The following activity is designed to prompt expression of your knowledge of and ability to apply computer science professional skills. Its purpose is to determine how well your computer science program has taught you these skills. By participating, you are giving your consent to have your posts used for academic research purposes. When your posts are evaluated by the program assessment committee, your names will be removed.
Time line: You will have 2 weeks to complete the on-line discussion as a team. Use this blog to capture your thoughts, perspectives, ideas, and revisions as you work together on this problem. This activity is discussion-based, meaning you will participate through a collaborative exchange and critique of each other’s ideas and work. The goal is to challenge and support one another as a team to tap your collective resources and experiences to dig more deeply into the issue(s) raised in the scenario. Since the idea is that everyone in the discussion will refine his/her ideas through the discussion that develops, you should try to respond well before the activity ends so that the discussion has time to mature. It is important to make your initial posts and subsequent responses in a timely manner. You are expected to make multiple posts during each stage of this on-going discussion. The timeline below suggests how to pace your discussion. This is just a suggestion. Feel free to pace the discussion as you see fit.
To post a comment: 1) click on the Sign In button in the upper right hand corner of the blog page, then sign in using your gmail account and password (If you don’t have a gmail account, sign up for one – it only takes a couple minutes); 2) scroll down to the bottom of the page and click on the word “comments,” which appears right below the list of sources.
Tuesday Week 1 Initial Posts: All participants post initial responses to these instructions (see below) and the scenario.
Thursday Week 1 Response Posts: Participants respond by tying together information and perspectives on important points and possible approaches. Participants identify gaps in information and seek to fill those gaps.
Tuesday Week 2 Refine Posts: Participants work toward agreement on what is most important, determine what they still need to find out, & evaluate one or more approaches from the previous week’s discussion.
Thursday Week 2 Polish Final Posts: Participants come to an agreement on what is most important, and propose one or more approaches to address the issue/s.
Discussion Instructions
Discussion Instructions
Imagine that you are a team of computer scientists working together for a company or organization to address the issue raised in the scenario. Discuss what your team would need to take into consideration to begin to address the issue. You do not need to suggest specific technical solutions, but identify the most important factors and suggest one or more viable approaches.
Suggestions for discussion topics
· Identify the primary and secondary problems raised in the scenario.
· Who are the major stakeholders and what are their perspectives?
· What outside resources (people, literature/references, and technologies) could be engaged in developing viable approaches?
· Identify related contemporary issues.
· Brainstorm a number of feasible approaches to address the issue.
· Consider the following contexts: economic, environmental, cultural/societal, and global. What impacts would the approaches you brainstormed have on these contexts?
· Come to agreement on one or more viable approaches and state the rationale.
Power Grid Vulnerabilities
In 2010, the US power industry received $3.4 billion as part of the recent economic stimulus package to help modernize the country's electric power system and increase energy efficiency.
The nation’s security experts are concerned about the increased vulnerability of the operational systems used to manage and monitor the smart grid infrastructure. Supervisory Control and Data Acquisition (SCADA) systems are one of the primary energy management systems used to control the power grid. SCADA systems are susceptible to cyber attacks because many are built around dated technologies with weaker protocols. To increase access to management and operational data, these systems and their underlying networks have been progressively more interconnected.
Contemporary hackers may circumvent technical controls by targeting a specific user within the utility instead of hacking directly into the grid. For example, a person with intention to launch cyber attacks could be employed by a business that sells products or services to a company, allowing regular e-mail interactions with the internal procurement office. The hacker could circumvent the company’s firewall by sending emails with a Trojan horse or advanced malware, thus creating a virtual tunnel to the procurement office’s computers. This would give the hacker undetected direct access to the company's network which could be used to launch further attacks.
Since 2000, successful cyber attacks to the SCADA systems of a number of US power generation, petroleum production, water treatment facilities, and nuclear plants have increased by tenfold. In April 2010, a Texas electric utility was attacked from Internet address ranges outside the US. In late 2010 and early 2011, Iranian nuclear power plants and German-headquartered industrial giant Siemens witnessed the powers of Stuxnet, the sophisticated malware designed to penetrate industrial control systems. Experts warn that Stuxnet or next-generation worms could incapacitate machines critical to US infrastructure, such as electric power grids, gas pipelines, power plants, and dams. The worm circumvents digital data systems and thwarts human operators by indicating that all systems are normal, when they are actually being destroyed.
Official US governmental standards for power grid cyber security are not robust enough to ensure against such threats. According to a January 2011 Department of Energy audit, the current standards are not “adequate to ensure that systems-related risks to the nation’s power grid were mitigated or addressed in a timely manner.”
Sources
Audit Report: Federal Energy Regulatory Commission’s Monitoring of Power Grid Cyber Security. (January 26, 2011). U.S. Department of Energy, Office of Inspector General, Office of Audits and Inspections.
Audit Report: Federal Energy Regulatory Commission’s Monitoring of Power Grid Cyber Security. (January 26, 2011). U.S. Department of Energy, Office of Inspector General, Office of Audits and Inspections.
Computer Expert Says US Behind the Stuxnet Worm. (March 3, 2011). Agence France-Presse.
Cyberwar: In Digital Combat, U.S. Finds No Easy Deterrent. (January 25, 2010). New York Times.
Hacking the Smart Grid. (April 5, 2010) Technology Review.
New Breed of Hacker Targeting the Smart Grid. (June 1, 2010). Coal Power Magazine.
This comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteLimitation
ReplyDeleteThe following responses are referring to http://wsucpts.blogspot.com/
1. The blog http://wsucpts.blogspot.com/ does not accept more than 4096 characters in each comment.
Error from BlogSpot: “Your HTML cannot be accepted: Must be at most 4,096 characters.”
2. Support of text formatting is bad. I don't want to use HTML code.
3. Alternatives: The platform used (blogger) for this kind of lengthy discussion on blogspot is bad. I suggest to use phpBB if possible. I can even host phpBB for you!
My discussion (7227+ characters) is now moved to:
http://dungslake.theforwardway.com/2011/04/cs402-professional-issues-discussed.html
Summary
ReplyDelete-------------------------
Objective:
Need to come up with a solution or better idea to manage vulnerability of the operational systems used to manage and monitor the smart grid infrastructure.
Reason:
Since 2000, cyber attacks have increased by thenfold.
Official US governmental standards for power grid cyber security are not robust enough to ensure against such threats.
Current situation:
SCADA systems are susceptible to cyber attacks because many are built around dated technologies with weaker protocols.
Possible threats:
Contemporary hackers may circumvent technical controls by targeting a specific user within the utility instead of hacking directly into the grid.
The hacker could circumvent the company’s firewall by sending emails with a Trojan horse or advanced malware, thus creating a virtual tunnel to the procurement office’s computers.
Reason for these threats:
cyber attacts allowed by regular e-mail interacting with the internal procurement office.
Solution
-------------------------------------------
* Change in Policy
I think not only the digital security should be increased, but also the
physical security should be increased in order to prevent the possible situation
described above.
The article didn't explain how those hackers targeted a specific user to access
the control. I'm gonna come up with some ideas more later.
* Adapt new technologies that are proven to work well:
Implement more stricted protocols.
Of course the data encryption should be enchanced, but i think
the network system should include some kind of several filters(firewall) that eliminate any incoming messages that seem to be suspicious from outside such as emails to ensure they are safe.
In case of facility malfunctioning by these cyber attacks, they should make some back up plans to keep the place roll. I will come up with more ideas later.
Oh.. And I'm ok with moving the discussion to a different blog forum.
ReplyDeleteThe insecurity of SCADA systems across the US seems to be the main problem at hand. While I would wager most people have no idea what these systems are or do, they play a key role in controlling our oil and gas, air traffic and railways, power grid, water management and many manufacturing plants. All consumers are at risk by the potential failure of these systems, providing more than an adequate reason for their security.
ReplyDeleteWhile I think it is essentially impossible to guarantee complete security in any system; it seems to me these SCADA systems could benefit greatly from simple upgrades. By doing a little research on the internet about various SCADA systems and the technologies and protocols they use, I quickly found that many are very outdated. Some of the problems seen in older systems have been solved by newer technologies such as SSL and TCP protocols. These are only part of the picture, and only provide solutions for some of the more recent networked systems.
As part of the whole picture, I think we have engineers who know how to make these systems secure, but are reluctant to do so because of the resources required, or other assumptions about the system. For instance, SCADA systems were thought to provide security through obscurity by using specialized protocols and interfaces. This may discourage an engineer from implementing any security at all. Other reasons for the lack of security were that these systems were physically secure and not connected to the internet. Not anymore. With the advent of the internet, everything is vastly becoming distributed and thus networked. As I said before, I believe we have the tools to reasonably secure SCADA systems; we just need to use them.
This will inevitably require the use of more resources, primarily money for development; however I find this a small price to pay to secure these important systems that control our infrastructure. We must realize these complex systems take time and money but provide excellent results.
I'm ok with moving this to another format as well.
ReplyDeleteI am not opposed to moving this discussion, however I see no limitations posed by this site that will hinder our discussion or are great enough to warrant moving it. 4096 characters seems like plenty to me...
ReplyDeleteThis comment has been removed by the author.
ReplyDeletecomment testing
ReplyDeleteFrom the scenario, the main problem is the security of the system. It is easy to say that improve the security then the problem will be solved. I think there is a lot issues behind it.
ReplyDeleteFirst of all, revise and upgrade the system. The vulnerability of the system is increased, and that's the fundamental problem that leads to the insecurity thing. The system should be well tested before it is being used. I mean not just testing how it runs, developers should test the security before publish.
Second, review the security tools. What kind of security SCADA uses? Is it prevent most of the attacks? If it is not, what tools we should replace? This kind of questions should be asked by SCADA security department.
Third, Checking system daily. Keep tracking on the system can prevent the worm problem.
Fourth, sometimes it might not be the security is not good enough. It can be a problem that the the hacker attack is so complex. This problem is hard to solve because those hackers may come from other countries government. However, to minimize, I think the only way is keep the developers security knowledge up to date, then keep updating the security of the system.
I am OK to move other blog or forum, but I don't see the need.
ReplyDeleteSo it seems we have come to the consensus that an update of the technology behind these SCADA systems would go a long way in terms of security. Newer technologies are not perfect however, and still have security flaws that will need to be accounted for. Any ideas?
ReplyDeleteIt seems not many people discussing....
ReplyDeleteAfter I looked through all the posts, here is what I think.
ReplyDeleteAll of us think the main problem is the SCADA security system, but it is hard to guarantee a complete security system.
I think the solution is how the company want to handle this problem. Even though security is not easy to due with, it doesn't mean that the company can avoid this problem because this company is severing people.
The company should change its security policy, find a security team to work on its security system. That's what I think to handle this problem.
I believe the use of this extra credit is at its salvaged value - it is way too late into the semester and most people are too busy for this. This turned out to the extra credits will gauge a few students' ethics understanding instead of most graduating student will participate in this.
ReplyDeleteSikKin and I have been sitting on double extra credits - start the 402 team project website from scratch plus participating at here.
Anyway, in case I wanted to modify my comment posts, and I may write many but meaningful words, and avoiding the ugly mess of deleting posts, I am posting my responses on my blog instead at:
http://dungslake.theforwardway.com/2011/04/cs402-professional-issues-discussed_17.html
This would be a 'do no harm' approach to remote access, placing responsibility of more dangerous activities to the local operators. By defining safe states attacks on the physical location and also be thwarted by allowing the remote to force the physical location into the safe state until first responders can control the situation.
ReplyDeleteFor the first problem the article stated, I think a person with intention to get involved to any cyber attacks should not be hired in the first place to prevent this from happening. But how can company recognize such people with bad intension and hire only good ones? I guess as Alex stated earlier, the SCADA systems seem to be used importantly in many places throughout the nation. So why don't they invest more money on enhancing security system and have the system several layers of security procedure? when they have to hire someone to do their jobs, they need to check the person's background, history, and almost every field they need to know about. And all the activities they do should be recorded and be detected right away by some kind of automated system. Not all of the employees should be authorized for accessing the system. Only people that need to access the system for doing some critical tasks should be authorized. So since there won't be that many authorized people, it would be easier to monitor their activities and detect insecure behaviors. But still I know 100% secureness cannot be guaranteed. Even so, they should enhance the protocol to be more sophisticated to minimize the chance of physical cyber attacks.
ReplyDelete