Visible to the public Biblio

Filters: Keyword is Cyber Resiliency  [Clear All Filters]
2022-04-20
Tushar, Venkataramanan, V., Srivastava, A., Hahn, A..  2020.  CP-TRAM: Cyber-Physical Transmission Resiliency Assessment Metric. IEEE Transactions on Smart Grid. 11:5114—5123.
Natural disasters and cyber intrusions threaten the normal operation of the critical electric grid infrastructure. There is still no widely accepted methodology to quantify the resilience in power systems. In this work, power system resiliency refers to the ability of the system to keep provide energy to the critical load even with adverse events. A significant amount of work has been done to quantify the resilience for distribution systems. Even though critical loads are located in distribution system, transmission system play a critical role in supplying energy to distribution feeder in addition to the Distributed Energy Resources (DERs). This work focuses on developing a framework to quantify the resiliency of cyber-physical transmission systems. Quantifying the resiliency of the transmission network, is important to determine and devise suitable control mechanisms to minimize the effects of undesirable events in the power grid. The proposed metric is based on both system infrastructure and with changing operating conditions. A graphical analysis along with measure of critical parameters of the network is performed to quantify the redundancy and vulnerabilities in the physical network of the system. A similar approach is used to quantify the cyber-resiliency. The results indicate the capability of the proposed framework to quantify cyber-physical resilience of the transmission systems.
Conference Name: IEEE Transactions on Smart Grid
Mailloux, Logan O., Grimaila, Michael.  2018.  Advancing Cybersecurity: The Growing Need for a Cyber-Resiliency Workforce. IT Professional. 20:23—30.
As the world becomes more dependent on connected cyber-physical systems, the cybersecurity workforce must adapt to meet these growing needs. The authors present the notion of a cyber-resiliency workforce to prepare the next generation of cybersecurity professionals.
2021-09-16
Wilson, Beth, Young, Bobbi.  2020.  Cyber Secure and Resilient Approaches for Feature Based Variation Management. 2020 IEEE Systems Security Symposium (SSS). :1–6.
A joint INCOSE/NDIA project is exploring the intersection between systems security engineering and product line engineering teams to develop cyber secure and resilient approaches for feature-based variation management. The project team is investigating existing approaches and developing new approaches to implement systems security in product line design, apply patterns for product line architectures that address systems security, and define variation management approaches for secure and resilient product line products and shared assets.
2020-11-16
Ullah, S., Shetty, S., Hassanzadeh, A..  2018.  Towards Modeling Attacker’s Opportunity for Improving Cyber Resilience in Energy Delivery Systems. 2018 Resilience Week (RWS). :100–107.
Cyber resiliency of Energy Delivery Systems (EDS) is critical for secure and resilient cyber infrastructure. Defense-in-depth architecture forces attackers to conduct lateral propagation until the target is compromised. Researchers developed techniques based on graph spectral matrices to model lateral propagation. However, these techniques ignore host criticality which is critical in EDS. In this paper, we model attacker's opportunity by developing three criticality metrics for each host along the path to the target. The first metric refers the opportunity of attackers before they penetrate the infrastructure. The second metric measure the opportunity a host provides by allowing attackers to propagate through the network. Along with vulnerability we also take into account the attributes of hosts and links within each path. Then, we derive third criticality metric to reflect the information flow dependency from each host to target. Finally, we provide system design for instantiating the proposed metrics for real network scenarios in EDS. We present simulation results which illustrates the effectiveness of the metrics for efficient defense deployment in EDS cyber infrastructure.
2019-08-05
Randhawa, Suneel, Turnbull, Benjamin, Yuen, Joseph, Dean, Jonathan.  2018.  Mission-Centric Automated Cyber Red Teaming. Proceedings of the 13th International Conference on Availability, Reliability and Security. :1:1–1:11.
Cyberspace is ubiquitous and is becoming increasingly critical to many societal, commercial, military, and national functions as it emerges as an operational space in its own right. Within this context, decision makers must achieve mission continuity when operating in cyberspace. One aspect of any comprehensive security program is the use of penetration testing; the use of scanning, enumeration and offensive techniques not unlike those used by a potential adversary. Effective penetration testing provides security insight into the network as a system in its entirety. Often though, this systemic view is lost in reporting outcomes, instead becoming a list of vulnerable or exploitable systems that are individually evaluated for remediation priority. This paper introduces Trogdor; a mission-centric automated cyber red-teaming system. Trogdor undertakes model based Automated Cyber Red Teaming (ACRT) and critical node analysis to visually present the impact of vulnerable resources to cyber dependent missions. Specifically, this work discusses the purpose of Trogdor, outlines its architecture, design choices and the technologies it employs. This paper describes an application of Trogdor to an enterprise network scenario; specifically, how Trogdor provides an understanding of potential mission impacts arising from cyber vulnerabilities and mission or business-centric decision support in selecting possible strategies to mitigate those impacts.