Learn More
In smart grid, the scale of pole devices that monitor the health of power line is very large. Moreover, with the upgrade of smart grid, the number of these resource-constrained (in terms of memory and computation) devices is further increasing. These devices are easy targets to security attacks as they are accessible via wireless network, and use weak(More)
Assessing security in critical control systems is a particular task that can have dangerous real-world consequences if done poorly or according to more traditional security assessments. In 2006, the North American Electric Reliability Corporation adopted the Critical Infrastructure Protection standards for cyber vulnerability assessment of critical(More)
Our Cyber-Physical Topology Language (CPTL) provides a language that utilities can use to programmatically analyze current and future cyber-physical architectures. The motivation for our research emerged from the importance and limitations of several audit scenarios: account management, vulnerability assessment, and configuration management. Those scenarios(More)
Security vulnerabilities typically arise from bugs in input validation and in the application logic. Fuzz-testing is a popular security evaluation technique in which hostile inputs are crafted and passed to the target software in order to reveal bugs. However, in the case of SCADA systems , the use of proprietary protocols makes it difficult to apply(More)
In smart grid, the scale of pole devices that monitor the health of power lines is already large, and with the upgrade of the smart grid, the number of these resource-constrained devices is further increasing. These devices are easy targets to security attacks due to wireless access communication and due to weak passwords used to access and read telemetric(More)
Security vulnerabilities typically start with bugs: in input validation, and also in deeper application logic. Fuzz-testing is a popular security evaluation technique in which hostile inputs are crafted and passed to the target software in order to reveal such bugs. However, for SCADA software used in critical infrastructure, the widespread use of(More)
  • 1