Högskolan i Skövde

his.sePublications
Change search
Refine search result
1 - 19 of 19
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Atif, Yacine
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Lindström, Birgitta
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Jeusfeld, Manfred
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Andler, Sten F.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Yuning, Jiang
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Brax, Christoffer
    CombiTech AB, Skövde, Sweden.
    Gustavsson, Per M.
    CombiTech AB, Skövde, Sweden.
    Cyber-Threat Intelligence Architecture for Smart-Grid Critical Infrastructures Protection2017Conference paper (Refereed)
    Abstract [en]

    Critical infrastructures (CIs) are becoming increasingly sophisticated with embedded cyber-physical systems (CPSs) that provide managerial automation and autonomic controls. Yet these advances expose CI components to new cyber-threats, leading to a chain of dysfunctionalities with catastrophic socio-economical implications. We propose a comprehensive architectural model to support the development of incident management tools that provide situation-awareness and cyber-threats intelligence for CI protection, with a special focus on smart-grid CI. The goal is to unleash forensic data from CPS-based CIs to perform some predictive analytics. In doing so, we use some AI (Artificial Intelligence) paradigms for both data collection, threat detection, and cascade-effects prediction. 

    Download full text (pdf)
    fulltext
  • 2.
    Atif, Yacine
    et al.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Jiang, Yuning
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Jeusfeld, Manfred A.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Lindström, Birgitta
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Andler, Sten F.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Brax, Christoffer
    Combitech.
    Haglund, Daniel
    Combitech.
    Lindström, Björn
    Combitech.
    Cyber-threat analysis for Cyber-Physical Systems: Technical report for Package 4, Activity 3 of ELVIRA project2018Report (Other academic)
    Abstract [en]

    Smart grid employs ICT infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolu- tion is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the develop- ment of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for design- ing testbeds to evaluate the vulnerability of cyberphysical systems against cyberthreats. The proposed framework uses data reported from multiple components of cyberphysical system architecture layers, including physical, control, and cyber layers. At the phys- ical layer, we consider component inventory and related physi- cal flows. At the control level, we consider control data, such as SCADA data flows in industrial and critical infrastructure control systems. Finally, at the cyber layer level, we consider existing secu- rity and monitoring data from cyber-incident event management tools, which are increasingly embedded into the control fabrics of cyberphysical systems.

    Download full text (pdf)
    fulltext
  • 3.
    Atif, Yacine
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Jiang, Yuning
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Lindström, Birgitta
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Jeusfeld, Manfred
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Andler, Sten
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Nero, Eva
    Combitech, Sweden.
    Brax, Christoffer
    Combitech, Sweden.
    Haglund, Daniel
    Combitech, Sweden.
    Multi-agent Systems for Power Grid Monitoring: Technical report for Package 4.1 of ELVIRA project2018Report (Other academic)
    Abstract [en]

    This document reports a technical description of ELVIRA project results obtained as part of Work- package 4.1 entitled “Multi-agent systems for power Grid monitoring”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity. This report outlines intelligent approaches that continuously analyze data flows generated by Supervisory Control And Data Acquisition (SCADA) systems, which monitor contemporary power grid infrastructures. However, cybersecurity threats and security mechanisms cannot be analyzed and tested on actual systems, and thus testbed simulators are necessary to assess vulnerabilities and evaluate the infrastructure resilience against cyberattacks. This report suggests an agent-based model to simulate SCADA- like cyber-components behaviour when facing cyber-infection in order to experiment and test intelligent mitigation mechanisms. 

    Download full text (pdf)
    fulltext
  • 4.
    Jeusfeld, Manfred A.
    et al.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Jiang, Yuning
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Haglund, Daniel
    Combitech AB.
    Brax, Christoffer
    Combitech AB.
    Taxonomy of Events and Components in the Power Grid: Technical description for work packages 3.1 and 3.2 of the ELVIRA Project2018Report (Other academic)
    Abstract [en]

    This document reports a technical description of ELVIRA project results obtained as part of Work-package 3.1&3.2 entitled “Taxonomy of Critical Infrastructure (Taxonomy of events + Taxonomy of CI component and relationship)”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity.

    Download full text (pdf)
    HS-IIT-TR-18-001
  • 5.
    Jiang, Yuning
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Dynamic and Automatic Vulnerability Assessment for Cyber-Physical System2019Conference paper (Other academic)
    Abstract [en]

    Assessing vulnerabilities supports analytics-based decision-making processes to protect Critical Infrastructures (CIs), in order to focus on specific risks rising from threat-exploitability with varying degrees of impact-severity. The notion of risk remains elusive, as evidenced by the increasing investigations on CIs security operations centres (SOCs) where analysts employ various detection, assessment, and defence mechanisms to monitor security events. Normally, SOCs involve advances of multiple automated security tools such as network vulnerability scanners and Common Vulnerability Scoring System (CVSS), combined with analysis of data contained and produced by cyber-physical system (CPS) as well as alarms retrieved from vulnerability repositories such as Common Vulnerability Exposure (CVE). The security operators need further to forecast the match between these vulnerabilities and the state of intricate CIs layer networks, while prioritising patching investments using vulnerability-scoring mechanisms. This process shows the central role of security operators in SOCs and their need for support to keep pace with dynamically evolving vulnerability-alert repositories. Recent advances in data analytics also prompt dynamic data-driven vulnerability assessments whereby data contained and produced by CPS include hidden traces of vulnerability fingerprints. However, the huge volume of scanned data requires high capability of information processing and analytical reasoning, which could not be satisfied considering the imprecise nature of manual vulnerability assessment.

    A knowledge-base system that consolidates both sides into empirical rules appears to be missing, yet it promises to offer a suitable level of decision-support. In our research, we propose a dynamic and automated vulnerability-assessment approach. The proposed streamlined approach employs computational intelligence techniques to analyse data retrieved from vulnerability-alert repositories and CPS layer networks within an innovative accurate and automatic scoring system, away from traditional manual and highly subjective mechanisms. Our approach suggests to substitute offline, costly, error-prone and pure subjective vulnerability assessment processes with an automatic, accurate and data-evidenced approach, to improve situation awareness and to support security decision making. In doing so, we investigate judicious computational-intelligence techniques such as fuzzy-logic, machine learning and data mining, applied to vulnerability assessment problems.

    Download full text (png)
    fulltext
  • 6.
    Jiang, Yuning
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Dynamic Vulnerability Analysis in Cyberphysical Systems2019Report (Other academic)
    Abstract [en]

    The growth and the complexity scale of Cyber-Physical Systems (CPSs) are ever-evolving due to the fast expansion of networked applications in smart-x systems, which are overseeing critical infrastructures such as the smart-grid. These smart networked systems use a network of embedded sensors, platforms and actuators to perceive and affect a physical process that typically requires guaranteed quality-of-service performances provided by safety-critical applications. The confluence of sensors, platforms and networks is also nourishing the expansion of the emerging Internet of Things (IoT) area. However, these developments lead to increased surfaces that are vulnerable to cyberattacks.Since the capability of attackers and the trust in networked-components are subject to substantial variability, a dynamic-vulnerability assessment is advocated in this study, in contrast to traditional static-approaches. 

    Recent advances in data analytics prompt dynamic data-driven vulnerability assessments, whereby data contained and produced by CPS cyber-components include hidden traces of vulnerability fingerprints. However, the imprecise nature of vulnerability assessment and the huge volume of scanned data call for computational intelligence techniques to analyse such data. We first investigate computational models to capture semantic properties related to vulnerability concepts revolving around CPS components. This study reveals salient metrics and related measurements used to quantify CPS component vulnerabilities. We show the potential of applying fuzzy-logic techniques to diagnose vulnerability, and infer objective vulnerability scores. Then, we examine computational methods to extract meaning from text by mining online public-repositories of published vulnerabilities and discovering potential vulnerability-matches in a given CPS infrastructure. Graph-mining techniques are also explored to identify critical-assets of CPS infrastructure to weigh vulnerabilities, considering topological structures and functional features. 

    In this proposal, we explore the state of the art and highlight the drawbacks of current research approaches in CPS vulnerability assessment area, based on which, we build our research questions with the purpose to piece together solution elements for the stated problem. In doing so, computational intelligence techniques such as fuzzy-logic and machine-learning, are investigated in order (a) to reduce existing security management gaps induced by ad-hoc and subjective vulnerability auditing processes, (b) to narrow further the risk window induced by discoverable vulnerabilities, and (c) to increase the level of automation in vulnerability analysis, at various levels of the CPS architecture.

  • 7.
    Jiang, Yuning
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Vulnerability Analysis for Critical Infrastructures2022Doctoral thesis, monograph (Other academic)
    Abstract [en]

    The rapid advances in information and communication technology enable a shift from diverse systems empowered mainly by either hardware or software to cyber-physical systems (CPSs) that are driving Critical infrastructures (CIs), such as energy and manufacturing systems. However, alongside the expected enhancements in efficiency and reliability, the induced connectivity exposes these CIs to cyberattacks exemplified by Stuxnet and WannaCry ransomware cyber incidents. Therefore, the need to improve cybersecurity expectations of CIs through vulnerability assessments cannot be overstated. Yet, CI cybersecurity has intrinsic challenges due to the convergence of information technology (IT) and operational technology (OT) as well as the crosslayer dependencies that are inherent to CPS based CIs. Different IT and OT security terminologies also lead to ambiguities induced by knowledge gaps in CI cybersecurity. Moreover, current vulnerability-assessment processes in CIs are mostly subjective and human-centered. The imprecise nature of manual vulnerability assessment operations and the massive volume of data cause an unbearable burden for security analysts. Latest advances in machine-learning (ML) based cybersecurity solutions promise to shift such burden onto digital alternatives. Nevertheless, the heterogeneity, diversity and information gaps in existing vulnerability data repositories hamper accurate assessments anticipated by these ML-based approaches. Therefore, a comprehensive approach is envisioned in this thesis to unleash the power of ML advances while still involving human operators in assessing cybersecurity vulnerabilities within deployed CI networks.Specifically, this thesis proposes data-driven cybersecurity indicators to bridge vulnerability management gaps induced by ad-hoc and subjective auditing processes as well as to increase the level of automation in vulnerability analysis. The proposed methodology follows design science research principles to support the development and validation of scientifically-sound artifacts. More specifically, the proposed data-driven cybersecurity architecture orchestrates a range of modules that include: (i) a vulnerability data model that captures a variety of publicly accessible cybersecurity-related data sources; (ii) an ensemble-based ML pipeline method that self-adjusts to the best learning models for given cybersecurity tasks; and (iii) a knowledge taxonomy and its instantiated power grid and manufacturing models that capture CI common semantics of cyberphysical functional dependencies across CI networks in critical societal domains. This research contributes data-driven vulnerability analysis approaches that bridge the knowledge gaps among different security functions, such as vulnerability management through related reports analysis. This thesis also correlates vulnerability analysis findings to coordinate mitigation responses in complex CIs. More specifically, the vulnerability data model expands the vulnerability knowledge scope and curates meaningful contexts for vulnerability analysis processes. The proposed ML methods fill information gaps in vulnerability repositories using curated data while further streamlining vulnerability assessment processes. Moreover, the CI security taxonomy provides disciplined and coherent support to specify and group semanticallyrelated components and coordination mechanisms in order to harness the notorious complexity of CI networks such as those prevalent in power grids and manufacturing infrastructures. These approaches learn through interactive processes to proactively detect and analyze vulnerabilities while facilitating actionable insights for security actors to make informed decisions.

    Download full text (pdf)
    fulltext
  • 8.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    A selective ensemble model for cognitive cybersecurity analysis2021In: Journal of Network and Computer Applications, ISSN 1084-8045, E-ISSN 1095-8592, Vol. 193, article id 103210Article in journal (Refereed)
    Abstract [en]

    Dynamic data-driven vulnerability assessments face massive heterogeneous data contained in, and produced by SOCs (Security Operations Centres). Manual vulnerability assessment practices result in inaccurate data and induce complex analytical reasoning. Contemporary security repositories’ diversity, incompleteness and redundancy contribute to such security concerns. These issues are typical characteristics of public and manufacturer vulnerability reports, which exacerbate direct analysis to root out security deficiencies. Recent advances in machine learning techniques promise novel approaches to overcome these notorious diversity and incompleteness issues across massively increasing vulnerability reports corpora. Yet, these techniques themselves exhibit varying degrees of performance as a result of their diverse methods. We propose a cognitive cybersecurity approach that empowers human cognitive capital along two dimensions. We first resolve conflicting vulnerability reports and preprocess embedded security indicators into reliable data sets. Then, we use these data sets as a base for our proposed ensemble meta-classifier methods that fuse machine learning techniques to improve the predictive accuracy over individual machine learning algorithms. The application and implication of this methodology in the context of vulnerability analysis of computer systems are yet to unfold the full extent of its potential. The proposed cognitive security methodology in this paper is shown to improve performances when addressing the above-mentioned incompleteness and diversity issues across cybersecurity alert repositories. The experimental analysis conducted on actual cybersecurity data sources reveals interesting tradeoffs of our proposed selective ensemble methodology, to infer patterns of computer system vulnerabilities.

    Download full text (pdf)
    fulltext
  • 9.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    An Approach to Discover and Assess Vulnerability Severity Automatically in Cyber-Physical Systems2020In: Proceedings of the 13th International Conference on Security of Information and Networks: November 4-6, 2020, virtual, Istanbul, Turkey / [ed] Berna Örs, Atilla Elçi, New York, NY, USA: Association for Computing Machinery (ACM), 2020, article id 9Conference paper (Refereed)
    Abstract [en]

    Current vulnerability scoring mechanisms in complex cyber-physical systems (CPSs) face challenges induced by the proliferation of both component versions and recurring scoring-mechanism versions. Different data-repository sources like National Vulnerability Database (NVD), vendor websites as well as third party security tool analysers (e.g. ICS CERT and VulDB) may provide conflicting severity scores. We propose a machine-learning pipeline mechanism to compute vulnerability severity scores automatically. This method also discovers score correlations from established sources to infer and enhance the severity consistency of reported vulnerabilities. To evaluate our approach, we show through a CPS-based case study how our proposed scoring system automatically synthesises accurate scores for some vulnerability instances, to support remediation decision-making processes. In this case study, we also analyse the characteristics of CPS vulnerability instances. 

    Download full text (pdf)
    fulltext
  • 10.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Towards automatic discovery and assessment of vulnerability severity in cyber-physical systems2022In: Array, ISSN 2590-0056, Vol. 15, article id 100209Article in journal (Refereed)
    Abstract [en]

    Despite their wide proliferation, complex cyber–physical systems (CPSs) are subject to cybersecurity vulnerabilities and potential attacks. Vulnerability assessment for such complex systems are challenging, partly due to the discrepancy among mechanisms used to evaluate their cyber-security weakness levels. Several sources do report these weaknesses like the National Vulnerability Database (NVD), as well as manufacturer websites besides other security scanning advisories such as Cyber Emergency Response Team (CERT) and Shodan databases. However, these multiple sources are found to face inconsistency issues, especially in terms of vulnerability severity scores. We advocate an artificial intelligence based approach to streamline the computation of vulnerability severity magnitudes. This approach decreases the error rate induced by manual calculation processes, that are traditionally used in cybersecurity analysis. Popular repositories such as NVD and SecurityFocus are employed to validate the proposed approach, assisted with a query method to retrieve vulnerability instances. In doing so, we report discovered correlations among reported vulnerability scores to infer consistent magnitude values of vulnerability instances. The method is applied to a case study featuring a CPS application to illustrate the automation of the proposed vulnerability scoring mechanism, used to mitigate cybersecurity weaknesses.

    Download full text (pdf)
    fulltext
  • 11.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Agent Based Testbed Design for Cyber Vulnerability Assessment in Smart-Grids2018Conference paper (Other academic)
    Abstract [en]

    Smart grid employs Information and Communication Technology (ICT) infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolution is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the development of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for designing testbeds to allow the simulation of cyberattacks in order to evaluate the vulnerability and the impact of cyber threat attacks. The proposed framework uses data reported from multiple smart grid components at different smart grid architecture layers, including physical, control, and cyber layers. The multi-agent based framework proposed in this paper would analyze the conglomeration of these data reports to assert malicious attacks.

    Download full text (pdf)
    fulltext
  • 12.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Cyber-Physical Systems Security Based on A Cross-Linked and Correlated Vulnerability Database2019In: Critical Information Infrastructures Security: 14th International Conference, CRITIS 2019, Linköping, Sweden, September 23–25, 2019, Revised Selected Papers / [ed] Simin Nadjm-Tehrani, Springer, 2019, Vol. 11777, p. 71-82Chapter in book (Refereed)
    Abstract [en]

    Recent advances in data analytics prompt dynamic datadriven vulnerability assessments whereby data contained from vulnerabilityalert repositories as well as from Cyber-physical System (CPS) layer networks and standardised enumerations. Yet, current vulnerability assessment processes are mostly conducted manually. However, the huge volume of scanned data requires substantial information processing and analytical reasoning, which could not be satisfied considering the imprecision of manual vulnerability analysis. In this paper, we propose to employ a cross-linked and correlated database to collect, extract, filter and visualise vulnerability data across multiple existing repositories, whereby CPS vulnerability information is inferred. Based on our locally-updated database, we provide an in-depth case study on gathered CPS vulnerability data, to explore the trends of CPS vulnerability. In doing so, we aim to support a higher level of automation in vulnerability awareness and back risk-analysis exercises in critical infrastructures (CIs) protection.

    Download full text (pdf)
    fulltext
  • 13.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Data Fusion Framework for Cyber Vulnerability Assessment in Smart Grid2018Other (Other academic)
    Abstract [en]

    Smart grid adopts ICT to enhance power-delivery management. However, these advanced technologies also introduce an increasing amount of cyber threats. Cyber threats occur because of vulnerabilities throughout smart-grid layers. Each layer is distinguished by typical data flows. For example, power-data stream flows along the physical layer; command data are pushed to and pulled from sensor-control devices, such as RTUs and PLCs. Vulnerabilities expose these data flows to cyber threat via communication networks, such as local control network, vendor network, corporate network and the wider internet. Thus, these data could be used to analyse vulnerabilities against cyber threats. After data collection, data analysis and modelling techniques would be used for vulnerability assessment.

    Download full text (pdf)
    fulltext
  • 14.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Multi-Level Vulnerability Modeling of Cyber-Physical Systems2018Conference paper (Refereed)
    Abstract [en]

    Vulnerability is defined as ”weakness of an asset or control that can be exploited by a threat” according to ISO/IEC 27000:2009, and it is a vital cyber-security issue to protect cyber-physical systems (CPSs) employed in a range of critical infrastructures (CIs). However, how to quantify both individual and system vulnerability are still not clear. In our proposed poster, we suggest a new procedure to evaluate CPS vulnerability. We reveal a vulnerability-tree model to support the evaluation of CPS-wide vulnerability index, driven by a hierarchy of vulnerability-scenarios resulting synchronously or propagated by tandem vulnerabilities throughout CPS architecture, and that could be exploited by threat agents. Multiple vulnerabilities are linked by boolean operations at each level of the tree. Lower-level vulnerabilities in the tree structure can be exploited by threat agents in order to reach parent vulnerabilities with increasing CPS criticality impacts. At the asset-level, we suggest a novel fuzzy-logic based valuation of vulnerability along standard metrics. Both the procedure and fuzzy-based approach are discussed and illustrated through SCADA-based smart power-grid system as a case study in the poster, with our goal to streamline the process of vulnerability computation at both asset and CPS levels.

    Download full text (pdf)
    fulltext
  • 15.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Wang, Wei
    University of Skövde, School of Engineering Science. University of Skövde, The Virtual Systems Research Centre.
    A Semantic Framework With Humans in the Loop for Vulnerability-Assessment in Cyber-Physical Production Systems2020In: Risks and Security of Internet and Systems: 14th International Conference, CRiSIS 2019, Hammamet, Tunisia, October 29–31, 2019, Proceedings / [ed] Slim Kallel, Frédéric Cuppens, Nora Cuppens-Boulahia, Ahmed Hadj Kacem, Springer, 2020, Vol. 12026, p. 128-143Conference paper (Refereed)
    Abstract [en]

    Criticalmanufacturingprocessesinsmartnetworkedsystems such as Cyber-Physical Production Systems (CPPSs) typically require guaranteed quality-of-service performances, which is supported by cyber- security management. Currently, most existing vulnerability-assessment techniques mostly rely on only the security department due to limited communication between di↵erent working groups. This poses a limitation to the security management of CPPSs, as malicious operations may use new exploits that occur between successive analysis milestones or across departmental managerial boundaries. Thus, it is important to study and analyse CPPS networks’ security, in terms of vulnerability analysis that accounts for humans in the production process loop, to prevent potential threats to infiltrate through cross-layer gaps and to reduce the magnitude of their impact. We propose a semantic framework that supports the col- laboration between di↵erent actors in the production process, to improve situation awareness for cyberthreats prevention. Stakeholders with dif- ferent expertise are contributing to vulnerability assessment, which can be further combined with attack-scenario analysis to provide more prac- tical analysis. In doing so, we show through a case study evaluation how our proposed framework leverages crucial relationships between vulner- abilities, threats and attacks, in order to narrow further the risk-window induced by discoverable vulnerabilities.

    Download full text (pdf)
    fulltext
  • 16.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Jeusfeld, Manfred
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Andler, Sten
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Lindström, Birgitta
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Brax, Christoffer
    Combitech, Sweden.
    Haglund, Daniel
    Combitech, Sweden.
    Complex Dependencies Analysis: Technical Description of Complex Dependencies in Critical Infrastructures, i.e. Smart Grids. Work Package 2.1 of the ELVIRA Project2018Report (Other academic)
    Abstract [en]

    This document reports a technical description of ELVIRA project results obtained as part of Work-package 2.1 entitled “Complex Dependencies Analysis”. In this technical report, we review attempts in recent researches where connections are regarded as influencing factors to  IT systems monitoring critical infrastructure, based on which potential dependencies and resulting disturbances are identified and categorized. Each kind of dependence has been discussed based on our own entity based model. Among those dependencies, logical and functional connections have been analysed with more details on modelling and simulation techniques.

    Download full text (pdf)
    ELVIRA_2.1-HS-IIT-TR-18-003.Complex-Dependencies-Analysis
  • 17.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Jeusfeld, Manfred A.
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Atif, Yacine
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, The Informatics Research Centre.
    Brax, Christoffer
    Combitech AB, Skövde, Sweden.
    Nero, Eva
    Combitech AB, Skövde, Sweden.
    A Language and Repository for Cyber Security of Smart Grids2018In: 2018 IEEE 22nd International Enterprise Distributed Object Computing Conference (EDOC 2018) / [ed] Selmin Nurcan, Pontus Johnson, Los Alamitos, CA: IEEE, 2018, p. 164-170Conference paper (Refereed)
    Abstract [en]

    Power grids form the central critical infrastructure in all developed economies. Disruptions of power supply can cause major effects on the economy and the livelihood of citizens. At the same time, power grids are being targeted by sophisticated cyber attacks. To counter these threats, we propose a domain-specific language and a repository to represent power grids and related IT components that control the power grid. We apply our tool to a standard example used in the literature to assess its expressiveness.

    Download full text (pdf)
    fulltext
  • 18.
    Jiang, Yuning
    et al.
    University of Skövde, Informatics Research Environment. University of Skövde, School of Informatics.
    Jeusfeld, Manfred A.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Ding, Jianguo
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Evaluating the Data Inconsistency of Open-Source Vulnerability Repositories2021In: ARES 2021: The 16th International Conference on Availability, Reliability and Security, Association for Computing Machinery (ACM), 2021, p. 1-10, article id 86Conference paper (Refereed)
    Abstract [en]

    Modern security practices promote quantitative methods to provide prioritisation insights and support predictive analysis, which is supported by open-source cybersecurity databases such as the Common Vulnerabilities and Exposures (CVE), the National Vulnerability Database (NVD), CERT, and vendor websites. These public repositories provide a way to standardise and share up-to-date vulnerability information, with the purpose to enhance cybersecurity awareness. However, data quality issues of these vulnerability repositories may lead to incorrect prioritisation and misemployment of resources. In this paper, we aim to empirically analyse the data quality impact of vulnerability repositories for actual information technology (IT) and operating technology (OT) systems, especially on data inconsistency. Our case study shows that data inconsistency may misdirect investment of cybersecurity resources. Instead, correlated vulnerability repositories and trustworthiness data verification bring substantial benefits for vulnerability management. 

    Download full text (pdf)
    fulltext
  • 19.
    Jiang, Yuning
    et al.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment. Nanyang Technological University, Singapore.
    Jeusfeld, Manfred A.
    University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment.
    Ding, Jianguo
    Blekinge Institute of Technology, Karlskrona, Sweden.
    Sandahl, Elin
    Norgald AB, Göteborg, Sweden.
    Model-Based Cybersecurity Analysis: Extending Enterprise Modeling to Critical Infrastructure Cybersecurity2023In: Business & Information Systems Engineering, ISSN 2363-7005, E-ISSN 1867-0202, Vol. 65, no 6, p. 643-676Article in journal (Refereed)
    Abstract [en]

    Critical infrastructure (CIs) such as power grids link a plethora of physical components from many different vendors to the software systems that control them. These systems are constantly threatened by sophisticated cyber attacks. The need to improve the cybersecurity of such CIs, through holistic system modeling and vulnerability analysis, cannot be overstated. This is challenging since a CI incorporates complex data from multiple interconnected physical and computation systems. Meanwhile, exploiting vulnerabilities in different information technology (IT) and operational technology (OT) systems leads to various cascading effects due to interconnections between systems. The paper investigates the use of a comprehensive taxonomy to model such interconnections and the implied dependencies within complex CIs, bridging the knowledge gap between IT security and OT security. The complexity of CI dependence analysis is harnessed by partitioning complicated dependencies into cyber and cyber-physical functional dependencies. These defined functional dependencies further support cascade modeling for vulnerability severity assessment and identification of critical components in a complex system. On top of the proposed taxonomy, the paper further suggests power-grid reference models that enhance the reproducibility and applicability of the proposed method. The methodology followed was design science research (DSR) to support the designing and validation of the proposed artifacts. More specifically, the structural, functional adequacy, compatibility, and coverage characteristics of the proposed artifacts are evaluated through a three-fold validation (two case studies and expert interviews). The first study uses two instantiated power-grid models extracted from existing architectures and frameworks like the IEC 62351 series. The second study involves a real-world municipal power grid.

    Download full text (pdf)
    fulltext
1 - 19 of 19
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf