ebook img

Critical Infrastructure Protection PDF

407 Pages·2008·9.877 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Critical Infrastructure Protection

E. Goetz and S. Shenoi Editors Critical Infrastructure Protection ABC Eric Goetz Sujeet Shenoi 13P, Dartmouth College University of Tulsa Hanover, New Hampshire Tulsa, Oklahoma USA USA Library of Congress Control Number: 2007938897 Critical Infrastructure Protection Edited by E. Goetz and S. Shenoi p. cm. (IFIP International Federation for Information Processing, a Springer Series in Computer Science) ISSN: 1571-5736 / 1861-2288 (Internet) ISBN: 978-0-387-75461-1 eISBN: 978-0-387-75462-8 Printed on acid-free paper Copyright © 2008 by International Federation for Information Processing. All rights reserved. This work may not be translated or copied in whole or in part without the written permission of the publisher (Springer Science+Business Media, LLC, 233 Spring Street, New York, NY 10013, USA), except for brief excerpts in connection with reviews or scholarly analysis. Use in connection with any form of information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed is forbidden. The use in this publication of trade names, trademarks, service marks and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. 9 8 7 6 5 4 3 2 1 springer.com Contents Contributing Authors ix Preface xix PART I THEMES AND ISSUES 1 On the Security Implications of Disruptive Technologies 3 Neil Robinson and Lorenzo Valeri 2 Cyber Security: Are Economic Incentives Adequate? 15 Scott Dynes, Eric Goetz and Michael Freeman 3 Government Intervention in Information Infrastructure Protection 29 Dan Assaf PART II INFRASTRUCTURE SECURITY 4 Security of Information Flow in the Electric Power Grid 43 Han Tang and Bruce McMillin 5 Securing Positive Train Control Systems 57 Mark Hartong, Rajni Goel and Duminda Wijesekera 6 Lessons Learned from the Maroochy Water Breach 73 Jill Slay and Michael Miller 7 Reducing Risk in Oil and Gas Production Operations 83 Stig Johnsen, Rune Ask and Randi Roisli vi CRITICAL INFRASTRUCTURE PROTECTION PART III CONTROL SYSTEMS SECURITY 8 Securing Current and Future Process Control Systems 99 Robert Cunningham, Steven Cheung, Martin Fong, Ulf Lindqvist, David Nicol, Ronald Pawlowski, Eric Robinson, William Sanders, Sankalp Singh, Alfonso Valdes, Bradley Woodworth and Michael Zhivich 9 Security Strategies for SCADA Networks 117 Rodrigo Chandia, Jesus Gonzalez, Tim Kilpatrick, Mauricio Papa and Sujeet Shenoi 10 Security Enhancements for Distributed Control Systems 133 Jeffrey Hieb, James Graham and Sandip Patel 11 Security Challenges of Reconfigurable Devices in the Power Grid 147 Suvda Myagmar, Roy Campbell and Marianne Winslett 12 Intrusion Detection and Event Monitoring in SCADA Networks 161 Paul Oman and Matthew Phillips 13 Passive Scanning in Modbus Networks 175 Jesus Gonzalez and Mauricio Papa 14 Formal Modeling and Analysis of the Modbus Protocol 189 Bruno Dutertre 15 Security Analysis of Multilayer SCADA Protocols 205 Janica Edmonds, Mauricio Papa and Sujeet Shenoi 16 Remote Forensic Analysis of Process Control Systems 223 RegisFriendCassidy,AdrianChavez,JasonTrentandJorgeUrrea 17 Creating a European SCADA Security Testbed 237 Henrik Christiansson and Eric Luiijf Contents vii PART IV NETWORK INFRASTRUCTURE SECURITY 18 Protecting Internet Services from Low-Rate DoS Attacks 251 Yajuan Tang, Xiapu Luo and Rocky Chang 19 Detecting Wormhole Attacks in Wireless Sensor Networks 267 Yurong Xu, Guanling Chen, James Ford and Fillia Makedon 20 Detecting Non-Discoverable Bluetooth Devices 281 Daniel Cross, Justin Hoeckle, Michael Lavine, Jason Rubin and Kevin Snow PART V INFRASTRUCTURE INTERDEPENDENCIES 21 Risk Analysis in Interdependent Infrastructures 297 Yacov Haimes, Joost Santos, Kenneth Crowther, Matthew Henry, Chenyang Lian and Zhenyu Yan 22 Analysis of Interdependencies Between Italy’s Economic Sectors 311 Roberto Setola 23 The ISE Metamodel for Critical Infrastructures 323 Felix Flentge and Uwe Beyer 24 Multigraph Dependency Models for Heterogeneous Infrastructures 337 Nils Svendsen and Stephen Wolthusen 25 Visualizing Cascading Failures in Critical Cyber Infrastructures 351 Jason Kopylec, Anita D’Amico and John Goodall PART VI RISK ASSESSMENT 26 A Service-Oriented Approach for Assessing Infrastructure Security 367 Marcelo Masera and Igor Nai Fovino viii CRITICAL INFRASTRUCTURE PROTECTION 27 Analysis of Electrical Power and Oil and Gas Pipeline Failures 381 Jeffrey Simonoff, Carlos Restrepo, Rae Zimmerman and Zvia Naphtali Contributing Authors Rune Ask is a Senior Consultant at Det Norske Veritas, Oslo, Norway. His research interests include information security, risk assessment, vulnerability assessment and information technology management. Dan AssafisacandidatefortheDoctorofJuridicalScience(S.J.D.)degreeat the University of Toronto, Toronto, Canada. His research interests are in the intersection of law, economics and security, in particular, the regulation and governance of security. Uwe Beyer is the Department Head of Process Intelligence and Head of Security at the Fraunhofer Institute for Intelligent Analysis and Information Systems, Sankt Augustin, Germany. His research interests include new secu- rity technologies, future C3 systems and large-scale software architectures. Roy Campbell is a Sohaib and Sara Abbasi Professor at the University of Illinois at Urbana-Champaign, Urbana, Illinois. His research interests include security, distributed operating systems and ubiquitous computing. Rodrigo Chandia is a Ph.D. student in Computer Science at the University of Tulsa, Tulsa, Oklahoma. His research interests include SCADA security, computer security and open source software development methodologies. Rocky Chang is an Associate Professor in the Department of Computing at Hong Kong Polytechnic University, Kowloon, Hong Kong, China. His research interests include network security, measurement, operations, management and economics. Adrian Chavez is a Computer Software Researcher and Developer at San- dia National Laboratories, Albuquerque, New Mexico. His research interests include critical infrastructure protection, cryptology and algorithm design and development. x CRITICAL INFRASTRUCTURE PROTECTION GuanlingChenisanAssistantProfessorofComputerScienceattheUniversity of Massachusetts-Lowell, Lowell, Massachusetts. His research interests include wirelessnetworks andcomputersecurity. Steven Cheung is a Computer Scientist at SRI International, Menlo Park, California. His research interests include network security, intrusion detection, alert correlation and sensor networks. Henrik Christiansson is a Senior Scientist at the Swedish Defence Research Agency, Stockholm, Sweden. His research interests include information assur- ance and critical infrastructure protection. Daniel Cross is an M.S. student at the Information Security Institute, Johns HopkinsUniversity,Baltimore,Maryland. Hisresearchinterestsincludecritical infrastructure protection, network security and digital forensics. Kenneth Crowther is a Research Assistant Professor in the Department of Systems and Information Engineering at the University of Virginia, Char- lottesville, Virginia. His research interests include risk analysis of regional and multiregional interdependent systems, geodatabase systems and regional strategic preparedness. Robert Cunningham is the Associate Leader of the Information Systems Technology Group at MIT Lincoln Laboratory, Lexington, Massachusetts. His researchinterestsincludeintrusiondetection,analysisofmalicioussoftwareand automated fault detection in mission-critical software. Anita D’Amico is the Director of Secure Decisions, a division of Applied Visions, Inc., Northport, New York. Her research interests include situational awareness and visualization, information security, cognitive task analysis and technology transition. Bruno Dutertre is a Senior Computer Scientist at SRI International, Menlo Park,California. Hisresearchinterestsincludeformalmethods,softwarearchi- tectures,andtheapplicationoftheoremprovingandmodelcheckingtechniques to the engineering of high-integrity systems. Scott Dynes is a Senior Research Fellow and Project Manager with the Cen- ter for Digital Strategies at the Tuck School of Business, Dartmouth College, Hanover,NewHampshire. Hisresearchinterestsincludetheeconomicsofcyber security and infrastructure protection, policy issues and risk management. Contributing Authors xi Janica Edmonds is a Visiting Assistant Professor of Mathematics at the University of Tulsa, Tulsa, Oklahoma. Her research interests include informa- tion assurance, formal methods and distributed system verification. Felix Flentge is the Area Head of Multimodal Software Engineering at Darmstadt University of Technology, Darmstadt, Germany. His research inter- ests include human-computer interaction (especially in crisis situations), soft- ware engineering, and modeling and simulation. Martin FongisaSeniorSoftwareEngineeratSRIInternational,MenloPark, California. His research interests include the design, implementation and de- ployment of extensible software security systems. James Ford is a Faculty Associate (Research) at the University of Texas at Arlington, Arlington, Texas. His research interests include medical imaging, artificial intelligence and computer security. Michael Freeman is an Assistant Professor in the Department of Defense Analysis at the Naval Postgraduate School, Monterey, California. His research interests focus on the causes of terrorism, the relationship between democracy and terrorism, and U.S. foreign policy. Regis Friend Cassidy is a Computer Software Researcher and Developer at Sandia National Laboratories, Albuquerque, New Mexico. His research inter- ests include information assurance, digital forensics and malware analysis. Rajni Goel is an Assistant Professor of Information Systems and Decision SciencesatHowardUniversity,Washington,DC.Herresearchinterestsinclude information assurance, digital forensics, control systems security and data mining. Eric GoetzistheAssociateDirectorforResearchattheInstituteforInforma- tion Infrastructure Protection, Dartmouth College, Hanover, New Hampshire. His research interests include information security and critical infrastructure protection, and developing business and policy solutions to counter risk. Jesus Gonzalez is a Security Analyst with CITGO Petroleum in Houston, Texas. Hisresearchinterestsincludenetworkinfrastructuresecurityandintru- sion detection. xii CRITICAL INFRASTRUCTURE PROTECTION John Goodall is a Senior Analyst at Secure Decisions, a division of Applied Visions, Inc., Northport, New York. His research interests include information visualization,human-computerinteraction,socio-technicaldesignandcomputer network defense. James Graham is the Henry Vogt Professor of Computer Science and En- gineering at the University of Louisville, Louisville, Kentucky. His research interests include information security, digital forensics, critical infrastructure protection, high performance computing and intelligent systems. Yacov HaimesistheQuarlesProfessorofSystemsandInformationEngineer- ing and Director of the Center for Risk Management of Engineering Systems at the University of Virginia, Charlottesville, Virginia. His research interests include systems engineering, risk analysis and risk management. MarkHartongisaSeniorElectronicsEngineerwiththeOfficeofSafety,Federal RailroadAdministration,U.S.DepartmentofTransportation,Washington,DC, and a Ph.D. student in Information Technology at George Mason University, Fairfax, Virginia. His research interests include software engineering, software systemssafety,informationsecurityandforensics,andcontrolsystemssecurity. Matthew HenryisaSeniorStaffMemberatJohnsHopkinsUniversity’sAp- plied Physics Laboratory in Laurel, Maryland. His research interests include risk in interdependent systems, coordination of distributed agents and multi- objective control. Jeffrey Hieb is a Ph.D. candidate in Computer Science and Engineering at the University of Louisville, Louisville, Kentucky. His research interests in- clude information security, honeypots, digital forensics, critical infrastructure protection and secure operating systems. JustinHoeckleisanM.S.studentattheInformationSecurityInstitute,Johns HopkinsUniversity,Baltimore,Maryland. Hisresearchinterestsincludedigital forensics, incident detection and response, and malware analysis. Stig Johnsen is a Senior Research Scientist at SINTEF, Trondheim, Norway. Hisresearchinterestsincludeinformationsecurity,SCADAsystems,integrated oil and gas operations, and plant safety.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.