Cybersecurity threats to p&c systems

Yuly Bay, Yana Malkova, Anna Buran

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Vulnerabilities introduced into the hardware and software by P&C system manufacturers are typically difficult for the EPU's P&C engineers to discover and patch. The most common cybersecurity flaw is a vulnerability that provides the means to inject malicious code into the P&C system software. The primary reason to consider this type of attack is that it can allow an individual to bypass the access control restrictions set by the developer or EPU's P&C engineer. P&C system engineers should review all wireless remote access to the P&C system. Depreciate wireless access using WEP encryption and their interface to the P&C system network declared "untrusted". Lastly, P&C managers should not view these vulnerabilities of P&C assets independently as a successful cyber-Attack typically involves exploitation of a chain of vulnerabilities present on various assets. Consequently, there is a need to model and analyze the entire sys-Tem-of-systems to estimate the relative security of a threat scenario.

Original languageEnglish
Title of host publicationInternational Youth Scientific Conference "Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment", HMTTSC 2019
EditorsGeniy Kuznetsov, Evgeniya Orlova, Dmitry Feoktistov
PublisherAmerican Institute of Physics Inc.
ISBN (Electronic)9780735418783
DOIs
Publication statusPublished - 9 Aug 2019
EventInternational Youth Scientific Conference on Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment 2019, HMTTSC 2019 - Tomsk, Russian Federation
Duration: 23 Apr 201925 Apr 2019

Publication series

NameAIP Conference Proceedings
Volume2135
ISSN (Print)0094-243X
ISSN (Electronic)1551-7616

Conference

ConferenceInternational Youth Scientific Conference on Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment 2019, HMTTSC 2019
CountryRussian Federation
CityTomsk
Period23.4.1925.4.19

Fingerprint

vulnerability
engineers
assets
attack
computer programs
access control
software
bypasses
photographic developers
managers
bypass
exploitation
hardware
constrictions
defects
estimates

ASJC Scopus subject areas

  • Ecology, Evolution, Behavior and Systematics
  • Ecology
  • Plant Science
  • Physics and Astronomy(all)
  • Nature and Landscape Conservation

Cite this

Bay, Y., Malkova, Y., & Buran, A. (2019). Cybersecurity threats to p&c systems. In G. Kuznetsov, E. Orlova, & D. Feoktistov (Eds.), International Youth Scientific Conference "Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment", HMTTSC 2019 [020013] (AIP Conference Proceedings; Vol. 2135). American Institute of Physics Inc.. https://doi.org/10.1063/1.5120650

Cybersecurity threats to p&c systems. / Bay, Yuly; Malkova, Yana; Buran, Anna.

International Youth Scientific Conference "Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment", HMTTSC 2019. ed. / Geniy Kuznetsov; Evgeniya Orlova; Dmitry Feoktistov. American Institute of Physics Inc., 2019. 020013 (AIP Conference Proceedings; Vol. 2135).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Bay, Y, Malkova, Y & Buran, A 2019, Cybersecurity threats to p&c systems. in G Kuznetsov, E Orlova & D Feoktistov (eds), International Youth Scientific Conference "Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment", HMTTSC 2019., 020013, AIP Conference Proceedings, vol. 2135, American Institute of Physics Inc., International Youth Scientific Conference on Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment 2019, HMTTSC 2019, Tomsk, Russian Federation, 23.4.19. https://doi.org/10.1063/1.5120650
Bay Y, Malkova Y, Buran A. Cybersecurity threats to p&c systems. In Kuznetsov G, Orlova E, Feoktistov D, editors, International Youth Scientific Conference "Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment", HMTTSC 2019. American Institute of Physics Inc. 2019. 020013. (AIP Conference Proceedings). https://doi.org/10.1063/1.5120650
Bay, Yuly ; Malkova, Yana ; Buran, Anna. / Cybersecurity threats to p&c systems. International Youth Scientific Conference "Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment", HMTTSC 2019. editor / Geniy Kuznetsov ; Evgeniya Orlova ; Dmitry Feoktistov. American Institute of Physics Inc., 2019. (AIP Conference Proceedings).
@inproceedings{ba9d21f564b94e49bd40346e095bac52,
title = "Cybersecurity threats to p&c systems",
abstract = "Vulnerabilities introduced into the hardware and software by P&C system manufacturers are typically difficult for the EPU's P&C engineers to discover and patch. The most common cybersecurity flaw is a vulnerability that provides the means to inject malicious code into the P&C system software. The primary reason to consider this type of attack is that it can allow an individual to bypass the access control restrictions set by the developer or EPU's P&C engineer. P&C system engineers should review all wireless remote access to the P&C system. Depreciate wireless access using WEP encryption and their interface to the P&C system network declared {"}untrusted{"}. Lastly, P&C managers should not view these vulnerabilities of P&C assets independently as a successful cyber-Attack typically involves exploitation of a chain of vulnerabilities present on various assets. Consequently, there is a need to model and analyze the entire sys-Tem-of-systems to estimate the relative security of a threat scenario.",
author = "Yuly Bay and Yana Malkova and Anna Buran",
year = "2019",
month = "8",
day = "9",
doi = "10.1063/1.5120650",
language = "English",
series = "AIP Conference Proceedings",
publisher = "American Institute of Physics Inc.",
editor = "Geniy Kuznetsov and Evgeniya Orlova and Dmitry Feoktistov",
booktitle = "International Youth Scientific Conference {"}Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment{"}, HMTTSC 2019",

}

TY - GEN

T1 - Cybersecurity threats to p&c systems

AU - Bay, Yuly

AU - Malkova, Yana

AU - Buran, Anna

PY - 2019/8/9

Y1 - 2019/8/9

N2 - Vulnerabilities introduced into the hardware and software by P&C system manufacturers are typically difficult for the EPU's P&C engineers to discover and patch. The most common cybersecurity flaw is a vulnerability that provides the means to inject malicious code into the P&C system software. The primary reason to consider this type of attack is that it can allow an individual to bypass the access control restrictions set by the developer or EPU's P&C engineer. P&C system engineers should review all wireless remote access to the P&C system. Depreciate wireless access using WEP encryption and their interface to the P&C system network declared "untrusted". Lastly, P&C managers should not view these vulnerabilities of P&C assets independently as a successful cyber-Attack typically involves exploitation of a chain of vulnerabilities present on various assets. Consequently, there is a need to model and analyze the entire sys-Tem-of-systems to estimate the relative security of a threat scenario.

AB - Vulnerabilities introduced into the hardware and software by P&C system manufacturers are typically difficult for the EPU's P&C engineers to discover and patch. The most common cybersecurity flaw is a vulnerability that provides the means to inject malicious code into the P&C system software. The primary reason to consider this type of attack is that it can allow an individual to bypass the access control restrictions set by the developer or EPU's P&C engineer. P&C system engineers should review all wireless remote access to the P&C system. Depreciate wireless access using WEP encryption and their interface to the P&C system network declared "untrusted". Lastly, P&C managers should not view these vulnerabilities of P&C assets independently as a successful cyber-Attack typically involves exploitation of a chain of vulnerabilities present on various assets. Consequently, there is a need to model and analyze the entire sys-Tem-of-systems to estimate the relative security of a threat scenario.

UR - http://www.scopus.com/inward/record.url?scp=85071023668&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85071023668&partnerID=8YFLogxK

U2 - 10.1063/1.5120650

DO - 10.1063/1.5120650

M3 - Conference contribution

T3 - AIP Conference Proceedings

BT - International Youth Scientific Conference "Heat and Mass Transfer in the Thermal Control System of Technical and Technological Energy Equipment", HMTTSC 2019

A2 - Kuznetsov, Geniy

A2 - Orlova, Evgeniya

A2 - Feoktistov, Dmitry

PB - American Institute of Physics Inc.

ER -