Critical Infrastructure Protection III, 2009
Third IFIP WG 11.10 International Conference, Hanover, New Hampshire, USA, March 23-25, 2009, Revised Selected Papers
IFIP Advances in Information and Communication Technology Series, Vol. 311

The information infrastructure ? comprising computers, embedded devices, networks and software systems ? is vital to operations in every sector: inf- mation technology, telecommunications, energy, banking and ?nance, tra- portation systems, chemicals, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, commercial nuclear reactors, materials and waste, postal and shipping, and government facilities. Global business and industry, governments, indeed - ciety itself, cannot function if major components of the critical information infrastructure are degraded, disabled or destroyed. This book, Critical Infrastructure Protection III, is the third volume in the annualseriesproducedbyIFIP WorkingGroup11.10onCriticalInfrastructure Protection, an active international community of scientists, engineers, prac- tioners and policy makers dedicated to advancing research, development and implementation e?orts related to critical infrastructure protection. The book presents original research results and innovative applications in the area of infrastructure protection. Also, it highlights the importance of weaving s- ence, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. This volume contains seventeen edited papers from the Third Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure P- tection, held at Dartmouth College, Hanover, New Hampshire, March 23?25, 2009. The papers were refereed by members of IFIP Working Group 11.10 and other internationally-recognized expertsin critical infrastructure protection.

Risk Management.- Information Risk Management and Resilience.- Does the Liberalization of the European Railway Sector Increase Systemic Risk?.- Risk-Based Criticality Analysis.- Modeling and Managing Risk in Billing Infrastructures.- Control Systems Security.- A Taxonomy of Attacks on the DNP3 Protocol.- Design and Implementation of a Secure Modbus Protocol.- Providing Situational Awareness for Pipeline Control Operations.- Enhancing the Safety, Security and Resilience of ICT and Scada Systems Using Action Research.- An Ontology for Identifying Cyber Intrusion Induced Faults in Process Control Systems.- Using Physical Models for Anomaly Detection in Control Systems.- Detecting Anomalies in Process Control Networks.- Infrastructure Security.- Nondeducibility-Based Analysis of Cyber-Physical Systems.- Stack-Based Buffer Overflows in Harvard Class Embedded Systems.- Secure Cross-Domain Train Scheduling.- Infrastructure Modeling and Simulation.- A Holistic-Reductionistic Approach for Modeling Interdependencies.- Ontology-Based Critical Infrastructure Modeling and Simulation.- A Framework for Modeling Interdependencies in Japan’s Critical Infrastructures.

Includes supplementary material: sn.pub/extras