A relatively new trend in Critical Infrastructures (e.g., power plants, nuclear plants, energy grids, etc.) is the massive migration from the classic model of isolated systems, to a system-of-systems ...model, where these infrastructures are intensifying their interconnections through Information and Communications Technology (ICT) means. The ICT core of these industrial installations is known as Supervisory Control And Data Acquisition Systems (SCADA). Traditional ICT security countermeasures (e.g., classic firewalls, anti-viruses and IDSs) fail in providing a complete protection to these systems since their needs are different from those of traditional ICT. This paper presents an innovative approach to Intrusion Detection in SCADA systems based on the concept of Critical State Analysis and State Proximity. The theoretical framework is supported by tests conducted with an Intrusion Detection System prototype implementing the proposed detection approach.
The private Cloud at the Torino INFN computing centre offers IaaS services to different scientific computing applications. The infrastructure is managed with the OpenNebula cloud controller. The main ...stakeholders of the facility are a grid Tier-2 site for the ALICE collaboration at LHC, an interactive analysis facility for the same experiment and a grid Tier-2 site for the BES-III collaboration, plus an increasing number of other small tenants. Besides keeping track of the usage, the automation of dynamic allocation of resources to tenants requires detailed monitoring and accounting of the resource usage. As a first investigation towards this, we set up a monitoring system to inspect the site activities both in terms of IaaS and applications running on the hosted virtual instances. For this purpose we used the Elasticsearch, Logstash and Kibana stack. In the current implementation, the heterogeneous accounting information is fed to different MySQL databases and sent to Elasticsearch via a custom Logstash plugin. For the IaaS metering, we developed sensors for the OpenNebula API. The IaaS level information gathered through the API is sent to the MySQL database through an ad-hoc developed RESTful web service, which is also used for other accounting purposes. Concerning the application level, we used the Root plugin TProofMonSenderSQL to collect accounting data from the interactive analysis facility. The BES-III virtual instances used to be monitored with Zabbix, as a proof of concept we also retrieve the information contained in the Zabbix database. Each of these three cases is indexed separately in Elasticsearch. We are now starting to consider dismissing the intermediate level provided by the SQL database and evaluating a NoSQL option as a unique central database for all the monitoring information. We setup a set of Kibana dashboards with pre-defined queries in order to monitor the relevant information in each case. In this way we have achieved a uniform monitoring interface for both the IaaS and the scientific applications, mostly leveraging off-the-shelf tools.
► The impact of network topology on transmission network reliability is analysed. ► The usefulness of transmission network reliability indicators is discussed. ► More interconnected power grids have ...experienced a larger number of fault events. ► Impacts in terms of reliability indicators are lower for more interconnected grids. ► The analysis is shown to be very sensitive to rare extreme events.
The European Network of Transmission System Operators for Electricity has been publishing network reliability data for major fault events in the European electricity transmission network since 2002. The work presented focuses on three reliability indicators provided for each major fault event: energy not supplied, total loss of power and restoration time. The purpose of this paper is to assess the usefulness of these indicators and to gain a better understanding of the impact of network topology on transmission network reliability. The topology is assessed in terms of network interconnectivity. For each indicator, the sum of the observed values and the Empirical Cumulative Distribution Functions (ECDF) are used to compare networks with different topologies. More interconnected grids have experienced a larger number of fault events. However, their impacts in terms of reliability indicators are significantly lower. In spite of the observed differences between network groups, results show significant sensitivity to reliability indicators’ data sets. The usefulness and significance of transmission network reliability indicators are discussed.
Elastic cloud computing applications, i.e. applications that automatically scale according to computing needs, work on the ideal assumption of infinite resources. While large public cloud ...infrastructures may be a reasonable approximation of this condition, scientific computing centres like WLCG Grid sites usually work in a saturated regime, in which applications compete for scarce resources through queues, priorities and scheduling policies, and keeping a fraction of the computing cores idle to allow for headroom is usually not an option. In our particular environment one of the applications (a WLCG Tier-2 Grid site) is much larger than all the others and cannot autoscale easily. Nevertheless, other smaller applications can benefit of automatic elasticity; the implementation of this property in our infrastructure, based on the OpenNebula cloud stack, will be described and the very first operational experiences with a small number of strategies for timely allocation and release of resources will be discussed.
Characterisation of scCVD diamond detectors with γ sources Caiffi, B.; Amapane, N.; Argirò, S. ...
Nuclear instruments & methods in physics research. Section A, Accelerators, spectrometers, detectors and associated equipment,
08/2014, Letnik:
754
Journal Article
Recenzirano
Odprti dostop
A single-crystal CVD (Chemical Vapor Deposition) diamond detector was used to measure γ rays in order to assess its performance in terms of energy resolution and linearity. For this purpose, 57Co, ...133Ba, 22Na, 207Bi and 137Cs γ sources were used. Electrons scattered by the backward Compton process were detected in the diamond, in coincidence with (backscattered) γs measured in a NaI detector, placed at 180° from the CVD diamond detector with respect to the source. The resulting calibration shows a linear dependence of the charge deposited in the diamond and a resolution of about 24keV FWHM for the energy of the incident γs between 40keV (57Co) and 477keV (137Cs), comparable with the resolution of our electronic chain.
The INFN computing centre in Torino hosts a private Cloud, which is managed with the OpenNebula cloud controller. The infrastructure offers Infrastructure-as-a-Service (IaaS) and ...Platform-as-a-Service (PaaS) services to different scientific computing applications. The main stakeholders of the facility are a grid Tier-2 site for the ALICE collaboration at LHC, an interactive analysis facility for the same experiment and a grid Tier-2 site for the BESIII collaboration, plus an increasing number of other small tenants. The dynamic allocation of resources to tenants is partially automated. This feature requires detailed monitoring and accounting of the resource usage. We set up a monitoring framework to inspect the site activities both in terms of IaaS and applications running on the hosted virtual instances. For this purpose we used the ElasticSearch, Logstash and Kibana (ELK) stack. The infrastructure relies on a MySQL database back-end for data preservation and to ensure flexibility to choose a different monitoring solution if needed. The heterogeneous accounting information is transferred from the database to the ElasticSearch engine via a custom Logstash plugin. Each use-case is indexed separately in ElasticSearch and we setup a set of Kibana dashboards with pre-defined queries in order to monitor the relevant information in each case. For the IaaS metering, we developed sensors for the OpenNebula API. The IaaS level information gathered through the API is sent to the MySQL database through an ad-hoc developed RESTful web service. Moreover, we have developed a billing system for our private Cloud, which relies on the RabbitMQ message queue for asynchronous communication to the database and on the ELK stack for its graphical interface. The Italian Grid accounting framework is also migrating to a similar set-up. Concerning the application level, we used the Root plugin TProofMonSenderSQL to collect accounting data from the interactive analysis facility. The BESIII virtual instances used to be monitored with Zabbix, as a proof of concept we also retrieve the information contained in the Zabbix database. In this way we have achieved a uniform monitoring interface for both the IaaS and the scientific applications, mostly leveraging off-the-shelf tools. At present, we are working to define a model for monitoring-as-a-service, based on the tools described above, which the Cloud tenants can easily configure to suit their specific needs.
The emerging energy web Ajmone-Marsan, M.; Arrowsmith, D.; Breymann, W. ...
The European physical journal. ST, Special topics,
11/2012, Letnik:
214, Številka:
1
Journal Article
Recenzirano
Odprti dostop
There is a general need of elaborating energy-effective solutions for managing our increasingly dense interconnected world. The problem should be tackled in multiple dimensions -technology, society, ...economics, law, regulations, and politics- at different temporal and spatial scales. Holistic approaches will enable technological solutions to be supported by socio-economic motivations, adequate incentive regulation to foster investment in green infrastructures coherently integrated with adequate energy provisioning schemes. In this article, an attempt is made to describe such multidisciplinary challenges with a coherent set of solutions to be identified to significantly impact the way our interconnected energy world is designed and operated.
Graphical abstract
Complexity aided design Carbone, A.; Ajmone-Marsan, M.; Axhausen, K. W. ...
The European physical journal. ST, Special topics,
11/2012, Letnik:
214, Številka:
1
Journal Article
Recenzirano
Odprti dostop
“In the next century, planet earth will don an electronic skin. It will use the Internet as a scaffold to support and transmit its sensations. This skin is already being stitched together. It ...consists of millions of embedded electronic measuring devices: thermostats, pressure gauges, pollution detectors, cameras, microphones, glucose sensors, EKGs, electroencephalographs. These will probe and monitor cities and endangered species, the atmosphere, our ships, highways and fleets of trucks, our conversations, our bodies–even our dreams ...What will the earth’s new skin permit us to feel? How will we use its surges of sensation? For several years–maybe for a decade–there will be no central nervous system to manage this vast signaling network. Certainly there will be no central intelligence...some qualities of self-awareness will emerge once the Net is sensually enhanced. Sensuality is only one force pushing the Net toward intelligence”. These statements are quoted by an interview by Cherry Murray, Dean of the Harvard School of Engineering and Applied Sciences and Professor of Physics. It is interesting to outline the timeliness and highly predicting power of these statements. In particular, we would like to point to the relevance of the question “What will the earth’s new skin permit us to feel?” to the work we are going to discuss in this paper. There are many additional compelling questions, as for example: “How can the electronic earth’s skin be made more resilient?”; “How can the earth’s electronic skin be improved to better satisfy the need of our society?”;“What can the science of complex systems contribute to this endeavour?”
Graphical abstract
Las nanas: ¿una canción femenina? Masera, Mariana
Disparidades : revista de antropología,
03/2020, Letnik:
49, Številka:
1
Journal Article
Recenzirano
Odprti dostop
El papel tradicional de la mujer como encargada del cuidado del niño quizás ha sido una de las principales causas de que las canciones de cuna sean identificadas como canciones de voz femenina y en ...la mayoría de los casos se ha dejado a un lado el análisis de los textos mismos. Este último aspecto es el que me propongo analizar aquí.
The security of System Control and Data Acquisition (SCADA) systems is one of the most pressing subjects in industrial systems, particularly for those installations actively using the public network ...in order to provide new features and services. In this paper, we present an innovative approach to the design of filtering systems based on the state analysis of the system being monitored. The aim is to detect attacks composed of a set of "SCADA" commands that, while licit when considered in isolation on a single-packet basis, can disrupt the correct behavior of the system when executed in particular operating states. The proposed firewall detects these complex attacks thanks to an internal representation of the controlled SCADA system. Furthermore, we detail the design of the architecture of the firewall for systems that use the ModBus and DNP3 protocols, and the implementation of a prototype, providing experimental comparative results that confirm the validity of the proposed approach.