em10comm

Discussion -1

Natural gas, energy and water are the basic necessity of a nation or one can say it is the lifeline of the people in the country. If any of these stops functioning or gets disrupted the growth of the nation comes to a hold and even the people of that country get affected in a very negative way. In today’s digital era latest technologies play a major part in the distribution on the resources like Energy, water and natural gas and this major dependency on technology has also increased the risk of cyber-attacks.

Under Energy and water division there are other sub-divisions like oil and gas, coal and power to produce energy and because of the heavily dependency on technology there often generates loopholes which are ignored. Due to this ignorance cyber attackers gain access to the system and extract information. Couple of years ago an attack was conducted on a natural gas company and because of this attack the government and the US pipeline operations had to face huge problems (Sobczak, Northey, & Behr, 2017). Cyber security is very important in every level of the hierarchy. Similarly, another attack was carried out by cyber criminals using Denial-of-Service attack. Cyberattacks overwhelm target networks with bogus traffic, making it difficult for victim computers to operate normally. Distributed-denial-of-service (DDOS) attacks harness the power of hacked "botnets" of computers to throw at hackers' targets, while rarer telephony-denial-of-service events seek to block incoming and outgoing calls (Sobczak, Northey, & Behr, 2017).

In my perception, Big or small companies should conduct frequent audits so that if there is any security gap it can be identified and fixed before it is too late. The problem with such companies is that they don't report such attacks unless it becomes too serious and by that time most of the damage is already done. In this case I think there should be strict law or policies to dictate what should an organization do in case of cyber-attack and make reporting compulsory. Secondly, there should be diversity in the team so that there will be diversity in thinking to overcome the diverse source of threats (Barker, 2018). Diversity in the team plays a very important role to over come security issues this is because diversity provides people from different country, age and gender, and because of this thinking ability and approach to cyber security will be different for every individual. This will challenge the cyber criminals because these criminals are not restricted to a particular nation, age or gender and hence a diversity in a team will help fight against these cyber criminals.

References

Sobczak, B., Northey, H., & Behr, P. (2017, May 23) Cyber raises threat against America's energy backbone. Retrieved https://www.eenews.net/stories/1060054924

Barker, J. (2018, February 05) THE INNOVATION OF DIVERSITY IN CYBERSECURITY. https://digitalguardian.com/blog/innovation-diversity-cybersecurity

Discussion-2:- From article it says power grid systems have to depend on internally connected devices where transmission of gases is less vulnerable to cyber-attacks. In maintaining of any organization or national infrastructure should be diversified where security and reliability are key attributes in information technology. Instrumentation and critical systems (I&Cs) are challenging for critical safety environment particularly in complex applications (Kharchenko, 2016). Common Cause Failures (CCF) are key problems for safety assurance (Kharchenko, 2016) because of software failure, hardware failure and other impacts from outside causes malware, intrusion, vulnerabilities in both software and hardware.

Common cause failures can be decreased by following several types of version diversities. Diversity principle is based on idea the same product/process have the same anomalies, different means different product/process have different anomalies (Kharchenko, 2016) but different will not makes difference in achieving goals where implementation and execution in different ways.

Diversity can be implemented mainly in service oriented architecture successfully; usually it consists of Operation systems, web server, application server and database (Kharchenko, 2016).

In implementing of any system comprise with hardware and software, diversity can classified, different classification of diversities human diversity - which includes different programmers, managers, designers, testers; design diversity – different algorithms, different operating systems; functional diversity – different mechanisms, logics; signal diversity – different sensed parameters, different sensor designs, equipment diversity, conceptual diversity and implementation diversity (Kharchenko, 2016).

There are different methods in assessing the diversity principle based systems like theoretical, metrical, statistical, fault injection, probabilistic and expert methods are some of the assessment methods for diversity (Kharchenko, 2016).      

Reference

Kharchenko, V. (2016, October). Diversity for safety and security of embedded and cyber physical systems: Fundamentals review and industrial cases. In 2016 15th Biennial Baltic Electronics Conference (BEC) (pp. 17-26). IEEE.