World Environmental and Water Resources Congress 2020
Securing the Digitally Managed Water Supply
Publication: World Environmental and Water Resources Congress 2020: Emerging and Innovative Technologies and International Perspectives
ABSTRACT
Water system managers increasingly operate in distributed information exchange environments characterized by internal and external data communications. These sensor-controller-machine intensive environments must communicate internally (within and between device-level rings, within and between subsystems, and/or within and between systems) and externally (with and between original equipment manufacturers and/or with and between credentialed third parties). In critical infrastructure, cyber risk is magnified due to the heterogeneous nature of the technologies, protocols, and standards. Such an environment requires an approach that goes beyond information technology practices incorporating the unique needs of operational technologies. Protecting blended topologies requires a multi-dimensional framework integrating logical segmentation, cyber hygiene, network oversight, and human reliability. Logical segmentation compartmentalizes the network to align with service delivery. Cyber hygiene provides intrusion detection/prevention, identity services, malware protection, and network behavior analysis. Network oversight monitors network activity detecting and automatically responding to non-compliant actions with response policies that are service delivery fail-safe cognizant. Human reliability recognizes the potential for inadvertent and/or purposeful harmful actions and places digital safeguards at critical points to avoid compromise. Each dimension is significant itself but, collectively, they dramatically reduce the potential for gap and blind-zone formation with technologies and practices that are deployed in industrial and control system network operations today. This paper summarizes recent cyber-physical threat events and describes best practices in use across small and large critical infrastructure enterprises. Findings highlight the role network architecture design and operational practices to reduce attack surfaces and, at the same time, increase operational efficiency, ensure data integrity, and provide operational resilience in the face of evolving threats to cyber-physical systems.
Get full access to this article
View all available purchase options and get full access to this chapter.
REFERENCES
Braun, Tim. “The City of South Bend Gets Smart”. Water Efficiency Magazine. Published by ASCE (EWRI). March/April, 2019.
Brzozwski, Carol. “Data Sesurity: Strategies for Protecting Water Data”. Water Efficiency Magazine. Published by ASCE (EWRI). March/April, 2019.
Corum, Lyn. “Streamlining Asset Management”. Water Efficiency Magazine. Published by ASCE (EWRI). March/April, 2019.
E-ISAC Report: “Analysis of the Cyber Attack on the Ukrainian Power Grid”. The Electricity Information Sharing and Analysis Center. March 18, 2016.
Hatler, Doug. “Using Artificial Intelligence to Influence Water Infrastructure”. Water Efficiency Magazine. Published by ASCE (EWRI). November/December, 2019.
Hutchins, Eric M., Cloppert, Michael J., Amin, Rohan M.: “Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains” Lockheed Martin, Inc. Proceedings of the 6th Annual Conference on I-Warfare and Security. 2011.
The InfoSecurity Group: “How Snowden Breached the NSA from the Inside” InfoSecurity Magazine. November 13, 2013.
Plachkinova, Miloslava and Maurer, Chris: “Teaching Case: Security Breach at Target”. Journal of Information Systems Education, Vol. 29(1) Winter 2018.
Information & Authors
Information
Published In
World Environmental and Water Resources Congress 2020: Emerging and Innovative Technologies and International Perspectives
Pages: 1 - 11
Editors: Sajjad Ahmad, Ph.D., and Regan Murray, Ph.D.
ISBN (Online): 978-0-7844-8294-0
Copyright
© 2020 American Society of Civil Engineers.
History
Published online: May 14, 2020
Published in print: May 14, 2020
Authors
Metrics & Citations
Metrics
Citations
Download citation
If you have the appropriate software installed, you can download article citation data to the citation manager of your choice. Simply select your manager software from the list below and click Download.