The Homeland Security Science and Technology (HSST) Program at UDC has a two-fold thrust: to increase the number of underrepresented minorities in Department of Homeland Security Science and Technology priority research areas and to develop an institutional research infrastructure in the DHS S & T social and behavioral sciences priority research area.
Wednesday, December 17, 2014
Disaster Preparedness & Recovery : Hurricane Forecasters Will Issue Storm Surge Graphics in 2015
The graphic will be experimental for at least two years, while the government gets real-time experience and feedback from the media and public.
By Eliot Kleinberg, The Palm Beach Post | December 15, 2014
Disaster Preparedness & Recovery : White House Launches Open Data Disaster Portal
More than 100 data sets can be found at disasters.data.gov along with tools, contests and resources to help first responders and technologists engage with a larger community.
News Staff | December 16, 2014
Monday, December 15, 2014
Border Security : Drones watch over U.S. borders
Published 17 November 2014
Since 2000, the number of Border Patrol agents on the 1,954-mile U.S.-Mexico border has more than doubled, to surpass 18,000, and fencing has increased nine times — to 700 miles. Some members of Congress and border state lawmakers are calling for more border agents and more fencing, but the Obama administration is looking to drones to help reduce the number of illegal immigrants and drugs entering the United States, while simultaneously shifting resources and agents to parts of the border where illegal activity is highest.
CBP drone waiting on the tarmac // Source: eanlibya.com
Since 2000, the number of Border Patrol agents on the 1,954-mile U.S.-Mexico border has more than doubled, to surpass 18,000, and fencing has increased nine times — to 700 miles. Some members of Congress and border state lawmakers are calling for more border agents and more fencing, but the Obama administration is looking to drones to help reduce the number of illegal immigrants and drugs entering the United States, while simultaneously shifting resources and agents to parts of the border where illegal activity is highest.
“You have finite resources,” said Customs and Border Protection (CBP) commissioner, R. Gil Kerlikowske. “If you can look at some very rugged terrain (and) you can see there’s not traffic, whether it’s tire tracks or clothing being abandoned or anything else, you want to deploy your resources to where you have a greater risk, a greater threat.”
The Christian Science Monitor reports that since March 2013, the U.S.government has operated about 10,000 drone flights, covering 900 miles along the border, mostly over remote mountains, canyons, and rivers. The drones fly out of the U.S. Army Intelligence Center at Fort Huachuca in Sierra Vista, or Corpus Christi, Texas. They operate at altitude of 19,000 to 28,000 feet, and between twenty-five and sixty miles of the border.
Nearly half the U.S.-Mexico border is now patrolled by Predator B drones with high-resolution video cameras that send footage to analysts who then identify small changes in the landscape — the tracks of a farmer or livestock, or those of illegal immigrants or vehicles used to smuggle drugs into the country. Ninety-two percent of drone missions have showed no change in terrain, but 8 percent have raised enough concerns to dispatch agents to review the changes. Four percent of the reviews have been false alarms, likely the tracks of farmers or cows, and 2 percent are inconclusive. The remaining 2 percent show evidence of illegal crossings from Mexico, which then leads to closer monitor via ground sensors.
Representative Michael McCaul (R-Texas), who chairs the House Homeland Security Committee, believes the drone approach is proactive at a time when “we can no longer focus only on static defenses such as fences and fixed (camera) towers.” Senator Bob Corker (R-Tennessee), who co-authored a 2013 legislation to add 20,000 Border Patrol agents and 350 miles of fencing to the southwest border, said, “if there are better ways of ensuring the border is secure, I am certainly open to considering those options.”
The drone program is expected to expand to the Canadian border by the end of 2015.
http://www.homelandsecuritynewswire.com/
Detection : The science of airport bomb detection: chromatography
By Martin Boland
Published 12 December 2014
As the holidays draw near, many of us will hop on a plane to visit friends and family — or just get away from it all. Some will be subjected to a swab at the airport to test clothes and baggage for explosives. So how does this process work? The answer is chromatography — a branch of separation chemistry — along with mass spectrometry. Although instrumental chromatography is a mature technology (the first instruments were produced just after WWII), new applications frequently pop up. Some are a matter of scale. Pharmaceutical companies that produce monoclonal antibodies (often used in cancer treatments) make use of capture chromatography to purify their products. On an industrial scale these can be tens of centimeters in diameter and meters in length (typical lab scale systems are a few millimeters diameter and 5-30cm long). Other uses can either be in a specific new application, such as detecting cocaine on bank notes using the gas chromatography systems often seen at airports as bomb and drug detectors.
As the holidays draw near, many of us will hop on a plane to visit friends and family — or just get away from it all. Some will be subjected to a swab at the airport to test clothes and baggage for explosives. So how does this process work?
The answer is chromatography — a branch of separation chemistry — along with mass spectrometry (which I will address in a later article).
The word “chromatography” is roughly translated from Greek as “the science of colors.” The reason for the name becomes obvious when you realize that most people have accidentally performed a simple chromatography experiment.
If you’ve ever spilled water onto a hand-written shopping list, then held it up to let the water run-off, you’ve probably noticed the ink diffuses across the paper, and that the pen’s color is made up from several pigments (if you’ve not, you can do the experiment — try it with a couple of pens of different brands, but the same color). This separation is chromatography.
There are several different types of chromatographic separation. What they all have in common is that a mixture of materials that need to be separated (the analytes) is washed over a solid material (called the matrix), causing the analytes to separate.
That may sound like chromatography is just filtration, or separation by particle size. In some cases, that is almost exactly what happens (size exclusion chromatography is often referred to as gel filtration chromatography).
But most chromatography methods work by some other chemical effect than just the size of the materials being separated, including (but not limited to):
- normal-phase chromatography, such as ink on paper
- reverse-phase chromatography, often used in university lab experiments
- gas chromatography, seen in airport bomb detectors
- “capture” chromatography, used to purify drugs.
Each of these can be performed with one solvent, such as dropping water on your shopping list – known as isocratic (Greek for “equal power”) or with a changing mixture of solvents (known as a gradient).
So how does it work?
Technically speaking, it is the differential affinity of the analyte for the solvent and the solid matrix that drives chromatographic separation. So what does that mean, really?
Technically speaking, it is the differential affinity of the analyte for the solvent and the solid matrix that drives chromatographic separation. So what does that mean, really?
You’ll need to bear with me here.
Have you ever been shopping with someone who stops to look at things while you’re trying to move though the store as quickly as possible?
That differential attraction to the stuff surrounding you — that’s what drives chromatography. You walk through the aisles only rarely interacting with the goods on sale, while your shopping partner has much greater affinity for the shelves and stops frequently. By the time you’re at the exit they are still only halfway through the shop — you’ve separated!
That is what happens to molecules. The solvent flows over the matrix (in the shopping list case, the paper) carrying the analytes. The relative affinity of the analyte for the matrix compared with the solvent determines the separation.
If a compound is totally insoluble in the solvent, it stays fixed to the matrix (you may have seen this when spilling water on a shopping list written in pencil). If the analyte is very soluble, it may move as fast as the solvent.
The shopping list example is called planar chromatography. The running ink seems to defy gravity, moving up the paper due to the capillary effect. More common in high-performance chromatography, the matrix is a column with the solvent forced over it, by gravity or pumping.
Using a column makes it easier to change the ratio of solvents by using a pump that can mix multiple materials (usually a mixture of water and a soluble organic solvent such as acetonitrile).
In the case of a gradient separation, the analyte has much higher affinity for the matrix than for the initial solvent mixture. As the solvent mix is changed, the analyte dissolves in the solvent and is carried out of the column separated from materials that are soluble in different solvent ratios.
Sometimes it’s a gas, gas, gas
For gas chromatography, the set-up is a little different. The analytes are gases or volatile liquids (think petrochemicals, plant oils, chemical weapons). Such compounds are usually non-polar and hydrophobic – in other words, they don’t mix well with water.
For gas chromatography, the set-up is a little different. The analytes are gases or volatile liquids (think petrochemicals, plant oils, chemical weapons). Such compounds are usually non-polar and hydrophobic – in other words, they don’t mix well with water.
The compounds are evaporated into an inert carrier gas (analogous to dissolving in a solvent). The carrier gas transports the compound over a hydrophobic matrix contained in a coiled column (often tens of meters long but only micrometers wide).
To improve separation, and allow analysis of materials with a higher boiling point (up to around 300C), the column is placed in an oven. Changing the temperature of the oven affects separation in a similar way to changing the mixture of solvents in liquid chromatography.
Quality control
When separating colored compounds it’s pretty obvious when the process has worked. But how do you know if you’ve separated two colorless compounds, or separated microscopic amounts of analyte?
When separating colored compounds it’s pretty obvious when the process has worked. But how do you know if you’ve separated two colorless compounds, or separated microscopic amounts of analyte?
There are several ways to detect the analytes depending on their chemical and/ or physical properties. Among the more common are:
- ultraviolet or infrared (non-visible but optical wavelength) absorbance
- non-visible fluorescence
- conductivity or pH (how acidic the solution is)
- collect samples and perform chemical tests
- mass spectrometry.
Probably the most useful of these is mass spectrometry as it allows the analyst to work out exactly what compound they are seeing without needing prior knowledge of what was in the original analyte mixture.
An ever-developing world
Although instrumental chromatography is a mature technology (the first instruments were produced just after WWII), new applications frequently pop up.
Although instrumental chromatography is a mature technology (the first instruments were produced just after WWII), new applications frequently pop up.
Some are a matter of scale. Pharmaceutical companies that produce monoclonal antibodies (often used in cancer treatments) make use of capture chromatography to purify their products. On an industrial scale these can be tens of centimeters in diameter and meters in length (typical lab scale systems are a few millimeters diameter and 5-30cm long).
Other uses can either be in a specific new application, such as detecting cocaine on bank notes using the gas chromatography systems often seen at airports as bomb and drug detectors.
And even more exciting experiments are being done by chromatography instruments on board the Philae probe that detected organic chemicals on the comet 67P/Churyumov–Gerasimenko.
Martin Boland is Senior Lecturer of Medicinal and Pharmaceutical Chemistry at Charles Darwin University. This story is published courtesy of The Conversation (under Creative Commons-Attribution/No derivatives).
www.homelandsecuritynewswire.com
Cybersecurity : Can a hacker stop your car or your heart? Security and the Internet of Things
Published 15 December 2014
By Temitope Oluwafemi
An ever-increasing number of our consumer electronics is Internet-connected. We’re living at the dawn of the age of the Internet of Things. Appliances ranging from light switches and door locks, to cars and medical devices boast connectivity in addition to basic functionality. The convenience can’t be beat, but the security and privacy implications cannot and should not be ignored. There needs to be a concerted effort to improve security of future devices. Researchers, manufacturers and end users need to be aware that privacy, health and safety can be compromised by increased connectivity. Benefits in convenience must be balanced with security and privacy costs as the Internet of Things continues to infiltrate our personal spaces.
An ever-increasing number of our consumer electronics is Internet-connected. We’re living at the dawn of the age of the Internet of Things. Appliances ranging from light switches and door locks, to cars and medical devices boast connectivity in addition to basic functionality.
The convenience can’t be beat. But what are the security and privacy implications? Is a patient implanted with a remotely controllable pacemaker at risk for security compromise? Vice President Dick Cheney’s doctors worried enough about an assassination attempt via implant that theydisabled his defibrillator’s wireless capability. Should we expect capital crimes via hacked Internet-enabled devices? Could hackers mount large-scale terrorist attacks? Our research suggests these scenarios are within reason.
Your car, out of your control
Modern cars are one of the most connected products consumers interact with today. Many of a vehicle’s fundamental building blocks – including the engine and brake control modules – are now electronically controlled. Newer cars also support long-range wireless connections via cellular network and Wi-Fi. But hi-tech definitely doesn’t mean highly secure.
Modern cars are one of the most connected products consumers interact with today. Many of a vehicle’s fundamental building blocks – including the engine and brake control modules – are now electronically controlled. Newer cars also support long-range wireless connections via cellular network and Wi-Fi. But hi-tech definitely doesn’t mean highly secure.
Our group of security researchers at the University of Washington was able to remotely compromise and control a highly computerized vehicle. Theyinvaded the privacy of vehicle occupants by listening in on their conversations. Even more worrisome, they remotely disabled brake and lighting systems and brought the car to a complete stop on a simulated major highway. By exploiting vulnerabilities in critical modules, including the brake systems and engine control, along with in radio and telematics components, our group completely overrode the driver’s control of the vehicle. The safety implications are obvious.
This attack raises important questions about how much manufacturers and consumers are willing to sacrifice security and privacy for increased functionality and convenience. Car companies are starting to take these threats seriously, appointing cybersecurity executives. But for the most part, automakers appear to be playing catchup, dealing with security as an afterthought of the design process.
Home insecurity
An increasing number of devices around the home are automated and connected to the Internet. Many rely on a proprietary wireless communications protocol called Z-Wave.
An increasing number of devices around the home are automated and connected to the Internet. Many rely on a proprietary wireless communications protocol called Z-Wave.
Two U.K. researchers exploited security loopholes in Z-Wave’s cryptographic libraries — that’s the software toolkit that authenticates any device being connected to the home network, among other functions, while providing communication security over the Internet. The researchers were able to compromise home automation controllers and remotely controlled appliances including door locks and alarm systems. Z-Wave’s security relied solely on keeping the algorithm a secret from the public, but the researchers were able to reverse engineer the protocol to find weak spots.
Our group was able to compromise Z-Wave controllers via anothervulnerability: their web interfaces. Via the web, we could control all home appliances connected to the Z-Wave controller, showing that a hacker could, for instance, turn off the heat in wintertime or watch inhabitants via webcam feeds. We also demonstrated an inherent danger in connecting compact fluorescent lamps (CFL) to a Z-Wave dimmer. These bulbs were not designed with remote manipulations over the Internet in mind. We found an attacker could send unique signals to CFLs that would burn them out, emitting sparks that could potentially result in house fires.
Our group also pondered the possibility of a large-scale terrorist attack. The threat model assumes that home automation becomes so ubiquitous that it’s a standard feature installed in homes by developers. An attacker could exploit a vulnerability in the automation controllers to turn on power-hungry devices — like HVAC systems — in an entire neighborhood at the same time. With the A/C roaring in every single house, shared power transformers would be overloaded and whole neighborhoods could be knocked off the power grid.
Harnessing hackers’ knowledge
One of the best practices of designing elegant security solutions is to enlist the help of the security community to find and report weak spots otherwise undetected by the manufacturer. If the internal cryptographic libraries these devices use to obfuscate and recover data, amongst other tasks, are open-source, they can be vetted by the security community. Once issues are found, updates can be pushed to resolve them. Crypto libraries implemented from scratch may be riddled with bugs that the security community would likely find and fix – hopefully before the bad guys find and exploit. Unfortunately, this sound principle has not been strictly adhered to in the world of the Internet of Things.
One of the best practices of designing elegant security solutions is to enlist the help of the security community to find and report weak spots otherwise undetected by the manufacturer. If the internal cryptographic libraries these devices use to obfuscate and recover data, amongst other tasks, are open-source, they can be vetted by the security community. Once issues are found, updates can be pushed to resolve them. Crypto libraries implemented from scratch may be riddled with bugs that the security community would likely find and fix – hopefully before the bad guys find and exploit. Unfortunately, this sound principle has not been strictly adhered to in the world of the Internet of Things.
Third party vendors designed the web interfaces and home appliances with Z-Wave support that our group exploited. We found that, even if a manufacturer has done a very good job and released a secure product, retailers who repackage it with added functionality — like third party software — could introduce vulnerabilities. The end-user can also compromise security by failing to operate the product properly. That’s why robust multi-layered security solutions are vital – so a breach can be limited to just a single component, rather than a successful hack into one component compromising the whole system.
Level of risk
There is one Internet of Things security loophole that law enforcement has taken notice of: thieves’ use of scanner boxes that mimic the signals sent out by remote key fobs to break into cars. The other attacks I’ve described are feasible, but haven’t made any headlines yet. Risks today remain low for a variety of reasons. Home automation system attacks at this point appear to be very targeted in nature. Perpetrating them on a neighborhood-wide scale could be a very expensive task for the hacker, thereby decreasing the likelihood of it occurring.
There is one Internet of Things security loophole that law enforcement has taken notice of: thieves’ use of scanner boxes that mimic the signals sent out by remote key fobs to break into cars. The other attacks I’ve described are feasible, but haven’t made any headlines yet. Risks today remain low for a variety of reasons. Home automation system attacks at this point appear to be very targeted in nature. Perpetrating them on a neighborhood-wide scale could be a very expensive task for the hacker, thereby decreasing the likelihood of it occurring.
There needs to be a concerted effort to improve security of future devices. Researchers, manufacturers and end users need to be aware that privacy, health and safety can be compromised by increased connectivity. Benefits in convenience must be balanced with security and privacy costs as the Internet of Things continues to infiltrate our personal spaces.
Temitope Oluwafemi is Ph.D. Student in Electrical Engineering atUniversity of Washington. This story is published courtesy of The Conversation (under Creative Commons-Attribution/No derivatives).
www.homelandsecuritynewswire.com
Disaster Preparedness & Recovery : Sea-Level Dilemmas Quietly Swelling on First Coast, Fla
A corps of residents — some in local governments, some activists or policy nerds — are charting steps communities can take now to avoid being caught unprepared when the tide rises.
Steve Patterson, The Florida Times-Union | December 9, 2014
Disaster Preparedness & Recovery : Controller for the Emergency Power Grid Is Coming
Energy groups are designing the controller, which will keep power flowing during a severe weather outage.
Alan Rizzo, Watertown Daily Times | December 11, 2014
Subscribe to:
Posts (Atom)