TY - GEN
T1 - Preparing for cyber-attacks on air traffic management infrastructures
T2 - 7th IET International Conference on System Safety, Incorporating the Cyber Security Conference 2012
AU - Johnson, Chris W.
PY - 2012
Y1 - 2012
N2 - Malware poses a growing threat to a host of safety-critical systems that depend on common software components, including the Linux operating system and the Internet Protocol (IP). Threats include 'mass market' malware that is not deliberately aimed at safety-related systems. They also include more sophisticated techniques exploited by W32.Stuxnet, W32.Duqu, W32.Flame etc. Previous work in this area has focused on the consequences of a cyber-attack under 'optimal conditions'. Very little work has been done to identify more complex scenarios when malware exacerbates routine system failures that occur in all safety-critical applications. We show how Vulnerability and Violation (V2) diagrams can identify interactions between malware and degraded modes of operation. The intention is not to accurately predict future modes of attack. In contrast, the aim is to create training scenarios that test the expertise and judgement of systems engineers, operators and managers. The initial results from our work have revealed the underlying vulnerabilities that exist across safety-critical transportation infrastructures.
AB - Malware poses a growing threat to a host of safety-critical systems that depend on common software components, including the Linux operating system and the Internet Protocol (IP). Threats include 'mass market' malware that is not deliberately aimed at safety-related systems. They also include more sophisticated techniques exploited by W32.Stuxnet, W32.Duqu, W32.Flame etc. Previous work in this area has focused on the consequences of a cyber-attack under 'optimal conditions'. Very little work has been done to identify more complex scenarios when malware exacerbates routine system failures that occur in all safety-critical applications. We show how Vulnerability and Violation (V2) diagrams can identify interactions between malware and degraded modes of operation. The intention is not to accurately predict future modes of attack. In contrast, the aim is to create training scenarios that test the expertise and judgement of systems engineers, operators and managers. The initial results from our work have revealed the underlying vulnerabilities that exist across safety-critical transportation infrastructures.
KW - Cyber-security
KW - Safety-critical systems
KW - Transport
UR - http://www.scopus.com/inward/record.url?scp=84877813825&partnerID=8YFLogxK
U2 - 10.1049/cp.2012.1502
DO - 10.1049/cp.2012.1502
M3 - Conference contribution
SN - 9781849196789
T3 - IET Conference Publications
BT - 7th IET International Conference on System Safety, Incorporating the Cyber Security Conference 2012
Y2 - 15 October 2012 through 18 October 2012
ER -