Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071482
M. Beccuti, G. Franceschinis, S. Donatelli, S. Chiaradonna, F. Di Giandomenico, P. Lollini, G. Dondossola, F. Garrone
In this paper we present the CRUTIAL approach to model and quantify (inter)dependencies between the Electrical Infrastructure (EI) and the Information Infrastructures (II) that implements the EI control and monitoring system. The quantification is achieved through the integration of two models: one that concentrates more on the structure of the power grid and its physical quantities and one that concentrates on the behaviour of the control system supported by the II. The modelling approach is exemplified on a scenario whose goal is to study the effects of a II partial failure (a denial of service attack that compromises the communication network) on the remote control of the EI.
{"title":"Quantification of dependencies in electrical and information infrastructures: The CRUTIAL approach","authors":"M. Beccuti, G. Franceschinis, S. Donatelli, S. Chiaradonna, F. Di Giandomenico, P. Lollini, G. Dondossola, F. Garrone","doi":"10.1109/CRIS.2009.5071482","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071482","url":null,"abstract":"In this paper we present the CRUTIAL approach to model and quantify (inter)dependencies between the Electrical Infrastructure (EI) and the Information Infrastructures (II) that implements the EI control and monitoring system. The quantification is achieved through the integration of two models: one that concentrates more on the structure of the power grid and its physical quantities and one that concentrates on the behaviour of the control system supported by the II. The modelling approach is exemplified on a scenario whose goal is to study the effects of a II partial failure (a denial of service attack that compromises the communication network) on the remote control of the EI.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130500979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071487
A. Pasic, J. Gresser
Protection And tRuSt In FinanciAL infrastructures (PARSIFAL) project is targeting this ambitious objective concerning coordination activities between the stakeholders necessary to protect CFI and information infrastructures, both today and tomorrow, and specifically those areas which span beyond a single bank or a single country.
{"title":"Protection And tRuSt In FinanciAL infrastructures","authors":"A. Pasic, J. Gresser","doi":"10.1109/CRIS.2009.5071487","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071487","url":null,"abstract":"Protection And tRuSt In FinanciAL infrastructures (PARSIFAL) project is targeting this ambitious objective concerning coordination activities between the stakeholders necessary to protect CFI and information infrastructures, both today and tomorrow, and specifically those areas which span beyond a single bank or a single country.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134257650","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071493
M. Viziteu, Daniel Georges, R. Caire, N. Hadjsaid
This article presents a methodology to assess the most critical components of a given IT&C infrastructure. The focus is especially on the electric network management applications. The steps of this procedure are illustrated in a case study based on an industrial simulation tool performing technical operating tasks in distribution utilities. The obtained criticality hierarchy in our use case is correlated with the results of a previous criticality survey realized by the GRID* consortium
{"title":"Criticality hierarchy procedure applied to software applications for electrical networks management","authors":"M. Viziteu, Daniel Georges, R. Caire, N. Hadjsaid","doi":"10.1109/CRIS.2009.5071493","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071493","url":null,"abstract":"This article presents a methodology to assess the most critical components of a given IT&C infrastructure. The focus is especially on the electric network management applications. The steps of this procedure are illustrated in a case study based on an industrial simulation tool performing technical operating tasks in distribution utilities. The obtained criticality hierarchy in our use case is correlated with the results of a previous criticality survey realized by the GRID* consortium","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126137433","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071500
C. Tranchita, N. Hadjsaid, A. Torres
The augmented use of ICTs in power systems, and the dependency of the electrical infrastructure on this type of technology has created a new form of vulnerability: ICTs are exposed to denominated “cyberattacks”. Due to this interaction as well as the importance of the electrical power systems, it is appropriate to assess the risk of how the power system security would be affected if it was subjected to this type of assaults. This paper is an overview of the main aspects related with the security of a power system with regard to cyberattacks and its assessment. Some definitions are recalled and completed with the aim of understanding what a cybernetic attack actually is, who the initiators of such an attack are, and what the possible consequences are. After, in order to assess the risk of power systems with regard to the possible consequences of cyberattacks, the use of a Bayesian network is proposed. The aim of this approach is to model the possible causes of cyberattacks against power systems and the consequences of such acts.
{"title":"Overview of the power systems security with regard to cyberattacks","authors":"C. Tranchita, N. Hadjsaid, A. Torres","doi":"10.1109/CRIS.2009.5071500","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071500","url":null,"abstract":"The augmented use of ICTs in power systems, and the dependency of the electrical infrastructure on this type of technology has created a new form of vulnerability: ICTs are exposed to denominated “cyberattacks”. Due to this interaction as well as the importance of the electrical power systems, it is appropriate to assess the risk of how the power system security would be affected if it was subjected to this type of assaults. This paper is an overview of the main aspects related with the security of a power system with regard to cyberattacks and its assessment. Some definitions are recalled and completed with the aim of understanding what a cybernetic attack actually is, who the initiators of such an attack are, and what the possible consequences are. After, in order to assess the risk of power systems with regard to the possible consequences of cyberattacks, the use of a Bayesian network is proposed. The aim of this approach is to model the possible causes of cyberattacks against power systems and the consequences of such acts.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131636712","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071496
S. Burschka
The IP network introduced a new quality of threat when real infrastructures such as telecom, electrical, transport and banking systems were infiltrated by the virtual world with its standard PC HW and SW. Unnecessary high complexity, instable behaviour and a new kind of criminal activity arose, the targeted IT warfare. SW became an end in itself and a weapon. Nevertheless, we allowed and promoted the current situation violating the most basic principles of reliable design, testing and robustness. The general acceptance of product selection solemnly by economic and political factors demands now its toll. The talk will address reasons for todays calamity and motivates the current civil and military research efforts to solve the most urgent problems on a short and long time scale. It will also supply a short insight into the practice of Infrastructure Troubleshooting and Traffic Mining with regard to the danger of todays trust in tools instead of decent human knowledge. It will teach the audience the potential of the human brain, mining in IP data streams using KISS (Keep It Simple Stupid) tools on selected examples, such as Skype or VPN Tunnels. The positive magic of critical thinking, proper preprocessing and visually exploring of datasets will be demonstrated. Finally, the dark side, negative magic of spin doctors manipulating our brains by just throwing raw data at statistic tools or artificial intelligence producing any kind of nonsense will be shortly discussed.
当真实的基础设施,如电信、电力、运输和银行系统被虚拟世界的标准PC硬件和软件渗透时,IP网络带来了一种新的威胁。不必要的高复杂性,不稳定的行为和一种新的犯罪活动出现了,有针对性的IT战。SW本身成为了一种目的和武器。然而,我们允许并推动了违反可靠设计、测试和健壮性等最基本原则的现状。经济和政治因素对产品选择的普遍接受,现在需要付出代价。讲座将探讨当今灾难的原因,并激发当前民用和军事研究的努力,以解决短期和长期尺度上最紧迫的问题。它还将简要介绍基础设施故障排除和流量挖掘的实践,以了解当今信任工具而不是体面的人类知识的危险。它将向观众展示人类大脑的潜力,在选定的例子上使用KISS (Keep It Simple Stupid)工具挖掘IP数据流,比如Skype或VPN隧道。将展示批判性思维的积极魔力,适当的预处理和数据集的视觉探索。最后,我们将很快讨论政治顾问操纵我们大脑的阴暗面和负面魔力,他们只是把原始数据扔给统计工具或人工智能,产生各种胡言乱语。
{"title":"Traffic Mining, feel the packets, be the packets","authors":"S. Burschka","doi":"10.1109/CRIS.2009.5071496","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071496","url":null,"abstract":"The IP network introduced a new quality of threat when real infrastructures such as telecom, electrical, transport and banking systems were infiltrated by the virtual world with its standard PC HW and SW. Unnecessary high complexity, instable behaviour and a new kind of criminal activity arose, the targeted IT warfare. SW became an end in itself and a weapon. Nevertheless, we allowed and promoted the current situation violating the most basic principles of reliable design, testing and robustness. The general acceptance of product selection solemnly by economic and political factors demands now its toll. The talk will address reasons for todays calamity and motivates the current civil and military research efforts to solve the most urgent problems on a short and long time scale. It will also supply a short insight into the practice of Infrastructure Troubleshooting and Traffic Mining with regard to the danger of todays trust in tools instead of decent human knowledge. It will teach the audience the potential of the human brain, mining in IP data streams using KISS (Keep It Simple Stupid) tools on selected examples, such as Skype or VPN Tunnels. The positive magic of critical thinking, proper preprocessing and visually exploring of datasets will be demonstrated. Finally, the dark side, negative magic of spin doctors manipulating our brains by just throwing raw data at statistic tools or artificial intelligence producing any kind of nonsense will be shortly discussed.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125289961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071488
Hugo M. Straumann
The global trends have not changed lately: global socio-economic divisions, climate change, resource competition and maintaining security by military force [Oxford Research Group] remain on the top list. However the financial crisis has shifted the risk landscape dramatically [Global Risk 2009; WEF]. If extracting the root cause of this incident you find a company behavior or management pattern, which can be called “Fig-Leaf-Politics”. The same behavior can still be observed in other industries. Thus making them equally vulnerable for a future crash.
{"title":"After the fall of the financial industry, which critical infrastructure will be hit next?","authors":"Hugo M. Straumann","doi":"10.1109/CRIS.2009.5071488","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071488","url":null,"abstract":"The global trends have not changed lately: global socio-economic divisions, climate change, resource competition and maintaining security by military force [Oxford Research Group] remain on the top list. However the financial crisis has shifted the risk landscape dramatically [Global Risk 2009; WEF]. If extracting the root cause of this incident you find a company behavior or management pattern, which can be called “Fig-Leaf-Politics”. The same behavior can still be observed in other industries. Thus making them equally vulnerable for a future crash.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116031196","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071483
Geert Deconinck, B. Decroix
In the migration towards ICT-enabled power systems, smart metering plays a crucial role. Smart metering allows energy efficiency to be attained via price stimuli in different tariff schemes. An investigation of a case study for residential applications in Flanders shows that demand response allows substantial cost savings beyond the current double tariff rate. However, in the case for which distributed energy resources are available (photovoltaics and micro-CHP), it is not always beneficial to stimulate demand response based on price incentives when smart meters differentiate between the cost of electricity purchased or delivered.
{"title":"Smart metering tariff schemes combined with distributed energy resources","authors":"Geert Deconinck, B. Decroix","doi":"10.1109/CRIS.2009.5071483","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071483","url":null,"abstract":"In the migration towards ICT-enabled power systems, smart metering plays a crucial role. Smart metering allows energy efficiency to be attained via price stimuli in different tariff schemes. An investigation of a case study for residential applications in Flanders shows that demand response allows substantial cost savings beyond the current double tariff rate. However, in the case for which distributed energy resources are available (photovoltaics and micro-CHP), it is not always beneficial to stimulate demand response based on price incentives when smart meters differentiate between the cost of electricity purchased or delivered.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"291 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116877456","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071499
F. Koster, Michael Klaas, H. Nguyen, Markus Brandle, S. Obermeier, Walter Brenne
Security assessments for IT systems in critical infrastructures involve many different stakeholders. Only the combination of their knowledge can produce a comprehensive view of the system structure and of the vulnerabilities and threats to the system. In order to enable all stakeholders to update the assessment information on a regular basis, the collaboration process needs methodological and technical support. We formalize this process with regard to the ESSAM assessment method and introduce a central knowledge base that facilitates the intra-organizational collaboration between development teams for different systems.
{"title":"Collaboration in security assessments for critical infrastructures","authors":"F. Koster, Michael Klaas, H. Nguyen, Markus Brandle, S. Obermeier, Walter Brenne","doi":"10.1109/CRIS.2009.5071499","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071499","url":null,"abstract":"Security assessments for IT systems in critical infrastructures involve many different stakeholders. Only the combination of their knowledge can produce a comprehensive view of the system structure and of the vulnerabilities and threats to the system. In order to enable all stakeholders to update the assessment information on a regular basis, the collaboration process needs methodological and technical support. We formalize this process with regard to the ESSAM assessment method and introduce a central knowledge base that facilitates the intra-organizational collaboration between development teams for different systems.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133067352","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071494
T. Bi, A. Xue, Guoyi Xu, Xiaolong Guo, Fei Ge, Zhengfeng Wang
Parameter identification of excitation systems is of great importance for power system analysis, operation and control. In this paper, on-line parameter identification with PMU data is formulated as an optimization problem, which minimizes the exciter voltage error during a certain time. The errors are the differences between measured exciter voltage (field data) and simulated exciter voltage using identified parameters. The optimization problem is nonlinearity as it involves integrator and then solved by genetic algorithm (GA). Furthermore, to ensure the creditability of the solutions obtained with GA, the ordinal GA, which is a modification of GA with the philosophy of ordinal optimization, is applied. Case studies in Anhui power grid show the effectiveness of the proposed approach.
{"title":"On-line parameter identification for excitation system based on PMU data","authors":"T. Bi, A. Xue, Guoyi Xu, Xiaolong Guo, Fei Ge, Zhengfeng Wang","doi":"10.1109/CRIS.2009.5071494","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071494","url":null,"abstract":"Parameter identification of excitation systems is of great importance for power system analysis, operation and control. In this paper, on-line parameter identification with PMU data is formulated as an optimization problem, which minimizes the exciter voltage error during a certain time. The errors are the differences between measured exciter voltage (field data) and simulated exciter voltage using identified parameters. The optimization problem is nonlinearity as it involves integrator and then solved by genetic algorithm (GA). Furthermore, to ensure the creditability of the solutions obtained with GA, the ordinal GA, which is a modification of GA with the philosophy of ordinal optimization, is applied. Case studies in Anhui power grid show the effectiveness of the proposed approach.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114555764","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-12DOI: 10.1109/CRIS.2009.5071498
J. Tournier, Otmar Goerlitz
The IEEE 1588 Precision Time Protocol seems to be a promising way to handle the synchronization requirements of tomorrow's substation automation based on IEC 61850. While a specific working group is tackling the security aspects of the protocols defined by IEC 61850, a secure IEEE 1588 protocol remains mostly uncovered in the specific context of substation automation. In this paper, we are focusing on securing IEEE 1588 for substation automation. We are analyzing and classifying the different attacks relevant for a substation and proposing a way to handle the logical disconnection of the time server and its clients that appears whenever an attack occurs. The method based on clock drift correction allows to keep a node synchronized for different period of time depending on the correction mechanism used. The implementation and experiments of the different drift correction mechanisms shows the tradeoff between the accuracy of the correction and the required computational time. By analyzing the different experiments, we can then match the computational power of a class of devices present in a substation and a correction technique.
{"title":"Strategies to secure the IEEE 1588 protocol in digital substation automation","authors":"J. Tournier, Otmar Goerlitz","doi":"10.1109/CRIS.2009.5071498","DOIUrl":"https://doi.org/10.1109/CRIS.2009.5071498","url":null,"abstract":"The IEEE 1588 Precision Time Protocol seems to be a promising way to handle the synchronization requirements of tomorrow's substation automation based on IEC 61850. While a specific working group is tackling the security aspects of the protocols defined by IEC 61850, a secure IEEE 1588 protocol remains mostly uncovered in the specific context of substation automation. In this paper, we are focusing on securing IEEE 1588 for substation automation. We are analyzing and classifying the different attacks relevant for a substation and proposing a way to handle the logical disconnection of the time server and its clients that appears whenever an attack occurs. The method based on clock drift correction allows to keep a node synchronized for different period of time depending on the correction mechanism used. The implementation and experiments of the different drift correction mechanisms shows the tradeoff between the accuracy of the correction and the required computational time. By analyzing the different experiments, we can then match the computational power of a class of devices present in a substation and a correction technique.","PeriodicalId":175538,"journal":{"name":"2009 Fourth International Conference on Critical Infrastructures","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134434279","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: