Ian Waweru

Cyber technology

Dr. Cooper

03/20/2022

SCADA System

            SCADA is an abbreviation for Supervisory control and data acquisition. The SCADA system is a beneficial system that helps us monitor our infrastructure processes, facility-based processes, and industrial processes. This system is a software system that requires hardware elements to perform tasks. These tasks are very beneficial, and they work to “Monitor, gather, and process real-time data, control industrial processes locally or remotely, record events into a log file”.  Industrial organizations use SCADA to control and monitor entire sites and it can be done so in a couple of ways. The first control is known as the remote terminal unit (RTUs). The RTU is beneficial because it will communicate using sensory signals that are converted into digital data. The second control is known as programmable logic controllers (PLCs). The PLC is another microcomputer that is used as a field device. Both microcomputers communicate with multiple machines and their purpose is to collect data from them. This data can include equipment status reports or meter readings, an operator receiving this data will then make a proper decision on what to do next by using HMI. HMI is an abbreviation for human-machine interface. The HMI’s purpose is to provide feedback to the operating personnel and the ability to control processes. This interface is linked with the SCADA system, and it provides crucial feedback for each machine that is controlled under the PLC and RTU. An operator will be able to see diagnostic data, maintenance procedures, troubleshoot guides, and more important features that will help employees analyze data and make important decisions. An alarm system is available in this interface, and it will send a message to an operator of that machine if necessary. Many machines have this capability, for example, A soda machine is out of syrup, the alarm is active and a light requesting maintenance will blink. There are a few vulnerabilities in the SCADA system that can produce a problem. Human factors prove to be problematic; an unauthorized individual can intentionally or unintentionally infect a system with a virus. The design itself is a vulnerability, researchers are more concerned about the security and authentication of the design.  With that being said “security researchers are also concerned with the existing security and authentication protocols in the design”. Another problem would be packet access to the network segment, anyone can access those packets and it leaves a massive security risk. Even with all the vulnerabilities, there are still a few ways to help protect SCADA networks. One important way to protect these networks is by reinforcing security for internal networks and demilitarized zones. Another way we can protect these networks is by having limitations and authority control needed for external connections. Virtual private networks are also known as VPNs, and this can enhance security for extra protection. The SCADA system has come a long way and it is broken down into three different generations. The first generation of this system didn’t connect to any other system because at the time networks did not exist. The second-generation used LANs to send information to multiple stations. The pro for this generation is that it cost less in comparison to the first generation. However, the con is the protocol, there are many security issues in the SCADA systems. The third generation is the generation we are currently in. The communication of the SCADA systems today is through the wan protocol. Vulnerability is still a concern however, there are added security protocols that help improve the security of the system, unlike the first two generations. 

References

1. https://docs.google.com/document/d/1DvxnWUSLe27H5u8A6yyIS9Qz7BVt_8p2WeNHctGVboY/edit#
2. https://inductiveautomation.com/resources/article/what-is-scada
3. Kim, HyungJun. “Security and vulnerability of SCADA systems over IP-based wireless sensor networks.” International Journal of Distributed Sensor Networks 8.11 (2012): 268478.

Ian Waweru

Dr. Cooper

Write-up

04/10/2022

The Legal System Response to Technology Advancement

Technology is amazing, our view of society has changed and continues to develop. AI has been here for a while and has evolved over the years. There was a time that computers were the only AI machines available. Now in the present, we have new technology and more ways for users to get information. It’s great that we are developing and expanding technology, however, our legal system is falling behind. Even though we are behind it doesn’t mean there isn’t a way to close the gap in-between. These are a few actions our legal system can do to catch up with these advancements. First, I believe it is important for a lawyer or vendor to get used to using technology they are not familiar with. There are ways to learn about new technology, you can attend conferences, join an online group, or you can reach out to vendors.  Second, I believe it’s important to expand our knowledge of technology. There are multiple ways vendors can get more information by simply doing research. Blogs, articles, the internet, and conferences are examples of where a vendor can go to get educated about new or old technology. Finally, A lawyer should be honest about what they know and what they don’t know. Technology is changing at a fast rate and just by breaking down what you know from what you don’t know can help furth expand the knowledge you need to know. There are certain techniques I would develop to close the gap between our legal system and technology. I would first break down my knowledge of what I know and what I don’t know. I would then research more on the technology I wasn’t familiar with. After researching and getting myself, all caught up to date, I would find groups of people online who would communicate to me about anything new that was developing. Another procedure I would do is find a group of people who are in the same position as me. I am a strong believer in group work, we all can put our knowledge and findings together to help each other learn about new AI systems.

SOURCE:

Ian Waweru

Cybersecurity Technol-Society

Dr cooper

02/27/2022

The Human factor in cybersecurity

            I read two articles that discussed how impactful people can be in the field of cyber security. They taught me why we have these cybersecurity issues and how these attacks formulate in a similar pattern. If I’m leading a team, I need to know that I can trust everyone. I would manage my budget to where I can focus more on the training methods to build my team and eventually work my way to increase my technology supply. If I start with 100,000 dollars, I will put 40% investment on training, 30% in increasing my technology supply, and the rest of the 30% will cover the companies building finance. I think it’s important to know whom you can trust to perform these tasks. Capone’s impact on human behaviors on security gave me a general idea of why I would consider increasing training. He said most issues usually start with people and since we are Implementing security and sharing secrete information, we don’t want the wrong person with it. There are also psychological problems where a person knows how to psychologically trick a worker into sharing information. It is important to know that a hacker’s motive doesn’t just happen overnight it can be a whole operation that can take days to configure. Looking for unusual signs is key to determining the path of a hacker. Capone also explained that data breaches can be inadvertently or accidentally and it’s hard to determine that sometimes because people do make mistakes. Once I find a team, I can trust I can make sure to increase my technology supplier down the course and build my company with more creative methods to slow down these attacks in the feature.

Reference’s 

https://docs.google.com/document/d/1QplIrfcKlmkSOuKt9i0Kte72kYrukFeCm1wj9DxpnGU/edit#

https://docs.google.com/document/d/1J3v_V167mktbGVynbtHW8yHXW9onjaBzVASo-behDfY/edit#