Martin Hromada

Quantitative evaluation of the synergistic effects of failures in a critical infrastructure system

A critical infrastructure is a complicated system whose failure (in whole or in part) has a significant impact on national interests, including security, the economy and basic human needs. The system consists of relevant sectors, elements and their mutual linkages. In order to study critical infrastructures, it is necessary to apply a systems approach based on cross-sectoral evaluation and research into the linkages between the individual critical infrastructure sectors. Specifically, it is necessary to describe the individual vertical and horizontal levels of each critical infrastructure and the associated linkages. From this point-of-view, a critical infrastructure is embedded within the broader context of emergencies and enterprises, representing a compact and mutually-interconnected system.This paper focuses on quantitatively assessing the impacts of critical infrastructure failures. It presents a theory of synergistic linkages, their levels and the synergistic effects due to the joint action of impacts, which increase the overall impact on the critical infrastructure and on society. The concepts are formalized in the SYNEFIA methodology, which is applied in a case study involving the critical infrastructure of the Czech Republic. In particular, the methodology is applied to determine the synergistic effects of disruptions to multiple sub-sectors of the Czech infrastructure.

Multicriterial Evaluation of Critical Infrastructure Element Protection in Czech Republic

The importance of Critical Infrastructure is seen through its potential to enable the functional continuity of vital societal functions from economic and social perspective. Present state of Critical Infrastructure Protection is related to creation of relevant security and protection management system, where the effectiveness of this system should be important also in relation to business continuity and disaster recovery. The article will discuss about potential approach to multicriterial evaluation of Critical Infrastructure and Its security and Protection management system in the context of security research project in the Czech Republic - ”VG20112014067 - Resilience evaluation system of Critical Infrastructure elements and networks in selected areas.“

Comparison of the Intrusion Detection System Rules in Relation with the SCADA Systems

Increased interconnectivity, interoperability and complexity of communication in Supervisory Control and Data Acquisition (further only SCADA) systems, resulted in increasing efficiency of industrial processes. However, the recently isolated SCADA systems are considered as the targets of considerable number of cyber-attacks. Because of this, the SCADA cyber-security is under constant pressure. In this article we examine suitability of current state signature based Intrusion Detection System (further only IDS) in SCADA systems. Therefore, we deeply evaluate the Snort and the Quickdraw rules based on signatures in order to specify their relations to SCADA cyber security. We report the results of the study comprising more than two hundred rules.

An evaluation of cyber threats to industrial control systems

The contemporary penetration of information systems into all sectors of human activity is also a cause of the increase in the number of cyber-attacks. This trend also has also hit critical information infrastructures (further only - CII). Their failure could have a great impact on the population - and the state itself. Nowadays, networking between industrial systems is increasing rapidly. That is why there is an ever-growing number, sophistication and complexity of cyber-attacks on CIIs. This trend is thus leading to the formation of a new cyber battlefield, where private and state players - each promote their own interests by means of sophisticated cyber weapons.

The Proposal of the Soft Targets Security

The proposal of the soft targets security contains with technical and management solutions. Management solution is based on legislative safety and security and organization management requirements. Technical solution is based on technical requirements of applied products (for example: detectors, sensors etc.) and interconnection requirements. The aim of the article is the description of the basic functional processes, which will be applied to the software architecture. The proposed solution could connect a methods, technical components and management procedures into system. The methodology exploits a lot of inputs for supporting the operating staffs in relation to smart and quickly reaction. At the end the article proposes software solution, which is realized by fuzzy logic.

Novelty Detection System Based on Multi-criteria Evaluation in Respect of Industrial Control System

The industrial processes and systems have become more sophisticated and also adopted in diverse areas of human activities. The Industrial Control System (ICS) or Internet of Things (IoT) have become essential for our daily life, and therefore vital for contemporary society. These systems are often included in Critical Information Infrastructure (CII) which is crucial for each state. Consequently, the cyber defense is and will be one of the most important security field for our society. Therefore, we use the novelty detection approach in order to identify anomalies which can be a symptom of the cyber-attack in ICS environment. To achieve the main goal of the article One-Class Support Vector Machine (OCSVM) algorithm was used. Moreover, the anomaly detection algorithm is adjusted via multi-criteria evaluation and classifier fusion.

Cascading Impact Assessment in a Critical Infrastructure System

Abstract Research into disruptions to, or failures in, the Critical Infrastructure (further only CI), represents an important area of investigations into the phenomena in (a) Critical Infrastructure System (further only CIS). The results arising from the prediction of the intensity of problems - and the line(s) of their impacts spread–patterns, are an important part of any decision-making process carried out by the involved parties for the early and effective realization of Safety and Security Measures. Therefore, this articles aim is to assess cascading effects in a CI system. The first part of the article deals with the typology of impacts - the aspects that form their nature; and the ways these impacts spread in a CI structure. Furthermore, the current approaches to the assessment of such cascading impacts are also described. Based on these facts, the authors define the principles and framework for assessing cascading impacts in a CI system. The CIA Method (Cascading Impact Assessment - further only CIA), which serves for the quantification of the spread of cascading impacts in a CIS, is the most important part of this article. The essence of this method lies in its assessment of all lines of business occurring in the chosen area, as well as an assessment of their resilience and links; subsequent to this, a structural map of the risk of the spread of cascading impacts was created.

The comparative analysis of selected IT systems to support the solving of the crisis situations by FRS Zlin Region

This paper discusses using the chosen systems of information support in dealing with emergencies and crisis situations of Fire Rescue System (FRS) Zlin Region. The first part of the article describes an organization FRS Zlin Region. In the next part are analyzed the selected information systems to support information components of Joint Rescue System (JRS). Subsequently, the selected information systems are analyzed at individual components of FRS Zlin Region. The main part of the article is a comparative analysis of system ArcGIS FRS Zlin Region by using the heuristic analysis. Synthesis Comparative analysis is described at the end of the paper.

Evaluation of anomaly detection based on classification in relation to SCADA

The accelerating development of information and communication technologies have an eminent influence on contemporary society. As a result, we have an opportunity to increase our effectiveness. However, there is a drawback. Contemporary systems becoming much more interconnected and opened. However, it negatively affects cyber security of Supervisory Control and Data Acquisition (SCADA) systems. Therefore, the reliable security system must be applied in order to increase system resilience. The article deals with widely used systems for intrusion detection (IDS). These systems are an indispensable basis for cyber security of every organization. The aim of the article is to evaluate an anomaly detection predictive models based on classification.

The proposal of the analytical tool for the soft targets assessment

Soft targets and crowded places are closely related with a risk of attacks or negative incidents, which can cause the loss of human live or interests protected by law. Soft targets are specified as the objects (building or event) with a large number of visitors in a closed place at the same time and simultaneously without integrated the special security and safety measures into the management processes. For example, cinemas, schools, theaters or shopping centers can be identified as such. It is necessary to apply a systems approach based on a lot of kinds of analyzes and currently a lot of kinds of the solutions. This paper focusses on the proposal of software, which can analyze and after categorize these objects. Finally, the proposed software solution can involve the decision-making process in a critical situation.