Wyniki wyszukiwania - BazTech

1

Protection of the EU's Critical Infrastructures: Results and Challenges

Mikac Robert

Applied Cybersecurity & Internet Governance

|

2023

|

Vol. 2, No. 1

1--25

EN

At the end of 2022 and the beginning of 2023, the EU adopted several new legislative acts aimed at improving the resilience and protection of network and information systems and critical entities across the Union. The objective of this research is to list the said acts, show their interconnections and focus specifically on the analysis of potential weaknesses of two legislative acts, namely: the NIS2 Directive and the CER Directive. The NIS2 Directive is a significant piece of legislation that aims to improve the cybersecurity of the European Union, while the CER Directive is a crucial piece of legislation that aims to improve the physical security of critical entities in the Union. These two documents are applied in parallel and contain many mutual references, which means that weaknesses in one document can have significant consequences in the implementation of the other. Therefore, through standard desk-top analysis of primary and secondary sources, this paper reviews the protection of the EU's critical infrastructures results and challenges by primarily focusing on these two documents. The research found certain weaknesses, explained them and suggested possible solutions.

2

Intelligent terrorism as a security threat to critical infrastructure

Heino Ossi

Security and Defence Quarterly

|

2022

|

Vol. 39, No. 3

33--44

EN

This paper considers terrorism as potentially ‘intelligent’, as a threat capable of abusing the critical infrastructures of societies and the related methods for knowledge production. Respectively, it sees critical infrastructures as attractive mediums for terrorist influence. The paper describes the contrast between the logic of providing security and certainty for critical infrastructures and the threat of terrorism, which is evolving in terms of its systemic capacities and intelligence. The way security is provided within critical infrastructures and the way intelligent terrorism could operate seem to separate from each other, thereby creating vulnerability. The paper seeks to enhance the conceptual understanding of this question by describing and closing the gap created by the intellectual separation. By doing so, the article will shed light on the conceptual dimension of the (in)security that has gone unnoticed in the interface between critical infrastructures and terrorism. It outlines the aforementioned dilemma and provides conceptual understanding that makes it easier to grasp and communicate further. The paper shows that the intellectual separation has weakened the possibilities for theoretically understanding and practically recognising terrorism as a phenomenon that is becoming systemically more conscious, more intelligent and potentially increasingly capable in a form of violence that exploits the basic structures of societies and the related knowledge methods for its own purposes. As a conclusion, the paper stresses the importance of profoundly critical tools. Such tools are often perceived as being undesirable or even counter-productive in figuring out the mechanism through the very means utilised in providing for security.

3

Abstraction-decomposition space for critical infrastructure systems: A framework for infrastructure planning and resilience policies

Sellevåg Stig Rune

Security and Defence Quarterly

|

2022

|

Vol. 39, No. 3

6--20

EN

The objective of this work has been to propose a framework that will aid governments with the development of more coherent and effective infrastructure planning and resilience policies through a system-of-systems approach that is grounded in theory for complex sociotechnical systems. The framework has been developed by using a work domain analysis (WDA). The WDA consists of an abstraction hierarchy analysis and a part-whole decomposition. Together, the abstraction hierarchy and the part-whole description form the abstraction-decomposition space (ADS) for which the system constraints apply. By imposing constraints, the WDA promotes design for adaptation where actors within the system are allowed to adapt their behaviour as they find appropriate without violating the system’s constraints. The proposed ADS consists of five levels of abstraction and four levels of decomposition. By applying the ADS, it will aid decision making related to the overall purposes of the critical infrastructure system, the values and priority measures that are used to assess the system’s progress towards the functional purposes, as well as formulation of infrastructure needs that are necessary to achieve the functional purposes. The framework is formative in the sense that it reveals how work can be done in the critical infrastructure system. This is important because it is not feasible to prescribe, describe and risk assess all possibilities for action that are available in complex sociotechnical systems, especially when dealing with unforeseen events. Future research should focus on finding science-based yet useful in practice ways for establishing values and priority measures that encompass sustainability issues and resilience standards.

4

Dynamic Communication Topologies for Distributed Heuristics in Energy System Optimization Algorithms

Holly Stefanie, Nieße Astrid

Annals of Computer Science and Information Systems

|

2021

|

Vol. 25

191--200

EN

The communication topology is an essential aspect in designing distributed optimization heuristics. It can influence the exploration and exploitation of the search space and thus the optimization performance in terms of solution quality, convergence speed and collaboration costs - relevant aspects for applications operating critical infrastructure in energy systems. In this work, we present an approach for adapting the communication topology during runtime, based on the principles of simulated annealing. We compare the approach to common static topologies regarding the performance of an exemplary distributed optimization heuristic. Finally, we investigate the correlations between fitness landscape properties and defined performance metrics.

5

Sensor based cyber attack detections in critical infrastructures using deep learning algorithms

Yilmaz Murat, Catak Ferhat Ozgur, Gul Ensar

Computer Science

|

2019

|

Vol. 20 (2)

213--243

EN

The technology that has evolved with innovations in the digital world has also caused an increase in many security problems. Day by day the methods and forms of the cyberattacks began to become complicated, and therefore their detection became more difficult. In this work we have used the datasets which have been prepared in collaboration with Raymond Borges and Oak Ridge National Laboratories. These datasets include measurements of the Industrial Control Systems related to chewing attack behavior. These measurements include synchronized measurements and data records from Snort and relays with the simulated control panel. In this study, we developed two models using this datasets. The first is the model we call the DNN Model which was build using the latest Deep Learning algorithms. The second model was created by adding the AutoEncoder structure to the DNN Model. All of the variables used when developing our models were set parametrically. A number of variables such as activation method, number of hidden layers in the model, the number of nodes in the layers, number of iterations were analyzed to create the optimum model design. When we run our model with optimum settings, we obtained better results than related studies. The learning speed of the model has 100\% accuracy rate which is also entirely satisfactory. While the training period of the dataset containing about 4 thousand different operations lasts about 90 seconds, the developed model completes the learning process at the level of milliseconds to detect new attacks. This increases the applicability of the model in real world environment.

6

The graph theory approach to analyze critical infrastructures of transportation systems

Guze S.

Journal of Polish Safety and Reliability Association

|

2014

|

Vol. 5, No. 2

57--62

EN

The main aim of the paper is to use algorithms and parameters of graph theory as tool to analyze the transpiration systems. To realize this goal the well-known information about graph theory algorithms and parameters will be introduced and described. The possible application of graph theory algorithms and parameters to analyze the critical infrastructures of exemplary transportation system will be shown.

7

Utrzymanie ciągłości zasilania energią elektryczną odbiorców za pomocą rozwiązań tymczasowych

Dudek B., Pilch W.

Energetyka

|

2010

|

nr 2

73-78

PL

Zastosowanie w Polsce tymczasowych technik utrzymania zasilania energią elektryczną wymaga roztropnego, ale i odważnego umocowania prawnego. W obecnym stanie regulacji prawnych najlepszym rozwiązaniem wydaje się aktywne włączenie w nurt regulacji związany z wprowadzaniem Infrastruktur Krytycznych. Dobre rozwiązanie może uwzględniać zastosowanie tymczasowych technik nie tylko w stanach poawaryjnych, ale także tam, gdzie występuje obniżenie niezawodności i/lub podwyższone ryzyko dostawy energii elektrycznej.

EN

Application of temporary techniques for keeping the continuity of power supply in Poland needs wise, but at the same time courageous legal fixation. In the present state of legal regulations it seems to be the best solution to actively join the trend connected with introducing Critical Infrastructures. A good solution can take into account the application of temporary techniques not only in after-failure conditions, but also in cases when we deal with reliability decrease and/or a raised risk of electric power supply.

8

System informacji geograficznej i techniki obrazowania satelitarnego w zastosowaniu do analizy i wizualizacji infrastruktur krytycznych i ich zagrożeń

Bruniecki K., Stepnowski A., Łubniewski Z., Kulawiak M., Buszke B.

Biuletyn Wojskowej Akademii Technicznej

|

2010

|

Vol. 59, nr 2

265-283

PL

W chwili obecnej faktem jest występowanie zarówno coraz liczniejszych zdarzeń katastroficznych powodowanych przez siły przyrody, jak też nieustanny wzrost intensywności ataków terrorystycznych na obiekty publiczne i przemysłowe. Zagrożenia tego rodzaju stają się coraz poważniejsze w odniesieniu do wielu, także tych uważanych do tej pory za bezpieczne rejonów świata, w tym Europy i Polski. Sytuacja taka wymaga podejmowania zdecydowanych i skutecznych działań, tak w skali międzynarodowej, jak i regionalnej, w celu zabezpieczenia ludności oraz majątku państwa przed tego typu zagrożeniami oraz ich skutkami. W tym kontekście, należy podkreślić istotną rolę nowatorskich narzędzi z zakresu technologii informacyjnych w przewidywaniu i ocenie zagrożeń oraz wspomaganiu minimalizacji ewentualnych strat. W artykule przedstawiono sieciowy system informacji przestrzennej do analizy i wizualizacji infrastruktur krytycznych (IK) oraz ich zagrożeń. System ten umożliwia gromadzenie, integrację, przetwarzanie, wykonywanie różnorakich analiz oraz wizualizację danych przestrzennych, w szczególności dotyczących IK miasta z różnych sektorów. System dla autoryzowanego użytkownika jest dostępny zdalnie, za pośrednictwem sieci Web z poziomu zwykłej przeglądarki internetowej. Narzędziem do wprowadzania danych na temat IK do systemu jest moduł analiz oparty na technologii CARVER2™. Zakłada ona porównywanie odmiennych typów infrastruktur przy zastosowaniu tych samych, wielorakich kryteriów oceny IK, takich jak ważność obiektu, dostępność dla ataku, odtwarzalność, wrażliwość na poszczególne rodzaje ataków. Wprowadzone do systemu dane przetwarzane są przez szereg procedur analiz przestrzennych w odniesieniu do różnych rodzajów zagrożeń, jak np. określanie strefy zagrożenia dla ataku bombowego czy chemicznego, czy granic obszaru zalanego w wyniku wycieku lub powodzi na podstawie danych o lokalizacji, rozmiarze i szybkości wycieku, numerycznego modelu terenu oraz modelu przemieszczania się i absorpcji materiału przez podłoże. System oferuje także inne narzędzia przetwarzania i analiz danych przestrzennych, jak np. narzędzia do interpolacji przestrzennej za pomocą metody odwrotnej odległości bądź funkcji sklejanych. Przedstawiono także koncepcję rozbudowy systemu o jego integrację z sensorami satelitarnej obserwacji Ziemi (Earth Observation - EO) oraz automatyczne przetwarzanie obrazów satelitarnych w celu detekcji i analizy zagrożeń. Omówiono źródła danych satelitarnych użytecznych w tym zastosowaniu oraz planowane do wykorzystania opracowane przez Europejską Agencję Kosmiczną techniki przetwarzania i udostępniania obrazów, takie jak Service Support Environment - SSE. Przedstawiony system jest aktualnie wdrażany do użytkowania przez Wydział Zarządzania Kryzysowego i OchronyLudności Urzędu Miejskiego w Gdańsku, gdzie stanowić będzie cenne narzędzie wspomagające ochronę infrastruktur krytycznych przed zagrożeniami różnego rodzaju.

EN

At present, the increase in catastrophic natural disasters as well as events of terrorist attacks against public and industrial objects is observed. Threats of this kind become more realistic and serious with respect to many regions and places in the world considered relatively safe previously, including Europe and Poland. This situation requires determined and effective actions, both in international and regional scale, for protection of people and critical infrastructures against such threats and their consequences. Within this context, in prediction of hazards and to support the activities for minimizing their results, the sort of new Information Technology achievements and solutions may be a useful aid. In the paper, the Web-Based Geographic Information System for assessment and visualization of CIs and its hazards is presented. The system allows storing, integration, processing, analysis and visualisation of spatial data on Gdańsk city area, including different CI sectors. The system is accessible remotely for an authorised user, from the Web browser level. The tool for entering the CI data to the system is implemented as the analysis module based on the CARVER2™ technology. It assumes comparison of different CI types using the same set of criteria, like criticality, accessibility, recoverability or susceptibility for different threats. Spatial data entered to the system may be processed by a set of spatial analysis procedures with respect to various threats, for instance, detection of hazard zone for a blast or chemical attack, or localisation the area affected or threaten by flood or leak, using the data on localisation, amount and speed of the leak, digital elevation model (DEM) as well as the liquid mass absorption and movement model. System offers also other tools for processing and analysis of spatial data, like spatial interpolation by inverse distance or spline methods. Presented GIS can be integrated with satellite imagery data. The main source of satellite imagery will be 1.5-m L-Band Metop-HRTP Satellite Ground Station and the EUMETCast system. It is very important to obtain the data from different satellite platforms, as different threats can be detected by different sensors. Some processing techniques and data delivery mechanisms, developed by European Space Agency, like Service Support Environment are discussed, since SSE can be very useful in obtaining satellite data from other satellites sources. Examples of threats which can be detected, by processing satellite imagery, are presented along with information about potential types of satellites, which may be practical in detecting particular threats. The system is used by the Crisis Management Department of Gdańsk City Hall as a useful tool supporting CI protection against different types of threats.

9

Infrastruktury krytyczne w elektroenergetyce

Klimpel A., Lubicki W.

Śląskie Wiadomości Elektryczne

|

2009

|

Nr 5 (86)

25--30

PL

Artykuł uzasadnia twierdzenie, że jednym z obowiązków ciążących na państwie jest zapewnienie ciągłości pracy najważniejszych systemów, tzw. Infrastruktur krytycznych. Jedną z najważniejszych jest struktura krytyczna elektroenergetyki dotycząca dostaw energii elektrycznej. Za bezpieczeństwo infrastruktury elektroenergetyki odpowiada w Polsce Operator Systemu Przesyłowego (OSP), który dba o niezawodność pracy Krajowego Systemu Elektroenergetycznego. Artykuł szczegółowo omawia pojęcie infrastruktur krytycznych i ich ochronę - na przykładzie bezpieczeństwa systemów sterowania. W podsumowaniu wyszczególniono tematy, których powinny dotyczyć działania związane z bezpieczeństwem infrastruktury krytycznej elektroenergetyki.

EN

The article proves the assertion that one of duties which have the state is to secure the continuity of work for the most important systems - named critical infrastructures. One of the most important is the critical infrastructure of electrical power engineering relating to the system of delivery of electric energy. The Transmission System Operator is in charge of the safety of critical infrastructure of electrical power engineering in Poland and it is responsible for reliability of operation of domestic electrical power engineering system. The paper discusses detailed the conception of critical infrastructures and their protection on the example of the safety of control systems. In the resume, they are specified the themes which should refer to sphere of activity relating to the safety of critical infrastructure in electrical power engineering.

10

Multi-objective genetic algorithms for the reliability analysis and optimization of electrical transmission networks

Cadini F., Zio E., Golea L. R., Petrescu C. A.

Journal of Polish Safety and Reliability Association

|

2009

|

Vol. 1

87--94

EN

The results of two applications of multi-objective genetic algorithms to the analysis and optimization of electrical transmission networks are reported to show the potential of these combinational optimization schemes in the treatment of highly interconnected, complex systems. In a first case study, an analysis of the topological structure of an electrical power transmission system of literature is carried out to identify the most important groups of elements of different sizes in the network. The importance is quantified in terms of group closeness centrality. In the second case study, an optimization method is developed for identifying strategies of expansion of an electrical transmission network by addition of new lines of connection. The objective is that of improving the transmission reliability, while maintaining the investment cost limited.

11

Safety and security governance problems of critical systems and infrastructures

Kosmowski K. T.

Journal of KONBiN

|

2006

|

No. 2

235--245

EN

This paper addresses some problems of the security and safety governance of critical systems and infrastructures. More important critical infrastructures are identified and characterized. Issues of their vulnerabilities and risks assessments are described. New challenges concerning the security and safety related decision making are specified.