LERSAIS is host to a Seminar Series that brings researchers and practitioners to Pittsburgh to share emerging developments and research in the area of Information Assurance. The field of Cyber Security faces new challenges and demands on a daily basis and these seminars serve to keep students, faculty, and business leaders abreast of issues in both the laboratory and industry.

Professionals and investigators who would like more information on this series, or have an idea for a topic, are invited to contact Prof. James Joshi.

The seminars are open to all. Check out our upcoming presentations.

Spring 2019

Upcoming LERSAIS Cybersecurity Seminar

(organized by SCI, LERSAIS and Pitt Cyber)

 
Date
Speaker
Title
January 14

CANCELLED (will reschedule soon)

Dr. Indrajit Ray
When Cyber-Attacks Masquerade as Safety Events Can Catastrophe be Far Behind?
Antonio Roque

Dr. Indrajit Ray

The Joint LERSAIS and PittCyber Distinguished Cybersecurity Seminar

January 14

When Cyber-Attacks Masquerade as Safety Events Can Catastrophe be Far Behind?

--Support for Nuclear Reactor Operators in Case of Cyber-Security Threats



Dr. Indrajit Ray

Professor, Colorado State University, NSF SaTC Program Director

Time/Location

12:00 AM - 1:00 PM (Meet the Speaker & Pizza at 11:30AM) CANCELLED (will reschedule soon)
January 14
Information Sciences Building, 3rd floor theatre
135 North Bellefield Ave

Abstract:

Increasing use of digital technology in nuclear power plants (NPPs) poses cyber-security as a crucial threat to public safety and to continuous energy production. The current cybersecurity practice for nuclear plants is based on NIST Special Publication 800-161 (Supply Chain Risk Management Practices for Federal Information Systems and Organizations) and NIST Special Publication 800-53 (Security and Privacy Controls for Federal Information Systems and Organizations). These standards provide the process framework to control the security risks, and particularly emphasize monitoring vulnerabilities and enhancing visibility at different stages of the system development lifecycle. However, there is little understanding or research geared towards plant operators’ response under cyber-security threats and operation procedures to cope with such threats. This is particularly critical when a cyber-security event masquerades as a safety incident or an evolving accident. Instead of leading operators to the remediation of the accident, the masked cyber event may lead them to circumvent the safety mechanisms of the plant. Unfortunately, there is an awful lack of real-world data related to cyber incidents in nuclear power plant. This translates to serious challenges to separating behaviors that are indicative of pure safety issues, behaviors that are indicative of pure cyber-attacks, and behaviors that are indicative of cyber-attacks masquerading as safety issues.

In this ongoing project, we take a two-step approach to developing indicators to help operators distinguish between cyber-security related events and safety related events. The first step consists of developing an integrated model of nuclear power plant safety and cyber-security that captures the dependencies (if any) among them. Safety event features include correspondence to known failure modes or whether behavior precursors to the failure occurrence have been observed in the recent record of the plant. Cyber-security threats are consistent with the various goals of an attacker, e.g. disruption of service, data collection, inducing severe damage, etc. Considering the features of cyber-security versus safety events and the dependencies between them will allow better discrimination and prediction capability than an approach based solely on external symptoms. The second step comprises developing classifiers to determine anomalous behavior of embedded devices. A monitoring system determines when a device behaves differently from its expected behavior and projects the anomaly against the integrated model developed in the first step. We discuss our initial results in developing these two approaches.

Biography:

Dr. Indrajit Ray is a Professor of Computer Science at Colorado State University. He joined CSU in 2001 moving from the University of Michigan-Dearborn where he worked as an Assistant Professor from August 1997 – July 2001. Dr. Ray obtained his Ph.D. in Information Technology from George Mason University in August 1997. Indrajit’s primary research is in computer security and privacy. His major contributions have been in security risk modeling and security protocol design using applied cryptographic techniques. Other areas in which he has made valuable contributions are trust models for security and micro-data disclosure control. He has published more than 150 technical papers. His research has been well funded through various federal agencies. He has advised several Ph.D. students many of whom hold tenured positions in academia. He has also played leadership roles in the academic community by serving as program chairs in various conferences. In 2015 he served as General Chair of the 2015 ACM CCS conference which is the flagship conference of ACM SIGSAC, and in 2017 as the General Chair of the 2017 IEEE CNS conference. He was the founder of the IFIP TC 11, WG 11.9 on Digital Forensics and its first Chair. Recently, Indrajit has helped establish the CSU site of the NSF funded I/UCRC Center for Configuration Analytics and Automation, where he is Co-Director. This multi-university research center that includes fee-paying members from the industry and FFRDCs works with enterprises and government entities to improve service assurability, security and resiliency of enterprise IT systems, cloud/SDN data centers, and cyber-physical systems by applying innovative analytics and automation. Currently, he is serving as a Program Director at the National Science Foundation, where is responsible for the Secure and Trustworthy Cyberspace program.

Back to top ↑


Archived LERSAIS Cybersecurity Seminar

Seminar Archives


Index of Speakers

  • Adam, Nabil R. (CIMIC, Rutgers)
  • Ahmed, Tanvir (Principal Member of Technical Staff, Database Security Group, Oracle)
  • Anton, Ana (Annie) I. (Associate Professor, North Carolina State University)
  • Anwar, Mohd (Visiting Scholar, University of Pittsburgh)
  • Baurer, Lujo (Research Scientist, Carnegie Mellon University)
  • Brustolony, José Carlos (Assistant Professor, University of Pittsburgh)
  • Cao, Feng (CISCO Systems)
  • Claycomb, Bill (Senior Member of Technical Staff, SEI; Research Scientist, CERT)
  • Clemm, Alexander (Principal Engineer, Cisco)
  • Cohen, Fred (CEO, Fred Cohen & Associates; Research Professor, University of New Haven; Adjunct Professor, University of San Francisco)
  • Cranor, Lorrie (Associate Research Professor, Carnegie Mellon University)
  • Cukier, Michel (Assistant Professor, University of Maryland)
  • Cybenko, George (Professor, Dartmouth College)
  • Du, Wenliang [Kevin] (Assistant Professor, Syracuse University)
  • Eltoweissy, Mohamed (2010, 2006) (Chief Scientist of Secure Cyber Systems, Pacific Northwest National Laboratory)
  • Farkas, Csilla (University of South Carolina)
  • Ferraiolo, David (Computer Scientist, National Institute of Standards and Technology)
  • Ghinita, Gabriel (Assistant Professor, University of Massachusetts)
  • Heim, Patrick (Vice President Enterprise Security, McKesson Corporation)
  • Hoffman, Lance J. (Professor, George Washington University)
  • Hong, Jason (Asst. Professor, Carnegie Mellon University)
  • Kantarcioglu, Murat (Assistant Professor, University of Texas, Dallas)
  • Kim, Gene (Co-founder, Chief Technology Officer, Tripwire Inc.)
  • Keener, Dave (Chief Security Officer, Vigilant Minds Inc.)
  • Koski, Susan M. (Vice President, Corporate Information Security Manager of Network and Perimeter Defense, Mellon Financial Corporation)
  • Landau, Susan (Distinguished Engineer, Sun Microsystems)
  • Lee, Adam (Assistant Professor, University of Pittsburgh)
  • Lee, Wenke (Associate Professor, Georgia Institute of Technology)
  • Lindstrom, Pete (Research Director, Spire Security, LLC)
  • Liu, Ling (Associate Professor, Georgia Institute of Technology)
  • Liu, Peng (Assistant Professor, Penn State University)
  • Ludwig, Heiko (Research Staff Member and Manager, IBM Research)
  • Mironov, Ilya (Research Scientist at Google)
  • McDaniel, Patrick (Professor of Computer Science and Engineering, Pennsylvania State University)
  • Machanavajjhala, Ashwin (Assistant Professor, Duke University)
  • Maino, Fabio (Distinguished Engineer, Cisco)
  • Maxion, Roy (Research Professor in Computer Science and Machine Learning)
  • Myers, Andrew (Associate Professor, Cornell University)
  • Nepal, Surya (Principal Research Scientist, CSIRO ICT Centre, Australia)
  • Ning, Peng (Assistant professor, NC State University)
  • Pu, Calton (Professor, John P. Imlay, Jr. Chair in Software, Georgia Institute of Technology)
  • Roque, Antonio (Professor and Vice Chancellor for Research, University of California, Davis)
  • Ray, Indrakshi (Assistant Professor, Colorado State University)
  • Sailer, Reiner (IBM Thomas J. Watson Research Center)
  • Scherer, Steve (Principal Staff Software Engineer, Motorola, Inc.)
  • Shrestha, Rasu (Chief Innovation Officer, UPMC Executive Vice President, UPMC Enterprises)
  • Smith, Sean V. (Assistant Professor, Dartmouth College)
  • Squicciarini, Anna (Assistant Professor, Penn State University)
  • Scurlock, Antonio "T" (Chief, Cybersecurity Plans & Coordination (CPC) Office of the Assistant Secretary (OAS), Cybersecurity & Communications (CS&C), Department of Homeland Security (DHS))
  • Srinivasan, Kannan (Research Officer, National Research Council of Canada)
  • Srivastava, Mudhakar (Research Scientist, IBM Thomas J. Watson Research Center)
  • Shmatikov, Vitaly (Professor, Cornel Tech)
  • Vaidya, Jaideep (Assistant Professor, Rutgers University)
  • Wing, Jeannette M. (President's Professor and Head of Computer Science Department, Carnegie Mellon University)
  • Wu, Felix (Professor, UC Davis)
  • Yan, Guanhua (Technical Staff Member, Los Alamos National Laboratory)
  • Yavuz, Atilla (Research Scientist, Bosch Research and Technology Center)
  • Zhang, Tao (Chief Scientist, Cisco Systems)
  • Zhang, Youtao (Assistant Professor, University of Pittsburgh)
  • Zhao, Ben Y. (Associate Professor, UC Santa Barbara)
  • Zic, John (2010, 2008)(Visiting Associate Professor, University of New South Wales)

Index of Represented Schools and Businesses

Index of Talks