CRD's Sean Peisert Guest Edits Special Issue of IEEE's Security and Privacy Magazine
January 30, 2015
by Jon Bashor
CRD's Sean Peisert recently guest edited a special issue of IEEE Security & Privacy Magazine (http://www.computer.org/security), of which he is also a member of the editorial board. The special issue focuses on "Control Systems Security for the Energy Sector" and contains six-peer reviewed articles with authors from U.S. national labs, U.S. and international academic institutions, and industry.
One of the articles in the special issue was co-authored by Peisert and CRD's Charles McParland, and contains an overview of a recently concluded sponsored-research project funded by DOE’s "Cybersecurity for Energy Delivery Systems" program. Project participants were McParland, Peisert, their collaborator at the University of California, Davis, Prof. Anna Scaglione, and several students and postdocs at UC Davis, where Peisert holds a joint appointment.
The authors considered attacks against cyber-physical devices and made the observation that unlike traditional computer systems, physical systems have well-defined physical, safety limitations. As such, rather than looking purely at the "cyber" effect of network traffic, they realized that for cyber-physical devices, they had the advantage of looking at the control streams being sent to cyber-physical devices and the sensor readings being sent from the physical devices to see when cyber-physical devices received commands that would cause them to exceed their physical limitations and potentially cause damage to themselves and possibly even injury to human operators.
In the magazine article, "Monitoring Security of Networked Control Systems: It's the Physics," McParland, Peisert, and Scaglione describe their approach of integrating the physical limitations of the cyber-physical devices being controlled over networks into the Bro Network Security Monitor [https://www.bro.org] (first developed by Vern Paxson at LBNL in the mid-1990s), and the results of applying the approach to several example scenarios.
Peisert also wrote the guest editor introduction at http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7006440 and an industry roundtable discussion for which he conducted the interview and co-edited the resulting transcript (http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=7006438). > Peisert also co-ran a roundtable for the prior issue of IEEE Security & Privacy magazine that was designed to serve as a motivational preview.
The table of contents to links to the articles can be found, with access provided by LBNL, at http://www.computer.org/csdl/mags/sp/2014/06/index.html.