckingtechniques to the engineering of high-integrity systems. Scott Dynes is a Senior Research Fellow and Project Manager with the Cen- ter for Digital Strategies at the Tuck School of Business, Dartmouth College, Hanover,NewHampshire. Hisresearchinterestsincludetheeconomicsofcyber security and infrastructure protection, policy issues and risk management.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.