Jungsang Yoon

Date of Award

3-24-2016

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Mason Rice, PhD.

Abstract

First responders go through rigorous training and evaluation to ensure they are adequately prepared for an emergency. As an example, firefighters continually evaluate the readiness of their personnel using a defined set of criteria to measure performance for fire suppression and rescue procedures. From a cyber security standpoint, however, this same set of criteria and rigor is severely lacking for the professionals that must detect, respond to and recover from a cyber-based attack against the nation's critical infrastructure. This research provides a framework for evaluating the readiness of cyber first responders responsible for critical infrastructure protection. The framework demonstrates the development of evaluation environment, criteria and scenarios that are modeled from NFPA 1410 standards concept that is used for assessing the readiness of firefighters. The utility of framework is exhibited during a military cyber training exercise and demonstrates the ability to evaluate the readiness of cyber first responders for industrial control systems when responding to the cyber-based attacks in the scenarios. Although successful, the results and analysis provide a context to develop a physical processes simulation tool, called Y-Box. The Y-Box creates more accessible, representational, realistic and evaluation-friendly environment to enhance the framework. The Y-Box demonstrates its application through the simulation of the first two stages in a wastewater treatment plant. Its performance test demonstrates its ability to interface with different types of signals from multiple programmable logic controllers with an acceptable range of error. The utility of simulation is extended with the development of potential attacks that can be used in a cyber exercise involving industrial control systems.

AFIT Designator

AFIT-ENG-MS-16-M-054

DTIC Accession Number

AD1053884

Download

Share

COinS