A Note from the Guest Editors
Spring 2021
Infrastructure Resiliency from a Macro Cyber Perspective
In our 2019 special edition of the Journal of Information Warfare, the foundations for autonomic control for critical infrastructure and operational technology systems were introduced. Herein we build on that foundation by introducing the concept of resiliency from a macro cyber perspective. The prefix ‘macro’ has been applied previously to concepts such as ‘economics’ to differentiate national scale economic concepts such as gross domestic product from ‘micro’ scale economics, which focuses on solvency of, for example, individual homes and businesses. Here we apply the same prefix to resiliency in cyber systems to differentiate between micro cyber resiliency, which we define as ensuring the functionality of individual cyber devices, systems, and networks; and macro cyber resiliency, which we define as ensuring the functionality of interconnected systems comprising control, sensing, and physical elements such as are found in critical infrastructure like the power grid.
In this edition of the Journal of Information Warfare, we explore a spectrum of concepts at the macro cyber scale. The papers in this special edition are organised into three main categories: Foundations, Tools & Technologies, and Policy & Strategy.
Foundations papers focus on the mathematical and conceptual underpinnings required to capture the essential features and context surrounding infrastructure systems at the macro scale. This section begins with development of mathematical constructs that will be essential for capturing the complexity and dynamicism of interconnected critical infrastructure systems at scale by moving beyond traditional physics-only models (‘Solvability, Operability, and Security for Cyber-Physical Systems: New Computational Methods with Revised Assumptions’). The next paper in this section addresses response strategies that take advantage of a macro cyber perspective to manoeuvre complex systems rather than protecting individual elements (‘Data-Driven Model Generation for Deception Defence of Cyber-Physical Environments’). The third paper provides models to understand additional context from social media that influences complex systems broadly (‘Machine Intelligence to Detect, Characterize, and Defend Against Influence Operations in the Information Environment’). All three of these papers build conceptual frameworks for addressing complex systems at scale, and with its overall functionality in mind as opposed to defending or hardening individual components.
Tools & Technologies papers are cyber applications that address large-scale data and systems. The first paper in this section focuses on sharing information and analytics across institutional boundaries to create a national-level perspective on cyber threats (‘The Critical Roles of Information, Analysis, Research, and Operations in the Cyber Realm’). The second paper in this section describes tools for organising malware libraries into logical family structures (‘Flexible and Adaptive Malware Identification Using Techniques from Biology’). The third paper in this section describes how software defined networking technologies can be applied to operational technology environments to create a more secure communications and control regime for infrastructure broadly (‘Deploying Software-Defined Networking in Operational Technology Environments’).
Policy & Strategy papers offer perspectives for shifting stakeholder emphasis in cyber resiliency from protecting systems, devices, and networks, and instead focus on providing resiliency at the macro scale. We begin this section with perspectives on the private sector’s role in the doctrine of persistent engagement (‘Persistent Engagement and the Private Sector’), and finish this section with a discussion on a broad ecosystem that includes third-party providers (‘Protecting United States Army Infrastructure by Enhancing Cybersecurity for Onsite Third-Party Energy Providers’).
The theoretical, technical, and policy concepts described in these papers represent steps forward in thinking about cyber resiliency at a macro scale. As this vision is much larger than any single institution, it is our desire with this special edition to motivate future research, development, and integration activities across academia, government, and industry.
Pacific Northwest National Laboratory
902 Battelle Boulevard
Richland, WA 99352 USA
AUTHORS
Pacific Northwest National Laboratory
Richland, Washington, United States
Christopher Oehmen received his B.A. in Physics and Mathematics from Saint Louis University in 1995 and M.S. and Ph.D. degrees in Biomedical Engineering in 1999 and 2003 respectively from the Joint Graduate Program in Biomedical Engineering at the University of Memphis and University of Tennessee Health Science Center. Chris is now at PNNL as a research scientist, previously serving as the lead for the Asymmetric Resilient Cybersecurity Initiative. His research is built on a foundation of high-performance computing applications in biology, with special emphasis on how these biological approaches can be used as a new paradigm for other fields such as cybersecurity. His resilience and active defense work rely on a foundational application of biological principles for survivability and regeneration with special emphasis on facilitating human control of complex systems.
Pacific Northwest National Laboratory Richland, Washington,
United States
Samuel L. Clements is a Cyber Security Researcher at PNNL. His current work focuses on cyber security for nuclear non-proliferation systems and cyber security developing situational awareness and response capabilities for industrial controls systems for the Department of Defense. Mr. Clements holds a Master of Science in Information Security, Policy and Management from Carnegie Mellon University and a bachelor's degree in Information Systems from Utah State University. Mr. Clements is fluent in Spanish and works with the U.S. National Nuclear Security Administration's International Nuclear Security office supporting their efforts in Latin America.
Pacific Northwest National Laboratory
Richland, Washington, United States
Angela Chastain is a Project and Group Administrator in the National Security Directorate at Pacific Northwest National Laboratory (PNNL). She has supported the Cyber Security Group since 2019. Ms. Chastain holds a BS in Business Management from Western Governor’s University.
Published In
Keywords
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive