Filters
total: 58
filtered: 40
Search results for: CYBERSECURITY
-
Cybersecurity in the Electricity Sector
PublicationThis book offers a systematic explanation of cybersecurity protection of electricity supply facilities, including discussion of related costs, relevant standards, and recent solutions. The author explains the current state of cybersecurity in the electricity market, and cybersecurity standards that apply in that sector. He then offers a systematic approach to cybersecurity management, including new methods of cybersecurity assessment,...
-
A rough cut cybersecurity investment using portfolio of security controls with maximum cybersecurity value
Publication -
SERVICE-ORIENTED CYBERSPACE FOR IMPROVING CYBERSECURITY
PublicationThe paper presents a cyberspace model where different categories of IT services are offered and used largely. A general cybersecurity policy is considered and the corresponding cybersecurity strategies are shown. The role of such technologies as: Internet of Things, Cloud Computing and Big Data is analyzed in order to improve the cybersecurity of a cyberspace. A new kind of service oriented cyberspace is proposed and its main properties...
-
A Plan for Training Global Leaders in Cybersecurity
PublicationReferat prezentuje wizję globalnego uniwersytetu, który będzie kształcił potencjalnych liderów w obszarze globalnego cyber-bezpieczeństwa. Opisuje on profil absolwenta z uwzględnieniem kompetencji technicznych, organizacyjnych, psychologiczno-socjologicznych i etycznych, a następnie przedstawia drogę realizacji tej wizji z uwzględnieniem istniejących zasobów.
-
A Review of Standards with Cybersecurity Requirements for Smart Grid
PublicationAssuring cybersecurity of the smart grid is indispensable for the reliable operation of this new form of the electricity network. Experts agree that standardised solutions and practices should be applied in the first place. In recent years many new standards for smart grids have been published, which paradoxically results in the difficulty of finding a relevant publication in this plethora of literature. This paper presents results...
-
Review of Cybersecurity Assessment Methods: Applicability Perspective
PublicationCybersecurity assessments are crucial in building the assurance that vital cyberassets are effectively protected from threats. Multiple assessment methods have been proposed during the decades of the cybersecurity field. However, a systematic literature search described in this paper reveals that their reviews are practically missing. Thus, the primary objective of this research was to fulfil this gap by comprehensively identifying...
-
Cybersecurity Assessment Methods—Why Aren’t They Used?
PublicationA recent survey of cybersecurity assessment methods proposed in academic and research environments revealed that their adoption in operational settings was extremely scarce. At the same time, the frameworks developed by industrial communities have been met with broad reception. The question arises of what contributed to the success of the methods. To answer it, three-part research that employed evaluation criteria, qualitative...
-
Standards with cybersecurity controls for smart grid - A systematic analysis
PublicationIn recent years numerous standards related to the cybersecurity of smart grids have been published, which led to the challenge for operators in obtaining indications that match their specific objectives and contexts. Although several studies approached this problem by providing more or less comprehensive surveys and overviews of smart grid cybersecurity standards, none of them was dedicated to the actual and important subject of...
-
EE-ISAC—Practical Cybersecurity Solution for the Energy Sector
PublicationA recent survey of cybersecurity assessment methods proposed by the scientific community revealed that their practical adoption constitutes a great challenge. Further research that aimed at identifying the reasons for that situation demonstrated that several factors influence the applicability, including the documentation level of detail, the availability of supporting tools, and the continuity of support. This paper presents the...
-
Cybersecurity and Privacy in Standards for Smart Grids – a Comprehensive Survey
PublicationResilient information and communications technologies are a prerequisite for reliable operation of smart grid. In recent years, many standards for the new form of electricity network have been proposed, which results in operators and other smart grid stakeholders having difficulties in finding the documents which can be related to their particular problems. The purpose of this paper is to bring in all smart grid standards that...
-
Building a cybersecurity culture of public administration system in Poland
Publication -
Choosing the Right Cybersecurity Solution: A Review of Selection and Evaluation Criteria
PublicationInformation technologies evolve continuously reaching pioneering areas that bring in new cybersecurity challenges. Security engineering needs to keep pace with the advancing cyberthreats by providing innovative solutions. At the same time, the foundations that include security and risk assessment methodologies should remain stable. Experts are offered with an extensive portfolio of solutions and an informed choice of a particular...
-
Evaluating the Cost of Personnel Activities in Cybersecurity Management: A Case Study
PublicationThe methods of cybersecurity costs' evaluation are inclined towards the cost of incidents or technological acquirements. At the same time, there are other, less visible costs related to cybersecurity that require proper recognition. These costs are associated with the actions and the time spent by employees on activities connected to cybersecurity management. The costs form a considerable component of cybersecurity expenditures,...
-
ISO/IEC 27001-Based Estimation of Cybersecurity Costs with Caspea
PublicationIn the contemporary, knowledge-based economy, enterprises are forced to bear the costs related to cybersecurity. While breaches negatively affect companies' budgets, accurate decisions on security investments result in visible savings. At the same time, cybersecurity cost assessment methods that support these decisions are lacking. Caspea addresses the gap by enabling the estimation of costs related to personnel activities involved...
-
Functional Safety and Cybersecurity Analysis and Management in Smart Manufacturing Systems
PublicationThis chapter addresses some of the issues of the integrated functional safety and cybersecurity analysis and management with regard to selected references and the functional safety standards: IEC 61508, IEC 61511, ISO 13849-1 and IEC 62061, and a cybersecurity standard IEC 62443 that concerns the industrial automation and control systems. The objective is to mitigate the vulnerability of industrial systems that include the information...
-
Integrated Functional Safety and Cybersecurity Evaluation in a Framework for Business Continuity Management
PublicationThis article outlines an integrated functional safety and cybersecurity evaluation approach within a framework for business continuity management (BCM) in energy companies, including those using Industry 4.0 business and technical solutions. In such companies, information and communication technology (ICT), and industrial automation and control system (IACS) play important roles. Using advanced technologies in modern manufacturing...
-
Supporting Cybersecurity Compliance Assessment of Industrial Automation and Control System Components
PublicationThe chapter presents a case study demonstrating how security requirements of an Industrial Automation and Control System (IACS) component can be represented in a form of Protection Profile that is based on IEC 62443 standards and how compliance assessment of such component can be supported by explicitly representing a conformity argument in a form based on the OMG SACM meta-model. It is also demonstrated how an advanced argument...
-
Estimating the Cost of Cybersecurity Activities with CAsPeA: A Case Study and Comparative Analysis
PublicationContemporary approaches to the estimation of cybersecurity costs in organisations tend to focus on the cost of incidents or technological investments. However, there are other, less transparent costs related to cybersecurity management that need to be properly recognised in order to get a complete picture. These costs are associated with everyday activities and the time spent by employees on cybersecurity-related actions. Such...
-
Current issues of functional safety and cybersecurity analysis of the industrial and critical infrastructures
PublicationThis article addresses some functional safety assessment procedures with cybersecurity aspects in critical industrial installations with regard to the functional safety requirements specified in standards IEC 61508 and IEC 61511. The functional safety management includes hazard identification, risk analysis and assessment, specification of overall safety requirements and definition of safety functions. Based on the risk assessment...
-
INTEGRATED FUNCTIONAL SAFETY AND CYBERSECURITY ANALYSIS METHOD FOR SMART MANUFACTURING SYSTEMS
PublicationThis article addresses integrated functional safety and cybersecurity analysis with regard to: the generic functional safety standard IEC 61508 and the cyber security standard IEC 62443 concerning an industrial automation and control system (IACS). The objective is to mitigate the vulnerability of information technology (IT) and operational technology (OT) systems, and reduce relevant risks taking into account a set of fundamental...
-
Functional safety with cybersecurity for the control and protection systems on example of the oil port infrastructure
PublicationSafety and cybersecurity aspects consist of two different group of functional requirements for the industrial control and protection systems in the oil port installation. It is the main reason why the analyses of safety and cybersecurity shouldn’t be integrated directly. These article presented some important issues of the functional safety analysis with regard to cybersecurity aspects in the oil seaport infrastructure. The proposed...
-
Designing Control and Protection Systems with Regard to Integrated Functional Safety and Cybersecurity Aspects
PublicationThis article addresses current problems of risk analysis and probabilistic modelling for functional safety management in the life cycle of safety-related systems. Two main stages in the lifecycle of these systems are distinguished, namely the design and operation. The risk analysis and probabilistic modelling differ in these stages in view of available knowledge and data. Due to the complexity and uncertainty involved, both qualitative...
-
Selecting an Applicable Cybersecurity Assessment Framework: Qualitative Metrics-Based Multiple-Factor Analysis
PublicationRecently, a survey of cybersecurity assessment methods focused on general characteristics was conducted. Among its major findings, it revealed the methods’ adoption issues. This paper presents a follow-up to the study. It provides an in-depth analysis of the methods’ adoption-related properties based on qualitative metrics. As a result, the proposals which demonstrate a higher adoption potential were identified. The methods are...
-
Concept of Multifactor Method and Non-Functional Requirements Solution to Increase Resilience through Functional Safety with Cybersecurity Analysis
PublicationIn the process of designing safety systems, an integrated approach in safety and cybersecurity analysis is necessary. The paper describes a new technique of increasing resilience through integrated analysis of functional safety and cybersecurity. It is a modeling methodology based on the combination of the multifactor method utilizing modified risk graphs, used previously for Safety Integrity Level (SIL) assessment, and the Non-Functional...
-
A Comprehensive Review on DC Fast Charging Stations for Electric Vehicles: Standards, Power Conversion Technologies, Architectures, Energy Management, and Cybersecurity
PublicationThis paper aims to review the main research points regarding DC fast charging stations. At the beginning, the paper addresses an overview of DC fast charging standards, galvanic isolation, EV powertrain, and some examples of real DC fast chargers. This part highlights that DC fast chargers are usually connected to an AC network or microgrid, whereas DC microgrids would be a better choice to increase the charging efficiency and...
-
Koncepcja platformy wymiany informacji o incydentach cyberbezpieczeństwa dla krajowego systemu elektroenergetycznego
PublicationArtykuł opisuje wybrane zagadnienia związane z cyberbezpieczeństwem w sektorze elektroenergetyki. Jednym z elementów zapewniania bezpieczeństwa sieci elektro-energetycznej jest efektywna wymiana informacji o incydentach bezpieczeństwa. W jej ramach wszystkie zaangażowane podmioty systemu elektroenergetycznego, tj.: elektrownie, operatorzy systemów przesyłowych, operatorzy systemów dystrybucyjnych, dostawcy rozwiązań bezpieczeństwa,...
-
Security Requirements and Controls for Incident Information Sharing in the Polish Power System
PublicationAmong the strategies of protecting information assets of the power system, sharing of information about current cybersecurity incidents between energy operators appears to be a prerequisite. Exchange of information leads to the effective detection of attacks and exploited vulnerabilities as well as the identification of countermeasures. This paper presents the results of continuation of our works on developing a secure and efficient...
-
Developing Novel Solutions to Realise the European Energy - Information Sharing & Analysis Centre
PublicationFor more effective decision making in preparation for and response to cyberevents in the energy sector, multilevel situation awareness, from technical to strategic is essential. With an uncertain picture of evolving threats, sharing of the latest cybersecurity knowledge among all sector stakeholders can inform and improve decisions and responses. This paper describes two novel solutions proposed during the formation of the European...
-
A Review of Traffic Analysis Attacks and Countermeasures in Mobile Agents' Networks
PublicationFor traditional, message-based communication, traffic analysis has been already studied for over three decades and during that time various attacks have been recognised. As far as mobile agents’ networks are concerned only a few, specific-scope studies have been conducted. This leaves a gap that needs to be addressed as nowadays, in the era of Big Data, the Internet of Things, Smart Infrastructures and growing concerns for privacy,...
-
Aiming at methods’ wider adoption: Applicability determinants and metrics
PublicationNumerous computer science methods and techniques have been proposed by the scientific community. However, depending on the domain, only their minor fraction has met wider adoption. This paper brings attention to the concept of applicability - the notion that is well acknowledged in the scientific field but have not been analysed with respect to determinants, metrics and systematisation. The primary objective of the study was to...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublicationThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublicationThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Engineering education for smart grid systems in the quasi-industrial environment of the LINTE^2 laboratory
PublicationSmart grid systems are revolutionising the electric power sector, integrating advanced technologies to enhance efficiency, reliability and sustainability. It is important for higher education to equip the prospective smart grid professional with the competencies enabling them to navigate through the related complexities and drive innovation. To achieve this, interdisciplinary education programmes are necessary, addressing inter...
-
Safety integrity level verification for safety-related functions with security aspects
PublicationThe article is devoted some important issues of the functional safety analysis, in particular the safetyintegrity level (SIL) verification of safety functions to be implemented within the distributed controland protection systems with regard to cyber security aspects. The procedure for functional safety man-agement includes hazard identification, risk analysis and assessment, specification of overall safetyrequirements and definition...
-
A new multi-process collaborative architecture for time series classification
PublicationTime series classification (TSC) is the problem of categorizing time series data by using machine learning techniques. Its applications vary from cybersecurity and health care to remote sensing and human activity recognition. In this paper, we propose a novel multi-process collaborative architecture for TSC. The propositioned method amalgamates multi-head convolutional neural networks and capsule mechanism. In addition to the discovery...
-
Empirical Analysis of Forest Penalizing Attribute and Its Enhanced Variations for Android Malware Detection
PublicationAs a result of the rapid advancement of mobile and internet technology, a plethora of new mobile security risks has recently emerged. Many techniques have been developed to address the risks associated with Android malware. The most extensively used method for identifying Android malware is signature-based detection. The drawback of this method, however, is that it is unable to detect unknown malware. As a consequence of this problem,...
-
OOA-modified Bi-LSTM network: An effective intrusion detection framework for IoT systems
PublicationCurrently, the Internet of Things (IoT) generates a huge amount of traffic data in communication and information technology. The diversification and integration of IoT applications and terminals make IoT vulnerable to intrusion attacks. Therefore, it is necessary to develop an efficient Intrusion Detection System (IDS) that guarantees the reliability, integrity, and security of IoT systems. The detection of intrusion is considered...
-
Silent Signals The Covert Network Shaping the Future
PublicationSilent Signals The Covert Network Shaping the Future In a world dominated by information flow and rapid technological advancements, the existence of hidden networks and unseen influences has never been more relevant. "Silent Signals: The Covert Network Shaping the Future" delves deep into the mysterious and often opaque world of covert communication networks. This influential work sheds light on the silent...
-
KONFIGURACJA FIREWALLI CISCO ASA W PROGRAMIE PACKET TRACER
Publication -
Threat intelligence platform for the energy sector
PublicationIn recent years, critical infrastructures and power systems in particular have been subjected to sophisticated cyberthreats, including targeted attacks and advanced persistent threats. A promising response to this challenging situation is building up enhanced threat intelligence that interlinks information sharing and fine-grained situation awareness. In this paper a framework which integrates all levels of threat intelligence...