Vulnerability Analysis

Critical Infrastructure: You Get What You Pay For

Abstract:

Programmable Logic Controllers (PLCs) have proliferated into multiple commercial sectors,  including  critical  infrastructure  applications.  PLCs  often  manage  resources  that  offer high-impact targets but with a lackadaisical treatment of security—a recipe for trouble. This paper proposes a misuser-driven approach for PLC assessment. 

Vulnerability Analysis in Critical Infrastructure Protection

ABSTRACT

This paper describes a novel approach to critical infrastructure vulnerability analysis and risk assessment that applies to sectors that can be represented as networks. The method – called model-based vulnerability analysis (MBVA) - is based on a combination of scale-free network theory and fault-tree/event-tree analysis. MBVA incorporates two new optimal resource allocation equations: one for minimizing fault occurrences, and a second equation for minimizing financial risk. The method has been successfully used to identify vulnerabilities in sectors as diverse as water, energy, telecommunications, and power grids.

Vulnerability of Wireless Networks to Interception

ABSTRACT

This paper examines the vulnerability of wireless systems to interception, and provides some simple steps that can be taken to improve security. A commercially available computational electromagnetic software package was used to predict signal levels in complex indoor and urban environments. The simulation results can be used to determine the detection range of the network. Two basic scenarios are presented: (1) indoor-to-outdoor propagation for a local area network operating in a two story building, and (2) a wireless point-to-point link on an airbase. The simulations illustrate some of the unique propagation conditions that occur inside of buildings and in urban areas. This research has identified several possible system weaknesses and suggested some simple, yet effective, methods of improving security.

Use of Information Sharing Between Government and Industry as a Weapon

ABSTRACT

Information sharing has been viewed by governments as a way to tap into the knowledge of the non-governmental enterprises which own and operate large segments of critical infrastructures in order to develop concrete intelligence about security challenges.  The effects of globalization and the inherent conflicts of interest create a potential for allowing the process to be used as a weapon of information warfare through abuse of the information sharing structure.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com