Intelligent Grid Observation for Enhanced Security
Abstract not provided.
Abstract not provided.
Abstract not provided.
In recognition of their mission and in response to continuously evolving cyber threats against nuclear facilities, Department of Energy - Nuclear Energy (DOE-NE) is building the Nuclear Energy Cyber security Research, Development, and Demonstration (RD&D) Program, which includes a cyber risk management thrust. This report supports the cyber risk management thrust objective which is to deliver "Standardized methodologies for credible risk-based identification, evaluation and prioritization of digital components." In a previous task, the Sandia National Laboratories (SNL) team presented evaluation criteria and a survey to review methods to determine the most suitable techniques [1] . In this task we will identify and evaluate a series of candidate methodologies. In this report, 10 distinct methodologies are evaluated. The overall goal of this effort was to identify the current range of risk analysis techniques that were currently available, and how they could be applied, with an focus on industrial control systems (ICS). Overall, most of the techniques identified did fall into accepted risk analysis practices, though they generally addressed only one step of the multi-step risk management process. A few addressed multiple steps, but generally their treatment was superficial. This study revealed that the current state of security risk analysis in digital control systems was not comprehensive and did not support a science-based evaluation. The papers surveyed did use mathematical formulation to describe the addressed problems, and tied the models to some kind of experimental or experiential evidence as support. Most of the papers, however, did not use a rigorous approach to experimentally support the proposed models, nor did they have enough evidence supporting the efficacy of the models to statistically analyze model impact. Both of these issues stem from the difficulty and expense associated with collecting experimental data in this domain.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Proceedings of the International Joint Conference on Neural Networks
Neural machine learning methods, such as deep neural networks (DNN), have achieved remarkable success in a number of complex data processing tasks. These methods have arguably had their strongest impact on tasks such as image and audio processing - data processing domains in which humans have long held clear advantages over conventional algorithms. In contrast to biological neural systems, which are capable of learning continuously, deep artificial networks have a limited ability for incorporating new information in an already trained network. As a result, methods for continuous learning are potentially highly impactful in enabling the application of deep networks to dynamic data sets. Here, inspired by the process of adult neurogenesis in the hippocampus, we explore the potential for adding new neurons to deep layers of artificial neural networks in order to facilitate their acquisition of novel information while preserving previously trained data representations. Our results on the MNIST handwritten digit dataset and the NIST SD 19 dataset, which includes lower and upper case letters and digits, demonstrate that neurogenesis is well suited for addressing the stability-plasticity dilemma that has long challenged adaptive machine learning algorithms.
Abstract not provided.
Abstract not provided.
10th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2017
In this paper, we will summarize a group of architectural principles that inform the development of secure control system architectures, followed by a methodology that allows designers to understand the attack surface of components and subsystems in a way that supports the integration of these surfaces into a single attack surface. We will then show how this methodology can be used to analyze the control system attack surface from a variety of threats, including knowledgeable insiders. We close the paper with an overview of how this approach can be folded into a more rigorous mathematical analysis of the system to define the system's security posture.
MTD 2016 - Proceedings of the 2016 ACM Workshop on Moving Target Defense, co-located with CCS 2016
Moving target defense (MTD) is an emerging paradigm in which system defenses dynamically mutate in order to decrease the overall system attack surface. Though the concept is promising, implementations have not been widely adopted. The field has been actively researched for over ten years, and has only produced a small amount of extensively adopted defenses, most notably, address space layout randomization (ASLR). This is despite the fact that there currently exist a variety of moving target implementations and proofs-of-concept. We suspect that this results from the moving target controls breaking critical system dependencies from the perspectives of users and administrators, as well as making things more difficult for attackers. As a result, the impact of the controls on overall system security is not sufficient to overcome the inconvenience imposed on legitimate system users. In this paper, we analyze a successful MTD approach. We study the control's dependency graphs, showing how we use graph theoretic and network properties to predict the effectiveness of the selected control.
Abstract not provided.
Moving target defense (MTD) is an emerging paradigm in which system defenses dynamically mu- tate in order to decrease the overall system attack surface. Though the initial concept is promising, implementations have not been widely adopted. The field has been actively researched for over ten years, and has only produced a small amount of extensively adopted defenses, most notably, address space layout randomization (ASLR). This is despite the fact that there currently exist a variety of moving target implementations and proofs-of-concept. We suspect that this results from the moving target controls breaking critical system dependencies from the perspectives of users and administrators, as well as making things more difficult for attackers. As a result, the impact of the controls on overall system security is not sufficient to overcome the inconvenience imposed on legitimate system users. In this paper, we analyze a successful MTD approach. We study the con- trol's dependency graphs, showing how we use graph theoretic and network properties to predict the effectiveness of the selected control. Then, with this framework in place, the dynamic nature of some Moving Target Defenses opens the possibility of modeling them with dynamic systems approaches, such as state space representations familiar from control and systems theory. We then use this approach to develop state space models for Moving Target Defenses, provide an analysis of their properties, and suggest approaches for using them.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
As cyber-security is becoming more and more important in systems development, engineers have begun to recognize and understand the types of errors they can introduce through hurried coding technique and design. This overall trend is certainly moving the software industry in the right direction and can lead to developing higher quality software-centric systems. Unfortunately, we have barely begun to examine the results of poor architectural choices, nor do we have much insight into what secure and securable architectures look like. In this paper, based on the past 40 years of work identifying specific security principles, we create a taxonomy of principles that address the abstract cyber-security needs of systems. We then tie these principles to studies of insecure systems architectures to demonstrate applicability. We close the paper with a description of other cyber-security taxonomies, how they specifically differ from this presented taxonomy, and add new principles to address gaps shown in taxonomic comparisons.
Abstract not provided.
Abstract not provided.
Abstract not provided.
IEEE Security and Privacy
Abstract not provided.
On September 5th and 6th, 2012, the Dynamic Defense Workshop: From Research to Practice brought together researchers from academia, industry, and Sandia with the goals of increasing collaboration between Sandia National Laboratories and external organizations, de ning and un- derstanding dynamic, or moving target, defense concepts and directions, and gaining a greater understanding of the state of the art for dynamic defense. Through the workshop, we broadened and re ned our de nition and understanding, identi ed new approaches to inherent challenges, and de ned principles of dynamic defense. Half of the workshop was devoted to presentations of current state-of-the-art work. Presentation topics included areas such as the failure of current defenses, threats, techniques, goals of dynamic defense, theory, foundations of dynamic defense, future directions and open research questions related to dynamic defense. The remainder of the workshop was discussion, which was broken down into sessions on de ning challenges, applications to host or mobile environments, applications to enterprise network environments, exploring research and operational taxonomies, and determining how to apply scienti c rigor to and investigating the eld of dynamic defense.