Relevant bibliographies by topics / Control-oriented attacks

Academic literature on the topic 'Control-oriented attacks'

Author: Grafiati
Published: 10 December 2022
Last updated: 28 January 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Contents

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Control-oriented attacks.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Control-oriented attacks"

1

Cheng, Long, Salman Ahmed, Hans Liljestrand, Thomas Nyman, Haipeng Cai, Trent Jaeger, N. Asokan, and Danfeng (Daphne) Yao. "Exploitation Techniques for Data-oriented Attacks with Existing and Potential Defense Approaches." ACM Transactions on Privacy and Security 24, no. 4 (November 30, 2021): 1–36. http://dx.doi.org/10.1145/3462699.

Full text
Abstract:
Data-oriented attacks manipulate non-control data to alter a program’s benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this survey article, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming (BOP) attacks, to their assumptions/requirements and attack capabilities. Then, we compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. It is generally believed that control flows may not be useful for data-oriented security. However, data-oriented attacks (especially DOP attacks) may generate side effects on control-flow behaviors in multiple dimensions (i.e., incompatible branch behaviors and frequency anomalies). We also characterize control-flow anomalies caused by data-oriented attacks. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.
APA, Harvard, Vancouver, ISO, and other styles
2

Pisu, Pierluigi, Jim Martin, and Zoleikha Abdollahi Biron. "A Control Oriented Perspective for Security in Connected and Automated Vehicles." Mechanical Engineering 139, no. 12 (December 1, 2017): S17—S20. http://dx.doi.org/10.1115/1.2017-dec-10.

Full text
Abstract:
This article provides an overview of the potential attacks that can impact connected vehicles (CV) technologies and highlights how a resilient control scheme can be effective to mitigate the effect of these attacks by allowing the system to safely operate with reduced performance. CVs endure several challenges that can occur due to cyberattacks with purposes of disrupting the performance of the connected vehicles system. To improve safety and security, advanced vehicular control systems must be designed to be resilient to cyberattacks. The attack detection and switching strategy is formulated as an MPC-like optimization problem, where the control variable is constrained to a specific strategy and applied in a receding horizon fashion. The choice of the cost function plays an important role in the performance of the system. The results of the switching strategy show that in comparison with the perfect case—in which the attacks are perfectly identified and the correct strategy selected immediately—there is approximately a 22 percent strategy improvement that could still be achieved by changing the switching strategy.
APA, Harvard, Vancouver, ISO, and other styles
3

Sánchez, Helem S., Damiano Rotondo, Teresa Escobet, Vicenç Puig, and Joseba Quevedo. "Bibliographical review on cyber attacks from a control oriented perspective." Annual Reviews in Control 48 (2019): 103–28. http://dx.doi.org/10.1016/j.arcontrol.2019.08.002.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Ma, Jian Hong, and Li Xia Ji. "Shrew Attack on Internet Congestion Control Protocol in Control Engineering." Advanced Materials Research 648 (January 2013): 277–80. http://dx.doi.org/10.4028/www.scientific.net/amr.648.277.

Full text
Abstract:
Low-rate Denial of Service(LDoS) attacks with their hidden,high efficiency features can significantly degrade service performance of large number of connection-oriented services,or even worse,thoroughly deny the services.Shrew attack is a typical LDoS attack.Firstly we studied the basic mechanism of the attack and congestion control.The source of adaptive congestion control mechanism in the security vulnerability was revealed according to the different levels of the intrinsic link between Internet congestion control at TCP layer and IP layer.Secondly,using the Network simulator NS2 software package,we set up attack model to simulate a large number of attack experiments with various congestion control mechanism and algorithms.Finally we draw the conclusions that continuous Shrew attack makes services nearly crash,while congestion control algorithms taking into account of fairness,such as Stochastic Fairness Queuing (SFQ) and Deficit Round Robin (DRR),can effectively suppress such kind of attack.
APA, Harvard, Vancouver, ISO, and other styles
5

Bhardwaj, Akashdeep, Fadi Al-Turjman, Manoj Kumar, Thompson Stephan, and Leonardo Mostarda. "Capturing-the-Invisible (CTI): Behavior-Based Attacks Recognition in IoT-Oriented Industrial Control Systems." IEEE Access 8 (2020): 104956–66. http://dx.doi.org/10.1109/access.2020.2998983.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Tian, Wan Li, Lian Zhong Liu, and Meng Liu. "Roles Generation for Applications in RBAC Model." Applied Mechanics and Materials 411-414 (September 2013): 35–39. http://dx.doi.org/10.4028/www.scientific.net/amm.411-414.35.

Full text
Abstract:
RBAC has been widely used for the reason of its efficiency, convenience and safety. But as the traditional user-oriented access control strategy, the RBAC carries the disadvantage of user-oriented access control as well. It always assumes that the application is credible and the behavior of the program represents the wishes of the user. However, this assumption is increasingly proving to be false and numbers of prevalent types of security attacks leverage this weakness to misuse the authority of users. Based on RBAC and learn from the concept of FBAC, this paper will proposed a solution about generating roles for application.
APA, Harvard, Vancouver, ISO, and other styles
7

Delgado, Raimarius, Jaeho Park, Cheonho Lee, and Byoung Wook Choi. "Safe and Policy Oriented Secure Android-Based Industrial Embedded Control System." Applied Sciences 10, no. 8 (April 17, 2020): 2796. http://dx.doi.org/10.3390/app10082796.

Full text
Abstract:
Android is gaining popularity as the operating system of embedded systems and recent demands of its application on industrial control are steadily increasing. However, its feasibility is still in question due to two major drawbacks: safety and security. In particular, ensuring the safe operation of industrial control systems requires the system to be governed by stringent temporal constraints and should satisfy real-time requirements. In this sense, we explore the real-time characteristics of Xenomai to guarantee strict temporal deadlines, and provide a viable method integrating Android processes to real-time tasks. Security is another issue that affects safety due to the increased connectivity in industrial systems provoking a higher risk of cyber and hardware attacks. Herein, we adopted a hardware copy protection chip and enforced administrative security policies in the booting process and the Android application layer. These policies ensure that the developed system is protected from physical tampering and unwanted Android applications. The articulacy of the administrative policies is demonstrated through experiments. The developed embedded system is connected to an industrial EtherCAT motion device network exhibiting operability on an actual industrial application. Real-time performance was evaluated in terms of schedulability and responsiveness, which are critical in determining the safety and reliability of the control system.
APA, Harvard, Vancouver, ISO, and other styles
8

Wang, Zibo, Yaofang Zhang, Zhiyao Liu, Tongtong Li, Yilu Chen, Chen Yang, Bailing Wang, and Zhusong Liu. "A Prioritizing Interdiction Surface-Based Vulnerability Remediation Composite Metric for Industrial Control Systems." Wireless Communications and Mobile Computing 2022 (May 29, 2022): 1–16. http://dx.doi.org/10.1155/2022/6442778.

Full text
Abstract:
Recently, industrial control system (ICS) has gradually been a primary attack target. The main reason is that increasing vulnerabilities exposed provide opportunities for launching multistep and multihost attacks to breach security policies. To that end, vulnerability remediations are crucial for the ICS. However, there exist three problems to be tackled in a sound way. First of all, it is impractical to remove all vulnerabilities for preventing the multistep and multihost attacks in the consideration of the actual ICS demands. Secondly, ranking vulnerability remediations lacks a guidance. The last problem is that there is a lack of a metric for qualifying the security level after each remediation. In this paper, an ICS-oriented assessment methodology is proposed for the vulnerability remediations. It consists of three phases corresponding to the above problems, including (1) prioritizing Interdiction Surfaces, (2) ranking vulnerability remediations, and (3) calculating composite metrics. The Interdiction Surface describes a minimum set of vulnerabilities of which the complete removal may interdict all discovered attack paths in the system. Particularly, it innovates to take the urgent security demands of the ICS into account. Subsequently, ranking the vulnerability in the optimal Interdiction Surface is conducive to guide the remediations with the priority. A composite metric is ultimately given to assess the security level after vulnerability remediations. The effectiveness of the proposed methodology is validated in an ICS scenario which is similar to the real-world practice. Results show that the entire procedure is suitable for the context of the ICS. Simultaneously, the composite metric enhances both the comprehensiveness and the compatibility in contrast with attack path-based metrics. Hence, it overcomes the shortcomings when they are used in isolation.
APA, Harvard, Vancouver, ISO, and other styles
9

Baig, Ahmed Fraz, and Sigurd Eskeland. "Security, Privacy, and Usability in Continuous Authentication: A Survey." Sensors 21, no. 17 (September 6, 2021): 5967. http://dx.doi.org/10.3390/s21175967.

Full text
Abstract:
Continuous authentication has been proposed as a possible approach for passive and seamless user authentication, using sensor data comprising biometric, behavioral, and context-oriented characteristics. Since these are personal data being transmitted and are outside the control of the user, this approach causes privacy issues. Continuous authentication has security challenges concerning poor matching rates and susceptibility of replay attacks. The security issues are mainly poor matching rates and the problems of replay attacks. In this survey, we present an overview of continuous authentication and comprehensively discusses its different modes, and issues that these modes have related to security, privacy, and usability. A comparison of privacy-preserving approaches dealing with the privacy issues is provided, and lastly recommendations for secure, privacy-preserving, and user-friendly continuous authentication.
APA, Harvard, Vancouver, ISO, and other styles
10

Genge, Béla, Piroska Haller, Adrian-Vasile Duka, and Hunor Sándor. "A lightweight key generation scheme for end-to-end data authentication in Industrial Control Systems." at - Automatisierungstechnik 67, no. 5 (May 27, 2019): 417–28. http://dx.doi.org/10.1515/auto-2019-0017.

Full text
Abstract:
Abstract The recent advances in technology had an exceptional impact on the performance optimization and the provisioning of more flexible Industrial Control Systems (ICS). Nevertheless, most ICS communication protocols, as they are currently and widely implemented, are extremely vulnerable to various cyber attacks. This paper proposes a lightweight application-oriented data authentication scheme applicable to existing ICS infrastructures by adopting the characteristics and computational advantages of hash functions and hash chains. Extensive experimental results on a Phoenix Contact industrial controller, which runs the control logic of a real ICS implemented in a Romanian gas transportation network, demonstrate the effectiveness of the proposed scheme and its immediate applicability to existing installations.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Control-oriented attacks"

1

Song, Sui. "Flow-oriented anomaly-based detection of denial of service attacks with flow-control-assisted mitigation." Thesis, 2006. http://library1.njit.edu/etd/fromwebvoyage.cfm?id=njit-etd2006-036.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Ersan, Erkan. "On the (in)security of behavioral-based dynamic anti-malware techniques." Thesis, 2017. http://hdl.handle.net/1828/7935.

Full text
Abstract:
The Internet has become the primary vector for the delivery of malicious code in cyber attacks, and malware has rapidly become a pervasive critical threat. Anti- malware products offer effective protection from malware threats for servers and endpoint devices using a variety of techniques. Advanced enterprise-level anti-malware products rely on state-of-art behavioral-based detection algorithms, in addition to traditional signature-based mechanisms. These dynamic detection techniques have been around for more than a decade and in response hackers have developed methods to evade them. However, currently known bypass methods require intensive manual labor. Moreover, this manual work has to be repeated whenever a parameter of the environment (such as the payload, operating system, Antivirus version, etc) changes, making these methods impractical. This may lead to the belief that dynamic techniques provide a good deterrence, and hence good protection. In this thesis we evaluate dynamic techniques. Specifically, we build tools to implement generic unhooking and funneling, and using these tools we show how dynamic techniques can be bypassed with considerably less effort than by fully manual methods. We also extend the repertoire of existing bypass methods and introduce a new malicious function call technique which exploits detection techniques that monitor a limited collection of critical system functions, as well as a method for bypassing guard-page protections. We demonstrate the effectiveness of all our techniques by conducting attacks against two enterprise antivirus products. Our results lead us to conclude that that dynamic techniques do not provide sufficient protection.
Graduate
2018-02-07
0984
erkanersan@gmail.com
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Control-oriented attacks"

1

Caldeira, Filipe, Tiago Cruz, Paulo Simões, and Edmundo Monteiro. "Towards Protecting Critical Infrastructures." In Advances in Digital Crime, Forensics, and Cyber Terrorism, 121–65. IGI Global, 2015. http://dx.doi.org/10.4018/978-1-4666-8456-0.ch007.

Full text
Abstract:
Critical Infrastructures (CIs) such as power distribution are referred to as “Critical” as, in case of failure, the impact on society and economy can be enormous. CIs are exposed to a growing number of threats. ICT security plays a major role in CI protection and risk prevention for single and interconnected CIs were cascading effects might occur. This chapter addresses CI Protection discussing MICIE Project main results, along with the mechanisms that manage the degree of confidence assigned to risk alerts allowing improving the resilience of CIs when faced with inaccurate/inconsistent alerts. The CockpitCI project is also presented, aiming to improve the resilience and dependability of CIs through automatic detection of cyber-threats and the sharing of real-time information about attacks among CIs. CockpitCI addresses one MICIE's shortcoming by adding SCADA-oriented security detection capabilities, providing input for risk prediction models and assessment of the operational status of the Industrial Control Systems.
APA, Harvard, Vancouver, ISO, and other styles
2

Toapanta Toapanta, Segundo Moisés, Yaritza Julieth Terán Terranova, Bertha Alice Naranjo Sánchez, and Luis Enrique Mafla Gallegos. "Security and Privacy in Information Management in a Distributed Environment for Public Organizations." In Fuzzy Systems and Data Mining VI. IOS Press, 2020. http://dx.doi.org/10.3233/faia200716.

Full text
Abstract:
Security and privacy problems in information management are evident in public organizations. The objective of this research is the analisys risks that these organizations run, since computer attacks have increased along with both internal and external threats. Causing information and database thefts, there are risk analysis methodologies which are oriented to the objective for the preservation of guaranteeing the security and privacy of the information. Were used the deductive method and exploratory research to analyze the articles in the references and in the information available online and MAGERIT methodology what protects the information in its integrity, confidentiality and availability guaranteeing the security of the system and processes of public organizations. It turned out a Control of Security and Privacy factors, Threat Probability, Risk Assessment Formula, Prototype of Risk Management for Public Organizations and Privacy and security factor formula. It was concluded that MAGERIT is an alternative what allow mitigate the vulnerabilitys, threat and risks its processes in public organizations for protecting their information.
APA, Harvard, Vancouver, ISO, and other styles
3

Ellefsen, Ian, and Sebastiaan von Solms. "A Community-Oriented Approach to CIIP in Developing Countries." In Securing Critical Infrastructures and Critical Control Systems, 240–61. IGI Global, 2013. http://dx.doi.org/10.4018/978-1-4666-2659-1.ch010.

Full text
Abstract:
Developing countries are fast becoming players in an increasingly interconnected world. Many developing countries are making use of technological solutions to address unique challenges. However, in many cases, this growth is not accompanied with the development of appropriate information infrastructure protection structures. As technological solutions are deployed in developing countries, there will be a large number of new users gaining access to Internet-based systems. In many cases, these new users might lack the skills necessary to identify computer security threats. Inadequate cyber security measures can increase the risk and impact of cyber attacks. The development of internal structures to address Critical Information Infrastructure Protection (CIIP) is dependent on the environment in which it will be deployed. Therefore, traditional CIIP structures might not adequately address the technological challenges found in developing countries. In this chapter, the authors aim to address the development of CIIP structures in developing regions by elaborating on the set of unique challenges that exist. Furthermore, they aim to present a community-oriented structure aimed at providing CIIP, in what they refer to as a “bottom-up” manner. The larger aim of CIIP structures in developing regions is to support the future development and deployment of cyber security mechanisms and to allow developing countries to play a trusted role in global cyber security efforts.
APA, Harvard, Vancouver, ISO, and other styles
4

Abassi, Ryma. "Trust Management in Vehicular Ad hoc NETwork." In Security and Privacy in Smart Sensor Networks, 47–62. IGI Global, 2018. http://dx.doi.org/10.4018/978-1-5225-5736-4.ch003.

Full text
Abstract:
A vehicular ad hoc network (VANET) is a self-organized network that can be formed by connecting vehicles equipped with on-board units. Two types of communications are provided in VANET: vehicular-to-vehicular and vehicular-to-infrastructure. In the first communication type, vehicles communicate directly, whereas in V2I, vehicles communicate through routers called road side units (RSU). Trusted authorities control the network. VANET can be used in several cases. However, the main applications of VANET are oriented to safety issues. In such context, a security problem can have disastrous consequences. In fact, an attacker can be tempted to forward false information in order to obtain some privileges such as road liberation, etc. Hence, evaluating the reliability of transmissions is vital. Trust can be used to promote such healthy collaboration. In fact, trust enables collaborating vehicles to counter their uncertainty and suspicion by establishing trustworthy relationships. The main contribution of this chapter is then the proposition of a trust-based security scheme for VANET.
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Control-oriented attacks"

1

Hu, Hong, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang. "Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks." In 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 2016. http://dx.doi.org/10.1109/sp.2016.62.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Biernacki, Lauren, Mark Gallagher, Valeria Bertacco, and Todd Austin. "Thwarting Control Plane Attacks with Displaced and Dilated Address Spaces." In 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, 2020. http://dx.doi.org/10.1109/host45689.2020.9300273.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Ogunsanya, B. O., and A. J. Ifebajo. "Developing a Proactive Environmental Management System (PEMS) in Offshore West Africa." In ASME 2001 Engineering Technology Conference on Energy. American Society of Mechanical Engineers, 2001. http://dx.doi.org/10.1115/etce2001-17082.

Full text
Abstract:
Abstract Every industry that seeks to remain efficient and relevant in this millennium should constantly be looking for ways of becoming more environmentally responsible — no business may call itself efficient if it threatens the environment within which it operates. As the quest for hydrocarbons intensifies in our deeper waters, we see environmental performance quality playing an increasingly critical role in every company’s business performance. In the last couple of years, reports from onshore E&P activities in Nigeria have shown that operating in the Niger Delta region poses some of the toughest challenges in the world. This region has witnessed a spate of attacks on oil and gas facilities, staff and contractors. Consequently, major oil and gas players have to contend with complex operational uncertainties due to increased pressures from the local communities for improved environmental control measures. In this project, we have outlined safe and effective plans, actions, and procedures to help pre-empt these pressures; maintain harmony with local communities, and effectively manage operational uncertainties within complex environmental settings like the Nigerian Niger Delta area. A proactive environmental management style based on continuous consultation, goal-oriented monitoring, as well as a continuous improvement attitude (CIA) are some of the various solutions proposed in this work. Finally, we are confident that this kind of environmental management system will undoubtedly enhance the economic viability, as well as the global competitiveness of our deep-water fields in offshore West Africa.
APA, Harvard, Vancouver, ISO, and other styles
4

Peng, Yong, Yu Wang, Chong Xiang, Xifeng Liu, Zhe Wen, Dongqing Chen, and Chaojun Zhang. "Cyber-Physical Attack-Oriented Industrial Control Systems (ICS) Modeling, Analysis and Experiment Environment." In 2015 International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP). IEEE, 2015. http://dx.doi.org/10.1109/iih-msp.2015.110.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Niether, Sebastian, Bernhard Bobusch, David Marten, Georgios Pechlivanoglou, Christian Navid Nayeri, and Christian Oliver Paschereit. "Development of a Fluidic Actuator for Adaptive Flow Control on a Thick Wind Turbine Airfoil." In ASME Turbo Expo 2014: Turbine Technical Conference and Exposition. American Society of Mechanical Engineers, 2014. http://dx.doi.org/10.1115/gt2014-25922.

Full text
Abstract:
Wind turbines are exposed to unsteady incident flow conditions such as gusts or tower interference. These cause a change in the blades’ local angle of attack, which often leads to flow separation at the inner rotor sections [1]. Recirculation areas and dynamic stall may occur, which lead to an uneven load distribution along the blade. In this work a fluidic actuator is developed that reduces flow separation. The functional principle is adapted from a fluidic amplifier. High pressure air fed by an external supply flows into the interaction region of the actuator. Two control ports, oriented perpendicular to the inlet, allow for a steering of the actuation flow. One of the control ports is connected to the suction side, the other to the pressure side of the airfoil. Depending on the pressure difference that varies with the angle of attack, the actuation air is directed into one of four outlet channels. These guide the air to different chordwise exit locations on the airfoil’s suction side. The appropriate actuation location adjusts automatically according to the pressure difference between the control ports and therefore incidence. Suction side flow separation is delayed as the boundary layer is enriched with kinetic energy. Experiments were conducted on a DU97-W-300 airfoil [2] at Re = 2.2 · 105. Compared to the baseline, changes in lift with angle of attack were reduced by an order of magnitude. An AeroDyn simulation of a full wind turbine rotor was performed that compares the baseline to a rotor design with adaptive flow control.
APA, Harvard, Vancouver, ISO, and other styles
6

Yu, Jinghua, Stefan Wagner Stefan Wagner, and Feng Luo. "A STPA-based Approach for Systematic Security Analysis of In-vehicle Diagnostic and Software Update Systems." In FISITA World Congress 2021. FISITA, 2021. http://dx.doi.org/10.46720/f2020-ves-020.

Full text
Abstract:
With the continuing innovations in the safety and intelligence of automobiles, the connectivity of vehicles increases which comes with also increasing security challenges. The in-vehicle diagnostics and software update system, which is an essential part of modern vehicles that supports remote diagnostics and Over-The-Air (OTA) firmware or configuration updates, is a common attack goal in automobiles. Adversaries can inject malicious software into vehicles or steal sensitive information through in-vehicle channels. Therefore, security needs to be considered during system design. Security analysis discusses potential security issues and derives related items, like threats, risk assessment and constraints, to guide secure design. However, all security analyses of such an in-vehicle system are threats-oriented, which start from threat identification and assess risks of identified threats. In this paper, a top-down system-oriented approach is proposed on the basis of the System-Theoretic Process Analysis (STPA) approaches, which are a set of hazard analysis techniques based on the System-Theoretic Accident Model and Processes (STAMP). Since constructing control structures is an essential step in the STPA approaches, it is hard to apply STPA to systems with few control actions and a strong focus on data flows. The proposed approach extends the original STPA from the perspective of data flows and is applicable for software-intensive or data-flow-based systems. We propose an abstract system model of in-vehicle diagnostics and software update systems and use it to propose a security analysis guideline. We identify losses, hazards, insecure function behaviours and loss scenarios of this class of systems to support concrete analyses and present an example case. Comparing with other threat-oriented approaches, the STPA-based approach shifts from focusing on threats to system vulnerabilities. The former cannot be controlled by system designers, but the latter can. The proposed approach provides a new perspective for recognizing system and security issues and is efficient to prevent the system from known or even unknown threats. Furthermore, the STPA approaches have been proved to be suitable for high-level systems, like socio-technical systems, and applicable for various fields, including safety, security and privacy. As an extension of the STPA approaches, the proposed one can be well integrated into the analysis at a higher level and perform a co-analysis of vehicle systems between safety and security with a unified analysis framework.
APA, Harvard, Vancouver, ISO, and other styles
7

Aziminejad, Arash. "A Cyber-Physical Security Framework for Rail Transportation Data Systems." In 2022 Joint Rail Conference. American Society of Mechanical Engineers, 2022. http://dx.doi.org/10.1115/jrc2022-78167.

Full text
Abstract:
Abstract The rail transport networks have become overwhelmingly digital, with a diverse range of data traffic flowing across systems to track, monitor, and control both electronic/electrical and mechanical subsystems. Introduction of advanced electronic platforms and communications across networks supporting mission-critical public services have significantly emphasized the challenge for detection, containment, and remediation of possible disruptions. Moreover, as the tendency for Internet-of-Things grows among field hardware and control systems, the added vulnerabilities further augment the potential for availability outages and hostile or non-premeditated disruptions to physical assets. Hence, there is a need to develop a cyber-physical perspective to analyze and assess cross-domain attack/defense scenarios and intricate physical repercussions of cyber breaches. The presented research aims to elaborate on characteristics of a comprehensive, holistic, and integrated cyber-physical framework in the context of rail transportation, where instead of the traditional data protection and privacy concerns, the focus revolves around safety-oriented operational resilience and integrity. As a main contribution of the research, the planning challenges involved with implementation of an enterprise-wide cybersecurity vulnerability management methodology are investigated at both strategic and tactical levels. Based on lessons learned from practical real-life project scenarios, best practices recommendations are proposed to mitigate the cyber risk more efficiently and enhance safety, availability, and integrity of the protected network and physical assets.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Control-oriented attacks' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography