Exploiting the critical infrastructure via nontraditional system inputs
Article No.: 57, Page 1
Supplementary Material
Supplemental material. (a57-mcminn_slide.pdf)
- Download
- 1.06 MB
References
[1]
IEEE recommended practice for microprocessor-based protection equipment firmware control, 2006. ID: 3.
[2]
S. Adee. The hunt for the kill switch. Spectrum, IEEE, 45(5):34-39, 2008. ID: 1.
[3]
F. Adelstein, M. Stillerman, and D. Kozen. Malicious code detection for open firmware. In Computer Security Applications Conference, 2002. Proceedings. 18th Annual, pages 403-412, 2002. ID: 1.
[4]
A. A. C'ardenas, S. Amin, and S. Sastry. Research challenges for the security of control systems. In Proceedings of the 3rd conference on Hot topics in security, pages 6:1-6:6, Berkeley, CA, USA, 2008. USENIX Association.
[5]
N. Falliere, L. Murchu, and E. Chien. W32.stuxnet dossier. Technical report, Symantec, 2011.
[6]
J. D. Fernandez and A. E. Fernandez. Scada systems: vulnerabilities and remediation. J. Comput. Small Coll., 20(4):160-168, April 2005.
[7]
W. J. L. III. Defending a new doman: The pentagon's cyberstrategy. Council on Foreign Affairs, 2010.
[8]
A. Kiayias, L. Michel, A. Russell, N. Shashidhar, A. See, A. Shvartsman, and S. Davtyan. Tampering with special purpose trusted computing devices: A case study in optical scan e-voting. In Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual, pages 30-39, 2007. ID: 2.
[9]
F. E. McFadden and R. D. Arnold. Supply chain risk mitigation for it electronics. In Technologies for Homeland Security (HST), 2010 IEEE International Conference on, pages 49-55, 2010. ID: 1.
[10]
U. S. G. A. Office. Information security: Cyber threats and vulnerabilities place federal systems at risk. Congressional Testimony GAO-09-661T, United States Government Accountability Office, 2009.
[11]
U. S. G. A. Office. Cybersecurity: Continued attention needed to protect our nation's critical infrastructure. Testimony GAO-11-865T, United States Government Accountability Office, 2011.
[12]
W. T. Shaw. Cybersecurity for SCADA Systems. Penn Well, Tulsa, OK, 2006.
[13]
K. Stouffer, J. Falco, and K. Kent. Guide to supervisory control and data acquisition (scada) and industrial control systems security. Technical Report NIST-SP-800-82-2006, National Institute of Standards, 2006.
[14]
J. Stradley and D. Karraker. The electronic part supply chain and risks of counterfeit parts in defense applications. Components and Packaging Technologies, IEEE Transactions on, 29(3):703-705, 2006. ID: 1.
[15]
M. Tehranipoor, H. Salmani, X. Zhang, X. Wang, R. Karri, J. Rajendran, and K. Rosenfeld. Trustworthy hardware: Trojan detection and design-for-trust challenges. Computer, 44(7):66-74, 2011. ID: 1.
[16]
R. Turk. Cyber Incidents Involving Control Systems. US-CERT Control Systems Security Center, Idaho Falls, ID, 2005.
[17]
X. Wang, M. Tehranipoor, and J. Plusquellic. Detecting malicious inclusions in secure hardware: Challenges and solutions. In Hardware-Oriented Security and Trust, 2008. HOST 2008. IEEE International Workshop on, pages 15-19, 2008. ID: 1.
Recommendations
Critical infrastructure dependencies
The proper functioning of critical infrastructures is crucial to societal well-being. However, critical infrastructures are not isolated, but instead are tightly coupled, creating a complex system of interconnected infrastructures. Dependencies between ...
Enabling System of Systems Analysis of Critical Infrastructure Behaviors
Critical Information Infrastructure SecurityCritical infrastructures are highly complex collections of people, processes, technologies, and information; they are also highly interdependent where disruptions to one infrastructure commonly cascade in scope and escalate in impact across other ...
Critical Infrastructure Management for Telecommunication Networks
Telecommunication network infrastructures both stationary and ad hoc, play an important role in maintaining the stability of society worldwide. The protection of these critical infrastructures and their supporting structures become highly challenged due ...
Comments
Information & Contributors
Information
Published In
October 2011
18 pages
Copyright © 2011 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- Eurosis: Eurosis
- Oak Ridge National Laboratory
- University of Tennessee: University of Tennessee
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 October 2011
Check for updates
Qualifiers
- Research-article
Conference
CSIIRW '11
Sponsor:
- Eurosis
- University of Tennessee
CSIIRW '11: Cyber Security and Information Intelligence Research Workshop
October 12 - 14, 2011
Tennessee, Oak Ridge, USA
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 276Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in