• A study of the effects of fieldbus network inducted delays on control systems.

      Mianoo, Joseph (2012-05-21)
      Fieldbus networks are all-digital, two-way, multi-drop communication systems that are used to connect field devices such as sensors and actuators, and controllers. These fieldbus network systems are also called networked control systems (NCS). Although, there are different varieties of fieldbus networks such as Foundation Field Bus, DeviceNet, and Profibus available in the automation industries, Controller Area Network (CAN) is more widely accepted in automotive applications. The growing popularity of, and demand for, fieldbus networks can be attributed to several advantages they have, such as: reduction in capital costs, interoperability, and greater system functionality. However, as the complexity of modern fieldbus systems continue to increase, the concern on performance, reliability, and security also increases. To better reflect on this concern, the fieldbus based control systems should be extensively studied using simulations before implementing them in hardware. Network induced delays that may result from the bus arbitration schemes of the messages is an issue that needs investigation for these fieldbus networks. The impact of these delays on control system performance measures such as peak overshoot and settling time needs investigation. The purpose of this research was to study the causes of fieldbus network induced delays and their effects on control systems. The existence and causes for network induced delays were studied by other researchers. Previous delay analyses used analytical and stochastic methods to establish relationships for delays. This dissertation, however, uses statistical analysis methods to study the effect of various CAN parameters on network delays. The data for the statistical analysis was obtained from simulations. Though the literature indicates use of general purpose simulation tools such as OPNET, OMNeT++, and Network II, there exist simulation tools that are designed specifically to address a particular type of fieldbus such as CAN. The research in this dissertation uses such a tool called CANoe for simulating an automobile system. The impact of these delays on control system performance was studied by other research on Proportional Integral (PI) controllers. This dissertation extends these studies to Proportional Integral and Derivative (PID) controllers. In this dissertation, the causes of network delays and how these delays are affected by CAN parameters such as baud rate, bus load, and message length were investigated using CANoe simulations of an automobile system. The statistical techniques of descriptive statistics, and analysis of variance (ANOVA) were used to analyze data obtained for this part of the study. The findings of the ANOVA analysis revealed that CAN parameters have effect on CAN message delays. The effect of fieldbus network induced delays on control system performance such as stability and step-response for different PI and PID controllers were studied using a DC motor model. The delays considered were sensor-to-controller delay and controller-to-actuator delay. MATLAB/Simulink tools were used to analyze the effects of these delays. From this study, it was observed that fieldbus network induced delays have an effect on control systems stability and performance as described by the system step response. The results of this performance evaluation will be useful to design PID controller gains, and to verify how sensitive the control loops are under various time delays.
    • An open framework for low-latency communications across the smart grid network

      Sturm, John Andrew (2012-05-21)
      The recent White House (2011) policy paper for the Smart Grid that was released on June 13, 2011, A Policy Framework for the 21st Century Grid: Enabling Our Secure Energy Future, defines four major problems to be solved and the one that is addressed in this dissertation is Securing the Grid. Securing the Grid is referred to as one of the four pillars to be built on an open technology framework. The problem of securing the grid is further defined that cybersecurity practices must provide the special, low-latency communications needed for real-time automation control (White House, 2011, p. 49). The National Institute of Standards and Technology (NIST) is tasked with development of the cybersecurity communication standards through establishment of the NIST Cybersecurity Working Group (CSWG). NIST CSWG further states that low-latency is critical for automation control on the Smart Grid (NISTIR-Vol.3, 2010). The research and experimental planning for the solution tested in this dissertation provide low-latency through a system of open protocols that include HMAC keys (Hashed Message Authentication Code) and cryptographic identification for real-time control across the Smart Grid. It is serendipitous that HMAC keys (Hashed Message Authentication Code) can be processed very fast so there is little delay/latency added to the overall file transfer process (Goutis et al, 2005). In addition the research results offer guidance on the additional latency of AES versus Blowfish encryption algorithms for file transfers.
    • Assured Identity for The Cloud

      Daniels, Jeff (2011-09-22)
      It has been widely reported the largest security concerns with cloud computing design and implementation are centered on identity and access management. Pearson (2009) identifies open security challenges such as where processing takes place, auditability of transactions, and data sensitivity in distributed systems. Cloud computing builds on prior research in virtualization, distributed computing, utility computing, networking, and web services (Vouk, 2008). A recent study conducted by the Office of Homeland Security found that cyber security is a national problem (Homeland Security, 2009). The study recommended that ―managing identities‖ must be part of a comprehensive national cyber security strategy. The Department of Defense Cyber, Identity, and Information Assurance Strategic Plan calls for systems and security to be united. In this research project, an approach to enabling assured identity and access management controls specifically in cloud computing environments was evaluated. The research designed and implemented the Assured Identity Management Systems (AIMS) using the systems engineering process (SEP). The evaluation of use cases and sequence diagrams demonstrated the capability for identity assurance with lifecycle events in cloud computing environments. The dissertation study designed an extensible model including requirements, use cases, context diagrams, sequence diagrams, reusable components to further the adoption of cloud It has been widely reported the largest security concerns with cloud computing design and implementation are centered on identity and access management. Pearson (2009) identifies open security challenges such as where processing takes place, auditability of transactions, and data sensitivity in distributed systems. Cloud computing builds on prior research in virtualization, distributed computing, utility computing, networking, and web services (Vouk, 2008). A recent study conducted by the Office of Homeland Security found that cyber security is a national problem (Homeland Security, 2009). The study recommended that ―managing identities‖ must be part of a comprehensive national cyber security strategy. The Department of Defense Cyber, Identity, and Information Assurance Strategic Plan calls for systems and security to be united. In this research project, an approach to enabling assured identity and access management controls specifically in cloud computing environments was evaluated. The research designed and implemented the Assured Identity Management Systems (AIMS) using the systems engineering process (SEP). The evaluation of use cases and sequence diagrams demonstrated the capability for identity assurance with lifecycle events in cloud computing environments. The dissertation study designed an extensible model including requirements, use cases, context diagrams, sequence diagrams, reusable components to further the adoption of cloudIt has been widely reported the largest security concerns with cloud computing design and implementation are centered on identity and access management. Pearson (2009) identifies open security challenges such as where processing takes place, auditability of transactions, and data sensitivity in distributed systems. Cloud computing builds on prior research in virtualization, distributed computing, utility computing, networking, and web services (Vouk, 2008). A recent study conducted by the Office of Homeland Security found that cyber security is a national problem (Homeland Security, 2009). The study recommended that ―managing identities‖ must be part of a comprehensive national cyber security strategy. The Department of Defense Cyber, Identity, and Information Assurance Strategic Plan calls for systems and security to be united. In this research project, an approach to enabling assured identity and access management controls specifically in cloud computing environments was evaluated. The research designed and implemented the Assured Identity Management Systems (AIMS) using the systems engineering process (SEP). The evaluation of use cases and sequence diagrams demonstrated the capability for identity assurance with lifecycle events in cloud computing environments. The dissertation study designed an extensible model including requirements, use cases, context diagrams, sequence diagrams, reusable components to further the adoption of cloudIt has been widely reported the largest security concerns with cloud computing design and implementation are centered on identity and access management. Pearson (2009) identifies open security challenges such as where processing takes place, auditability of transactions, and data sensitivity in distributed systems. Cloud computing builds on prior research in virtualization, distributed computing, utility computing, networking, and web services (Vouk, 2008). A recent study conducted by the Office of Homeland Security found that cyber security is a national problem (Homeland Security, 2009). The study recommended that ―managing identities‖ must be part of a comprehensive national cyber security strategy. The Department of Defense Cyber, Identity, and Information Assurance Strategic Plan calls for systems and security to be united. In this research project, an approach to enabling assured identity and access management controls specifically in cloud computing environments was evaluated. The research designed and implemented the Assured Identity Management Systems (AIMS) using the systems engineering process (SEP). The evaluation of use cases and sequence diagrams demonstrated the capability for identity assurance with lifecycle events in cloud computing environments. The dissertation study designed an extensible model including requirements, use cases, context diagrams, sequence diagrams, reusable components to further the adoption of cloudIt has been widely reported the largest security concerns with cloud computing design and implementation are centered on identity and access management. Pearson (2009) identifies open security challenges such as where processing takes place, auditability of transactions, and data sensitivity in distributed systems. Cloud computing builds on prior research in virtualization, distributed computing, utility computing, networking, and web services (Vouk, 2008). A recent study conducted by the Office of Homeland Security found that cyber security is a national problem (Homeland Security, 2009). The study recommended that ―managing identities‖ must be part of a comprehensive national cyber security strategy. The Department of Defense Cyber, Identity, and Information Assurance Strategic Plan calls for systems and security to be united. In this research project, an approach to enabling assured identity and access management controls specifically in cloud computing environments was evaluated. The research designed and implemented the Assured Identity Management Systems (AIMS) using the systems engineering process (SEP). The evaluation of use cases and sequence diagrams demonstrated the capability for identity assurance with lifecycle events in cloud computing environments. The dissertation study designed an extensible model including requirements, use cases, context diagrams, sequence diagrams, reusable components to further the adoption of cloudcomputing, and a prototype built using interoperable cloud and virtualization technologies. The research supports the 2011 U.S. Federal Cloud Computing Strategy as well as the Standards Acceleration to Jumpstart Adoption of Cloud Computing (SAJACC) initiative. The dissertation research contributes to the body of knowledge in systems management, security, cloud computing and virtualization.
    • The effect of password management procedures on the entropy of user selected passwords.

      Enamait, John D (2012-05-21)
      Maintaining the security of information contained within computer systems poses challenges for users and administrators. Attacks on information systems continue to rise. Specifically, attacks that target user authentication are increasingly popular. These attacks are based on the common perception that traditional alphanumeric passwords are weak and susceptible to attack. As a result of attacks targeting alphanumeric passwords, different authentication methods have been proposed. Nonetheless, traditional alphanumeric-based passwords remain the most common form of user authentication and are expected to remain so for the foreseeable future. This study provided empirical data to determine if the entropy of user-selected passwords was affected by the use of password management software. This research also provided data to determine if efforts to increase user-awareness of password strength affected the selection of passwords. The research results revealed that the use of a password management application resulted in an increase in average password entropy, but at a level that was not significant. The research results also indicated that the use of a password management application when coupled with electronic secondary information awareness efforts did result in a significant increase in average password entropy. The research results further illustrated that the use of a password management application when coupled with verbal secondary information awareness efforts also resulted in a significant increase in average password entropy. Finally, this investigation determined that the use of password management software together with electronic and verbal secondary information user-awareness efforts resulted in an increase in password entropy.