Critical National Infrastructure Research Articles

Assessment of Static Resilience of Objects in the Rail Transport

Resilience is the ability of an object to retain its basic functions in the case of adverse events from an external or internal environment. Adverse events can jeopardize the operation of an object or cause it to become completely inoperable. The assessment of static resilience should be dealt with mainly by objects that are included in local, regional, national, and international critical infrastructure. ritical infrastructure is the basis of today's modern functioning society.
 The paper is focused on design of the static resilience evaluation of objects in the rail transport. The proposed method of static resilience assessment is based on safety pillars and is applied in a case study to a specific object of the rail transport. This approach is original in the conditions of the Slovak Republic.

Threat Assessment Model in Electrical Power Grid Environment

At the heart of every critical national infrastructure, there is a SCADA system. The wide range of supported applications has made this life-saving management system the key element of every industrial control infrastructure in various sectors. The complexity and sophistication of SCADA systems have been increased dramatically over the last few years. Various cyberattacks have targeted these systems by exploiting zero-day vulnerabilities or targeting a nearby Internet-enabled appliance or computer system. To this end, many efforts have been proposed previously to model the threats on SCADA systems to eliminate potential danger and diminish the catastrophic consequences in the physical domain. The main contribution of this work is to present a multi-facets threat assessment model to aid security teams to systematically perform various cybersecurity analysis practices such as penetration testing, vulnerability assessment and risk analysis.

Governance and interdependencies of critical infrastructures: Exploring mechanisms for cross-sector resilience

Much contemporary critical infrastructure research has been devoted to studies of the effects of risks stemming from interdependencies between critical infrastructures, here referred to asinterdependency-related risks. However, this research has placed limited emphasis on infrastructure actors’ efforts to manage such risks in practice, and it remains unclear to what extent and how critical infrastructure actors work to increase resilience related to interdependency-related risks. This paper explores mechanisms for addressing interdependency-related risks across three critical national infrastructure sectors in Sweden: transportation, energy and telecommunication. The paper combines a document study and an interview study, and nine mechanisms are identified: (1) Swedish critical infrastructures are subject to clear silo-structures, (2) dedicated individuals and personal relationships are central to existing cross-sector collaborations, (3) information-sharing occurs between sectors, including exchange of sensitive information, but is mainly based on trust or mutual information-needs, (4) while interdependencies are acknowledged, explicit and adequate methods and protocols for how to assess and manage interdependency-related risks seem to be scarce, (5) clear risk ownership, and a connection to physical interdependencies and the core business seems to influence the level of cross-sector engagement, (6) governance of interdependency-related risks is mostly reactive and heavily influenced by past events, (7) compliance have a potential for sparking collaboration, and finally, (8) customer demands in particular, and (9) economic factors in general, play an important role for incentivising cross-sector collaboration. Finally, the paper extensively discusses the implications of these findings and outlines the potential for future research directions to improve cross-sector resilience.

Food industry and engineering—Quo vadis?

Food industry and engineering—Quo vadis?

Beware suppliers bearing gifts!: Analysing coverage of supply chain cyber security in critical national infrastructure sectorial and cross-sectorial frameworks

Threat actors are increasingly targeting extended supply chains and abusing client-supplier trust to conduct third-party compromise. Governments are concerned about targeted attacks against critical national infrastructures, where compromise can have significant adverse national consequences. In this paper we identify and review advice and guidance offered by authorities in the UK, US, and the EU regarding Cyber Supply Chain Risk Management (C-SCRM). We then conduct a review of sector specific guidance in the three regions for the chemical, energy, and water sectors. We assessed frameworks that each region’s sector offered organisations for C-SCRM suitability. Our results found a range of interpretations for “Supply Chain” that resulted in a diversity in the quantity and quality of advice offered by regional authorities, sectors, and their frameworks. This is exacerbated by the lack of a common taxonomy to support supply chain procurement and risk management that has led to limited coverage in most C-SCRM programs. Our results highlight the need for a taxonomy regarding C-SCRM and systematic guidance (both general and sector specific) to enable controls to be deployed to mitigate against supply chain risk. We provide an outline taxonomy based on our data analysis to promote further discussion and research.

Ocean Outreach in Australia: How a National Research Facility is Engaging with Community to Improve Scientific Literacy

Marine systems across the globe are experiencing myriad pressures with consequences for their health, management and the industries and communities that depend on them. Critical to improved management of our oceans and coasts is effective education and communication that ultimately leads to improved societal value of the world’s oceans. In Australia, the national scientific research agency, CSIRO, operates critical national research infrastructure such as the Marine National Facility (MNF), which also plays an important role in marine education, training and communication. The MNF Outreach Program seeks to strategically engage the community in marine science, identifying audience segments and developing programs, activities and content to meet their specific information needs. The program is structured around three specific audience segments: Purpose Seekers, Nurturers and Lifelong Learners. With both at-sea and shore-based activities and programs including the Indigenous Time at Sea Scholarship, CAPSTAN sea-training, Educator on Board, Floating Classroom, live ship-to-shore crosses and media and social media programming, the MNF Outreach program delivers meaningful engagement through experiential learning opportunities, rather than simply addressing knowledge deficits. As marine issues are varied and complex, marine communication and education approaches must be equally multifaceted, and a successful outreach program will have a spectrum of activities of varying resource intensity (such as cost, time and appropriately skilled personnel) which are matched to clear target audience segments. With increasing recognition of the importance of science communication in informing science literacy and policy, publicly funded national research facilities have an essential role to play by shifting from traditional research-only roles to also provide for targeted education and outreach.

Cyberspace and the protection of critical national infrastructure

ABSTRACT Protecting critical infrastructure against cyber-attacks is a policy challenge arising from the disruptive potential of emerging digital technologies. Governments face difficult choices since cybersecurity is a public responsibility, but often a private task: Should they design their capacities hierarchically or rely on collaboration with private firms? We argue that choices depend on the institutional setting and the nature of the challenge. Our comparison of state-capitalist France with the market-capitalist United Kingdom corroborates our expectations that the former controls intermediaries more hierarchically and that both governments adopt a more assertive role when safeguarding against threats than when managing risks.

Investigating the Cybersecurity Aspects of the Liberian Government’s Network (GovNet) as a Critical National Infrastructure

One of the most critical national infrastructures (CNIs) in Liberia on which critical e-government services are dependent is GovNet. GovNet is the acronym for Government of Liberia’s (GoL’s) Network, and it is the conduit for connectivity and gateway to the internet for all of the Government’s over 107 Ministries, Agencies, and Commissions (MACs), as well as its e-government programs. Most of the MACs connected to GovNet run siloed ICT environments with little or no cybersecurity mechanisms in place. This paper is an investigation conducted at six MACs that are members of GovNet. The investigation identified several cybersecurity deficiencies at those MACs, due to the absence of vital dimensions or pre-requirements of cybersecurity readiness including the infrastructure (digital infrastructure), capacity (education and skills) and, governance (legal and regulatory instruments). The investigation examines previous and extant literature, conducted interviews with stakeholders of GovNet, and leverages the vast experiences of the author, who is the immediate past Managing Director of LIBTELCO. Recommendations are made for the necessary actions to be taken to remedy those deficiencies in GovNet, and the study’s contribution to the body of knowledge is indicated in the Conclusion.

Proactive Security for Safety and Sustainability of Mission Critical Systems

Ensuring cyber network security becomes a challenging step with the increase of cyber attacks. The latter are targeting any cyber system starting from personal computers to national critical infrastructures. Consequently, the development of a proactive cyber defense technique to detect and react to cyber attacks before the damage occurrence becomes a necessity. To this end, we develop in this work a formal model to proactively ensure safety and sustainability of mission critical systems. Our proposal consists of deploying a network of observer agents to supervise and generate observation data related to attacks under execution which will be analyzed by a central defense agent. The latter will hypothetically generate a graph of potential scenarios that could be executed in the network. A scenario context will be introduced to compute a set of probabilistic measures for the proactive assessment of attack damages. Another graph decomposing the cyber network global mission into sub operations, and presenting the cyber assets ensuring mission achievement, will be presented. Such a graph will be used to study the cyber attack impact on mission accomplishment and, thus, will ensure the system sustainability by proactively reacting to cyber attacks. A case study is provided to illustrate the proposal.

ADMINISTRATIVE AND LEGAL CONTENT OF THE NATIONAL CYBERSECURITY SYSTEM AS A COMPONENT OF THE NATIONAL SECURITY SYSTEM OF UKRAINE

The article offers for consideration the author's results of determining the conceptual provisions of the administrative and legal content of the national cybersecurity system as a component of the national security system of Ukraine. The content of the current state of state policy in the field of formation of the cybersecurity system is considered. Theoretical and practical aspects of organizational support of the cybersecurity system are analyzed. General and special subjects of cybersecurity are identified. The own vision of the following main elements in the system of cyber security of Ukraine (according to the main types of threats to cybersecurity) is proposed: 1) national system of combating cybercrime; 2) national system for combating cyberterrorism; 3) a nationwide system for combating cyber espionage; 4) national system of counteraction to information wars and new complex types of threats, including hybrid wars; 5) national system of cyber protection of national critical infrastructure. The administrative and legal understanding of the concept of national cybersecurity system is established – a set of special subjects of the national cybersecurity system, means and methods used by them, as well as a set of relevant interconnected information, cybernetic, legal, organizational, technical and strategic communications measures carried out by them. It is concluded that since the national security system is multicomponent, there is a need for a special subsystem, the purpose of which would be to ensure the functioning and development of this system, ie to ensure the viability of its system-forming elements, including national interests, society, state. Such a system is the national security system, as well as the national cybersecurity system. These factors confirm the conclusion that the national cybersecurity system is considered not only as a subsystem of the state information policy, but also primarily as a component of the national security system of Ukraine.

A Sensing Device with the Optical Temperature Sensors-Based Quad-RX Module and a Security Module.

In this paper, we present a sensing device with the optical temperature sensors-based quad receiver (Quad-RX) module and a security module. In addition, in order to prevent cyberattacks on critical national infrastructures and key facilities, we implemented symmetric-key and secure hash algorithm-based hardware security modules in the key elements of the sensing device. A preliminary test was conducted prior to a field trial to verify the performance of the developed sensing device. The accuracy and stability of the sensing device were then verified for 1 month in a field test at facilities for energy storage systems and photovoltaic converters in sewage treatment plants.

Attacking and defence pathways for Intelligent Medical Diagnosis System (IMDS)

BackgroundThe Intelligent Medical Diagnosis System (IMDS) has been targeted by the cyber attackers, who aim to damage the Healthcare Critical National Infrastructure (CNI). This research is motivated by the recent cyber attacks happened worldwide that have resulted in the compromise of medical diagnosis records. This study was conducted to demonstrate how the IMDS could be attacked and diagnosis records compromised (i.e. heart disease) and suggest a list of security defence strategies to prevent against such attacks. MethodsThis research developed an IMDS simulation platform by implementing the OpenEMR system. A Cardiac Diagnosis Component is then added to the IMDS. The IMDS is fed with the ECG data (retrieved from the PhysioNet/Computing in Cardiology Challenge 2017). This research then launched systematic ethical hacking, which was tailored to target IMDS diagnosis records. The systematic hacking was based on the NIST ethical hacking method and followed an attack pathway, starting from identifying the entry points of the medical websites, then propagating to gain access to the server, with the ultimate aim of modifying the heart disease diagnosis records. ResultsThe hacking was successful. Four major vulnerabilities (i.e. broken authentication, broken access control, security misconfiguration and using components with known vulnerabilities) were identified in the simulated IMDS and the cardiac diagnosis records were compromised. This research then proposed a list of security defence strategies to prevent such attacks at each possible attacking points along the attacking pathway. ConclusionsThis research demonstrated a systematic ethical hacking to the IMDS, identified four major vulnerabilities and proposed the security defence pathways. It provided novel insights into the protection of IMDS and will benefit researchers in the community to conduct further research in security defence of IMDS.

634 Views No files have yet been downloaded. 0 Citations See all citations Reviewed article Interorganizational Cooperation in Supply Chain Cybersecurity: A Cross-Industry Study of the Effectiveness of the UK Implementation of the NIS Directive

The transposition of the EU Directive on Network and Information Security (NIS) by EU Member States involved assigning a set of responsibilities to operators, regulators and policy makers within a national cybersecurity strategy, in order to improve cybersecurity levels across critical infrastructures. This research investigates the perspectives and experiences of organisations affected by the NIS Directive focussing on three different sectors (Energy, Water & Aviation). The authors evaluate the response of different actors to NIS interventions and their challenges in meeting their assigned responsibilities, in particular their ability to oversee supply chain cybersecurity. It proposes further support for partnerships and cooperation across organisations to increase the effectiveness of NIS implementation. Based on results from semi-structured interviews and observations of industry working groups, an approach to supply chain oversight to achieve a balance between control and cooperation is recommended, to improve cybersecurity within industry sectors and across critical national infrastructures. Although our initial focus has been on working mainly with UK stakeholders, we argue that our recommendations have a more general application beyond those countries directly affected by the Directive.

Management of Schemes and Threat Prevention in ICS Partner Companies Security

An analysis of the recent major security incidents related to industrial control systems, revealed that most had been caused by company employees. Therefore, enterprise security management systems have been developed to focus on companies’ personnel. Nonetheless, several hacking incidents, involving major companies and public/financial institutions, were actually attempted by the cooperative firms or the outsourced manpower undertaking maintenance work. Specifically, institutions that operate industrial control systems (ICSs) associated with critical national infrastructures, such as traffic or energy, have contracted several cooperative firms. Nonetheless, ICT's importance is gradually increasing, due to outsourcing, and is the most vulnerable factor in security. This paper proposes a virtualized security management scheme for the resident cooperative firms in the industrial control infrastructure. Since such companies often cannot afford adequate investment in security, the scheme is to let an ICS company provide the virtualized system. One of its merits is the convenience of controlling a VDI server at the center. The cooperative firms were classified, based on their respective security levels, and statistics were collected throughout a four-year period for the results. This paper analyzes the policies and virtualization systems that have been applied to the security of the partner companies, which engaged in ICS security. A suitable model for ICS security was then proposed by analyzing their effects on the system efficiencies, based on the comparisons of the security inspection results obtained before and after virtualization. The proposed system is expected to contribute to industrial safety.

Real-Time Authentication with A.I

Wrongdoing conception in surveillance videos is more challenging than detection. This work introduces the design of a accurate, lightweight and fast variance understanding neural network. AI capabilities can improve the way current security solutions are working today. It is projected that there will be need for security in area of AI to overcome issues like securing AI training data, training pipelines and ML models, also how AI modelled applications can be operated through negotiating with them. How can AI be leveraged to enhance security of critical infrastructure in the landscape of critical information which may contain large amount of critical business data. Now a day’s state sponsored attacks are growing on an alarming rate, due to which government and private organization are more vigilant in protecting critical infrastructure. This can be achieved by creating business application which will solve the headache of securing critical information for NCIIPC. (National Critical Information Infrastructure protection centre) This can be simulating in high end laptop with Intel Core i5 – 9th generation processor, 6 GB NVIDIA GPU GTX 1660 Ti, which has high FPS which we think will work more smoothly with MTCNN model to detect and recognize the face. Also, at various stages authentication function and alert function will work on top of recognition function. This application will prevent the user to enter into critical infrastructure and prevent wrong doing post validating itself through fake ID Card.

A Study and analysis of attacks by exploiting the source code against computer systems

An avalanche of threats from malicious used information and communication technologies (ICT) ‎in political, military, economic and social affairs led to a deep awareness of the fact that new ‎technologies may pose additional risks to international peace and safety. Thus, the problem of ‎international information security, that is, the state of the spread of information among the ‎countries of the world, with which excludes the possibility of violation of the rights of the ‎individual and users in various state agencies and in all fields of knowledge. In the field of ‎knowledge, as well as destructive and illegal impact on elements of the national critical ‎information infrastructure, became an integral part of international security as a system of ‎international relations based on the observance by all states of generally recognized principles and ‎norms of international law and excluding the solution of controversial questions and ‎disagreements between them through force or threat of force, in general. Thus, the principles of ‎international security providing for promoting peaceful coexistence, being ensuring equal security ‎for all states, the creation of effective guarantees in the military, political, economic and ‎humanitarian spheres, preventing the race of nuclear and space weapons, respect for the sovereign ‎rights of every people, fair political settlement of international crises and regional conflicts ‎certainly include the creation of a system of international information security. At the same time, ‎under the IIB system, designed for countering threats to strategic stability and ensuring equal ‎partnership in the global digital environment, we understand the totality international and ‎national norms and institutions, chief among which are the UN Regulated activities of various ‎actors worldwide.‎

A Systematic Review of the State of Cyber-Security in Water Systems

Critical infrastructure systems are evolving from isolated bespoke systems to those that use general-purpose computing hosts, IoT sensors, edge computing, wireless networks and artificial intelligence. Although this move improves sensing and control capacity and gives better integration with business requirements, it also increases the scope for attack from malicious entities that intend to conduct industrial espionage and sabotage against these systems. In this paper, we review the state of the cyber-security research that is focused on improving the security of the water supply and wastewater collection and treatment systems that form part of the critical national infrastructure. We cover the publication statistics of the research in this area, the aspects of security being addressed, and future work required to achieve better cyber-security for water systems.

Human-Computer Interaction Considerations When Developing Cyber Ranges

Cyber-attacks are continuing to rise globally. It is therefore vital for organisations to develop the necessary skills to secure their assets and to protect critical national infrastructure. In this short paper, we outline human-computer interaction elements which should be considered when developing a cybersecurity training platform, in an effort to maintain levels of user engagement. We provide an overview of existing training platforms before covering specialist cyber ranges. Aspects of human-computer interaction are explored with regards to their relevance in the context of cyber ranges. We conclude with design suggestions when developing a cyber range platform.

Towards a National Broadband Strategy for Australia, 2020-2030

This Report has been developed by the TelSoc National Broadband Network (NBN) Futures Group, drawing on substantial work since early 2019 to examine the current state and desirable future of broadband services in Australia. The purpose of the Group and this Report is to ensure Australia’s broadband infrastructure and services continues to develop in a financially responsible and timely manner, delivering value, economic benefit and new services to all Australian residents in all locations and in all economic circumstances. Broadband infrastructure, including the NBN in particular, represents National Critical Infrastructure providing essential services important for the development of a digital economy and online society. All Australians should benefit to the maximum extent in realising the social and economic potential of broadband. Large, long-term investments and programs that address the demand side, as well as the supply side, of broadband require a clear long-term vision and plan (the National Broadband Strategy), supported by a robust bipartisan commitment that endures beyond electoral cycles. The Report is not such a Strategy but is a major contribution towards it. It is addressed to all stakeholders, especially to the Commonwealth Government which has leadership responsibility, and to industry organisations whose involvement is important for success.

CyberOps: Situational Awareness in Cybersecurity Operations

Cybersecurity operations (CyberOps) is the use and application of cybersecurity capabilities to a domain, department, organisation or nation. It is fundamentally to protect digital investments, contribute to national economic wellbeing by providing a safe, secure and conducive environment to conduct business and to protect a nation’s critical national infrastructures and citizens welfare. In this paper, we investigate operational factors that influence situational awareness of CyberOps, specifically, the features that deals with understanding and comprehension of operational and human factors aspects and that helps with insights on human operator decision making (e.g., cognition, teamwork, knowledge, skills and abilities). The operational factors discussed in this paper range from tools, techniques, integration, architecture to automation, cognition, people, policy, process and procedures.