John M. Pecarina

Putting the "Systems" in Security Engineering: An Examination of NIST Special Publication 800-160

Security professionals should be familiar with ongoing developments in the systems security engineering field, specifically the second public release of National Institute of Standards and Technology (NIST) Special Publication 800-160 Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. NIST SP 800-160 provides a systems-oriented approach to engineering secure systems in what is perhaps the most significant work in the specialty domains history.

Misuse-based detection of Z-Wave network attacks

Wireless Sensor Networks (WSNs) are becoming ubiquitous, providing low-cost, low-power, and low-complexity systems in which communication and control are tightly integrated. Although much security research into WSNs has been accomplished, researchers struggle to conduct thorough analyses of closed-source proprietary protocols. Of the numerous available and underanalyzed proprietary protocols, those based on the ITU-T G.9959 recommendation specifying narrow-band sub-GHz communications have recently experienced significant growth. The Z-Wave protocol is the most common implementation of this recommendation. Z-Wave developers are required to sign nondisclosure and confidentiality agreements, limiting the availability of tools to perform open source research. Given recently demonstrated attacks against Z-Wave networks, defensive countermeasures are needed. This work extends an existing implementation of a Z-Wave Misuse-Based Intrusion Detection System (MBIDS). A side-by-side comparison is performed through experimentation to measure misuse detection accuracy of the baseline and extended MBIDS implementations. Experiment results determine the extended MBIDS achieves a mean misuse detection rate of 99%, significantly improving the security posture in MBIDS-monitored Z-Wave networks.

Toward aircraft recognition with convolutional neural networks

We summarize the history and state of the art in Convolutional Neural Networks (CNNs), which constitute a significant advancement in pattern recognition. As a demonstration of capability, we address the problem of automatic aircraft identification during refueling approach. In this paper we describe the history of CNN development and provide a high level overview of the state of the art and a summary of leading CNN libraries with CUDA support. Finally, we demonstrate an application of CNN technology to autonomous aerial refueling and identify areas of follow-on research.

A cyber risk scoring system for medical devices

Abstract The increased connectivity of medical devices expedites patient treatment and provides lifesaving capabilities, but the lack of emphasis on device security has led to several cyber security breaches. Most medical professionals do not have adequate expertise in information technology or cyber security, yet they are responsible for assessing which medical devices provide the best balance of risk and probability of success. This paper proposes a cyber risk scoring system that considers a physician’s worst-case assessment of the potential of a medical device to impact a patient. The scoring system also relies on a security questionnaire based on the STRIDE model that helps generate a risk score for the medical device. Three test scenarios involving medical devices are used to demonstrate the application and utility of the risk scoring system.

System-Agnostic Security Domains for Understanding and Prioritizing Systems Security Engineering Efforts

As modern systems continue to increase in size and complexity, current systems security practices lack an effective approach to prioritize and tailor systems security efforts to successfully develop and field systems in challenging operational environments. This paper uniquely proposes seven system-agnostic security domains, which assist in understanding and prioritizing systems security engineering (SSE) efforts. To familiarize the reader with the state-of-the-art in SSE practices, we first provide a comprehensive discussion of foundational SSE concepts, methodologies, and frameworks. Next, the seven system-agnostic security domains are presented for consideration by researchers and practitioners. The domains are intended to be representative of a holistic SSE approach, which is universally applicable to multiple systems classes and not just a single-system implementation. Finally, three examples are explored to illustrate the utility of the system-agnostic domains for understanding and prioritizing SSE efforts in information technology systems, Department of Defense weapon systems, and cyber-physical systems.

Mitigating the effects of boom occlusion on automated aerial refueling through shadow volumes

In-flight refueling of unmanned aerial vehicles (UAVs) is critical to the United States Air Force (USAF). However, the large communication latency between a ground-based operator and his/her remote UAV makes docking with a refueling tanker unsafe. This latency may be mitigated by leveraging a tanker-centric stereo vision system. The vision system observes and computes an approaching receiver’s relative position and orientation offering a low-latency, high frequency docking solution. Unfortunately, the boom – an articulated refueling arm responsible for physically pumping fuel into the receiver – occludes large portions of the receiver especially as the receiver approaches and docks with the tanker. The vision system must be able to compensate for the boom’s occlusion of the receiver aircraft. We present a novel algorithm for mitigating the negative effects of boom occlusion in stereo-based aerial environments. Our algorithm dynamically compensates for occluded receiver geometry by transforming the occluded areas into shadow volumes. These shadow volumes are then used to cull hidden geometry that is traditionally consumed, in error, by the vision processing and point registration pipeline. Our algorithm improves computer-vision pose estimates by 44% over a naïve approach without shadow volume culling.

MULTI-CONTROLLER EXERCISE ENVIRONMENTS FOR TRAINING INDUSTRIAL CONTROL SYSTEM FIRST RESPONDERS

When systems are targeted by cyber attacks, cyber first responders must be able to react effectively, especially when dealing with critical infrastructure assets. Training for cyber first responders is lacking and most exercise platforms are expensive, inaccessible and/or ineffective. This chapter describes a mobile training platform that incorporates a variety of programmable logic controllers in a single system that helps impart the unique skills required of industrial control system cyber first responders. The platform is modeled after a jail in the United States and was developed to maximize realism. Training scenarios are presented that cover specific cyber first responder skills and techniques. The results demonstrate that the platform is robust and highly effective for conducting sustained training exercises in curricula developed for cyber first responders.

DEFENDING BUILDING AUTOMATION SYSTEMS USING DECOY NETWORKS

The Internet of Things (IoT) and home and building automation systems are growing fields. Many automation networks use proprietary protocols and few publications have evaluated their security. INSTEON is a leading Internet of Things protocol for home and building automation and, like other proprietary protocols, little research is available relating to its vulnerabilities. This chapter presents techniques for analyzing INSTEON traffic and defending INSTEON networks using virtual decoys. By using a software-defined radio, the packet capture rate for INSTEON traffic is increased from approximately 40% to almost 75% compared with previous research efforts. Additionally, a virtual decoy network has been designed and tested for authenticity and targetability to better protect home and building automation systems.

CATEGORIZATION OF CYBER TRAINING ENVIRONMENTS FOR INDUSTRIAL CONTROL SYSTEMS

First responders and professionals in hazardous occupations undergo intense training and evaluation to enable them to efficiently and effectively mitigate risk and damage. For example, helicopter pilots train with multiple simulations that increase in complexity before they fly real aircraft. However, in the industrial control systems domain, where incident response professionals help detect, respond and recover from cyber incidents, there is no official categorization of training environments, let alone training regimens. To address this gap, this chapter provides a categorization of industrial control training environments based on realism. Four levels of environments are proposed and mapped to Bloom’s Taxonomy. The categorization enables organizations to determine the cyber training environments that best align with their training needs and budgets.

Hosting distributed databases on internet of things-scale devices

The Internet of Things (IoT) era envisions billions of interconnected devices capable of providing new interactions between the physical and digital worlds, offering new range of content and services. At the fundamental level, IoT nodes are physical devices that exist in the real world, consisting of networking, sensor, and processing components. Some application examples include mobile and pervasive computing or sensor nets, and require distributed device deployment that feed information into databases for exploitation. While the data can be centralized, there are advantages, such as system resiliency and security to adopting a decentralized architecture that pushes the computation and storage to the network edge and onto IoT devices. However, these devices tend to be much more limited in computation power than traditional racked servers. This research explores using the Cassandra distributed database on IoT-representative device specifications. Experiments conducted on both virtual machines and Raspberry Pis to simulate IoT devices, examined latency issues with network compression, processing workloads, and various memory and node configurations in laboratory settings. We demonstrate that distributed databases are feasible on Raspberry Pis as IoT representative devices and show findings that may help in application design.