ebook img

Critical Infrastructure Protection XVI: 16th IFIP WG 11.10 International Conference, ICCIP 2022, Virtual Event, March 14–15, 2022, Revised Selected Papers PDF

303 Pages·2022·7.901 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Critical Infrastructure Protection XVI: 16th IFIP WG 11.10 International Conference, ICCIP 2022, Virtual Event, March 14–15, 2022, Revised Selected Papers

IFIP AICT 666 Jason Staggs Sujeet Shenoi (Eds.) Critical Infrastructure Protection XVI IFIP Advances in Information and Communication Technology 666 Editor-in-Chief Kai Rannenberg, Goethe University Frankfurt, Germany Editorial Board Members TC 1 – Foundations of Computer Science Luís Soares Barbosa , University of Minho, Braga, Portugal TC 2 – Software: Theory and Practice Michael Goedicke, University of Duisburg-Essen, Germany TC 3 – Education Arthur Tatnall , Victoria University, Melbourne, Australia TC 5 – Information Technology Applications Erich J. Neuhold, University of Vienna, Austria TC 6 – Communication Systems Burkhard Stiller, University of Zurich, Zürich, Switzerland TC 7 – System Modeling and Optimization Fredi Tröltzsch, TU Berlin, Germany TC 8 – Information Systems Jan Pries-Heje, Roskilde University, Denmark TC 9 – ICT and Society David Kreps , National University of Ireland, Galway, Ireland TC 10 – Computer Systems Technology Ricardo Reis , Federal University of Rio Grande do Sul, Porto Alegre, Brazil TC 11 – Security and Privacy Protection in Information Processing Systems Steven Furnell , Plymouth University, UK TC 12 – Artificial Intelligence EunikaMercier-Laurent ,UniversityofReimsChampagne-Ardenne,Reims,France TC 13 – Human-Computer Interaction Marco Winckler , University of Nice Sophia Antipolis, France TC 14 – Entertainment Computing Rainer Malaka, University of Bremen, Germany IFIP – The International Federation for Information Processing IFIP was founded in 1960 under the auspices of UNESCO, following the first World ComputerCongressheldinParisthepreviousyear.Afederationforsocietiesworking in information processing, IFIP’s aim is two-fold: to support information processing in the countries of its members and to encourage technology transfer to developing na- tions.Asitsmissionstatementclearlystates: IFIP is the global non-profit federation of societies of ICT professionals that aims at achieving a worldwide professional and socially responsible development and applicationofinformationandcommunicationtechnologies. IFIP is a non-profit-making organization, run almost solely by 2500 volunteers. It operates through a number of technical committees and working groups, which organize events and publications. IFIP’s events range from large international open conferences toworkingconferencesandlocalseminars. The flagship event is the IFIP World Computer Congress, at which both invited and contributed papers are presented. Contributed papers are rigorously refereed and the rejectionrateishigh. As with the Congress, participation in the open conferences is open to all and papers maybeinvitedorsubmitted.Again,submittedpapersarestringentlyrefereed. The working conferences are structured differently. They are usually run by a work- ing group and attendance is generally smaller and occasionally by invitation only. Their purpose is to create an atmosphere conducive to innovation and development. Referee- ingisalsorigorousandpapersaresubjectedtoextensivegroupdiscussion. Publications arising from IFIP events vary. The papers presented at the IFIP World Computer Congress and at open conferences are published as conference proceedings, while the results of the working conferences are often published as collections of se- lectedandeditedpapers. IFIP distinguishes three types of institutional membership: Country Representative Members, Members at Large, and Associate Members. The type of organization that can apply for membership is a wide variety and includes national or international so- cieties of individual computer scientists/ICT professionals, associations or federations of such societies, government institutions/government related organizations, national or international research institutes or consortia, universities, academies of sciences, com- panies,nationalorinternationalassociationsorfederationsofcompanies. Moreinformationaboutthisseriesathttps://link.springer.com/bookseries/6102 Jason Staggs Sujeet Shenoi (Eds.) (cid:129) Critical Infrastructure Protection XVI 16th IFIP WG 11.10 International Conference, ICCIP 2022 – Virtual Event, March 14 15, 2022 Revised Selected Papers 123 Editors Jason Staggs Sujeet Shenoi University of Tulsa University of Tulsa Tulsa, OK,USA Tulsa, OK,USA ISSN 1868-4238 ISSN 1868-422X (electronic) IFIPAdvances in Information andCommunication Technology ISBN 978-3-031-20136-3 ISBN978-3-031-20137-0 (eBook) https://doi.org/10.1007/978-3-031-20137-0 ©IFIPInternationalFederationforInformationProcessing2022 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthe material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodologynow knownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthors,andtheeditorsaresafetoassumethattheadviceandinformationinthisbookare believedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsortheeditors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissionsthatmayhavebeenmade.Thepublisherremainsneutralwithregardtojurisdictionalclaimsin publishedmapsandinstitutionalaffiliations. ThisSpringerimprintispublishedbytheregisteredcompanySpringerNatureSwitzerlandAG Theregisteredcompanyaddressis:Gewerbestrasse11,6330Cham,Switzerland Contents Contributing Authors vii Preface xiii PART I THEMES AND ISSUES 1 National Cyber Resilience and Roles for Public and Private Sector 3 Stakeholders Neal Ziring 2 Are EuropeanSecurity PoliciesReady for AdvancedMetering Sys- 47 tems with Cloud Back-Ends? Oyvind Toftegaard, Janne Hagen and Bernhard H¨ammerli PART II INDUSTRIAL CONTROL SYSTEMS SECURITY 3 ImportanceofCyberSecurityAnalysisintheOperationalTechnol- 73 ogy System Lifecycle Laura Tinnel and Ulf Lindqvist 4 Trusted Virtualization-Based Programmable Logic Controller Re- 103 silience Using a Backfit Approach James Cervini, Daniel Muller, Alexander Beall, Joseph Maurio, Aviel Rubin and Lanier Watkins PART III ADDITIVE MANUFACTURING SYSTEMS 5 Attack-DefenseModelingofMaterialExtrusionAdditive Manufac- 121 turing Systems Alyxandra Van Stockum, Elizabeth Kurkowski, Tiffany Potok, Curtis Taylor, Joel Dawson, Mason Rice and Sujeet Shenoi vi CRITICAL INFRASTRUCTURE PROTECTION XVI 6 Manipulation of G-Code Toolpath Files in 3D Printers: Attacks 155 and Mitigations Elizabeth Kurkowski, Alyxandra Van Stockum, Joel Dawson, Curtis Taylor, Tricia Schulz and Sujeet Shenoi 7 Detecting Part Anomalies Induced by Cyber Attacks on a Powder 175 Bed Fusion Additive Manufacturing System Elizabeth Kurkowski, Mason Rice and Sujeet Shenoi 8 Low-MagnitudeInfillStructureManipulationAttacksonFusedFil- 205 ament Fabrication 3D Printers Muhammad Haris Rais, Muhammad Ahsan, Vaibhav Sharma, Radhika Barua, Rob Prins and Irfan Ahmed PART IV INFRASTRUCTURE DEVICE SECURITY 9 Leveraging Confidential Computing to Enable Secure Information 235 Sharing Samuel Chadwick, Scott Graham, James Dean and Matthew Dallmeyer 10 Evaluating the Use of Boot Image Encryption on the Talos II 253 Architecture Calvin Muramoto, Scott Graham and Stephen Dunlap PART V TELECOMMUNICATIONS SYSTEMS SECURITY 11 Securing InfiniBand Trafficwith Bluefield-2 Data ProcessingUnits 277 Noah Diamond, Scott Graham and Gilbert Clark Contributing Authors IrfanAhmedisanAssociateProfessorofComputerScienceatVirginia Commonwealth University, Richmond, Virginia. His research interests includecybersecurity, digitalforensics,malware, cyber-physicalsystems and cyber security education. Muhammad Ahsan is a Ph.D. student in Computer Science at Vir- ginia Commonwealth University, Richmond, Virginia. His research in- terests include securing cyber-physical systems with a focus on using side channels for monitoring additive manufacturing systems. Radhika Barua is an Assistant Professor of Mechanical Engineeringat Virginia Commonwealth University, Richmond, Virginia. Her research interests include rare-earth-free magnetic alloys, magnetoceramics, low- cost magnetic materials processing, metal additive manufacturing and advanced magnetic material characterization using synchrotron probes. Alexander Beall is an Electrical Engineer and Researcher at Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland. His research interests include resilient control systems, digital twin technol- ogy and critical infrastructure protection. James Cervini is a Doctor of Engineering student at Johns Hopkins University, Baltimore, Maryland; and a Cyber Security Engineer at Johns Hopkins University Applied Physics Laboratory, Laurel, Mary- land. His research interests include operational technology cyber secu- rity, virtualization, fog computing and penetration testing. viii CRITICAL INFRASTRUCTURE PROTECTION XVI Samuel Chadwick recently completed his M.S. degree in Computer Engineering at the Air Force Institute of Technology, Wright-Patterson Air Force Base, Ohio. His research interests include computer network- ing, hardware security and critical infrastructure protection. Gilbert Clark is a Researcher at the Air Force Research Laboratory, Wright-Patterson Air Force Base, Ohio. His research interests include computer networking, embedded systems security, cyber-physical sys- tems security and critical infrastructure protection. Matthew DallmeyerisaCyberSecurity Research Engineerat theAir Force Institute of Technology, Wright-Patterson Air Force Base, Ohio. His research interests include computer architecture, side-channel anal- ysis and avionics security. Joel DawsonisaCyberSecurityResearcher intheEnergyandControl System Security Group at Oak Ridge National Laboratory, Oak Ridge, Tennessee. Hisresearchinterestsincludeside-channelanalysis,advanced manufacturing security and novel challenges in emerging cyber-physical systems. James Dean is an Assistant Professor of Computer Engineering at the Air Force Institute of Technology, Wright-Patterson Air Force Base, Ohio. His research interests include, deep learning for side-channel anal- ysis, secure processor architecture and vision-aided navigation. Noah Diamond recently completed his M.S. degree in Computer En- gineering at the Air Force Institute of Technology, Wright-Patterson Air Force Base, Ohio. His research interests include computer networking, hardware security and critical infrastructure protection. Stephen Dunlap is a Cyber Security Research Engineer at the Air Force Institute of Technology, Wright-Patterson Air Force Base, Ohio. His research interests includeembeddedsystemssecurity, cyber-physical systems security and critical infrastructure protection. Contributing Authors ix Scott GrahamisaProfessorofComputerEngineeringattheAirForce Institute of Technology, Wright-Patterson Air Force Base, Ohio. His re- searchinterestsincludeembeddedandcommunications systemssecurity, vehicle cyber security and critical infrastructure protection. Janne Hagen is a Special Advisor at the Norwegian Water Resources andEnergyDirectorate, Oslo,Norway;andanAssociateProfessoratthe Institutefor Informatics, University of Oslo, Oslo, Norway. Her research interests include cyber security, critical infrastructure protection and security governance. Bernhard Ha¨mmerli is a Professor of Information and Network Se- curity at the Norwegian University of Science and Technology, Gjovik, Norway; and a Professor of Information and Cyber Security at Lucerne University of Applied Sciences and Arts, Lucerne, Switzerland. His re- search interests include cyber security, critical infrastructure and op- erational technology ranging from the technical to the governance and strategic levels. Elizabeth Kurkowski is a Cyber Security Engineer at Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland. Her research interests include additive manufacturing security, software reverse engi- neering, networks and critical infrastructure protection. Ulf Lindqvist is a Senior Technical Director in the Computer Science Laboratory at SRI International, San Luis Obispo, California. His re- search interests include cyber security, infrastructure systems, intrusion detection and security for systems that interact with the physical world. Joseph MaurioistheChiefScientistoftheCriticalInfrastructurePro- tection Group at JohnsHopkins University Applied Physics Laboratory, Laurel, Maryland. His research interests include resilient control sys- tems, digital twin technology and critical infrastructure protection. Daniel Muller is a Cyber Security Engineer and Researcher at Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland. His research interests include cyber-physical systems security, network secu- rity and critical infrastructure protection.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.