David O. Manz

Gamification for measuring cyber security situational awareness

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

Realizing scientific methods for cyber security

There is little doubt among cyber security researchers about the lack of rigor underlying much of the scientific literature. The issues are manifold and are well documented. Much of the problem lies with insufficient scientific methods. Cyber security exists at the frontier between the operations of machines and the behaviors and actions of users. While we inherit the challenges of computer and social sciences, we also must face a variety of new issues that are unique to cyber security. In this paper we discuss the challenges created by the need for rigorous cyber security science. We review the methods used by other sciences and discuss how they relate to cyber security. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.

Towards an experimental testbed facility for cyber-physical security research

Cyber-Physical Systems (CPSs) are under great scrutiny due to large Smart Grid investments and recent high profile security vulnerabilities and attacks. Research into improved security technologies, communication models, and emergent behavior is necessary to protect these systems from sophisticated adversaries and new risks posed by the convergence of CPSs with IT equipment. However, cyber-physical security research is limited by the lack of access to universal cyber-physical testbed facilities that permit flexible, high-fidelity experiments. This paper presents a remotely-configurable and community-accessible testbed design that integrates elements from the virtual, simulated, and physical environments. Fusing data between the three environments enables the creation of realistic and scalable environments where new functionality and ideas can be exercised. This novel design will enable the research community to analyze and evaluate the security of current environments and design future, secure, cyber-physical technologies.

Intrinsically resilient energy control systems

To preserve critical energy control functions while under attack, it is necessary to perform comprehensive analysis on the root cause and impact of an ongoing cyber intrusion without sacrificing the availability of energy delivery. In this position paper, we present a proof of concept of an intrinsically resilient energy control system, with the ultimate goal of ensuring availability/resiliency of energy delivery functions, along with the capability to assess root causes and impacts of cyber intrusions.

Resilient core networks for energy distribution

Substations and their control are crucial for the availability of electricity in todays energy distribution. Advanced energy grids with Distributed Energy Resources require higher complexity in substations, distributed functionality and communication between devices inside substations and between substations. Also, substations include more and more intelligent devices and ICT based systems. All these devices are connected to other systems by different types of communication links or are situated in uncontrolled environments. Therefore, the risk of ICT based attacks on energy grids is growing. Consequently, security measures to counter these risks need to be an intrinsic part of energy grids. This paper introduces the concept of a Resilient Core Network to interconnected substations. This core network provides essential security features, enables fast detection of attacks and allows for a distributed and autonomous mitigation of ICT based risks.

Chapter 5 – Descriptive Study

Descriptive studies focus in depth on a specific case of some system. This chapter will discuss descriptive study methods, such as case studies, surveys, and case reports, as well as providing guidance on which is the most suitable method to choose for any particular cyber security research. It also addresses data collection as it relates to observational study in general terms, e.g., the medium through which surveys/questionnaires are undertaken and how to develop specific questions in order to best obtain the data that you require. Data analysis is also discussed and the chapter ends by outlining the design and presentation of descriptive studies.

A hybrid Authentication and authorization process for control system networks

This paper presents a new authentication protocol for control systems that draws from Extensible Authentication Protocol and Kerberos. Traditional authentication schemes do not meet control system requirements of very high availability, failsafe operation, noninterruption of devices and networks, and resilience to loss of connectivity. Our hybrid protocol meets the requirements and provides device-to-device authentication both within a remote station and between remote stations and control centers.

Understanding past, current and future communication and situational awareness technologies for first responders

This study builds a foundation for improving research for first responder communication and situational awareness technology in the future. In an online survey, we elicited the opinions of 250 U.S. first responders about effectiveness, security, and reliability of past, current, and future Internet of Things technology. The most desired features respondents identified were connectivity, reliability, interoperability, and affordability. The top barriers to technology adoption and use included restricted budgets/costs, interoperability, insufficient training resources, and insufficient interagency collaboration and communication. First responders in all job types indicated that technology has made first responder equipment more useful, and technology that supports situational awareness is particularly valued. As such, future Internet of Things capabilities, such as tapping into smart device data in residences and piggybacking onto alternative communication channels, could be valuable for future first responders. Potential areas for future investigation are suggested for technology development and research.

Chapter 4 – Exploratory Study

This chapter discusses data collection as it relates to observational studies, focusing on exploratory studies—the collection, analysis, and interpretation of observations about known designs, systems, or models, or about abstract theories or subjects. The chapter introduces the different types of exploratory studies—ecological, longitudinal/cohort, cross-sectional, case-control—and cyber security examples of each are given. The form and use of gathered data is discussed along with the significance level. The chapter also explains analysis bias and introduces some of the most commonly used statistical tools for data analysis. The chapter ends by discussing the design and presentation of exploratory studies.

Introduction to Science

This chapter aims to introduce science and the way it has been used to help our understanding of the universe and everything in it, as well as to achieve societal and technological advancement. The philosophy of science, the body of knowledge of science, and the scientific process to discover knowledge will all be discussed. The chapter will provide an overview of the different branches of science, the different forms of scientific research, and the types of methods used. The chapter will discuss empirical evidence provided by scientific research methods and explain the hierarchy of evidence, as well as discussing why the scientific method requires that beliefs and preferences are subordinated to data and information. The continuum of discovery is introduced with a brief historical review of the investigations to understand the planetary motion of the solar system.