The Internet, as well as other telecommunication networks and information systems, have become an integrated part of our daily lives, and our dependency upon their underlying infrastructure is ever-increasing. Unfortunately, as our dependency has grown, so have hostile attacks on the cyber infrastructure by network predators. The lack of security as a core element in the initial design of these information systems has made common desktop software, infrastructure services, and information networks increasingly vulnerable to continuous and innovative breakers of security. Worms, viruses, and spam are examples of attacks that cost the global economy billions of dollars in lost productivity. Sophisticated distributed denial of service (DDoS) attacks that use thousands of web robots (bots) on the Internet and telecommunications networks are on the rise. The ramifications of these attacks are clear: the potential for a devastating largescale network failure, service interruption, or the total unavailability of service. Yet many security programs are based solely on reactive measures, such as the patching of software or the detection of attacks that have already occurred, instead of proactive measures that prevent attacks in the first place. Most of the network security configurations are performed manually and require experts to monitor, tune security devices, and recover from attacks. On the other hand, attacks are getting more sophisticated and highly automated, which gives the attackers an advantage in this technology race. A key contribution of this book is that it provides an integrated view and a comprehensive framework of the various issues relating to cyber infrastructure protection. It covers not only strategy and policy issues, but it also covers social, legal, and technical aspects of cyber security as well. We strongly recommend this book for policymakers and researchers so that they may stay abreast of the latest research and develop a greater understanding of cyber security issues.
The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports and air traffic control systems, wired and wireless communication and sensor networks, systems for storing and distributing water and food supplies, medical and healthcare delivery systems, as well as financial, banking and commercial transaction assets. The handbook focus mostly on the scientific foundations and engineering techniques – while also addressing the proper integration of policies and access control mechanisms, for example, how human-developed policies can be properly enforced by an automated system.
*Addresses the technical challenges facing design of secure infrastructures by providing examples of problems and solutions from a wide variety of internal and external attack scenarios
*Includes contributions from leading researchers and practitioners in relevant application areas such as smart power grid, intelligent transportation systems, healthcare industry and so on.
*Loaded with examples of real world problems and pathways to solutions utilizing specific tools and techniques described in detail throughout
The global reliance on computers, networks and systems continues to grow. As our dependency grows so do the threats that target our military s Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance (C4ISR) systems as well as the operational components and electronic controls for our critical infrastructure. Over the past decade we have experienced a substantial rise in the complexity and sophistication of cyber attacks as well as a frightening increase in the impact of some of the attacks. Every computer is a potential cyber weapon waiting to be loaded and used by extremists, criminals, terrorists and rogue nation states. As the world becomes more and more dependent on computers and information technology, the greater the risk of cyber attacks. Government and military leaders now face this fact and our critical systems and infrastructure remain at great risk! This risk has made the ability to defend these critical systems and direct cyber attacks core capabilities required for the modern military. In the age of cyber conflict, leaders need to understand the weapons and strategies used to wage this rapidly evolving type of warfare. This handbook will provide the background needed to understand the new world of cyber warfare, define the tools and techniques for offensive and defensive action, and provide insight into the strategies behind building a dynamic and relevant cyber warfare capability.
The electricity infrastructure is one of society’s most critical infrastructures. The complexity of the electricity infrastructure system is increasing quickly, due to the increasing intensity of market-based power exchanges between electricity systems, the associated market restructuring and an increasing share of decentralized generation. As a consequence, the organizational complexity of power systems has exploded. At the same time, there is a shift in public and societal goals towards low-carbon and sustainable power generation. This will eventually require a drastic transformation of the industry. Increasingly, ICT is being depended upon for managing this infrastructure, for technical control and operation and for facilitating markets. A recent example is demand-side management, based on detailed metering of consumption and decentralized electricity generation.
The mutual dependence of the electricity and the ICT infrastructures raises challenging questions in the areas of dependability, security and resilience. Examples include vulnerability to (cyber) attacks, avoiding and repairing technical failures and protecting data confidentiality, while guaranteeing accessibility. Therefore, better models and methods for protection against exploits of system vulnerabilities, whether accidental or intentional such as in cyber attacks, are called for.
To address the above mentioned problems an advanced research workshop: “Electricity security in the cyber age: Managing the increasing dependence of the electricity infrastructure on ICT” was organized in the Netherlands in May 2009. The objective of the workshop was to contribute to the security of current and future electricity infrastructures by analyzing the risks that are caused by the increasing reliance upon ICT and investigating options for managing these risks. The book presents the contributions to the workshop by distinguished invited keynote speakers and participants from the international scientific and industrial community.