A Fuzzy Set-Based Approach for Model-Based Internet-Banking System Security Risk Assessment

A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language （UML） to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system, A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should amuse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.

The Effective Enhancement of Power System Security by Flexible Transmission Line Impedance with Minimal Rescheduling of Generators

After the digital revolution, the power system security becomes an important issue and it urges the power producers to maintain a well secured system in order to supply a quality power to the end users. This paper presents an integrated Corrective Security Constrained Optimal Power Flow (CSCOPF) with Flexible Transmission Line Impedance (FTLI) to enhance the power system security. The corrective approach of SCOPF is chosen, because it allows the corrective equipment to bring back the system to a stable operating point and hence, it offers high flexibility and better economics. The concept of FTLI arises from the ability of FACTS devices such as Thyristor Controlled Series Capacitor (TCSC), which can vary the line reactance to a certain extent. An enhanced security can be achieved by incorporating FTLI into the CSCOPF problem, since the power flow in a system is highly dependent on the line reactance. FTLI based CSCOPF can reduce the amount of rescheduling of generators, but it will result in an increased number of variables and thus, the complexity to the optimization process is increased. This highly complex problem is solved by using nonlinear programming. The AC based OPF model is preferred, since the corrective security actions require highly accurate solutions. IEEE 30 bus system is used to test the proposed scheme and the results are compared with the traditional CSCOPF. It can be seen that the proposed idea provides a notable improvement in the reduction of cost incurred for restoring the system security.

Analysis and Recommendations for the Adaptability of China’s Power System Security and Stability Relevant Standards

In developing power grids,setting standards is critical to its success.The development of China’s power industry has proposed new requirements for power systems to ensure secure and stable operations.The principal standards for the security and stability of China’s current power systems are analyzed in terms of operational control,generator-grid coordination and simulation.The shortcomings are pointed out and the directions of future development are discussed.In the end,the study highlighted the following key areas that require further research and improvement:the evaluation criteria of power system security and stability should be improved to ensure the secure and stable operation of China’s power systems;the operational control standards should be constantly enhanced to increase the reliability and flexibility of operational control strategies;generatorgrid coordination standards should be upgraded to improve the coordination between the generator control protection system and the grid;and the simulation methodology should be standardized in future power system security and stability research.

Security Risk Assessment of Cyber Physical Power System Based on Rough Set and Gene Expression Programming

Risk assessment is essential for the safe and reliable operation of cyber physical power system. Traditional security risk assessment methods do not take integration of cyber system and physical system of power grid into account. In order to solve this problem, security risk assessment algorithm of cyber physical power system based on rough set and gene expression programming is proposed. Firstly, fast attribution reduction based on binary search algorithm is presented. Secondly, security risk assessment function for cyber physical power system is mined based on gene expression programming. Lastly, security risk levels of cyber physical power system are predicted and analyzed by the above function model. Experimental results show that security risk assessment function model based on the proposed algorithm has high efficiency of function mining, accuracy of security risk level prediction and strong practicality. © 2014 Chinese Association of Automation.

Concepts of Safety Critical Systems Unification Approach &Security Assurance Process

The security assurance of computer-based systems that rely on safety and security assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This targets the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information system. This research addresses security and information assurance for safety-critical systems, where security and safety are addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.

Reliability Analysis of Heterogeneous Sensor-Cloud Systems against Targeted Attacks

Based on the wide application of cloud computing and wireless sensor networks in various fields,the Sensor-Cloud System(SCS)plays an indispensable role between the physical world and the network world.However,due to the close connection and interdependence between the physical resource network and computing resource network,there are security problems such as cascading failures between systems in the SCS.In this paper,we propose a model with two interdependent networks to represent a sensor-cloud system.Besides,based on the percolation theory,we have carried out a formulaic theoretical analysis of the whole process of cascading failure.When the system’s subnetwork presents a steady state where there is no further collapse,we can obtain the largest remaining connected subgroup components and the penetration threshold.Theoretically,this result is the critical maximum that the coupled SCS can withstand.To verify the correctness of the theoretical results,we further carried out actual simulation experiments.The results show that a scale-free network priority attack’s percolation threshold is always less than that of ER network which is priority attacked.Similarly,when the scale-free network is attacked first,adding the power law exponentλcan be more intuitive and more effective to improve the network’s reliability.

Survey on Key Technology Development and Application in Trusted Computing

Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.

Mechanism and Defense on Malicious Code

With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code, and discuss the critical techniques of implementation and prevention against the malicious code. The remaining problems and emerging trends in this area are also addressed in the paper.

Trusted Anomaly Detection with Context Dependency

Anomaly detection of privileged processes is one of the most important means to safeguard the host and system security. The key problem for improving detection performance is to identify local behavior of the short sequences in traces of system calls accurately. An alternative modeling method was proposed based on the typical pattern matching of short sequences, which builds upon the concepts of short sequences with context dependency and the specially designed aggregation algorithm. The experimental results indicate that the modeling method considering the context dependency improves clearly the sensitive decision threshold as compared with the previous modeling method.

Internet Development and E-commerce Barriers in China

With China＇s entry into WTO, electronic commerce becomes an indispensable premise for China to build a modern, competitive, knowledge-driven economy, and integrate its national economy into an increasingly networked, knowledge-based global economy. This study examines the current status of Internet and E-commerce development in China, finds the factors that lead to the current situation in terms of government policy orientation, identifies the major barriers to E-commerce adoption in China, and proposes strategies toward greater success of E-commerce in China.

Suspension of Australian National Electricity Market in 2022 Necessitates Mechanism Evolution Ensuring Power Supply Security

The National Electricity Market(NEM)in Australia was suspended during June 15-23,2022,with a primary attribution to the lack of available generation capacity.This incident is noteworthy because it was the first market suspension in NEM’s history and took place in a major energy exporting country.In this letter,we review the outline and impacts of the incident.From the perspectives of market regulation,electricity supply,and electricity demand,we identify three underlying causes of the market suspension and offer four recommendations for the market mechanism evolution to ensure power supply security.

Wind Resource Potential in the Caribbean Archipelago

Climate change threatens the sustainable development and survival of the small Caribbean island nations. The continual rise in the demand and cost of the earth＇s finite hydrocarbon energy reservoir drives these countries to examine the integration of renewable energy to reduce green house gas emissions whilst meeting their electrical energy demands. One possible renewable energy source is wind. Trinidad and Tobago, through its renewable energy policy, is seeking to reliably and economically integrate wind power with its conventional power generation sources. This paper assesses the adequacy of wind power generation at potential sites through the use of auto-regressive modeling and the use of Monte Carlo Simulation to evaluate the well-being indices for the combination of wind and conventional power generation. Two sites in the twin island Republic of Trinidad and Tobago were identified as case studies for the proposed methodology. Analysis of the results indicated that the methodology should be applied to sites with conditions encouraging economic feasibility of wind power generation.

A buffer overflow detection and defense method based on RiSC-V instruction set extension

Buffer overflow poses a serious threat to the memory security of modern operating systems.It overwrites the con-tents of other memory areas by breaking through the buffer capacity limit,destroys the system execution environ-ment,and provides implementation space for various system attacks such as program control flow hijacking.That makes it a wide range of harms.A variety of security technologies have been proposed to deal with system security problems including buffer overflow.For example,No eXecute(NX for short)is a memory management technology commonly used in Harvard architecture.It can refuse the execution of code which residing in a specific memory,and can effectively suppress the abnormal impact of buffer overflow on control flow.Therefore,in recent years,it has also been used in the field of system security,deriving a series of solutions based on NX technology,such as ExecShield,DEP,StackGuard,etc.However,these security solutions often rely too much on the processor archi-tecture so that the protection coverage is insufficient and the accuracy is limited.Especially in the emerging system architecture field represented by RiSC-V,there is still a lack of effective solutions for buffer overflow vulnerabilities.With the continuous rapid development of the system architecture,it is urgent to develop defense methods that are applicable to different system application environments and oriented to all executable memory spaces to meet the needs of system security development.Therefore,we propose BOP,A new system memory security design method based on RISC-V extended instructions,to build a RISC-V buffer overflow detection and defense system and deal with the buffer overflow threat in RIsC-V.According to this method,NX technology can be combined with program control flow analysis,and Nx bit mechanism can be used to manage the executability of memory space,so as to achieve a more granular detection and defense of buffer overflow attacks that may occur in RISC-V system environment.In addition,The memory management and control function of BOP is not only very suitable for solving the security problems in the existing single architecture system,but also widely applicable to the combina-tion of multiple heterogeneous systems.

Online Frequency Security Assessment Based on Analytical Model Considering Limiting Modules

Due to the increasing implementation of high voltage direct current(HVDC)and the integration of renewable resources,frequency stability problems in power systems are drawing greater attention in recent years.It has become necessary to carry out online frequency security assessments to ensure the safe operation of power systems.Considering the low time-efficiency of simulation-based methods,analytical models,such as the frequency nadir prediction(FNP)model,are more suitable for online assessment,which requires calculating the worst frequency deviation under various contingencies.Based on the FNP model,the FNP-L model for online frequency security assessment is proposed in this paper.The proposed model implements security assessment by calculating and checking the frequency features,including the nadir time and frequency,followed by contingencies.The effect of the governor,including nonlinear constraints,is approximated into polynomial functions so that the results are obtained by solving multiple polynomial equations.Case studies are carried out using the New-England 39-bus system and a regional power grid,which shows that the proposed model could achieve both high speed and high accuracy,and can therefore be applied in online security assessment.

Optimal generation mix for frequency response adequacy in future power system

Strict enforcement of government policies to integrate high generation share from renewable energy sources(RES)like wind and PV would create inevitable operational challenges for the utilities to deliver Frequency Response(FR)services.Uncertain RES generation characteristics would worsen the situation for SO,to detain initial frequency deviation following the largest generation outage.This necessitates investigation of optimal generator combination for securing PFR adequacy with simultaneous characterization of uncertainty.In this regard,this paper proposes a novel Modified Interval(MI)based optimal generation mix formulation for operation cost minimization and FR adequacy.RES uncertainty is characterised by forecasted upper and lower bound,while hourly ramp needs are based on the net load scenarios.Proposed model is assessed on one area IEEE reliability test system.Rate of change of frequency(ROCOF)and frequency deviation are considered as network security limits to obtain optimal generation mix.Results obtained provide,overall cost performance,PFR and optimal generation mix,without violating system security criteria.This model would certainly assist SO,to enhance system’s inertia and PFR adequacy at short-term system operations and could be extended for long-term planning framework.

Data-driven Approach for State Prediction and Detection of False Data Injection Attacks in Smart Grid

In a smart grid,state estimation(SE)is a very important component of energy management system.Its main functions include system SE and detection of cyber anomalies.Recently,it has been shown that conventional SE techniques are vulnerable to false data injection(FDI)attack,which is a sophisticated new class of attacks on data integrity in smart grid.The main contribution of this paper is to propose a new FDI attack detection technique using a new data-driven SE model,which is different from the traditional weighted least square based SE model.This SE model has a number of unique advantages compared with traditional SE models.First,the prediction technique can better maintain the inherent temporal correlations among consecutive measurement vectors.Second,the proposed SE model can learn the actual power system states.Finally,this paper shows that this SE model can be effectively used to detect FDI attacks that otherwise remain stealthy to traditional SE-based bad data detectors.The proposed FDI attack detection technique is evaluated on a number of standard bus systems.The performance of state prediction and the accuracy of FDI attack detection are benchmarked against the state-ofthe-art techniques.Experimental results show that the proposed FDI attack detection technique has a higher detection rate compared with the existing techniques while reducing the false alarms significantly.