Get Instant Help From 5000+ Experts For
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
myassignmenthelp.com
loader
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote
wave

The authority is impressed by your performance in your first assignment. Not only that you have passed probation,
but is now the Lead Enterprise Architecture responsible for the security of Iranian nuclear research programme.
1. Explain, in your own words, based on what we have learned thus far in the course, what Stuxnet does. (Focus
on Application/Software, Operation/Incident Management and Physical Security). Explain why regular antivirus solution failed, and how the virus jumped the “Air-Gap”.


2. While your boss is happy with your effort on the overall Qualitative Risk analysis you presented in Assignment
1, you are now asked to focused on Physical Security (one aspect only) using Quantitative Risk Analysis technique

Upon listening to the presentation by Machines for Business, International (MBI) and Mensies Corporation, as well as your analysis, the authority decided that they will implement TOGAF, since the C4ISTAR is primarily a NATO standard, and that TOGAF is more open. (Later on, a more security focused SABSA will also be implemented, for now, they need an overall Enterprise Architecture first) .

Which one of the following best describes the TOGAF standard
o A. A framework and method for architecture development
o B. An architecture pattern
o C. A business model
o D. A method for developing Technology Architectures
o E. A method for IT Governance


What does ADM stand for in TOGAF.
What are the basic structure of the ADM cycle
TOGAF which is primarily focused on commercial implementation. With a bank, for example, the requirements could look something like:
1. Compliance with federal and state legislation,
2. Public confidence in your enterprise by providing confidentiality, availability and integrity of customer data,
3. Privacy of customer data,
4. Interoperation with other financial institutions, both nationally and internationally,
5. Compliance with international standards,
6. Security of all bank assets,
7. Current trends in customer engagement via the internet

Stuxnet malware evaluation

The architecture for the security consideration would be developed for defining the management of the successful and effective management of factors. The implication of the information management had been implied with the successful management process. The development of the report had been implied for the identifying the implication and listing the development of the effective management processing. The Stuxnet has been considered for evaluating the role of the malicious worms and the formation of the effective influence of the development model.

Explanation of Stuxnet

 Stuxnet is one of the most primitive term for the development of the successive formation management. The malware would form the impact on the exploitation of the factors for the development of the effective and smart management processing. The multiple windows would be exhausted and crucified for the management of the successful information development. The malware was introduced by the Americana and Israeli for targeting the information of the factors. The analysis would be cohesively factored with the consideration of the smart factorial development and the significant management processing.

The PLC or program logic controller controlled devices would be affected by the malware Stuxnet. The automation in PLC is hindered by the malware attacks on the electrochemical process for forming the major operative setback for the operations. The designing of the software has been supported by the influence of the programmable logical circuits. The attack on the initial vector was predominantly influenced by the consideration of the effective management processing.

The OS of the windows has been designed for taking care of the effective alignment management and it would be formed for inducing the listing of the factor and formation of the successful development model. The USB environmental management has been implied with the consideration of the factors and the significant listing of the improved management process. The USB port environmental management has been implied for taking care of the factors and implying the significance influence of the developing management. The Stuxnet has been harmed for specific attack and harm to the system of developing the management activities.

The Stuxnet has been resulting in the exploitation and exhausting of the factors for listing the management of the activities. The Stuxnet has been resulting in the probable hardware component management and the formation of the improvement management. The exploitation of the system and the involvement of the facilities has been helpful for taking care of the factors and the listing of the probable inclusion management. The PLC devices would be largely effected in managing the implication and listing the improvement formation.

Impact of Stuxnet on programmable logic controllers

The antiviruses had been working promptly and affecting the influence of the successful management and it would be supplied for listing the management and the consideration management. The PLC model would be effectively implied with the consideration of the smart management process. The PLC model has been implied with the influence of the machine level language and the utilization of the effective and smart management process. The completion of the effective and smart project completion has been helpful for managing the implication of the factorial development model. The Stuxnet has been largely impacting the completion of the project management and the influence of the improvement management process.

Qualitative Risk analysis

The qualitative risk analysis has been shown below,

Total Cost of the Nuclear Programme (Asset Value)

$1,000.00

In case of a successful Air Strike, expected loss:

$500.00

Successful air strike happens once in (years)

20

By installing S300 Missiles, the Exposure factor is reduced by a factor of

10

By installing S300 Missiles, the occurrence of successful air strike would reduce by

50%

The S300 yearly cost is (ACS, Annual Cost of Safeguard)

$15.00

The Chinese HQ18 yearly cost is (ACS, Annual Cost of Safeguard)

$7.50

Particulars

Value

Workings

Exposure Factor (EF, in %)

50.00%

Expected Loss/Asset Value in percentage

Single Loss Expectancy  (SLE, in $)

$500.00

Asset Value*exposure factor

Annualised Rate of Occurrence (ARO)

0.05

how many times is this expected to happen in one year

Annualised Loss Expectancy (ALE)

$25.00

SLE*ARO

Exposure Factor with S300 in place (EF_S300)

45.00%

Exposure Factor (-10%)

Single Loss Expectancy with S300 in place (SLE_S300)

$450.00

Asset Value*exposure factor

 Annualised Rate of Occurrence with S300 in place (ARO_S300)

0.025

Annualised Rate of Occurrence (-50%)

Annualised Loss Expectancy with S300 in place (ARO_S300)

$11.25

SLE*ARO

Value of the Russian Safeguard (S300)

$15.00

 

Value of the Chinese Safeguard (HQ18)

$7.50

 

Should the programme implement the S300 or HQ18? Why?

The Chinese Safeguard HQ18 should be used for the management of the nuclear cost expectancy

Efficiency in terms of exposure factor, single loss expectancy, annualised rate of occurrence, and annualised loss expectancy has been same for both the Chinese safeguard and the Russian safeguard. The cost of implementation of HQ18 and S300 were 7.5 million dollars and 15 million dollars respectively. Hence, HQ18 should be used for the development of the nuclear power activities.

TOGAF

  1. Which one of the following best describes the TOGAF standard?
  2. A framework and method for architecture development
  3. What does ADM stand for in TOGAF
  4. Architecture development model
  5. What are the likely requirements in OUR scenario?
  6. The TOGAF structure for the provided scenario is given below,

Movie Contact

No, it is not possible for using the strategy of “have two, for twice the price” for the nuclear attack protection option as it is highly costly and the overall expense of the construction implementation would be 22.5 million dollars.

The option “have two, for twice the price” can only be implied if more than 60% probability of the occurrence of the attack is present. The second option would ensure that the project has been successfully implied.

In normal situation the implication of the two options would not be wise choice as the price of the second option is double of the first option.

The main function of the HQ18 would be done for keeping the track of the nuclear attack and adjust the loss incurred. The second option S300 would be implied for ensuring that the attack is severely managed with the consideration of the factors. The facility would help in listing the involvement of the successful management processing.

Conclusion

The report had provided the consideration of the innovative and smart processing of the information. The assignment had included the Stuxnet malware evaluation and its principles. The malware management has implied with the consideration and the implication management. The multiple windows would be exhausted and crucified for the management of the successful information development. The qualitative risk analysis has been done for evaluation of the exposure factor, single loss expectancy, annualised rate of occurrence, and annualised loss expectancy. The calculation helped in developing the choice of the Chinese Safeguard HQ18 for the management of the nuclear cost expectancy.

Baylon, C., 2017. Lessons from Stuxnet and the Realm of Cyber and Nuclear Security: Implications for Ethics in Cyber Warfare. In Ethics and Policies for Cyber Operations (pp. 213-229). Springer, Cham.

Implication of USB environmental management

Cabrera, A., Abad, M., Jaramillo, D., Gómez, J. and Verdum, J.C., 2016. Definition and implementation of the enterprise business layer through a business reference model, using the architecture development method ADM-TOGAF. In Trends and Applications in Software Engineering (pp. 111-121). Springer, Cham.

Darmanto, D., Suyanto, M. and Al Fatta, H., 2018. PEMODELAN ARSITEKTUR SISTEM INFORMASI PERIZINAN MENGGUNAKAN KERANGKA KERJA TOGAF ADM. Informasi Interaktif, 3(1), pp.16-26.

Du, J., Zhang, J., He, T., Li, Y., Su, Y., Tie, F., Liu, M., Harte, P.J. and Zhu, A.J., 2016. Stuxnet Facilitates the Degradation of Polycomb Protein during Development. Developmental cell, 37(6), pp.507-519.

Edwards, C.I.P.M., 2014. An analysis of a cyberattack on a nuclear plant: The stuxnet worm. Critical Infrastructure Protection, 116, p.59.

Farooq, M.U., Waseem, M., Khairi, A. and Mazhar, S., 2015. A critical analysis on the security concerns of internet of things (IoT). International Journal of Computer Applications, 111(7).

Harrison, R., 2018. Togaf (r) 9 Foundation Study Guide. Van Haren.

Hu, Z., Wang, M., Yan, X., Yin, Y. and Luo, Z., 2015, February. A comprehensive security architecture for SDN. In Intelligence in Next Generation Networks (ICIN), 2015 18th International Conference on (pp. 30-37). IEEE.

Kenney, M., 2015. Cyber-terrorism in a post-stuxnet world. Orbis, 59(1), pp.111-128.

Koeberl, P., Schulz, S., Sadeghi, A.R. and Varadharajan, V., 2014, April. TrustLite: A security architecture for tiny embedded devices. In Proceedings of the Ninth European Conference on Computer Systems (p. 10). ACM.

Liger, V.V., Mironenko, V.R., Kuritsyn, Y.A. and Bolshov, M.A., 2018. Determination of the Maximum Temperature in a Non-Uniform Hot Zone by Line-of-Site Absorption Spectroscopy with a Single Diode Laser. Sensors, 18(5), p.1608.

Middleton, A., 2016. Stuxnet: The World's First Cyber... Boomerang?. Interstate-Journal of International Affairs, 2015(2).

Nourian, A. and Madnick, S., 2018. A systems theoretic approach to the security threats in cyber physical systems applied to stuxnet. IEEE Transactions on Dependable and Secure Computing, 15(1), pp.2-13.

Ntuli, N. and Abu-Mahfouz, A., 2016. A simple security architecture for smart water management system. Procedia Computer Science, 83, pp.1164-1169.

Olivier, F., Carlos, G. and Florent, N., 2015. New security architecture for IoT network. Procedia Computer Science, 52, pp.1028-1033.

Peagler, J., 2014. The Stuxnet Attack: A New Form of Warfare and the (In) Applicability of Current International Law. Ariz. J. Int'l & Comp. L., 31, p.399.

Siddiqui, M.S., Escalona, E., Trouva, E., Kourtis, M.A., Kritharidis, D., Katsaros, K., Spirou, S., Canales, C. and Lorenzo, M., 2016, November. Policy based virtualised security architecture for SDN/NFV enabled 5G access networks. In 2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN) (pp. 44-49). IEEE.

Singer, P.W., 2015. Stuxnet and its hidden lessons on the ethics of cyberweapons. Case W. Res. J. Int'l L., 47, p.79.

Souissi, S., Sliman, L. and Charroux, B., 2016, November. A novel security architecture based on multi-level rule expression language. In International Conference on Hybrid Intelligent Systems (pp. 259-269). Springer, Cham

Tian, Y., Shuai, Z., Shen, J., Zhang, L., Chen, S., Song, C., Zhao, B., Fan, Q. and Wang, L., 2018. Plasmonic Heterodimers with Binding Site?Dependent Hot Spot for Surface?Enhanced Raman Scattering. Small, 14(24), p.1800669.

Vu?ini?, M., Tourancheau, B., Rousseau, F., Duda, A., Damon, L. and Guizzetti, R., 2015. OSCAR: Object security architecture for the Internet of Things. Ad Hoc Networks, 32, pp.3-16.

Wu, X., 2016. Stuxnet detected, Pc breaks down. Science China. Life Sciences, 59(11), p.1202.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2021). Stuxnet Malware Essay: Evaluation And Risk Analysis.. Retrieved from https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/development.html.

"Stuxnet Malware Essay: Evaluation And Risk Analysis.." My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/development.html.

My Assignment Help (2021) Stuxnet Malware Essay: Evaluation And Risk Analysis. [Online]. Available from: https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/development.html
[Accessed 28 March 2024].

My Assignment Help. 'Stuxnet Malware Essay: Evaluation And Risk Analysis.' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/development.html> accessed 28 March 2024.

My Assignment Help. Stuxnet Malware Essay: Evaluation And Risk Analysis. [Internet]. My Assignment Help. 2021 [cited 28 March 2024]. Available from: https://myassignmenthelp.com/free-samples/itnet202a-enterprise-security/development.html.

Get instant help from 5000+ experts for
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing: Proofread your work by experts and improve grade at Lowest cost

loader
250 words
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Plagiarism checker
Verify originality of an essay
essay
Generate unique essays in a jiffy
Plagiarism checker
Cite sources with ease
support
Whatsapp
callback
sales
sales chat
Whatsapp
callback
sales chat
close