Discipline: Computer Sciences and Information Management
Subcategory: Computer Science & Information Systems
Session: 1
Room: Private Dining
Juli Dutta - Norfolk State University
Co-Author(s): Mary A. Hoppa, Norfolk State University
Critical infrastructure refers to assets that are essential for the functioning of society such as utility grids, transportation, and critical manufacturing. Modernization efforts include integration through a myriad of sensors, communications, cloud, and Internet of Things (IoT) technologies, resulting in an extensive, complex cyber-physical environment. The resulting massive network-of-networks – composed of millions of heterogeneous, interconnected intermediary and endpoint devices, applications, and systems – comprises a huge cyber-attack surface including highly vulnerable legacy industrial control systems (ICS) and components. Consequently, the hurdles involved in investigating unique operational characteristics and potential cybersecurity vulnerabilities within critical infrastructure are becoming increasingly difficult to overcome. In particular, service interruptions for experimentation are unacceptable. Since architectures are useful for understanding and improving system operational efficiency – so too can they serve as tools for studying and better securing critical infrastructure assets. This project focused on offshore wind farms (OWFs) as an interesting use case. After researching the essential components of OWFs as power plants along with some known and potential cybersecurity vulnerabilities, an approach was proposed to apply the practice of system architecture to create a reference model of a typical OWF, automated and enhanced for visualizing its components and potential cybersecurity risks in increasing levels of detail. An excerpt from a prototype under construction using a free online diagramming tool was developed as a preliminary proof of concept to confirm the usefulness of the resulting model as a starting point for learning about cybersecurity in the context of critical infrastructure, particularly for use by under-resourced academic students and researchers. Future work that can build upon this foundation include: modeling additional infrastructure assets; integrating a complementary framework for organizing key metadata needed to estimate and visualize cybersecurity risks; and as a planning/analysis aid to help identify where security mitigation efforts are most urgently needed and beneficial.
Funder Acknowledgement(s): This work was supported, in part, by a grant from the U.S. Department of Homeland Security awarded to Mary Ann Hoppa, PhD, Associate Professor and Cybersecurity Graduate Program Coordinator, Norfolk State University, Norfolk, Virginia USA.
Faculty Advisor: Mary A. Hoppa, mahoppa@nsu.edu
Role: This project focused on offshore wind farms (OWFs) as an interesting use case. After researching the essential components of OWFs as power plants along with some known and potential cybersecurity vulnerabilities, an approach was proposed to apply the practice of system architecture to create a reference model of a typical OWF.