|
|
Power outage simulator
Sýkora, Dušan ; Lieskovan, Tomáš (referee) ; Kohout, David (advisor)
This thesis is concerned with building a smart gadget that is able to simulate blackouts. This simulator is able to interrupt or limit supply of 230 V electricity from a power grid to the tested appliance for adjustable duration and with adjustable frequency. The gadget is controllable remotely via a web interface. For that purpose, components have been selected and a program written for a microcontroller. Finally, functionality has been verified on multiple appliances.
|
|
|
Automated monitoring system for IT infrastructures
Kunčický, Daniel ; Lieskovan, Tomáš (referee) ; Sikora, Marek (advisor)
The bachelor’s thesis describes the development of an application that will automatically evaluate received messages. When an incident occurs, it informs the administrator about the current status. Application will send information about the progress of message evaluation when it runs periodically. As part of the message evaluation, it also checks the timeliness of the messages and the reception of all expected messages. A graphical dashboard was developed to manage the application. The application was developed in Python. The application facilitates the routine monitoring of the state of the IT infrastructure.
|
|
|
Automation of Cyber Arena backup and recovery processes in Ansible AWX
Fišarová, Veronika ; Lieskovan, Tomáš (referee) ; Stodůlka, Tomáš (advisor)
The master thesis focuses on the cyber range Cyber Arena and the OpenStack cloud platform, on which the Cyber Arena is built. The theoretical part of the work is dedicated to three essential technologies used in the construction of cyber ranges. These technologies are virtualization, containerization, and cloud computing. In the next part, the analysis focuses on the OpenStack platform and its essence in the Cyber Arena. This is followed by an introduction to the Ansible AWX automation platform, which acts as an intermediary between the Cyber Arena and OpenStack. The last part of the theory is dedicated to the issues of backups and recovery of OpenStack with the aim of improving the life cycle of the Cyber Arena. In the practical part, the creation of a development environment is described, consisting of the OpenStack platform and the AWX platform, in such a way as to best match the environment with the Cyber Arena. In this environment, an Ansible project is then implemented, which automates the creation of backups and subsequent recovery of the main OpenStack services. The project is implemented in such a way that the processes are transferable to new versions of OpenStack while maintaining the same deployment method.
|
|
|
Cyber security tester of elements used in industrial networks and energy industry
Březina, Jiří ; Mlýnek, Petr (referee) ; Lieskovan, Tomáš (advisor)
The following is a detailed discussion of the communication protocols that work in these networks, from the older and more industrially based Modbus protocol, through the IEC 60870 protocol suite, to the most commonly used protocol today, DLMS/COSEM. The paper also summarizes the most common current attack patterns on DLMS/COSEM protocol vulnerabilities. The thesis aims to implement a tester that tests the security of smart grid elements mainly on the vulnerabilities described in the thesis. The tester primarily focuses on the vulnerabilities of overwhelm and replay attacks and evaluating the execution of these attacks in a laboratory environment.
|
|
|
Smart meter simulation on KYPO platform
Morawiec, Daniel ; Gerlich, Tomáš (referee) ; Lieskovan, Tomáš (advisor)
This bachelor thesis is focused on problematics of smart grids, smart meters and protocols which are used in the energy industry. The part of thesis is dedicated to DLMS protocol and COSEM specification. Cloud platform OpenStack and cyber range platforms, more specifically KYPO CRP, are subsequently described in this work. In the last part of the bachelor thesis deployment of platforms OpenStack and KYPO CRP is executed and testing scenario with common elements of energy networks is commissioned on the platform KYPO.
|
|
|
Analysis of cryptographic operations on various processor architectures
Kubík, Hynek ; Gerlich, Tomáš (referee) ; Lieskovan, Tomáš (advisor)
Bachelor’s thesis analyzes cryptographic operations and algorithms on different server processor architectures. The thesis in its theoretical part deals with the analysis of individual cryptographic algorithms, processor architecture, computing cluster and HPC. An application is made for the analysis, which, depending on the input parameters, selected architectures and configuration selected by the user, performs the measurement of the performance of individual operations.The results from performance measurements and various cryptographic operations and architectures and with various input application parameters are subsequently years in the form of graphs.
|
|
|
Analyzer of web application
Vašíček, Tomáš ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This work focuses on the identification of technologies in web applications. The main goal is to develop a software tool for basic analysis of web applications that aims to identify the application's operating system, web server, and programming language. This work further aims to allow the developed tool to be integrated into the Penterep platform as an extension module. The theoretical part of this work is an introduction into the area of web application analysis with emphasis on describing and manually demonstrating the existing identification methods. The practical part presents the design, implementation and testing of the developed tool. This part also includes a description of an experimental environment that was built using the Docker platform.
|
|
|
Security of EDGE sensors
Jančík, David ; Lieskovan, Tomáš (referee) ; Ilgner, Petr (advisor)
This bachelor thesis deals with the security of EDGE sensors on the Raspberry Pi platform, which is used to store sensitive data on disk. In this thesis, the test device is Raspberry Pi 4. First, it examines and implements an SD card security module from Swissbit, Swissbit PS-45u, and Zymkey 4i from Zymbit. With the knowledge of Zymkey i4 and Swissbit to design and implement its own physical security module. Authentication is handled using smart cards that support the NFC communication. The components powered on the prototype board are an Arduino Nano, an accelerometer and a gyroscope, two connecting wires, two LEDs and an NFC interface.
|
|
|
Application for automated power trace measurement
Karabina, Lukáš ; Lieskovan, Tomáš (referee) ; Gerlich, Tomáš (advisor)
Master’s thesis is focused on providing information for the design and implementation of an application for automated power trace measurement. The first and second sections of this thesis summarise the findings on the actual measurement of the power consumption and the use of the results in the analysis of the robustness of cryptographic systems against side channel attacks. In this sections, several methods that can be used in such an analysis are presented. A section on the devices with which the application will communicate is also included. The practical part of this thesis deals with the actual design and development of the application. The design patterns used and the procedures by which the application is created are presented. The individual subsections further describe the actual development, implementation, testing and associated problems.
|
|
|
DLMS/COSEM protocol security
Tomko, Tomáš ; Mlýnek, Petr (referee) ; Lieskovan, Tomáš (advisor)
The aim of this thesis is to familiarize the reader with the DLMS/COSEM protocol, which is mainly used in the power industry. The thesis introduces the concept of smart grids along with their development and basic legislation. In the following section, all the protocols used in smart energy networks are discussed with most emphasis on the mentioned DLMS/COSEM protocol and its security features and vulnerabilities. Furthermore, the thesis aims to introduce the reader to the security risks in industrial networks and the Cyber Range KYPO platform. It was important to familiarize with the capabilities that this platform offers. The next task of this thesis is to operationalize the KYPO platform in a laboratory environment with a security scenario focused on DLMS/COSEM security. The security scenario that we have managed to create involves the interception of communication and the exploitation of at least two security vulnerabilities of the DLMS/COSEM protocol. All the programs and tools that we have used to achieve the objectives of this thesis have been summarized in more detail in a separate chapter, which is dedicated to the practical part of the thesis. The thesis describes the procedure and the problems that we encountered while completing the thesis assignment. The actual virtual scenario that we prepared runs on a server at the premises of the BUT. On this server is installed Cyber Range platform KYPO in all-in-one configuration. The created security scenario using the DLMS/COSEM protocol contains two users and one attacker located in the same network, as we have defined it. We used a simple text editor to define the network configuration and defined it for the KYPO platform in YAML format, which is used to automate the data in a form that is easy for humans to read. We also used the same YAML format to define playbooks, which serve as the easiest way in Ansible to automate repetitive tasks. We used them to install packages, update existing packages, and prepare the virtual environment to exploit DLMS/COSEM protocol vulnerabilities.
|
guest ::
