LEADER 13473nam 22008775 450 001 996466435203316 005 20200703163238.0 010 $a3-319-71368-X 024 7 $a10.1007/978-3-319-71368-7 035 $a(CKB)4340000000223575 035 $a(DE-He213)978-3-319-71368-7 035 $a(MiAaPQ)EBC6298245 035 $a(MiAaPQ)EBC5590703 035 $a(Au-PeEL)EBL5590703 035 $a(OCoLC)1017929682 035 $a(PPN)221251758 035 $a(EXLCZ)994340000000223575 100 $a20171121d2017 u| 0 101 0 $aeng 135 $aurnn|008mamaa 181 $ctxt$2rdacontent 182 $cc$2rdamedia 183 $acr$2rdacarrier 200 10$aCritical Information Infrastructures Security$b[electronic resource] $e11th International Conference, CRITIS 2016, Paris, France, October 10?12, 2016, Revised Selected Papers /$fedited by Grigore Havarneanu, Roberto Setola, Hypatia Nassopoulos, Stephen Wolthusen 205 $a1st ed. 2017. 210 1$aCham :$cSpringer International Publishing :$cImprint: Springer,$d2017. 215 $a1 online resource (XI, 348 p. 103 illus.) 225 1 $aSecurity and Cryptology ;$v10242 311 $a3-319-71367-1 320 $aIncludes bibliographical references and index. 327 $aIntro -- Preface -- Organization -- Contents -- Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation -- 1 Introduction -- 2 Background -- 2.1 Pin Control Subsystem -- 2.2 How PLCs Control the Pins -- 3 Pin Control Attack -- 3.1 Security Concerns Regarding Pin Control -- 3.2 Pin Control Attack Details -- 3.3 Threat Model -- 4 A Pin Control Attack in Practice -- 4.1 Environment Setup -- 4.2 Attack Implementation -- 5 Discussion -- 5.1 Implications of Attack on the ICS -- 5.2 Detection of Pin Control Attack -- 6 Related Work -- 7 Conclusion -- References -- Developing a Cyber Incident Communication Management Exercise for CI Stakeholders -- 1 Introduction -- 1.1 Background -- 1.2 Case Study: Red Team - Blue Team Exercise -- 2 Communication Management Exercise for ICS Security (CME-ICS) -- 2.1 Peculiarity of Existing Japanese CIP Training -- 2.2 Discussion-Based Exercise -- 2.3 Theme of the Exercise: Communication Management -- 2.4 Scenario -- 2.5 Exercise Steps -- 2.6 Administration Staff -- 2.7 Pilot Exercises -- 3 Results and Discussion -- 3.1 Variation of Incident Management Structure -- 3.2 Results of the Survey -- 3.3 Discussion -- 3.4 Future Work: ``ICS-SIRT'' Exercise -- References -- On Auxiliary Entity Allocation Problem in Multi-layered Interdependent Critical Infrastructures -- 1 Introduction -- 2 Problem Formulation Using the Implicative Interdependency Model -- 3 Computational Complexity Analysis -- 3.1 Special Case: Problem Instance with One Minterm of Size One -- 3.2 General Case: Problem Instance with an Arbitrary Number of Minterms of Arbitrary Size -- 4 Solutions to the AEAP Problem -- 4.1 Optimal Solution to AEAP Problem -- 4.2 Heuristic Solution to the AEAP Problem -- 5 Experimental Results -- 6 Conclusion -- References -- Cyber Targets Water Management -- 1 Introduction. 327 $a1.1 Use of Industrial Control Systems -- 1.2 Cyber Threats and Risk -- 1.3 Structure of This Paper -- 2 Related Work -- 3 A Benchmark of the Resilience of the ICS Environment -- 4 Observed ICS Security Dilemmas -- 5 Cyber Security Simulator for Water Management Control Systems -- 5.1 Deployment of Attack Scenarios -- 5.2 DESI Results -- 6 Conclusions and Future Work -- 6.1 Future Work -- References -- Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications -- 1 Introduction -- 2 Related Work -- 3 Review Methodology -- 4 Integrated Safety and Security Risk Assessment Methods -- 4.1 SAHARA Method -- 4.2 CHASSIS Method -- 4.3 FACT Graph Method -- 4.4 FMVEA Method -- 4.5 Unified Security and Safety Risk Assessment Method -- 4.6 Extended CFT Method -- 4.7 EFT Method -- 5 Analysis of Integrated Safety and Security Risk Assessment Methods -- 6 Conclusions and Future Work -- References -- Railway Station Surveillance System Design: A Real Application of an Optimal Coverage Approach -- Abstract -- 1 Introduction -- 2 Railway Station Surveillance and Sensor Placement Problem -- 3 Application of the Optimal Coverage Approach to a Real Case -- 3.1 Area of Interest and Input Data -- 3.2 Coverage Analysis and Coverage Matrix -- 3.3 Modeling of the Coverage Problem and Solution of the Model -- 4 Experimental Results -- 4.1 Set Covering Model -- 4.2 Maximal Covering Model -- 5 Conclusions -- References -- A Synthesis of Optimization Approaches for Tackling Critical Information Infrastructure Survivability -- Abstract -- 1 Introduction -- 2 Identifying Critical Network Components: Survivability-Oriented Interdiction Models -- 3 Enhancing Critical Network Survivability: Resource Allocation Strategy Models -- 3.1 Optimization Models for Protecting CII Physical Components. 327 $a3.2 Optimization Models for CII Service Restoration -- 4 Planning Survivable Networks: Design Models -- 5 Future Research Suggestions -- 6 Conclusions -- References -- A Dataset to Support Research in the Design of Secure Water Treatment Systems -- 1 Introduction -- 2 Secure Water Treatment (SWaT) -- 2.1 Water Treatment Process -- 2.2 Communications -- 3 Attack Scenarios -- 4 Data Collection Process -- 4.1 Physical Properties -- 4.2 Network Traffic -- 4.3 Labelling Data -- 5 Conclusion -- References -- Human Vulnerability Mapping Facing Critical Service Disruptions for Crisis Managers -- Abstract -- 1 Introduction -- 2 Consequence Assessment -- 3 Modelling People Mobility -- 4 Results and Interests of Mapping Human Vulnerability -- 5 Improving Human Vulnerability Assessment -- 6 Conclusion -- Acknowledgments -- References -- A Methodology for Monitoring and Control Network Design -- 1 Introduction -- 2 Related Work -- 3 Asset Risk Assessment in ICS -- 3.1 Overview of the CAIA Approach -- 3.2 Risk Assessment Based on the Impact Measures -- 4 Optimal Control Network Design -- 5 Experimental Results -- 5.1 Results on the TEP -- 5.2 Results on the IEEE 14-Bus Electricity Grid -- 5.3 Results on the IEEE 300-Bus Electricity Grid Model -- 6 Conclusions -- References -- Effective Defence Against Zero-Day Exploits Using Bayesian Networks -- 1 Introduction -- 2 Modelling and Problem Representation -- 3 Case Study and Results -- 3.1 Case Study Settings -- 3.2 Results -- Deploying a Single Control -- 3.3 Results -- Deploying Combined Controls -- 4 Related Work -- 5 Conclusion and Future Work -- References -- Power Auctioning in Resource Constrained Micro-grids: Cases of Cheating -- 1 Introduction -- 2 Related Work -- 3 Decentralised Continuous Double Auction Model -- 4 Cheating CDA Attacks -- 4.1 Case 1: Victim Strategy Downgrade -- 4.2 Case 2: Collusion Attack. 327 $a5 Sketch Countermeasures -- 6 Conclusions -- References -- Using Incentives to Foster Security Information Sharing and Cooperation: A General Theory and Application to Critical Infrastructure Protection -- 1 Introduction -- 2 Theoretical Framework and Propositions -- 2.1 Regulation Alone Cannot Solve the Free Rider Problem -- 2.2 Linking Incentives to Voluntary SIS -- 2.3 A Holistic and Multidisciplinary Approach -- 2.4 A Model Linking Incentives, Behavior, and SIS -- 2.5 Reciprocity Expectation -- 2.6 Value Expectation -- 2.7 Institutional Expectation -- 2.8 Reputation Expectation -- 2.9 The Moderating Role of Trust -- 3 Application of the Proposed Model to Critical Infrastructure Protection -- 3.1 The Swiss Reporting and Analysis Centre for Information Security -- 3.2 Reciprocity Expectation -- 3.3 Value Expectation -- 3.4 Institutional Expectation -- 3.5 Reputation Expectation -- 3.6 The Moderating Role of Trust -- 4 Discussion -- 5 Concluding Comments and Next Steps -- References -- Dynamic Risk Analyses and Dependency-Aware Root Cause Model for Critical Infrastructures -- 1 Introduction -- 2 Terminology -- 3 Risk Assessments Using the Dependency-Aware Root Cause (DARC) Model -- 4 Risk Taxonomy for Critical Infrastructures -- 4.1 Dependency Definition Language -- 4.2 Generating the Dependency Graph -- 5 The `Smart Grid Luxembourg' Use-Case -- 5.1 Compiling a Dependency-Aware Inventory -- 5.2 Threat Model -- 5.3 Generation of the Dependency Graph -- 5.4 Results -- 6 Conclusion and Future Work -- References -- Selecting Privacy Solutions to Prioritise Control in Smart Metering Systems -- 1 Introduction -- 2 Privacy and Automation Properties -- 3 Selecting Techniques: Analysis and Discussion -- 3.1 Analysis of Privacy Techniques -- 3.2 Discussion: Privacy vs. Control -- 4 Conclusions and Future Work -- References. 327 $aA Six-Step Model for Safety and Security Analysis of Cyber-Physical Systems -- 1 Introduction -- 2 Preliminaries and Background -- 2.1 CPS Safety and Security -- 2.2 GTST-MLD and the 3-Step Model -- 2.3 The SWaT System -- 3 Complex System Safety and Security Modeling: SSM -- 4 Summary and Conclusion -- References -- Availability Study of the Italian Electricity SCADA System in the Cloud -- 1 Introduction -- 1.1 The Hierarchical SCADA System -- 1.2 Cloud Deployments for a Nationwide SCADA System -- 2 Availability Computation in a Hierarchical SCADA Network -- 2.1 Availability Model for an Optical Network -- 2.2 Availability Computation -- 3 Availability Assessment in the SCADA System Managing the Italian Electricity Grid -- 4 Conclusion -- References -- Railway System Failure Scenario Analysis -- 1 Introduction -- 2 Failure Scenario Analysis: From Power Grid to Railway -- 2.1 NESCOR Failure Scenarios for the Energy Sector -- 2.2 Toward Railway Transportation Failure Scenarios -- 3 Sample Railway System Failure Scenarios -- 3.1 Compromised HMI Sends Malicious Commands to Devices -- 3.2 SCADA Firewall Fails and Critical Traffic Cannot Reach Devices -- 4 Analyzing Scenarios for a Railway System -- 4.1 Failure Scenario Analysis Tool -- 4.2 Case Study: Deploying SCADA Firewalls -- 4.3 Discussion -- 5 Related Work -- 6 Conclusion -- References -- Tamper Resistant Secure Digital Silo for Log Storage in Critical Infrastructures -- 1 Introduction -- 1.1 Contribution -- 1.2 Organization -- 2 Motivation -- 3 Background -- 3.1 Intel Software Guard Extensions (SGX) -- 3.2 Trusted Platform Module (TPM) -- 3.3 Enterprise Cryptographic Filesystem (eCryptfs) -- 3.4 Secure Block Device (SBD) -- 4 Design -- 5 Implementation and Evaluation -- 6 Conclusions and Future Work -- References. 327 $aAccess Control and Availability Vulnerabilities in the ISO/IEC 61850 Substation Automation Protocol. 330 $aThis book constitutes the post-conference proceedings of the 11th International Conference on Critical Information Infrastructures Security, CRITIS 2016, held in Paris, France, in October 2016. The 22 full papers and 8 short papers presented were carefully reviewed and selected from 58 submissions. They present the most recent innovations, trends, results, experiences and concerns in selected perspectives of critical information infrastructure protection covering the range from small-scale cyber-physical systems security via information infrastructures and their interaction with national and international infrastructures. 410 0$aSecurity and Cryptology ;$v10242 606 $aComputer security 606 $aComputer communication systems 606 $aArchitecture, Computer 606 $aComputers and civilization 606 $aComputers 606 $aLaw and legislation 606 $aMicroprogramming  606 $aSystems and Data Security$3https://scigraph.springernature.com/ontologies/product-market-codes/I28060 606 $aComputer Communication Networks$3https://scigraph.springernature.com/ontologies/product-market-codes/I13022 606 $aComputer System Implementation$3https://scigraph.springernature.com/ontologies/product-market-codes/I13057 606 $aComputers and Society$3https://scigraph.springernature.com/ontologies/product-market-codes/I24040 606 $aLegal Aspects of Computing$3https://scigraph.springernature.com/ontologies/product-market-codes/I24059 606 $aControl Structures and Microprogramming$3https://scigraph.springernature.com/ontologies/product-market-codes/I12018 615 0$aComputer security. 615 0$aComputer communication systems. 615 0$aArchitecture, Computer. 615 0$aComputers and civilization. 615 0$aComputers. 615 0$aLaw and legislation. 615 0$aMicroprogramming . 615 14$aSystems and Data Security. 615 24$aComputer Communication Networks. 615 24$aComputer System Implementation. 615 24$aComputers and Society. 615 24$aLegal Aspects of Computing. 615 24$aControl Structures and Microprogramming. 676 $a005.8 702 $aHavarneanu$b Grigore$4edt$4http://id.loc.gov/vocabulary/relators/edt 702 $aSetola$b Roberto$4edt$4http://id.loc.gov/vocabulary/relators/edt 702 $aNassopoulos$b Hypatia$4edt$4http://id.loc.gov/vocabulary/relators/edt 702 $aWolthusen$b Stephen$4edt$4http://id.loc.gov/vocabulary/relators/edt 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a996466435203316 996 $aCritical Information Infrastructures Security$92584647 997 $aUNISA LEADER 08505nas# 22004931i 450 001 UON00236716 005 20231218111928.159 011 $a0301-6307 017 70$2P$aP 19425 100 $a20030730a1976 |0itac50 ba 101 $aita 102 $aIT 105 $a|||| 1|||| 110 $aaT||||||||| 200 1 $a Quaderni Storici 207 $a1(1976) - 210 $aBologna$cIl Mulino 215 $aQuadrimestrale. 311 $ap. 567-594$9UON00239984 311 $ap 601-630$9UON00239989 311 $ap.471-506$9UON00239988 311 $ap. 443-470$9UON00239987 311 $ap.507-526$9UON00239986 316 $aSS887A SS887B SS887C SS887D$5IT-UONSI RIV A182/1966 463 1$1001UON00340552$12001 $aIstituzioni agrarie nel decollo industriale$ela storia sociale$eopinioni e dibattito$1210 $aBologna$cIl Mulino$d1977$1215 $a322 p.$d21 cm.$v36 463 1$1001UON00520822$12001 $aBorghesie urbane dell'Ottocento$fa cura di Paolo Macry e Raffaele Romanelli$1210 $aBologna$cIl mulino$d1984$1215 $aP. 334-710$d22 cm$v56 463 1$1001UON00520991$12001 $aNascita dell'opinione pubblica in Inghilterra$fa cura di A. Caracciolo e R. M. Colombo$1210 $aBologna$cIl mulino$d1979$1215 $aP. 844-1222$d22 cm$v42 463 1$1001UON00520626$12001 $aOral history: fra antropologia e storia$econ discussioni e note sulla storia sociale e l'economia italiana del Novecento$f[a cura di B. Bernardi, C. Poni, A. Triulzi]$1210 $aBologna$cIl mulino$d1977$1215 $aP. 324-640$d22 cm$v35 463 1$1001UON00473295$12001 $aIntellettuali e centri di cultura$f[Jacques Verger ... et al.] - Urbino$eArgalia, 1973$1210 $aP. 310-684$a22 cm$1215 $aTitolo dalla sovraccoperta.$v23 464 0$1001UON00239984$12001 $aˆLa ‰ mercantessa e la mediatrice$estoria di un circuito usuraio nella Napoli di fine '800$fCarolina Castellano$vp. 567-594 464 0$1001UON00239989$12001 $a Vicini stranieri. L'uso dei confini nell'area di Basilea (XVI-XVII secolo)$fWolfgang Kaiser$vp 601-630 464 1$1001UON00239985$12001 $aFratello/sorella$fa cura di Angiolina Arru e Sofia Boesch Gajano 464 0$1001UON00239988$12001 $a"Per la buona e la cattiva sorte"$econvivenze nella Francia preindustriale$fAntoniette Fauve-Chamoux$vp.471-506 464 0$1001UON00239987$12001 $aˆLa ‰ ricaduta dei sospetti$ela colpa della sorella in una carriera di santità$fStefano Andretta$vp. 443-470 464 0$1001UON00239986$12001 $aˆLo ‰ scambio dei ruoli$eprimogeniti-e, cadetti-e tra quattrocento e settecento nel Mezzogiorno d'Italia$fGerard Delille$gAntonio Ciuffreda$vp.507-526 606 $aSTORIA$xPeriodici$3UONC035860$2FI 676 $a900$cStoria e Geografia generali$v21 801 $aIT$bSOL$c20240220$gRICA 899 $aSIBA - SISTEMA BIBLIOTECARIO DI ATENEO$2UONSI$41(1966) » 5(1970)*C* 8(1973)*23* 9(1974)*26* 11(1976)*31* 12(1977)*34,36* 13(1978) » 14(1979)*C* 15(1980)*43,44* 16(1981)*46,47* 17(1982)-47(2012).$cRIV A 182 ; 912 $aUON00236716 950 $aSIBA - SISTEMA BIBLIOTECARIO DI ATENEO$bSI 1(1966) » 5(1970)*C* 8(1973)*23* 9(1974)*26* 11(1976)*31* 12(1977)*34,36* 13(1978) » 14(1979)*C* 15(1980)*43,44* 16(1981)*46,47* 17(1982)-47(2012).$dSI RIV A 182 2012 $eSI 5583 7 2012 $dSI RIV A 182 1973 $eSI NI 168 7 1973 $dSI RIV A 182 1974 $eSI NI 169 7 1974 $dSI RIV A 182 1976 $eSI NI 170 7 1976 $dSI RIV A 182 1969 $eSI NI 21655 5 1969 $dSI RIV A 182 1970 $eSI NI 21656 7 1970 $dSI RIV A 182 1967 $eSI SC 887 7 1967 $dSI RIV A 182 1977 $eSI SC 2463 7 1977 $dSI RIV A 182 1980 $eSI SC 8032 7 1980 $dSI RIV A 182 1981 $eSI SC 9309 7 1981 $dSI RIV A 182 1982 $eSI SC 12025 7 1982 $dSI RIV A 182 1983 $eSI SC 12721 7 1983 $dSI RIV A 182 1984 $eSI SC 13566 5 1984 $dSI RIV A 182 1978 $eSI SC 14045 7 1978 $dSI RIV A 182 1979 $eSI SC 14046 7 1979 $dSI RIV A 182 1985 $eSI SC 15171 7 1985 $dSI RIV A 182 1986 $eSI SC 15710 7 1986 $dSI RIV A 182 1987 $eSI SC 17358 7 1987 $dSI RIV A 182 1988 $eSI SC 18355 7 1988 $dSI RIV A 182 1989 $eSI SC 19805 7 1989 $dSI RIV A 182 1990 $eSI SC 20398 7 1990 $dSI RIV A 182 1991 $eSI SC 22028 7 1991 $dSI RIV A 182 1992 $eSI SC 24143 7 1992 $dSI RIV A 182 1993 $eSI SC 25984 7 1993 $dSI RIV A 182 1994 $eSI SC 27084 7 1994 $dSI RIV A 182 1995 $eSI SC 28684 7 1995 $dSI RIV A 182 1996 $eSI SC 30042 7 1996 $dSI RIV A 182 1997 $eSI SC 31796 7 1997 $dSI RIV A 182 1998 $eSI SC 33024 7 1998 $dSI RIV A 182 1999 $eSI SC 34412 7 1999 $dSI RIV A 182 2000 $eSI SC 35565 7 2000 $dSI RIV A 182 2001 $eSI SC 36620 7 2001 $dSI RIV A 182 2002 $eSI SC 37604 7 2002 $dSI RIV A 182 2003 $eSI SC 38375 7 2003 $dSI RIV A 182 2004 $eSI SC 39323 7 2004 $dSI RIV A 182 2005 $eSI SC 40331 7 2005 $dSI RIV A 182 2006 $eSI SC 41402 7 2006 $dSI RIV A 182 2007 $eSI SC 42737 7 2007 $dSI RIV A 182 2008 $eSI SC 43737 7 2008 $dSI RIV A 182 2009 $eSI SC 45589 7 2009 $dSI RIV A 182 2010 $eSI SC 46570 7 2010 $dSI RIV A 182 1968 $eSI SS 887/1 7 1968 $dSI RIV A 182 1966 $eSI SS 887 7 1966 SS887A SS887B SS887C SS887D 951 $aSIBA - SISTEMA BIBLIOTECARIO DI ATENEO$bSI2012176 1J 20121126 996 $aQuaderni storici$9496925 997 $aUNIOR