Wyniki wyszukiwania - BazTech

1

Cyber risk assessment for sHips (CRASH)

Oruc A., Kavallieratos G., Gkioulos V., Katsikas S.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2024

|

Vol. 18 No. 1

115--124

EN

The maritime industry is undergoing a digital transformation, with an increasing integration of Information Technology (IT) and Operational Technology (OT) systems on modern vessels. Its multiple benefits notwithstanding, this transformation brings with it increased cybersecurity risks, that need to be identified, assessed, and managed. Although several cyber risk assessment methodologies are available in the literature, they may be challenging for experts with a maritime background to use. In this paper we propose a simple and effective cyber risk assessment methodology, named Cyber Risk Assessment for SHips (CRASH), that can be easily implemented by maritime professionals. To showcase its workings, we assessed 24 cyber risks of the Integrated Navigation System (INS) using CRASH and we validated the method by comparing its results to those of another method and by means of interviews with experts in the maritime sector. CRASH can aid shipping companies in effectively assessing cyber risks as a step towards selecting and implementing necessary measures to enhance the cyber security of cyber-physical systems onboard their vessels.

2

Automated anonymization of sensitive data on production unit

Kujawa Marcin, Piotrowski Robert

Journal of Automation Mobile Robotics and Intelligent Systems

|

2023

|

Vol. 17, No. 1

40--44

EN

The article presents an approach to data anonymization with the use of generally available tools. The focus is put on the practical aspects of using open‐source tools in conjunction with programming libraries provided by suppliers of industrial control systems. This universal ap‐ proach shows the possibilities of using various operating systems as a platform for process data anonymization. An additional advantage of the described approach is the ease of integration with various types of advanced data analysis tools based both on the out‐of‐the‐box approach (e.g., business intelligence tools) as well as customized solutions. The discussed case describes the anonymiza‐ tion of data for the needs of sensitive analysis by a wider group of recipients during the construction of a predictive model used to support decisions.

3

Business continuity management framework for Industry 4.0 companies regarding dependability and security of ICT and ICS/SCADA system

Kosmowski Kazimierz T.

Safety and Reliability of Systems and Processes

|

2021

|

Summer Safety and Reliability Seminar 2021

249--270

EN

This chapter addresses a business continuity management (BCM) framework for the Industry 4.0 companies including the organizational and technical solutions, regarding the dependability and security of the information and telecommunication technology (ICT), and the industrial control system (ICS)/supervisory control and data acquisition (SCADA) system. These technologies and systems play nowadays important roles in modern advanced manufacturing systems and process plants due to their openness to external systems and networks using various communication channels. It gives on the one hand, some advantages in effective realization of technological and business processes, logistics and distribution of goods, but, on the other hand, makes the company assets and resources potentially vulnerable to some threats with relevant risks. The chapter outlines some ideas related to designing a business continuity management system (BCMS) based on defined processes and procedures. Such system includes planning of changes in organization/industrial company, nonconformity issues, and planning corrective actions. In a final part of this chapter the leadership importance, and staff awareness and responsibility are emphasized to create a robust and healthy corporate culture based on accepted values, properly spread among the employees. It is beneficial for shaping good organizational culture, and then safety and security culture. The BCM approach outlined in this chapter distinguishes both preventive and recovery activities regarding suggestions in selected international standards and domain publications.

4

Integrated functional safety and cybersecurity. Analysis method for smart manufacturing systems

Kosmowski Kazimierz T., Śliwiński Marcin, Piesik Jan

TASK Quarterly : scientific bulletin of Academic Computer Centre in Gdansk

|

2019

|

Vol. 23, No 2

177--207

EN

This article addresses integrated functional safety and cybersecurity analysis with regard to: the generic functional safety standard IEC 61508 and the cyber security standard IEC 62443 concerning an industrial automation and control system (IACS). The objective is to mitigate the vulnerability of information technology (IT) and operational technology (OT) systems, and reduce relevant risks taking into account a set of fundamental requirements (FRs). A method is proposed for determining and verifying the performance level (PL) or the safety integrity level (SIL) of defined safety functions, and then validating these levels depending on the security level (SL) of a particular domain,e.g.a safety related control system (SRCS). The method is general in the sense that it is based on risk graphs prepared for individual risk and/or societal/group risk with regard to the criteria defined.

5

Decision support methods in cybersecurity education

Komorowski Tomasz M., Klasa Tomasz

TASK Quarterly : scientific bulletin of Academic Computer Centre in Gdansk

|

2019

|

Vol. 23, No 2

245--256

EN

Even the best technology will be ineffective if not used appropriately, therefore education and training about cybersecurity principles and programs are essential components of any cybersecurity strategy. This article presents selected models of the decision support theory from the point of view of cybersecurity education. The analysis of scientific literature and the available research results serve as a base to characterize approaches to raise the awareness of decision-makers about potential cyber threats and the development of appropriate attitudes and the conscious use of information systems and digital resources. The main part of the article is devoted to the issue of the use of teaching methods to increase the involvement of learners. It also describes examples of selected models of the game theory used in IT security education, including examples of simulation games dedicated to decision-making in the domain of IT security.

6

Pewnego razu na Ukrainie…

Gęborys P., Kowalczuk K.

Nowa Energia

|

2016

|

nr 4

59--64

PL

Było mroźne grudniowe popołudnie. W jednej z dyspozytorni firmy Kievoblenergo obsługującej sieć dystrybucji w regionie kijowskim na zachodniej Ukrainie operatorzy szykowali się do zdania swojej zmiany i pójścia do domu. Nagle jeden z nich zauważył niecodzienne zachowanie się swojej konsoli systemu sterującego siecią elektroenergetyczną. Kursor myszy zaczął sam poruszać się po ekranie w stronę opcji sterowania rozłącznikami. Zdziwiony pracownik obserwował jak na ekranie zaczęły otwierać się kolejne okienka systemu i kolejne rejony energetyczne były odcinane od głównych linii dystrybucyjnych. Próby odzyskania kontroli nad konsolami w całym centrum nie przynosiły rezultatu. Chwilę później ekran systemu zgasł...

7

IT-OT oraz rozwiązania chmurowe płaszczyzną rozwoju energetyki wytwórczej

Kowalski F.

Nowa Energia

|

2016

|

nr 4

53--55

PL

Zmieniające się otoczenie ekonomiczne oraz coraz większa dynamika rynku energii wpływa znacząco na procesy decyzyjne, jakie mają miejsce w przedsiębiorstwach na nim operujących. Różnice pomiędzy modelem działania dużej energetyki wytwórczej opartej o źródła konwencjonalne, energetyki odnawialnej ze źródeł wodnych czy rozproszonej takiej jak wiatr i fotowoltaika - wymagają przyłożenia trochę różnych miar do priorytetów biznesowych, możliwości i ograniczeń technicznych oraz kwestii środowiskowych.