11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx

11
Copyright © 2012, Elsevier Inc.
All Rights Reserved
Chapter 1
Introduction
Cyber Attacks
Protecting National Infrastructure, 1st ed.
2
• National infrastructure
– Refers to the complex, underlying delivery and support
systems for all large-scale services considered absolutely
essential to a nation
• Conventional approach to cyber security not enough
• New approach needed
– Combining best elements of existing security techniques
with challenges that face complex, large-scale national
services

All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
Introduction
3
All rights Reserved
C
h
a
p

te
r 1
–
In
tro
d
u
c
tio
n
Fig. 1.1 – National infrastructure
cyber and physical attacks
4
All rights Reserved
C
h
a
p
te
r 1
–
In

tro
d
u
c
tio
n
Fig. 1.2 – Differences between
small- and large-scale cyber security
5
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio

n• Three types of malicious adversaries
– External adversary
– Internal adversary
– Supplier adversary
National Cyber Threats,
Vulnerabilities, and Attacks
6
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio

n
Fig. 1.3 – Adversaries and
exploitation points in national
infrastructure
7
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n• Three exploitation points
– Remote access
– System administration and normal usage

– Supply chain
8
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n• Infrastructure threatened by most common security
concerns:
– Confidentiality

– Integrity
– Availability
– Theft
9
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n

Botnet Threat
• What is a botnet attack?
– The remote collection of compromised end-user machines
(usually broadband-connected PCs) is used to attack a
target.
– Sources of attack are scattered and difficult to identify
– Five entities that comprise botnet attack: botnet operator,
botnet controller, collection of bots, botnot software drop,
botnet target
10
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u

c
tio
n
• Five entities that comprise botnet attack:
– Botnet operator
– Botnet controller
– Collection of bots
– Botnot software drop
– Botnet target
• Distributed denial of service (DDOS) attack: bots
create “cyber traffic jam”
Botnet Threat
11
All rights Reserved
C
h
a
p
te

r 1
–
In
tro
d
u
c
tio
n
Fig. 1.4 – Sample DDOS attack from a
botnet
12
National Cyber Security
Methodology Components
All rights Reserved
C
h
a
p
te
r 1
–

In
tro
d
u
c
tio
n• Ten basic design and operation principles:
– Deception – Discretion
– Separation – Collection
– Diversity – Correlation
– Commonality – Awareness
– Depth – Response
13
• Deliberately introducing misleading functionality or
misinformation for the purpose of tricking an
adversary
– Computer scientists call this functionality a honey pot
• Deception enables forensic analysis of intruder
activity
• The acknowledged use of deception may be a
deterrent to intruders (every vulnerability may
actually be a trap)

All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
Deception
14
All rights Reserved
C
h
a

p
te
r 1
–
In
tro
d
u
c
tio
n
Fig. 1.5 – Components of an interface
with deception
15
• Separation involves enforced access policy
restrictions on users and resources in a computing
environment
• Most companies use enterprise firewalls, which are
complemented by the following:
– Authentication and identity management
– Logical access controls
– LAN controls

– Firewalls
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
Separation
16
Fig. 1.6 – Firewall enhancements for
national infrastructure

All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
17
• Diversity is the principle of using technology and
systems that are intentionally different in substantive
ways.
• Diversity hard to implement
– A single software vendor tends to dominate the PC
operating system business landscape
– Diversity conflicts with organizational goals of simplifying
supplier and vendor relationships

All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
Diversity
18
All rights Reserved
C
h

a
p
te
r 1
–
In
tro
d
u
c
tio
n
Fig. 1.7 – Introducing diversity to
national infrastructure
19
• Consistency involves uniform attention to security
best practices across national infrastructure
components
• Greatest challenge involves auditing
• A national standard is needed
All rights Reserved

C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
Commonality
20
• Depth involves using multiple security layers to
protect national infrastructure assets
• Defense layers are maximized by using a combination
of functional and procedural controls
All rights Reserved
C

h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
Depth
21
All rights Reserved
C
h
a
p
te
r 1
–

In
tro
d
u
c
tio
n
security through defense in depth
22
• Discretion involves individuals and groups making
good decisions to obscure sensitive information
about national infrastructure
• This is not the same as “security through obscurity”
All rights Reserved
C
h
a
p
te
r 1
–

In
tro
d
u
c
tio
n
Discretion
23
• Collection involves automated gathering of system-
related information about national infrastructure to
enable security analysis
• Data is processed by a security information
management system.
• Operational challenges
– What type of information should be collected?
– How much information should be collected?
All rights Reserved
C
h
a

p
te
r 1
–
In
tro
d
u
c
tio
n
Collection
24
All rights Reserved
C
h
a
p
te
r 1
–
In

tro
d
u
c
tio
n
Fig. 1.9 – Collecting national
infrastructure-related security
information
25
• Correlation involves a specific type of analysis that
can be performed on factors related to national
infrastructure protection
– This type of comparison-oriented analysis is indispensable
• Past initiatives included real-time correlation of data
at fusion center
– Difficult to implement
All rights Reserved
C
h
a
p
te

r 1
–
In
tro
d
u
c
tio
n
Correlation
26
Fig. 1.10 – National infrastructure high-
level correlation approach
All rights Reserved
C
h
a
p
te
r 1
–

In
tro
d
u
c
tio
n
27
• Awareness involves an organization understanding
the differences between observed and normal status
in national infrastructure
• Most agree on the need for awareness, but how can
awareness be achieved?
All rights Reserved
C
h
a
p
te
r 1
–
In
tro

d
u
c
tio
n
Awareness
28
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n

Fig. 1.11 – Real-time situation
awareness process flow
29
• Response involves the assurance that processes are
in place to react to any security-related indicator
– Indicators should flow from the awareness layer
• Current practice in smaller corporate environments
of reducing “false positives” by waiting to confirm
disaster is not acceptable for national infrastructure
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio

31
• Commissions and groups
• Information sharing
• International cooperation
• Technical and operational costs
All rights Reserved
C
h
a
p
te
r 1
–
In
tro
d
u
c
tio
n
Implementing the Principles
Nationally

1
EEE 188 Review Problems
Date: 05/01/2018
Problem 1: Controllability of a two-tank system
The hydraulic system shown in figure 1 consists of two tanks. It
is obvious that the input cannot change level x1. Without
any calculations, is the system (two tanks) controllable? If your
answer is yes, do the following
1) Use the Ziegler-Nichols method to design a PID controller so
that r1 = 10cm,r2 = 12cm
2) Design state feedback with integral action to place the poles
at 0.15,0.11,0.55.
Problem 2: Observability without the output matrix
For a given system
x(k + 1) = −0.25x(k) + αu(k) (1)
Are there any restrictions on the values of α for the system to be
observable? If the answer is yes, discuss these
restrictions and design an observer for the system.
Problem 3: State feedback for cruise control
We want to design a cruise control system to keep constant
speed at 40 (the unit is miles/ hour). The schematics and
block diagrams are shown in figure 2. In this problem we can
measure the speed of the car. Newton’s law gives

v̇ = −
b
m
v +
1
m
u (2)
where m is the car’s mass and b is damping coefficient. It is
assumed that the parameters of the system are:
m = 1000kg, b = 50N.s/m (3)
Therefore, the continuous time system is given by
v̇ = −0.05v + 10−3u (4)
The discrete time state space model is
v(k + 1) = 0.95v(k) + 10−3u(k) (5)
The sampling time for this problem is T = 1s. The output
equation is given by
y(k) = v(k) (6)
Fig. 1. A system of two tanks
2
Fig. 2. Cruise Control system

We want to design state feedback with integral action. Under
this formulation, the augmented system is given by
x(k + 1) =
[
v(k + 1)
z(k + 1)
]
=
[
0.95 0
−1 1
][
v(k)
z(k)
]
+
[
10−3
0
]
u(k) +
[
0
1

]
r(k) (7)
where the augmented state space vector is x =
[
v z
]T
1) What is the numerical value of C (output matrix)?
2) What is the size of the gain matrix K under the proposed
control law?
3) Design state feedback with integral control to place the
eigenvalues of the closed loop system at 0.3 and 0.6. Note
that:
det
(
λI −
([
0.95 0
−1 1
]
−
[
10−3
0
][
K1 K2
]))

= λ2 − K2/1000 − (39λ)/20 − K1/1000 + (K1λ)/1000 + 19/20
4) Write the numerical values of the state transition matrix of
the closed loop system Acl = A − BK
5) Find the numerical values of the eigenvalues of the closed
loop system (Acl).
6) How are these closed loop system eigenvalues related to the
desired eigenvalues?
7) What does the second variable in the augmented system
(variable z) represent (error, square of the error, integral
of the error . . .)?
Problem 4: Controllability and observability
In this problem we want to control the liquid levels h1 and h2 in
the coupled tank system of figure 3. Assuming the
cross sectional area of the tanks is equal to 1 (SI unit), the
liquid levels can be described by the following equations in
the continuous state space domain
ḣ1(t) = qi(t) − qb(t) (8)
ḣ2(t) = qb(t) − qc(t)
where qi and qc are control variables. The flow qb between
Tank 1 and Tank 2 cannot be used to change the liquid levels
in a controlled way, therefore it is treated as a disturbance. The
desired values for the liquid levels are r1 = 2cm and
r2 = 3cm for Tank 1 and Tank 2, respectively.
1) Write the discrete time model corresponding to system (8).
For simplicity, we take a sampling time of 1 second
(T = 1s).
2) Assuming the discrete time model is given by

h1(k + 1) = h1(k) + qi(k) − qb(k) (9)
h2(k + 1) = h2(k) + qb(k) − qc(k) (10)
y1(k) = h1(k) (11)
y2(k) = h2(k) (12)
3
Fig. 3. Two Tank system for problem
where y1,y2 represent the outputs. Write matrices A,B and C for
the system. Recall that qb is a disturbance,
therefore, its is not part of the input space (you can assume that
qb = 0 when writing the input matrix).
3) Build the controllability matrix
4) Is the system controllable?Explain.
5) Build the observability matrix
6) Is the system observable?Explain
7) Write simple equations for the errors e1(k),e2(k) in terms of
the liquid levels and the desired values.
Problem 5 PI controller design
This problem can be seen as a continuation of the previous
problem. We want to design a proportional and integral
controller for Tank 1 and just a proportional controller for Tank
2. Based on this, the expression in the z-domain of the
control inputs are given by
Qi(z) = K1E1(z) + K2
z

z − 1
E1(z) (13)
Qc(z) = K3E2(z) (14)
where K1,K2 and K3 are the controllers gains and E1(z) and
E2(z) are the errors for Tank 1 and Tank 2, respectively.
1) After closing the loop for Tank 2, we obtain
H2(z) =
−K3R2(z) + Qb(z)
z − 1 − K3
(15)
What is the interval of K3 to keep a stable closed loop system?
2) Design a proportional controller to place the pole at 0.5.
3) After closing the loop for Tank 1, we obtain
H1(z) =
(K1z + K2z − K1)R2(z) − (z − 1)Qb(z)
z2 + (K1 + K2 − 2)z + 1 − K1
(16)
Design a proportional and integral controller to place the poles
at 0.5,0.4. Use pole placement technique.
4) The closed loop response for the liquid levels is shown in
figure 4 (top corresponds to h1(k) and bottom to h2(k))
What is the steady state error for h1 from the graph?
4

0 2 4 6 8 10 12 14 16 18 20
0
0.5
1
1.5
2
2.5
L
e
v
e
l
h
1
time (s)
h1(k)
r1 = 2cm
0 2 4 6 8 10 12 14 16 18 20
0
1
2
3

4
L
e
v
e
l
h
2
time (s)
r2 = 3cm
h2(k)
Fig. 4. Evolution of h1 and h2. The desired values are r1 = 2cm
and r2 = 3cm for Tank 1 and Tank 2, respectively.
5) What is the steady state error for h2 from the graph?
6) Why is the steady state error zero for one tank but not for the
other one?
7) Propose a simple way to achieve zero steady state error for
tank 2. No calculations needed.
8) Under the proposed control laws, the controllers’ actions are
given by
qi(k) = K1e1(k) + K2
k∑
n=0
e1(k) (17)
qc(k) = K3e2(k) (18)

Knowing that at time k = 6, the liquid levels are h1(6) = 2.38
and h2(6) = 2.58, calculate the control actions at time
k = 7. Note that: qb = 0.1,K1 = 0.5,K2 = 0.15,K3 = −0.2,r1 =
2,r2 = 3. Note that the area between the curve
representing h1 and r1 in the time interval [0,6] is 1.33.

11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx

Recommended

Recommended

More Related Content

Similar to 11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx

Similar to 11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx (20)

More from RAJU852744

More from RAJU852744 (20)

Recently uploaded

Recently uploaded (20)

11Copyright © 2012, Elsevier Inc. All Rights Reserved.docx