Daniel Prince scite author profile

For decades, operational technology (OT) has enjoyed the luxury of being suitably inaccessible so as to experience directly targeted cyber attacks from only the most advanced and well-resourced adversaries. However, security via obscurity cannot last forever, and indeed a shift is happening whereby less advanced adversaries are showing an appetite for targeting OT. With this shift in adversary demographics, there will likely also be a shift in attack goals, from clandestine process degradation and espionage to overt cyber extortion (Cy-X). The consensus from OT cyber security practitioners suggests that, even if encryptionbased Cy-X techniques were launched against OT assets, typical recovery practices designed for engineering processes would provide adequate resilience. In response, this paper introduces Dead Man's PLC (DM-PLC), a pragmatic step towards viable OT Cy-X that acknowledges and weaponises the resilience processes typically encountered. Using only existing functionality, DM-PLC considers an entire environment as the entity under ransom, whereby all assets constantly poll one another to ensure the attack remains untampered, treating any deviations as a detonation trigger akin to a Dead Man's switch. A proof of concept of DM-PLC is implemented and evaluated on an academically peer reviewed and industry validated OT testbed to demonstrate its malicious efficacy.

show abstract

Securitization and the global politics of cybersecurity

Lacy

Prince

2018

View full text Add to dashboard Cite

In ‘Digital disaster, cyber security, and the Copenhagen school’, published in 2009, Lene Hansen and Helen Nissenbaum suggest ways in which securitization theory can help understand the politics of cybersecurity and cyberwar. What was significant about Hansen and Nissenbaum's article was the way it attempted to add newapproaches and questions to a topic that tended to occupy a space in an often highly technical discourse of security, technology and strategy, a discourse that extended in to all aspects of life in a digitizing society. This article asks: What should international relations scholars be doing in addition to the challenge and task – to become more interdisciplinary in order to be able to engage with the potential technification and hypersecuritizations of cybersecurity policy and discourse – that was set out in Hansen and Nissenbaum's article?

show abstract

The Impact of Social Engineering on Industrial Control System Security

Green

Prince

Busby

et al. 2015

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Daniel Prince

A survey of cyber security management in industrial control systems

A Common Measurement System for K-12 STEM education: Adopting an educational evaluation methodology that elevates theoretical foundations and systems thinking

An Analysis of Cyber Security Attack Taxonomies

Securitization and the global politics of cybersecurity

The Impact of Social Engineering on Industrial Control System Security

Contact Info

Product

Resources

About