(Created page with " == Abstract == Cyber-attacks can have a devastating impact on safety-critical systems. The increasing reliance on mass market Commercial Off-The Shelf (COTS) infrastructures...")
 
 
(One intermediate revision by the same user not shown)
Line 3: Line 3:
  
 
Cyber-attacks can have a devastating impact on safety-critical systems. The increasing reliance on mass market Commercial Off-The Shelf (COTS) infrastructures, including Linux and the IP stack, have created vulnerabilities in applications ranging from Air Traffic Management through to Railway signalling and Maritime surveillance. Once a system has been attacked, it is impossible to demonstrate that malware has been completely eradicated from a safety-related network. For instance, recent generations of malware use zero day exploits and process injection with command and control server architectures to circumvent existing firewalls and monitoring software. This creates enormous problems for regulators who must determine whether or not it is acceptably safe to resume operations. It is, therefore, important that we learn as much as possible from previous cyber-attacks without disclosing information that might encourage future attacks. This chapter describes different architectures for encouraging the exchange of lessons learned from security incidents in safety-critical applications.
 
Cyber-attacks can have a devastating impact on safety-critical systems. The increasing reliance on mass market Commercial Off-The Shelf (COTS) infrastructures, including Linux and the IP stack, have created vulnerabilities in applications ranging from Air Traffic Management through to Railway signalling and Maritime surveillance. Once a system has been attacked, it is impossible to demonstrate that malware has been completely eradicated from a safety-related network. For instance, recent generations of malware use zero day exploits and process injection with command and control server architectures to circumvent existing firewalls and monitoring software. This creates enormous problems for regulators who must determine whether or not it is acceptably safe to resume operations. It is, therefore, important that we learn as much as possible from previous cyber-attacks without disclosing information that might encourage future attacks. This chapter describes different architectures for encouraging the exchange of lessons learned from security incidents in safety-critical applications.
 
Document type: Part of book or chapter of book
 
 
== Full document ==
 
<pdf>Media:Draft_Content_358535639-beopen731-4500-document.pdf</pdf>
 
  
  
Line 15: Line 10:
  
 
* [http://www.dcs.gla.ac.uk/~johnson/papers/ISSC2013/cyberincident.pdf http://www.dcs.gla.ac.uk/~johnson/papers/ISSC2013/cyberincident.pdf]
 
* [http://www.dcs.gla.ac.uk/~johnson/papers/ISSC2013/cyberincident.pdf http://www.dcs.gla.ac.uk/~johnson/papers/ISSC2013/cyberincident.pdf]
 +
 +
* [http://link.springer.com/content/pdf/10.1007/978-3-319-08819-8_7 http://link.springer.com/content/pdf/10.1007/978-3-319-08819-8_7],
 +
: [http://dx.doi.org/10.1007/978-3-319-08819-8_7 http://dx.doi.org/10.1007/978-3-319-08819-8_7]
 +
 +
* [https://link.springer.com/chapter/10.1007/978-3-319-08819-8_7 https://link.springer.com/chapter/10.1007/978-3-319-08819-8_7],
 +
: [https://link.springer.com/chapter/10.1007/978-3-319-08819-8_7/fulltext.html https://link.springer.com/chapter/10.1007/978-3-319-08819-8_7/fulltext.html],
 +
: [https://academic.microsoft.com/#/detail/2182899594 https://academic.microsoft.com/#/detail/2182899594]

Latest revision as of 15:28, 21 January 2021

Abstract

Cyber-attacks can have a devastating impact on safety-critical systems. The increasing reliance on mass market Commercial Off-The Shelf (COTS) infrastructures, including Linux and the IP stack, have created vulnerabilities in applications ranging from Air Traffic Management through to Railway signalling and Maritime surveillance. Once a system has been attacked, it is impossible to demonstrate that malware has been completely eradicated from a safety-related network. For instance, recent generations of malware use zero day exploits and process injection with command and control server architectures to circumvent existing firewalls and monitoring software. This creates enormous problems for regulators who must determine whether or not it is acceptably safe to resume operations. It is, therefore, important that we learn as much as possible from previous cyber-attacks without disclosing information that might encourage future attacks. This chapter describes different architectures for encouraging the exchange of lessons learned from security incidents in safety-critical applications.


Original document

The different versions of the original document can be found in:

http://dx.doi.org/10.1007/978-3-319-08819-8_7
https://link.springer.com/chapter/10.1007/978-3-319-08819-8_7/fulltext.html,
https://academic.microsoft.com/#/detail/2182899594
Back to Top

Document information

Published on 01/01/2014

Volume 2014, 2014
DOI: 10.1007/978-3-319-08819-8_7
Licence: CC BY-NC-SA license

Document Score

0

Views 0
Recommendations 0

Share this document

claim authorship

Are you one of the authors of this document?