Critical Infrastructure Protection III

1. Front Matter

   PDF

2. Risk Management

   1. Front Matter

      Pages 1-1

      PDF

   2. Information Risk Management and Resilience

      • Scott Dynes

      Pages 3-17

   3. Does the Liberalization of the European Railway Sector Increase Systemic Risk?

      • Marc Laperrouza

      Pages 19-33

   4. Risk-Based Criticality Analysis

      • Marianthi Theoharidou, Panayiotis Kotzanikolaou, Dimitris Gritzalis

      Pages 35-49

   5. Modeling and Managing Risk in Billing Infrastructures

      • Fabrizio Baiardi, Claudio Telmon, Daniele Sgandurra

      Pages 51-64

3. Control Systems Security

   1. Front Matter

      Pages 65-65

      PDF

   2. A Taxonomy of Attacks on the DNP3 Protocol

      • Samuel East, Jonathan Butts, Mauricio Papa, Sujeet Shenoi

      Pages 67-81

   3. Design and Implementation of a Secure Modbus Protocol

      • Igor Nai Fovino, Andrea Carcano, Marcelo Masera, Alberto Trombetta

      Pages 83-96

   4. Providing Situational Awareness for Pipeline Control Operations

      • Jonathan Butts, Hugo Kleinhans, Rodrigo Chandia, Mauricio Papa, Sujeet Shenoi

      Pages 97-111

   5. Enhancing the Safety, Security and Resilience of ICT and Scada Systems Using Action Research

      • Stig Johnsen, Torbjorn Skramstad, Janne Hagen

      Pages 113-123

   6. An Ontology for Identifying Cyber Intrusion Induced Faults in Process Control Systems

      • Jeffrey Hieb, James Graham, Jian Guan

      Pages 125-138

   7. Using Physical Models for Anomaly Detection in Control Systems

      • Nils Svendsen, Stephen Wolthusen

      Pages 139-149

   8. Detecting Anomalies in Process Control Networks

      • Julian Rrushi, Kyoung-Don Kang

      Pages 151-165

4. Infrastructure Security

   1. Front Matter

      Pages 167-167

      PDF

   2. Nondeducibility-Based Analysis of Cyber-Physical Systems

      • Thoshitha Gamage, Bruce McMillin

      Pages 169-183

   3. Stack-Based Buffer Overflows in Harvard Class Embedded Systems

      • Kristopher Watts, Paul Oman

      Pages 185-197

   4. Secure Cross-Domain Train Scheduling

      • Mark Hartong, Rajni Goel, Duminda Wijesekera

      Pages 199-211

5. Infrastructure Modeling and Simulation

   1. Front Matter

      Pages 213-213

      PDF

   2. A Holistic-Reductionistic Approach for Modeling Interdependencies

      • Stefano De Porcellinis, Gabriele Oliva, Stefano Panzieri, Roberto Setola

      Pages 215-227

The information infrastructure – comprising computers, embedded devices, networks and software systems – is vital to operations in every sector: inf- mation technology, telecommunications, energy, banking and ?nance, tra- portation systems, chemicals, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, commercial nuclear reactors, materials and waste, postal and shipping, and government facilities. Global business and industry, governments, indeed - ciety itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed. This book, Critical Infrastructure Protection III, is the third volume in the annualseriesproducedbyIFIP WorkingGroup11.10onCriticalInfrastructure Protection, an active international community of scientists, engineers, prac- tioners and policy makers dedicated to advancing research, development and implementation e?orts related to critical infrastructure protection. The book presents original research results and innovative applications in the area of infrastructure protection. Also, it highlights the importance of weaving s- ence, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. This volume contains seventeen edited papers from the Third Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure P- tection, held at Dartmouth College, Hanover, New Hampshire, March 23–25, 2009. The papers were refereed by members of IFIP Working Group 11.10 and other internationally-recognized expertsin critical infrastructure protection.

• RM
• Risk Management
• anomaly detection
• applied statistics
• attack taxonomy
• buffer overflows
• complex systems
• conceptual modeling
• control systems security
• distributed control systems
• distributed network protocol
• embedded systems
• global business
• holistic-reductionistic

• Dartmouth College, I3P, Hanover, USA

  Charles Palmer

• University of Tulsa, Tulsa, USA

  Sujeet Shenoi

Policies and ethics