Today, I managed to get my hands on Lectures from the 2008 TCIP Summer School: Cyber Security for Process Control Systems that was held in June 16, 2008 in Fontana, Wisconsin; in particular, on the lectures of Dr. Radha Poovendran from the University of Washington.
Attack, threat and vulnerability
Security is about how to prevent attacks or if prevention is not possible how to detect attacks and recover from them. To fully understand security it is important to get acquainted with its terminologies.
Attack is a deliberate attempt to compromise a system. It exploits vulnerabilities.
Vulnerability in turn is a flaw or weakness in a system’s design, implementation, or operation and management.
Confidentiality is the protection of data from unauthorized disclosure. There are four types of confidentiality.
· Connection Confidentiality: - confidentiality protection of all data transferred via a connection.
· Connectionless Confidentiality: - protection of data in a single message.
· Selective Field Confidentiality: - confidentiality protection of selective fields within a single message or messages in a connection.
· Traffic flow Confidentiality:-protection of information that might be derived from observation of traffic flows.
Integrity aims to detect modification and reply. It provides assurance that dates received are mostly as sent by the sender. Types of integrity include:
· Connection Integrity - provides for the integrity of a stream of messages (data on a connection). Connection integrity insures that messages are received as sent with no duplication, deletion, recording or replays.
· Connection-less Integrity- provides protection against modification of single message. It may also provide limited forms of reply detection.
· Selective field Integrity- provides for the integrity of selective fields within a single message or messages in a connection.
Non-repudiation provides protection against denial by one entity involved in a communication of having participated in all or part of the communication.
Non-repudiation of Origin- provides proof that a message was sent by a specified party.
Non-repudiation of Delivery- provides proof that a message was received by a specified party.
Specific Security Mechanisms
o Symmetric, asymmetric
· Digital signature
· Access control schemes
o Access control lists, capabilities, security labels
· Data integrity mechanisms
o Message authentication code, sequence numbering, time stamping, cryptography
· Authentication protocols
o Passwords, cryptographic techniques, biometrics
· Traffic padding
· Routing control
o Selection of physically secure routes
o E.g. time stamping, conflict resolution
Today, I got introduced to the basics of cyber security—concepts and terminologies—that I will use to communication with the research leaders, teammates as well as when actually start working on the design and implementation of the control systems.
~End of Day Two~