Auflistung nach Autor:in "Khalaf,Mahmoud"
1 - 2 von 2
Treffer pro Seite
Sortieroptionen
- TextdokumentModel-based Integrity Monitoring of Industrial Automation And Control Systems(INFORMATIK 2022, 2022) Peters,Ludger; Khalaf,Mahmoud; Waedt,Karl; Schindler,Josef; Belaidi,SiwarThis paper aims to enhance cyber security within Electrical Power Systems (EPS) of power plants by extending and using an updated plant simulator. In this paper, we assume a sophisticated attacker, as part of an Advanced Persistent Threat (APT), who gradually damages or manipulates primary assets (in the sense of ISO/IEC 27005:2018, e. g. main cooling water pumps, feedwater pumps, safety valves, and circuit breakers). Accordingly, we assume that the attack agent performs gradual manipulations at the application level. Detecting and predicting a potential anomaly is designed and implemented based on machine learning of expected behavior. The paper will include examples of attacks executed over an extended time period by gradually manipulating combinations of analog and binary signal values or set-points. Challenges related to the training of the detection algorithms, avoidance of false positives, and concise reporting to non-security domain experts will also be addressed.
- TextdokumentModeling Security Controls and System Assets As Autonomous Planning Tasks(INFORMATIK 2022, 2022) Khalaf,Mahmoud; Peters,Ludger; Waedt,KarlSafety I&C (Instrumentation & Control) and Operational I&C programmable digital systems are growing in complexity at a rapid pace while system designers, project architects, and cyber-security engineers work tirelessly to ensure the safety of the systems by complying with long lists of rules and regulations dictated by relevant regional & international standards [20; BQB17]. These standards are updated, withdrawn, replaced by a revised edition, and amended fairly frequently. Guaranteeing new and existing I&C system assets are still compliant is arduous, expensive, and time-consuming. In this paper, we propose an approach that assists in security modeling and system design by formulating the security controls and I&C assets in PDDL domain (Planning Domain Definition Language by D. McDermott et al. [D 98]). A domain-independent general purpose planner can explore the state space and provide a deterministic plan that transforms the initial state into the goal state. The initial state in this context can be the security threats from which the system needs protection. The goal state can be reaching a specific security degree (S1, S2, S3), satisfying risk management requirements, availability requirements, performance requirements, or a combination of them Tellabi et al. [Te18].