scholarly journals The Nuclear Digital I&C System Supply Chain Cyber-Attack Surface

2020 ◽  
Author(s):  
S. Eggers
Keyword(s):  
Supply Chain ◽  
Cyber Attack ◽  
Attack Surface

scholarly journals Assessing Cyber-Worthiness of Complex System Capabilities using MBSE: A new rigorous engineering methodology

2021 ◽  
Author(s):  
Stuart Fowler ◽  
Keith Joiner ◽  
Elena Sitnikova
Keyword(s):  
Complex System ◽  
Complex Systems ◽  
Systems Engineering ◽  
Cyber Attacks ◽  
Simulation Methods ◽  
Assessment Methodology ◽  
Cyber Attack ◽  
Cyber Threats ◽  
Attack Surface ◽  
Model Based Systems Engineering

<div>Cyber-worthiness as it is termed in Australian Defence, or cyber-maturity more broadly, is a necessary feature of modern complex systems which are required to operate in a hostile cyber environment. To evaluate the cyber-worthiness of complex systems, an assessment methodology is required to examine a complex system’s or system-of-system’s vulnerability to and risk of cyber-attacks that can compromise such systems. This assessment methodology should address the cyber-attack surface and threat kill chains, including supply chains and supporting infrastructure. A cyber-worthiness capability assessment methodology has been developed based on model-based systems engineering concepts to analyse the cyber-worthiness of complex systems and present a risk assessment of various cyber threats to the complex system. This methodology incorporates modelling and simulation methods that provide organisations greater visibility and consistency across diverse systems, especially to drive cybersecurity controls, investment and operational decisions involving aggregated systems. In this paper, the developed methodology will be presented in detail and hypothesised outcomes will be discussed.</div>

scholarly journals Vind: A Blockchain-Enabled Supply Chain Provenance Framework for Energy Delivery Systems

2021 ◽  
Vol 4 ◽  
Author(s):  
Eranga Bandara ◽  
Sachin Shetty ◽  
Deepak Tosh ◽  
Xueping Liang
Keyword(s):  
Risk Management ◽  
Supply Chain ◽  
Delivery Systems ◽  
Data Provenance ◽  
Level Energy ◽  
Supply Chain Risk Management ◽  
Industrial Control Systems ◽  
Electric System ◽  
Energy Delivery ◽  
Attack Surface

Enterprise-level energy delivery systems (EDSs) depend on different software or hardware vendors to achieve operational efficiency. Critical components of these systems are typically manufactured and integrated by overseas suppliers, which expands the attack surface to adversaries with additional opportunities to infiltrate into EDSs. Due to this reason, the risk management of the EDS supply chain is crucial to ensure that we are knowledgeable about the vulnerabilities in software and hardware components that comprise any critical part, quantifiable risk metrics to assess the severity and exploitability of the attack, and provide remediation solutions that can influence a prioritized mitigation plan. There is a need to realize cyber supply chain risk management for industrial control systems’ hardware, software, and computing and networking services associated with bulk electric system (BES) operations. This article proposes a blockchain-based cyber supply chain provenance platform (“Vind”) for EDSs to realize data provenance in a cyber supply chain ecosystem.

scholarly journals A Novel Hifi-Hacking Interrupter for Iot Devices

2020 ◽  
Vol 9 (4) ◽  
pp. 1771-1775
Keyword(s):  
Data Communication ◽  
Normal Operation ◽  
Modern World ◽  
Cyber Attack ◽  
Real World Data ◽  
Digital World ◽  
Flow Through ◽  
Attack Surface ◽  
Iot Devices ◽  
Internet Networks

Internet of Things (IoT) is a very relevant technology used by internet networks to send and receive sensed data via a sensor. The same relates to common data communication except that sensors and microcontrollers are commonly used in IoT. It is supposed to explore, and there will be developing interest in the IoT framework which gives frequent IoT system capabilities. It connects us to the Internet and also helps us to reveal and manage the actual world by using sharing its info. IoT systems make use of real-world data, so device-collected data may also be a tool for cyber attack. The attack surface also expands as IoT expands and all the vulnerabilities present in the digital world flow through our modern world. DDoS attacks built on compromised IoT systems emerge as a serious problem. There are many technological solutions, but technology has changed a lot, so software solution can be in risk as well. The proposed system will serve as a prevention tool for DDoS attack and send the admin an alert when an attempt is made to hack the IoT device. In this proposed system, intend to provide a highly secured platform that will clean out all the unnecessary data without disrupting IoT’s normal operation.

scholarly journals Assessing Cyber-Worthiness of Complex System Capabilities using MBSE: A new rigorous engineering methodology

2021 ◽  
Author(s):  
Stuart Fowler ◽  
Keith Joiner ◽  
Elena Sitnikova
Keyword(s):  
Complex System ◽  
Complex Systems ◽  
Systems Engineering ◽  
Cyber Attacks ◽  
Simulation Methods ◽  
Assessment Methodology ◽  
Cyber Attack ◽  
Cyber Threats ◽  
Attack Surface ◽  
Model Based Systems Engineering

<div>Cyber-worthiness as it is termed in Australian Defence, or cyber-maturity more broadly, is a necessary feature of modern complex systems which are required to operate in a hostile cyber environment. To evaluate the cyber-worthiness of complex systems, an assessment methodology is required to examine a complex system’s or system-of-system’s vulnerability to and risk of cyber-attacks that can compromise such systems. This assessment methodology should address the cyber-attack surface and threat kill chains, including supply chains and supporting infrastructure. A cyber-worthiness capability assessment methodology has been developed based on model-based systems engineering concepts to analyse the cyber-worthiness of complex systems and present a risk assessment of various cyber threats to the complex system. This methodology incorporates modelling and simulation methods that provide organisations greater visibility and consistency across diverse systems, especially to drive cybersecurity controls, investment and operational decisions involving aggregated systems. In this paper, the developed methodology will be presented in detail and hypothesised outcomes will be discussed.</div>

Sign in / Sign up

Export Citation Format

Share Document