@article {alcarazlopez-IEEESystems-2017, title = {A Cyber-Physical Systems-Based Checkpoint Model for Structural Controllability}, journal = {IEEE Systems Journal}, volume = {12}, year = {2018}, month = {12/2018}, pages = {3543-3554}, publisher = {IEEE}, abstract = {

The protection of critical user-centric applications,\ such as Smart Grids and their monitoring systems, has become\ one of the most cutting-edge research areas in recent years.\ The dynamic complexity of their cyber-physical systems (CPSs)\ and their strong inter-dependencies with power systems, are\ bringing about a significant increase in security problems that\ may be exploited by attackers. These security holes may, for\ example, trigger the disintegration of the structural controllability\ properties due to the problem of non-locality, affecting, sooner\ or later, the provision of the essential services to end-users.\ One way to address these situations could be through automatic\ checkpoints in charge of inspecting the healthy status of the\ control network and its critical nature. This inspection can be\ subject to special mechanisms\ composed of trustworthy cyberphysical\ elements\ capable of detecting structural changes in the\ control and activating restoration procedures\ with support for\ warning. This is precisely the aim of this paper, which presents\ a CPSs-based checkpoint model with the capacity to manage\ heterogeneous replications that help ensure data redundancy,\ thereby guaranteeing the validity of the checkpoints. As a support\ to this study,\ a theoretical and practical analysis is addressed to\ show the functionality of the approach in real contexts.

}, keywords = {Critical Control Systems, cyber-physical systems, Smart grids, structural controllability}, issn = {1932-8184}, doi = {https://doi.org/10.1109/JSYST.2017.2740719}, url = {http://ieeexplore.ieee.org/document/8057984/}, author = {Cristina Alcaraz and Javier Lopez} } @article {Alcaraz2010a, title = {A Security Analysis for Wireless Sensor Mesh Networks in Highly Critical Systems}, journal = {IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews}, volume = {40}, number = {4}, year = {2010}, month = {July}, pages = {419-428}, publisher = {IEEE}, abstract = {

Nowadays, critical control systems are a fundamental component contributing to the overall performance of critical infrastructures in our society, most of which belong to the industrial sector. These complex systems include in their design different types of information and communication technology systems, such as wireless (mesh) sensor networks, to carry out control processes in real time. This fact has meant that several communication standards, such as Zigbee PRO, WirelessHART, and ISA100.11a, have been specified to ensure coexistence, reliability, and security in their communications. The main purpose of this paper has been to review these three standards and analyze their security. We have identified a set of threats and potential attacks in their routing protocols, and we consequently provide recommendations and countermeasures to help Industry protect its infrastructures.

}, keywords = {Critical Control Systems, Critical Infrastructure Protection, SCADA Systems, Wireless Sensor Mesh Network}, issn = {1094-6977}, doi = {10.1109/TSMCC.2010.2045373}, url = {http://ieeexplore.ieee.org/search/srchabstract.jsp?tp=\&arnumber=5443456\&queryText\%253DC.+Alcaraz\%2526openedRefinements\%253D*\%2526searchField\%253DSearch+All\&fromGateway=true}, author = {Cristina Alcaraz and Javier Lopez} } @inproceedings {Alcaraz2009, title = {Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems}, booktitle = {6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus{\textquoteright}09)}, series = {LNCS}, year = {2009}, month = {September}, pages = {86-94}, publisher = {Springer-Verlag}, organization = {Springer-Verlag}, address = {Linz, Austria}, abstract = {

SCADA systems represent a challenging scenario where the management of critical alarms is crucial. Their response to these alarms should be efficient and fast in order to mitigate or contain undesired effects. This work presents a mechanism, the Adaptive Assignment Manager (AAM) that will aid to react to incidences in a more efficient way by dynamically assigning alarms to the most suitable human operator. The mechanism uses various inputs for identifying the operators such as their availability, workload and reputation. In fact, we also define a reputation component that stores the reputation of the human operators and uses feedback from past experiences.

}, keywords = {Critical Control Systems, Reputation, Supervisory Control and Data Acquisition Systems}, isbn = {978-3-642-03747-4}, doi = {10.1007/978-3-642-03748-1_9}, author = {Cristina Alcaraz and Isaac Agudo and Carmen Fernandez-Gago and Rodrigo Roman and Gerardo Fernandez and Javier Lopez} }