Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611792
Shaya Wolf, Rita Foster, Jedediah Haile, M. Borowczak
This work posits that suitability analyses that pair machine learning best practices with domain knowledge mapped to statistically significant metrics can determine boundaries for responsible data usage in machine learning models. A suitability analysis was described and tested for a malware analysis model called @DisCo and was tested across three datasets. This analysis predicted @DisCo's ability to correctly dissect data and come to reasonable conclusions. The suitability analysis correctly identified the acceptability of each dataset based on the structure of the data alongside knowledge of how @DisCo was trained and underlying domain knowledge. This process is repeatable and automate-able such that data that is not fit for @DisCo can be blocked and inaccurate results would be replaced with an explanation of why data is not fit for the model.1
{"title":"Data-Driven Suitability Analysis to Enable Machine Learning Explainability and Security","authors":"Shaya Wolf, Rita Foster, Jedediah Haile, M. Borowczak","doi":"10.1109/RWS52686.2021.9611792","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611792","url":null,"abstract":"This work posits that suitability analyses that pair machine learning best practices with domain knowledge mapped to statistically significant metrics can determine boundaries for responsible data usage in machine learning models. A suitability analysis was described and tested for a malware analysis model called @DisCo and was tested across three datasets. This analysis predicted @DisCo's ability to correctly dissect data and come to reasonable conclusions. The suitability analysis correctly identified the acceptability of each dataset based on the structure of the data alongside knowledge of how @DisCo was trained and underlying domain knowledge. This process is repeatable and automate-able such that data that is not fit for @DisCo can be blocked and inaccurate results would be replaced with an explanation of why data is not fit for the model.1","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"231 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115595495","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611786
Megan Culler, Sean Morash, Brian Smith, F. Cleveland, J. Gentle
Distributed wind is an electric energy resource segment with strong potential to be deployed in many applications, but special consideration of resilience and cybersecurity is needed to address the unique conditions associated with distributed wind. Distributed wind is a strong candidate to help meet renewable energy and carbon-free energy goals. However, care must be taken as more systems are installed to ensure that the systems are reliable, resilient, and secure. The physical and communications requirements for distributed wind mean that there are unique cybersecurity considerations, but there is little to no existing guidance on best practices for cybersecurity risk management for distributed wind systems specifically. This research develops an architecture for managing cyber risks associated with distributed wind systems through resilience functions. The architecture takes into account the configurations, challenges, and standards for distributed wind to create a risk-focused perspective that considers threats, vulnerabilities, and consequences. We show how the resilience functions of identification, preparation, detection, adaptation, and recovery can mitigate cyber threats. We discuss common distributed wind architectures and interconnections to larger power systems. Because cybersecurity cannot exist independently, the cyber-resilience architecture must consider the system holistically. Finally, we discuss risk assessment recommendations with special emphasis on what sets distributed wind systems apart from other distributed energy resources (DER).
{"title":"A Cyber-Resilience Risk Management Architecture for Distributed Wind","authors":"Megan Culler, Sean Morash, Brian Smith, F. Cleveland, J. Gentle","doi":"10.1109/RWS52686.2021.9611786","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611786","url":null,"abstract":"Distributed wind is an electric energy resource segment with strong potential to be deployed in many applications, but special consideration of resilience and cybersecurity is needed to address the unique conditions associated with distributed wind. Distributed wind is a strong candidate to help meet renewable energy and carbon-free energy goals. However, care must be taken as more systems are installed to ensure that the systems are reliable, resilient, and secure. The physical and communications requirements for distributed wind mean that there are unique cybersecurity considerations, but there is little to no existing guidance on best practices for cybersecurity risk management for distributed wind systems specifically. This research develops an architecture for managing cyber risks associated with distributed wind systems through resilience functions. The architecture takes into account the configurations, challenges, and standards for distributed wind to create a risk-focused perspective that considers threats, vulnerabilities, and consequences. We show how the resilience functions of identification, preparation, detection, adaptation, and recovery can mitigate cyber threats. We discuss common distributed wind architectures and interconnections to larger power systems. Because cybersecurity cannot exist independently, the cyber-resilience architecture must consider the system holistically. Finally, we discuss risk assessment recommendations with special emphasis on what sets distributed wind systems apart from other distributed energy resources (DER).","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114705772","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611794
C. Fallon, Eva Brayfindley, Katherine Arneson, R. Brigantic, Mallory C. Stites, Liza Kittinger
When new technology, such as artificial intelligence (AI), is introduced into an existing workflow it may impact risk by mitigating some vulnerabilities and threats in the workflow while introducing others. We present a versatile methodology for assessing the vulnerabilities and threats that impact overall risk in a workflow to inform technology integration. Our method involves a four step assessment of risk including a qualitative expert knowledge elicitation, identification of risk components, quantitative data collection and analysis based on a formula for generating a risk score. The quantification of risk can be used to guide technology integration. We describe our methodology and demonstrate its utility by applying it to the Derivative Classification review process. This work was funded by the Department of Energy (DOE).
{"title":"A Methodology for Assessing Risk to Inform Technology Integration","authors":"C. Fallon, Eva Brayfindley, Katherine Arneson, R. Brigantic, Mallory C. Stites, Liza Kittinger","doi":"10.1109/RWS52686.2021.9611794","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611794","url":null,"abstract":"When new technology, such as artificial intelligence (AI), is introduced into an existing workflow it may impact risk by mitigating some vulnerabilities and threats in the workflow while introducing others. We present a versatile methodology for assessing the vulnerabilities and threats that impact overall risk in a workflow to inform technology integration. Our method involves a four step assessment of risk including a qualitative expert knowledge elicitation, identification of risk components, quantitative data collection and analysis based on a formula for generating a risk score. The quantification of risk can be used to guide technology integration. We describe our methodology and demonstrate its utility by applying it to the Derivative Classification review process. This work was funded by the Department of Energy (DOE).","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115544079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611811
Christian O. Hunt
STIX and associated standards can be leveraged and integrated in useful ways to improve security posture, event visibility, response to attacks and anomalous conditions in addition to allowing for machine readable exchange of threat intelligence information. This paper outlines some of the ways the project has or will leverage STIX and CACAO to achieve these goals.
{"title":"Leveraging STIX for Actionable Intelligence and Automated Response","authors":"Christian O. Hunt","doi":"10.1109/RWS52686.2021.9611811","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611811","url":null,"abstract":"STIX and associated standards can be leveraged and integrated in useful ways to improve security posture, event visibility, response to attacks and anomalous conditions in addition to allowing for machine readable exchange of threat intelligence information. This paper outlines some of the ways the project has or will leverage STIX and CACAO to achieve these goals.","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125008128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611808
Bartosz Skobiei, A. Niemi, Nikolai Kulev, F. S. Torres
This work discusses the maintenance of Offshore Wind Farms in the context of resilience. Therefore, the relation between the system response to disruptions due to severe weather conditions and redundancy of operating vessels is analyzed. The study is executed using an appropriate simulation model, which employs reported component failures rates and real weather data. The obtained results indicate that redundancy of maintenance vessels has no effect on the robustness against severe weather conditions, but a considerable impact during the recovery phase.
{"title":"Resilient Recovery Features of Offshore Wind Farm with Maintenance Service","authors":"Bartosz Skobiei, A. Niemi, Nikolai Kulev, F. S. Torres","doi":"10.1109/RWS52686.2021.9611808","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611808","url":null,"abstract":"This work discusses the maintenance of Offshore Wind Farms in the context of resilience. Therefore, the relation between the system response to disruptions due to severe weather conditions and redundancy of operating vessels is analyzed. The study is executed using an appropriate simulation model, which employs reported component failures rates and real weather data. The obtained results indicate that redundancy of maintenance vessels has no effect on the robustness against severe weather conditions, but a considerable impact during the recovery phase.","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126094846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611806
S. Ahmed-Zaid, S. Loo, Andres Valdepena-Delgado, Theron Beam
In order to identify potential weakness in communication and data in transit, a microgrid testbed is being developed at Boise State University. This testbed will be used to verify microgrid models and communication methods in an effort to increase the resiliency of these systems to cyber-attacks. If vulnerabilities are found in these communication methods, then risk mitigation techniques will be developed to address them.
{"title":"Cyber-Physical Security Assessment and Resilience of a Microgrid Testbed","authors":"S. Ahmed-Zaid, S. Loo, Andres Valdepena-Delgado, Theron Beam","doi":"10.1109/RWS52686.2021.9611806","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611806","url":null,"abstract":"In order to identify potential weakness in communication and data in transit, a microgrid testbed is being developed at Boise State University. This testbed will be used to verify microgrid models and communication methods in an effort to increase the resiliency of these systems to cyber-attacks. If vulnerabilities are found in these communication methods, then risk mitigation techniques will be developed to address them.","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121163175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611809
G. Weaver, Timothy M. Yardley, David Emmerich
Communications networks are increasingly important to Critical Infrastructure systems including intermodal transportation and bulk electrical power. An evolving environmental and adversarial landscape motivate the need for stakeholders to continually rank network assets. Such assets observe and respond to physical events over time. Our approach adapts work by Bockholt and Zweig to evaluate assumptions underlying graph-theoretic measures of centrality against properties of realworld communications networks. Our data-processing pipeline integrates heterogeneous data sources, represents communications network topologies at each layer of the network protocol stack, and applies network measures relative to communications observed within a given time interval. Results based on packet captures collected from the DARPA RADICS exercises demonstrate improved asset rankings for measures of centrality better aligned with the properties of real-world network protocols.
{"title":"Continuous Infrastructure Assessment for Key Business Functions in Changing Environments","authors":"G. Weaver, Timothy M. Yardley, David Emmerich","doi":"10.1109/RWS52686.2021.9611809","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611809","url":null,"abstract":"Communications networks are increasingly important to Critical Infrastructure systems including intermodal transportation and bulk electrical power. An evolving environmental and adversarial landscape motivate the need for stakeholders to continually rank network assets. Such assets observe and respond to physical events over time. Our approach adapts work by Bockholt and Zweig to evaluate assumptions underlying graph-theoretic measures of centrality against properties of realworld communications networks. Our data-processing pipeline integrates heterogeneous data sources, represents communications network topologies at each layer of the network protocol stack, and applies network measures relative to communications observed within a given time interval. Results based on packet captures collected from the DARPA RADICS exercises demonstrate improved asset rankings for measures of centrality better aligned with the properties of real-world network protocols.","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124499076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611804
Grant Cruse, A. Kwasinski
Historically, hurricanes have been a major cause of devastation and widespread power outages in many areas of the United States. Since the 1970s, several popular methods for estimating hurricane intensity have been developed, but these have tended to focus solely on the amount of damage and outages that can be expected rather than the amount of time that will be required to restore power. Additionally, these methods allow for the inclusion of only a small number of variables, such as wind speeds and storm surge. In the past, four metrics that describe the damage sustained by and the restoration times required for power systems that are affected by hurricanes were proposed as alternatives to the existing methods for estimating hurricane damage. These were maximum outage incidence, restoration times for 95% and 98% of the total number of outages, and average outage duration. Regression curves were generated by relating these indices to four variables that describe the intensity of the storms. The results showed that the generated curves fit the measured data very well, but they also seemed to suggest that there are other factors that may affect the metrics. In this work, three additional variables were included in the models to examine the impact of flooding on the metrics, particularly the amount of time that is required to restore outages. These were the flooded area in a county, the time until flood waters in a county receded, and the total area flooded by the hurricane.
{"title":"Statistical Evaluation of Flooding Impact on Power System Restoration Following a Hurricane","authors":"Grant Cruse, A. Kwasinski","doi":"10.1109/RWS52686.2021.9611804","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611804","url":null,"abstract":"Historically, hurricanes have been a major cause of devastation and widespread power outages in many areas of the United States. Since the 1970s, several popular methods for estimating hurricane intensity have been developed, but these have tended to focus solely on the amount of damage and outages that can be expected rather than the amount of time that will be required to restore power. Additionally, these methods allow for the inclusion of only a small number of variables, such as wind speeds and storm surge. In the past, four metrics that describe the damage sustained by and the restoration times required for power systems that are affected by hurricanes were proposed as alternatives to the existing methods for estimating hurricane damage. These were maximum outage incidence, restoration times for 95% and 98% of the total number of outages, and average outage duration. Regression curves were generated by relating these indices to four variables that describe the intensity of the storms. The results showed that the generated curves fit the measured data very well, but they also seemed to suggest that there are other factors that may affect the metrics. In this work, three additional variables were included in the models to examine the impact of flooding on the metrics, particularly the amount of time that is required to restore outages. These were the flooded area in a county, the time until flood waters in a county receded, and the total area flooded by the hurricane.","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122186913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-18DOI: 10.1109/RWS52686.2021.9611787
M. Benidris, T. Bhusal, Michael Abdelmalak, Mukesh Gautam, M. Egan, Suzanne Groneman, T. Farkas
This paper summarizes the development and implementation of resilience valuation metrics for solar plus storage in the City of Reno. The proposed resilience valuation metrics are intended to assist local governments, policy makers, and building owners in making well-informed decisions and plans for resilience enhancement of power supply. The valuation metrics are developed based on historical data of extreme events, historical outage data, cost of outages, and classifications of critical loads to determine the likelihood, expected duration, and average cost of outages. Events that last for less than 24 hours are not considered in developing metrics for resilience valuation. The proposed approach enables resilience valuation based on selected parameters such as sites, types and characteristics of critical loads, and size of solar and energy storage systems. The ten regions in the continental United States and territories identified by the Federal Emergency Management Agency (FEMA) are used to classify types of extreme events at different locations. Although resilience value of solar plus storage alone may not justify investments in some resilience enhancement projects, the stacked value (resilience value, revenue, avoided costs, etc.) of solar plus storage during their lifetime will be an important measure in weighting different investment alternatives. The proposed resilience valuation approach is demonstrated on a Public Safety Center in City of Reno.
{"title":"Quantifying Resilience Value of Solar plus Storage in City of Reno","authors":"M. Benidris, T. Bhusal, Michael Abdelmalak, Mukesh Gautam, M. Egan, Suzanne Groneman, T. Farkas","doi":"10.1109/RWS52686.2021.9611787","DOIUrl":"https://doi.org/10.1109/RWS52686.2021.9611787","url":null,"abstract":"This paper summarizes the development and implementation of resilience valuation metrics for solar plus storage in the City of Reno. The proposed resilience valuation metrics are intended to assist local governments, policy makers, and building owners in making well-informed decisions and plans for resilience enhancement of power supply. The valuation metrics are developed based on historical data of extreme events, historical outage data, cost of outages, and classifications of critical loads to determine the likelihood, expected duration, and average cost of outages. Events that last for less than 24 hours are not considered in developing metrics for resilience valuation. The proposed approach enables resilience valuation based on selected parameters such as sites, types and characteristics of critical loads, and size of solar and energy storage systems. The ten regions in the continental United States and territories identified by the Federal Emergency Management Agency (FEMA) are used to classify types of extreme events at different locations. Although resilience value of solar plus storage alone may not justify investments in some resilience enhancement projects, the stacked value (resilience value, revenue, avoided costs, etc.) of solar plus storage during their lifetime will be an important measure in weighting different investment alternatives. The proposed resilience valuation approach is demonstrated on a Public Safety Center in City of Reno.","PeriodicalId":294639,"journal":{"name":"2021 Resilience Week (RWS)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134070742","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: