Cyber-Informed Engineering

doi:https://doi.org/10.2172/1369373

Title: Cyber-Informed Engineering

Full Record
Other Related Research

Abstract

A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.

Authors:

Anderson, Robert S. ^[1]; Benjamin, Jacob ^[1]; Wright, Virginia L. ^[1]; Quinones, Luis ^[1]; Paz, Jonathan ^[1]

Idaho National Lab. (INL), Idaho Falls, ID (United States)

Publication Date:: 2017-03-01

Research Org.:: Idaho National Lab. (INL), Idaho Falls, ID (United States)

Sponsoring Org.:: USDOE Office of Nuclear Energy (NE)

OSTI Identifier:: 1369373

Report Number(s):: INL/EXT-16-40099
TRN: US1701964

DOE Contract Number:: AC07-05ID14517

Resource Type:: Technical Report

Country of Publication:: United States

Language:: English

Subject:: 42 ENGINEERING; ENGINEERING; DESIGN; SECURITY; DIGITAL SYSTEMS; Cyber

Citation Formats


                    Anderson, Robert S., Benjamin, Jacob, Wright, Virginia L., Quinones, Luis, and Paz, Jonathan. Cyber-Informed Engineering.  United States: N. p., 2017. 
        Web.  doi:10.2172/1369373.

Copy to clipboard


                    Anderson, Robert S., Benjamin, Jacob, Wright, Virginia L., Quinones, Luis, & Paz, Jonathan. Cyber-Informed Engineering.  United States.  https://doi.org/10.2172/1369373

Copy to clipboard


                    Anderson, Robert S., Benjamin, Jacob, Wright, Virginia L., Quinones, Luis, and Paz, Jonathan. Wed .  
        "Cyber-Informed Engineering".  United States.  https://doi.org/10.2172/1369373.  https://www.osti.gov/servlets/purl/1369373.

Copy to clipboard


                    
@article{osti_1369373,

  title        = {Cyber-Informed Engineering},

  author       = {Anderson, Robert S. and Benjamin, Jacob and Wright, Virginia L. and Quinones, Luis and Paz, Jonathan},

  abstractNote = {A continuing challenge for engineers who utilize digital systems is to understand the impact of cyber-attacks across the entire product and program lifecycle. This is a challenge due to the evolving nature of cyber threats that may impact the design, development, deployment, and operational phases of all systems. Cyber Informed Engineering is the process by which engineers are made aware of both how to use their engineering knowledge to positively impact the cyber security in the processes by which they architect and design components and the services and security of the components themselves.},

  doi          = {10.2172/1369373},

  url          = {https://www.osti.gov/biblio/1369373},
  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2017},

  month        = {3}

}

Copy to clipboard

Technical Report:

View Technical Report

https://doi.org/10.2172/1369373

Save / Share:

Export Metadata

Save to My Library

Similar records in OSTI.GOV collections:

The Need for Cyber-Informed Engineering Expertise for Nuclear Research Reactors

Conference Anderson, Robert Stephen

Engineering disciplines may not currently understand or fully embrace cyber security aspects as they apply towards analysis, design, operation, and maintenance of nuclear research reactors. Research reactors include a wide range of diverse co-located facilities and designs necessary to meet specific operational research objectives. Because of the nature of research reactors (reduced thermal energy and fission product inventory), hazards and risks may not have received the same scrutiny as normally associated with power reactors. Similarly, security may not have been emphasized either. However, the lack of sound cybersecurity defenses may lead to both safety and security impacts. Risk management methodologiesmore »« less
Full Text Available
The Nuclear Digital I&C System Supply Chain Cyber-Attack Surface

Conference Eggers, Shannon Leigh

The nuclear supply chain attack surface is a large, complex network of interconnected stakeholders and activities. The global economy has widened and deepened the supply chain, resulting in larger numbers of geographically dispersed locations and increased difficulty ensuring the authenticity and security of digital assets. Although the nuclear industry has made significant strides in securing facilities from cyber-attacks, the supply chain remains vulnerable. This paper outlines supply chain threats and vulnerabilities and provides a Digital I&C System Supply Chain Cyber-Attack Surface diagram to illustrate the complexity of securing hardware, firmware, software, and system information throughout the entire supply chain lifecycle.more »« less
Full Text Available
Cyber Norms for Civilian Nuclear Power Plants

Conference Spirito, Christopher

The international community agrees that the safe operation of civilian nuclear infrastructure is in every population’s best interest. One challenge each government must address is defining and agreeing to a set of acceptable norms of behavior in cyberspace as they relate to these facilities. The introduction of digital systems and networking technologies into these environments has led to the possibility that control and supporting computer systems are now accessible and exploitable, especially where interconnections to global information and communications technology (ICT) networks exist. The need for norms of behavior in cyberspace includes what is expected of system architects and cybermore »« less
https://doi.org/10.1109/CYCONUS.2016.7836627

Full Text Available
Cyber-Informed Engineering: The Need for a New Risk Informed and Design Methodology

Conference Price, Joseph Daniel ; Anderson, Robert Stephen

Current engineering and risk management methodologies do not contain the foundational assumptions required to address the intelligent adversary’s capabilities in malevolent cyber attacks. Current methodologies focus on equipment failures or human error as initiating events for a hazard, while cyber attacks use the functionality of a trusted system to perform operations outside of the intended design and without the operator’s knowledge. These threats can by-pass or manipulate traditionally engineered safety barriers and present false information, invalidating the fundamental basis of a safety analysis. Cyber threats must be fundamentally analyzed from a completely new perspective where neither equipment nor human operationmore »« less
Full Text Available
National-Tribal Critical Infrastructure Protection Collaborative.

Technical Report Keliiaa, Curtis M.

This paper examines national and tribal collaborative opportunities to get ahead of the critical infrastructure insecurity problem. Recommendations are viewed through the lens of the Sandia Labs Tribal Cyber-Energy initiative and national security projects. Recommendations include 1) Collaboratively address national priority and shared challenges to gain faster and better solutions to national priority problems on a smaller yet comprehensive American Indian and Alaskan Native sovereign single-point of authority scale 2) Utilize newer standards-based technologies to provide scalable, capable, and manageable solutions for greatly expanded and connected national critical infrastructures 3) Employ Cyber-Physical-Resilient design preliminary analysis to define concept- to-disposition designmore »« less
https://doi.org/10.2172/1631216

Full Text Available

Similar Records