Potential Cyber Research Articles

Cyber power and cyber effectiveness: An analytic framework

ABSTRACTThis article proposes a theoretical framework to evaluate a state's potential cyber power and cyber effectiveness. It identifies the domestic and structural variables that contribute to potential cyber power, and the attributes associated with cyber effectiveness. Translating potential cyber power into cyber effectiveness is done through technical, tactical, operational, and strategic means. Effectiveness is worthwhile only in comparison to other target states. Finally, future research questions are proposed.

Digital design and manufacturing of wood head golf club in a cyber physical environment

PurposeThe purpose of this paper is to establish a cyber physical environment for digital product design and manufacturing. To realize this goal, the specific issue of integrating design knowledge-based system (KBS) and 3D printing (3DP) system is focused. A graphics generation method is thereby developed to transform the KBS outputs into graphical format which can be directly read and manufactured by 3DP system.Design/methodology/approachA graphics generation method is proposed in this paper. Through organizing alphanumeric outputs of the consultation session with a design KBS into parametric format, the consultation results can be directly used by computer-aided design (CAD) tools to generate graphical models which can be further exported into a 3DP system to produce physical objects.FindingsThe proposed graphics generation method can be effective to link design KBS and 3DP. Therefore, the seamless connection between design and prototyping systems can be realized, which further lays the communication foundation for a cyber physical environment for digital design and manufacturing.Originality/valueThis study provides research insights about potential cyber physical system applications in digital design and manufacturing area. Moreover, this paper contributes an effective technique to integrate design KBS and 3DP.

Graph-based Cyber Security Analysis of State Estimation in Smart Power Grid

The smart power grid enables intelligent automation at all levels of power system operation, from electricity generation at power plants to power usage in the home. The key enabling factor of an efficient smart grid is its built-in ICT, which monitors the real-time system operating state and makes control decisions accordingly. As an important building block of the ICT system, power system state estimation is of critical importance to maintain normal operation of the smart grid, which, however, is under mounting threat from potential cyber attacks. In this article, we introduce a graph-based framework for performing cyber-security analysis in power system state estimation. Compared to conventional arithmetic- based security analysis, the graphical characterization of state estimation security provides intuitive visualization of some complex problem structures and enables efficient graphical solution algorithms, which are useful for both defending and attacking the ICT system of the smart grid. We also highlight several promising future research directions on graph-based security analysis and its applications in smart power grid.

Graph-based Cyber Security Analysis of State Estimation in Smart Power Grid

Smart power grid enables intelligent automation at all levels of power system operation, from electricity generation at power plants to power usage at households. The key enabling factor of an efficient smart grid is its built-in information and communication technology (ICT) that monitors the real-time system operating state and makes control decisions accordingly. As an important building block of the ICT system, power system state estimation is of critical importance to maintain normal operation of the smart grid, which, however, is under mounting threat from potential cyber attacks. In this article, we introduce a graph-based framework for performing cyber-security analysis in power system state estimation. Compared to conventional arithmetic-based security analysis, the graphical characterization of state estimation security provides intuitive visualization of some complex problem structures and enables efficient graphical solution algorithms, which are useful for both defending and attacking the ICT system of smart grid. We also highlight several promising future research directions on graph-based security analysis and its applications in smart power grid.

Cyber-Physical System Security of a Power Grid: State-of-the-Art

As part of the smart grid development, more and more technologies are developed and deployed on the power grid to enhance the system reliability. A primary purpose of the smart grid is to significantly increase the capability of computer-based remote control and automation. As a result, the level of connectivity has become much higher, and cyber security also becomes a potential threat to the cyber-physical systems (CPSs). In this paper, a survey of the state-of-the-art is conducted on the cyber security of the power grid concerning issues of: (1) the structure of CPSs in a smart grid; (2) cyber vulnerability assessment; (3) cyber protection systems; and (4) testbeds of a CPS. At Washington State University (WSU), the Smart City Testbed (SCT) has been developed to provide a platform to test, analyze and validate defense mechanisms against potential cyber intrusions. A test case is provided in this paper to demonstrate how a testbed helps the study of cyber security and the anomaly detection system (ADS) for substations.

Quantitative assessments of cyber security system priorities

The algorithm of a choice of rational cyber security structure with elements of potential cyber threats in a high probability of their realization is proposed. The algorithm is based on the analysis of hierarchical structures. The article discusses the basic cyber threats and evaluation of local and global priorities of cyber security.

Cyber Security – Threats and Vulnerabilities to Road Transport

As vehicles become increasingly connected, with users demanding more and more communications features from vehicle manufacturers, cyber security will continue to present a challenge. The automotive industry is tackling this head on, however, there is still much to be done. Automotive manufacturers and suppliers need to help position the UK industry as a leader in automotive cyber security, from the vehicles that are manufactured through to the R&D, toolsets and validation facilities that are used to ensure the UK maintains such a position. This article is targeted at technologists who may not be aware of the automotive and potential cyber issues associated with increasingly connected vehicles, introducing them to the key threats and vulnerabilities to road transport. Whilst this article summarises several challenges the industry is facing regarding these threats and vulnerabilities, it will not delve deeply into these challenges as many require their own research paper in their own right.

Two-stage Security Controls Selection

To protect a system from potential cyber security breaches and attacks, one needs to select efficient security controls, taking into account technical and institutional goals and constraints, such as available budget, enterprise activity, internal and external environment. Here we model the security controls selection problem as a two-stage decision making: First, managers and information security officers define the size of security budget. Second, the budget is distributed between various types of security controls. By viewing loss prevention with security controls measured as gains relative to a baseline (losses without applying security controls), we formulate the decision making process as a classical portfolio selection problem. The model assumes security budget allocation as a two objective problem, balancing risk and return, given a budget constraint. The Sharpe ratio is used to identify an optimal point on the Pareto front to spend the budget. At the management level the budget size is chosen by computing the trade-offs between Sharpe ratios and budget sizes. It is shown that the proposed two-stage decision making model can be solved by quadratic programming techniques, which is shown for a test case scenario with realistic data.

Enhancing International Cyber Security

Cyber aggression is an increasing threat to international security and stability. While national policies intended to deter cyber aggression may offer some solution in the short term, their effects in the long term are doubtful. National cyber-deterrence policies entail the risk of an on-going cyber arms race and a cycle of escalation between potential cyber opponents. Diplomacy may offer fewer results in the short term, but it is more promising in the long term. Confidence-building measures and international norms and values may not be easy to reach, but in the end they could be more effective (and cheaper) than a single focus on national cyber-deterrence strategies. In the long term, cooperation between states to establish confidence and commonly accepted norms of behaviour in cyber space are the most promising ways available to achieve enduring cyber security and stability. Enhancing interstate co-operation, transparency and predictability of behaviour in cyberspace will reduce the risks of misperception, escalation and conflict.

Cyber Security Threats in Synchrophasor System in Wide Area Monitoring System

Cyber security has become a critical priority for electric utilities. With the increase in the use of intelligent measuring devices like PMUs and more advanced communications and information technology in smart grid, the overall attack surface has increased. Cyber attacks against synchrophasor system critical infrastructure are detrimental to the functioning of the society as a whole. This paper presents the latest on cyber security of synchrophasor system in smart grid, specifically; it focuses on the deep understanding of the risk in terms of threats, vulnerabilities and consequences that arise from cyber attacks. Since the research on cyber security for the smart grid is still in its early stage, our objective is to provide an overview, analyze potential cyber security threats, and review existing security solutions in the Wide Area Monitoring System.

Cyber Security Threats in Synchrophasor System in Wide Area Monitoring System

<p>Cyber security has become a critical priority for electric utilities. With the increase in the use of intelligent measuring devices like PMUs and more advanced communications and information technology in smart grid, the overall attack surface has increased. Cyber attacks against synchrophasor system critical infrastructure are detrimental to the functioning of the society as a whole. This paper presents the latest on cyber security of synchrophasor system in smart grid, specifically; it focuses on the deep understanding of the risk in terms of threats, vulnerabilities and consequences that arise from cyber attacks. Since the research on cyber security for the smart grid is still in its early stage, our objective is to provide an overview, analyze potential cyber security threats, and review existing security solutions in the Wide Area Monitoring System.</p>

스마트그리드 체제에 따른 EMS의 보안 평가를 위한 정량적 방법론에 관한 연구

This paper aims to identify and clarify the cyber security risks and their interaction with the power system in Smart Grid. The EMS and other communication networks interact with the power system on a real time basis, so it is important to understand the interaction between two layers to protect the power system from potential cyber threats. In this study, the optimal power flow(OPF) and Power Flow Tracing are used to assess the interaction between the EMS and the power system. Through OPF and Power Flow Tracing based analysis, the physical and economic impacts from potential cyber threats are assessed, and thereby the quantitative risks are measured in a monetary unit.

Security Outlook: Six Cyber Game Changers for the Next 15 Years

Six potential cyber game changers gleaned from a recent long-range planning symposium can help experts identify priorities for future cybersecurity research and development.

Spatial Load Forecasting With Communication Failure Using Time-Forward Kriging

Short-term and very short-term load forecasting are essential for power grid management operations such as automatic generation control, unit commitment scheduling, and transmission loss estimation. Most existing forecasting techniques require that the load data be available up to the current time step. In recent years, cyber attacks increasingly threaten the secure operation of power grids. One potential cyber threat is communication failure which will affect load forecasting. When communication failure happens and actual load data are not available, forecasting accuracy suffers. To overcome this problem, we propose a time-forward kriging based approach to forecast load with and without communication failure. This technique has the ability to forecast the load by utilizing load information from neighboring regions. The proposed method has been tested using NYISO and PJM load data with 5-min and 1-h intervals, respectively. Our results show that the proposed method is capable of forecasting load under communication failure with acceptable accuracy and improved accuracy when compared with other forecasting techniques.

A Model-Based Validated Autonomic Approach to Self-Protect Computing Systems

This paper introduces an autonomic model-based cyber security management approach for the Internet of Things (IoT) ecosystems. The approach aims at realizing a self-protecting system, which has the ability to autonomously estimate, detect, and react to cyber attacks at an early stage. Our approach integrates various model-based techniques including: 1) real-time estimation and baseline security controls to predict and eliminate potential cyber attacks; 2) data analysis to identify and classify attacks; and 3) a multicriteria optimization method to select the optimal active response for deploying countermeasures while maintaining system functions. The prototype framework has been developed with a master controller virtual machine, which can be configured for various platforms. Experimental results demonstrated the effectiveness of this proposed approach in protecting a Web-based application against known and unknown attacks with little or no human intervention.

Analysis and Design of Stealthy Cyber Attacks on Unmanned Aerial Systems

Cyber security has emerged as one of the most important issues in unmanned aerial systems for which the functionality heavily relies on onboard automation and intervehicle communications. In this paper, potential cyber threats and vulnerabilities in the unmanned aerial system’s state estimator to stealthy cyber attacks are identified, which can avoid being detected by the monitoring system. Specifically, this paper investigates the worst stealthy cyber attack that can maximize the state estimation error of the unmanned aerial system’s state estimator while not being detected. First, the condition that the system is vulnerable to the stealthy cyber attacks is derived, and then an analytical method is provided to identify the worst stealthy cyber attack. The proposed cyber attack analysis methods are demonstrated with illustrative examples of an onboard unmanned aerial system navigation system and an unmanned aerial system tracking application.

A Study on Quantitative Methodology to Assess Cyber Security Risk of SCADA Systems

This paper aims to identify and clarify the cyber security risks and their interaction with the power system in Smart Grid. The SCADA system and other communication networks interact with the power system on a real time basis, so it is important to understand the interaction between two layers to protect the power system from potential cyber threats. In this study, the optimal power flow (OPF) and Power Flow Tracing are used to assess the interaction between the SCADA network and the power system. Through OPF and Power Flow Tracing based analysis, the physical and economic impacts from potential cyber threats are assessed, and thereby the quantitative risks are measured in a monetary unit.

Towards secure identity management for the smart grid

AbstractThe emerging smart grid incorporates modern information systems with traditional power delivery systems to achieve better control, efficiency, and reliability. However, it also brings potential cyber security risks into the essential power system. Therefore, we need a large‐scale framework to address the basic security issues such as identity management in the smart grid. While public key infrastructures (PKIs) have been developed for large‐scale distributed information systems, the existing PKI solutions cannot meet the unique requirements of the electrical power grid. In this paper, we first identify those unique requirements and discuss how the existing PKI trust models may be adapted to meet these requirements; we further evaluate the existing certificate revocation models; we then discuss various PKI adaptations for the smart grid. Copyright © 2014 John Wiley & Sons, Ltd.

Cyber Security of Intelligent Buildings: A Review

The concept of an intelligent building has existed for over 30 years and is seen as a solution to a number of economic and environmental problems. Intelligent buildings are often seen as a means of improving the energy efficiency of the built environment. However, they are increasingly being promoted as a means of improving the operational efficiency of buildings, providing enhanced building and personal security, and improving the availability of management information to support better and quicker decision making. The potential cyber security risks inherent in the adoption of intelligent buildings are rarely discussed.

Jus ad Bellum and Cyber Warfare in Northeast Asia

Cyber attacks have become a grave threat to international peace and security. Northeast Asia is a critical point of many of these cyber operations. First, South Korea has been the target of cyber attacks from North Korea. Second, there are harsh debates on this matter between the US and China. While the United States have expressed their concerns about the growing threat of cyber intrusions from China, the People’s Republic of China has blamed the US for attacks against their respective computer networks. From the perspective of the jus ad bellum, potential cyber attacks raise a number of difficult and complex issues. The following article examines which cyber operations amount to the use of force as stipulated in Article 2(4) of the UN Charter and discusses the conditions under which type of cyber attacks could trigger the right to self-defense. In addition, other available remedies outside the framework of Article 51 of the UN Charter will be discussed.