570 CHAPTER 22 Managing and Securing Critical Infrastructure International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2008, Lecture Notes of the Institute for Computer Sciences, vol. 10, Social Informatics and Telecommunications Engineering (LNICST), pp. 696­714, Springer, 2008. http://dx.doi .org/10.1007/978-3-642-03354-4. W. Li, A. Joshi, Outlier detection in ad hoc networks using dempster-shafer theory, in: Proceedings of the Tenth International Conference on Mobile Data Management: Systems, Services and Middleware, 2009. MDM '09, IEEE Computer Society, May 2009, pp. 112­121. http://doi.ieeecomputersociety.org/10.1109/ MDM.2009.22. P. N. N. Laboratory, Naspinet. http://www .naspi.org/naspinet.stm, (accessed 08.12.11). L. Kagal, T. Finin, A. Joshi, A policy language for a pervasive computing environment, in: Proceedings of IEEE Fourth International Workshop on Policies for Distributed Systems and Networks. POLICY 2003, IEEE, Lake Como, Italy, 2003. Wikipedia, Floating car data. http://en .wikipedia.org/wiki/Floating car data, (accessed 23.10.11). N. R. C. Committee on C4ISR for Future Naval Strike Groups, C4isr for future naval strike groups, 2006. http://www.nap.edu/catalog .php?record id=11605. Wikipedia, Situation awareness. http://en .wikipedia.org/wiki/Situation awareness, (accessed 23.10.11). Wikipedia, Intrusion detection. http://en .wikipedia.org/wiki/Intrusion detection, (accessed 23.10.11). J. Undercoffer, A. Joshi, T. Finin, J. Pinkston, A target-centric ontology for intrusion detection, in: The 18th International Joint Conference on Artificial Intelligence, July 2003, Morgan Kaufmann Publishers, Acapulco Mexico. S. Agarwal, A. Joshi, T. Finin, Y. Yesha, T. Ganous, A pervasive computing system for the operating room of the future, Mob. Netw. Appl. 12 (2007) 215­228, doi: 10.1007/s11036- 007-0010-8. K. Rogers, R. Klump, H. Khurana, A. Aquino-Lugo, T. Overbye, An authenticated control framework for distributed voltage support on the smart grid, IEEE Trans. Smart Grid. 1 (2010) 40­47. S. Goldwasser, S. Micali, R.L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM J. Comput. 17 (1988) 281­308. 5. 6. 7. 8. been discussed, can you come up with any rule that can make use of these sensor data? Also, can you name any additional type of sensor data that may be meaningful to collect in this application? Smart (Power) Grid is a common application of cyber-physical critical infrastructure. From the description in the chapter and from online sources, identify the types of sensors that may be used in a power grid. Articulate the main security challenges that a smart grid would face. Stuxnet is a computer worm discovered in July 2010 that attacks industrial control sys- tems, including those commonly used in crit- ical infrastructures. Please describe the basic features of Stuxnet. What policies can poten- tially protect critical infrastructure against such attacks. The route failure for YouTube service that was caused by Pakistan Telecom in 2008 is a good example of BGP routing misconfiguration. Search the Internet and try to come up with policies that would protect from such errors, and write them down as rules in English. For situational awareness application on the battlefield, which types of sensor data can help us better make the decision? How will you define policies to properly catch the contextual information that sensors collect? Please write a couple of sample policies. [6] [7] [8] [9] [10] [11] [12] [13] REFERENCES [1] S.M. Rinaldi, J.P. Peerenboom, T.K. Kelly, Identifying, understanding, and analyzing critical infrastructure interdependencies, IEEE Control Syst. Mag. 21 (2001) 11­25. [2] Wikipedia, Cyber-physical system. http://en .wikipedia.org/wiki/Cyber-physical system, (accessed 23.10.11). [3] M. Shiels, Spies infiltrate US power grid. http:// news.bbc.co.uk/2/hi/technology/7990997.stm, 2009, (accessed 23.10.11). [4] S. Gorman, Electricity grid in U.S. penetrated by spies. http://online.wsj.com/article/ SB123914805204099085.html, 2009, (accessed 23.10.11). [5] W. Li, J. Parker, A. Joshi, Security through collaboration in manets, in: Proceedings of Fourth [14] [15] [16]