• Title/Summary/Keyword: Cyber operation

Search Result 261, Processing Time 0.025 seconds

Flexible operation and maintenance optimization of aging cyber-physical energy systems by deep reinforcement learning

  • Zhaojun Hao;Francesco Di Maio;Enrico Zio
    • Nuclear Engineering and Technology
    • /
    • v.56 no.4
    • /
    • pp.1472-1479
    • /
    • 2024
  • Cyber-Physical Energy Systems (CPESs) integrate cyber and hardware components to ensure a reliable and safe physical power production and supply. Renewable Energy Sources (RESs) add uncertainty to energy demand that can be dealt with flexible operation (e.g., load-following) of CPES; at the same time, scenarios that could result in severe consequences due to both component stochastic failures and aging of the cyber system of CPES (commonly overlooked) must be accounted for Operation & Maintenance (O&M) planning. In this paper, we make use of Deep Reinforcement Learning (DRL) to search for the optimal O&M strategy that, not only considers the actual system hardware components health conditions and their Remaining Useful Life (RUL), but also the possible accident scenarios caused by the failures and the aging of the hardware and the cyber components, respectively. The novelty of the work lies in embedding the cyber aging model into the CPES model of production planning and failure process; this model is used to help the RL agent, trained with Proximal Policy Optimization (PPO) and Imitation Learning (IL), finding the proper rejuvenation timing for the cyber system accounting for the uncertainty of the cyber system aging process. An application is provided, with regards to the Advanced Lead-cooled Fast Reactor European Demonstrator (ALFRED).

A Study of Cyber Operation COP based on Multi-layered Visualization (멀티레이어드 시각화를 적용한 사이버작전 상황도 개발에 관한 연구)

  • Kwon, Koohyung;Kauh, Jang-hyuk;Kim, Sonyong;Kim, Jonghwa;Lee, Jaeyeon;Oh, Haengrok
    • Convergence Security Journal
    • /
    • v.20 no.4
    • /
    • pp.143-151
    • /
    • 2020
  • The cyber battlefield called the fifth battlefield, is not based on geological information unlike the existing traditional battlefiels in the land, sea, air and space, and has a characteristics that all information has tightly coupled correlation to be anlayized. Because the cyber battlefield has created by the network connection of computers located on the physical battlefield, it is not completely seperated from the geolocational information but it has dependency on network topology and software's vulnerabilities. Therefore, the analysis for cyber battlefield should be provided in a form that can recognize information from multiple domains at a glance, rather than a single geographical or logical aspect. In this paper, we describe a study on the development of the cyber operation COP(Common Operational Picture), which is essential for command and control in the cyber warfare. In particular, we propose an architecure for cyber operation COP to intuitively display information based on visualization techniques applying the multi-layering concept from multiple domains that need to be correlated such as cyber assets, threats, and missions. With this proposed cyber operation COP with multi-layered visualization that helps to describe correlated information among cyber factors, we expect the commanders actually perfcrm cyber command and control in the very complex and unclear cyber battlefield.

Research on Cyber Kill Chain Models for Offensive Cyber Operations (공세적 사이버 작전을 위한 사이버 킬체인 모델 연구)

  • Seong Bae Jo;Wan Ju Kim;Jae Sung Lim
    • Convergence Security Journal
    • /
    • v.23 no.4
    • /
    • pp.71-80
    • /
    • 2023
  • Cyberspace has emerged as the fifth domain of warfare, alongside land, sea, air, and space. It has become a crucial focus for offensive and defensive military operations. Governments worldwide have demonstrated their intent to engage in offensive cyber operations within this domain. This paper proposes an innovative offensive cyber kill chain model that integrates the existing defensive strategy, the cyber kill chain model, with the joint air tasking order (ATO) mission execution cycle and joint target processing procedure. By combining physical and cyber operations within a joint framework, this model aims to enhance national cyber operations capabilities at a strategic level. The integration of these elements seeks to address the evolving challenges in cyberspace and contribute to more effective jointness in conducting cyber operations.

Research and Direction of Cyber Operation Education System for Fostering Common Situation Awareness about Cyber Operation -Focusing on non-Cyber Operations Unit Officer Education- (사이버작전에 대한 공통상황인식 함양을 위한 군(軍) 사이버작전 교육체계 연구 및 방향성 제안 -비(非)사이버작전부대 장교 교육을 중심으로-)

  • Lee, Sangwoon;Park, Yongsuk
    • Convergence Security Journal
    • /
    • v.19 no.4
    • /
    • pp.13-22
    • /
    • 2019
  • The purpose of this study is to suggest the educational system and direction of cyber operations officers of non-cyber operations forces who do not specialize in cyber operations. In order to carry out cyber operations as a joint operation, non-Cyber Operations officers must also know about cyber operations, but there is no education system for them at present, Since there is almost no previous research on this, research in the relevant field is necessary. Therefore, the education system was developed based on the prior literature review, that is, the education system, that is, the necessity of education, the object of education, the goals and contents of the education, and the curriculum. In addition, the relevant experts confirmed the validity of each item with Delphi method, and as a result, some improvement was needed, but it was shown to be suitable as a whole. In addition, detailed educational program development can be developed based on this in the future.

A Study on the Operation Concept of Cyber Warfare Execution Procedures (사이버전 수행절차 운영개념에 관한 연구)

  • Kim, Sung-Joong;Yoo, JiHoon;Oh, HaengRok;Shin, Dongil;Shin, DongKyoo
    • Journal of Internet Computing and Services
    • /
    • v.21 no.2
    • /
    • pp.73-80
    • /
    • 2020
  • Due to the expansion of cyber space, war patterns are also changing from traditional warfare to cyber warfare. Cyber warfare is the use of computer technology to disrupt the activities of nations and organizations, especially in the defense sector. However, the defense against effective cyber threat environment is inadequate. To complement this, a new cyber warfare operation concept is needed. In this paper, we study the concepts of cyber intelligence surveillance reconnaissance, active defense and response, combat damage assessment, and command control in order to carry out cyber operations effectively. In addition, this paper proposes the concept of cyber warfare operation that can achieve a continuous strategic advantage in cyber battlefield.

A Study on Cyber Operational Elements Classification and COA Evaluation Method for Cyber Command & Control Decision Making Support (사이버 지휘통제 의사결정 지원을 위한 사이버 작전요소 분류 및 방책 평가 방안 연구)

  • Lee, Dong-hwan;Yoon, Suk-joon;Kim, Kook-jin;Oh, Haeng-rok;Han, In-sung;Shin, Dong-kyoo
    • Journal of Internet Computing and Services
    • /
    • v.22 no.6
    • /
    • pp.99-113
    • /
    • 2021
  • In these days, as cyberspace has been recognized as the fifth battlefield area following the land, sea, air, and space, attention has been focused on activities that view cyberspace as an operational and mission domain in earnest. Also, in the 21st century, cyber operations based on cyberspace are being developed as a 4th generation warfare method. In such an environment, the success of the operation is determined by the commander's decision. Therefore, in order to increase the rationality and objectivity of such decision-making, it is necessary to systematically establish and select a course of action (COA). In this study, COA is established by using the method of classifying operational elements necessary for cyber operation, and it is intended to suggest a direction for quantitative evaluation of COA. To this end, we propose a method of composing the COES (Cyber Operational Elements Set), which becomes the COA of operation, and classifying the cyber operational elements identified in the target development process based on the 5W1H Method. In addition, by applying the proposed classification method to the cyber operation elements used in the STUXNET attack case, the COES is formed to establish the attack COAs. Finally, after prioritizing the established COA, quantitative evaluation of the policy was performed to select the optimal COA.

Framework Based Smart City Cyber Security Matrix (프레임워크 기반 스마트시티 사이버 보안 메트릭스)

  • Kim, Sung-Min;Jung, Hae-Sun;Lee, Yong-Woo
    • Journal of the Korean Society of Industry Convergence
    • /
    • v.23 no.2_2
    • /
    • pp.333-341
    • /
    • 2020
  • In this paper, we introduce a smart city-cyber-security-grid-matrix methodology, as a result of research on overall cyber security of smart cities. The identified cyber security risks that threaten smart cities and smart-city-cyber-security-threat list are presented. The smart-city-cyber-security-requirements necessary to secure the smart city cyber security with the developed smart city-cyber-security-grid-matrix are given in this paper. We show how the developed smart city-cyber-security-grid-matrix methodology can be applied to real world. For it, we interlocked the developed smart city-cyber-security-grid-matrix methodology with the cyber-security-framework of the National Institute of Standards and Technology, and developed a framework-based smart city-cyber-security-grid-matrix. Using it, it is easy and comfortable to check the level of cyber security of the target smart ciy at a glace, and the construction and operation of the smart city security system is systematized.

AVOIDITALS: Enhanced Cyber-attack Taxonomy in Securing Information Technology Infrastructure

  • Syafrizal, Melwin;Selamat, Siti Rahayu;Zakaria, Nurul Azma
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.8
    • /
    • pp.1-12
    • /
    • 2021
  • An operation of an organization is currently using a digital environment which opens to potential cyber-attacks. These phenomena become worst as the cyberattack landscape is changing rapidly. The impact of cyber-attacks varies depending on the scope of the organization and the value of assets that need to be protected. It is difficult to assess the damage to an organization from cyberattacks due to a lack of understanding of tools, metrics, and knowledge on the type of attacks and their impacts. Hence, this paper aims to identify domains and sub-domains of cyber-attack taxonomy to facilitate the understanding of cyber-attacks. Four phases are carried in this research: identify existing cyber-attack taxonomy, determine and classify domains and sub-domains of cyber-attack, and construct the enhanced cyber-attack taxonomy. The existing cyber-attack taxonomies are analyzed, domains and sub-domains are selected based on the focus and objectives of the research, and the proposed taxonomy named AVOIDITALS Cyber-attack Taxonomy is constructed. AVOIDITALS consists of 8 domains, 105 sub-domains, 142 sub-sub-domains, and 90 other sub-sub-domains that act as a guideline to assist administrators in determining cyber-attacks through cyber-attacks pattern identification that commonly occurred on digital infrastructure and provide the best prevention method to minimize impact. This research can be further developed in line with the emergence of new types and categories of current cyberattacks and the future.

Active and Context-Resilient Cyber Defense Operation applying the Concept of Performing Mosaic Warfare (모자이크전 수행 개념을 적용한 능동형 상황 탄력적 사이버 방어작전)

  • Jung-Ho Eom
    • Convergence Security Journal
    • /
    • v.21 no.4
    • /
    • pp.41-48
    • /
    • 2021
  • Recently, the aspect of war is evolving due to the 4th industrial revolution technology. Among them, AI technology is changing the way of war as it is applied to advanced weapon systems and decision-making systems. Mosaic Warfare, presented by the U.S. DARPA, is shifting military warfare from attrition-centric warfare to decision-centric warfare by combining Internet of Things, cloud computing, big data, mobile, and artificial intelligence technologies. In addition, it is a method to perform operations quickly so that the most offensive effect can be achieved by appropriately combining the distributed and deployed forces according to the battlefield context. In other words, military operations are not carried out through a uniform combat process, but various forces are operated through a distributed system depending on the battlefield context. In cyber warfare, as artificial intelligence is applied to cyber attack technology, there is a limit to responding with the same procedural response method as the existing cyber kill chain. Therefore, in this paper, the execution method of mosaic warfare is applied to perform context-resilient cyber operations that can operate a response system according to the attack and cyberspace context.

Cyber Security Considerations and Countermeasures for UAM Air Traffic Management Infrastructure (UAM 항공교통관리 인프라의 사이버보안 고려사항 및 대응방안)

  • Kyungwook Kim
    • Journal of Information Technology Applications and Management
    • /
    • v.30 no.6
    • /
    • pp.17-29
    • /
    • 2023
  • In this paper, we aim to propose cyber security considerations and countermeasures for infrastructure and services in the UAM(Urban Air Mobility) Air Traffic Management field, which is one of the key elements of the UAM market that has not yet bloomed. Air traffic management is an important factor for safe navigation and social acceptance of UAM. In order to realize air traffic management, infrastructure and services based on solid network connectivity must be established. And for industries where connectivity is the core component, it can become an infiltration route for cyber threats. Therefore, cyber security is essential for the infrastructure and services. In detail, we will look into the definition of the existing air traffic management field and the cyber threats. In addition, we intend to identify cyber security threat scenarios that may occur in the newly designed UAM air traffic management infrastructure. Moreover, in order to study the cyber security countermeasures of the UAM air traffic management infrastructure, there will be analysis of the UAM operation concept. As a result, countermeasures applicable to the infrastructure and service fields will be suggested by referring to the cyber security frameworks.