1. Discuss in detail What is a raspberry pi?

What OS does raspberry

pi use? 8M July 2019 2
The RaspberryPi is a series of credit card sized single-board computers developed in the
United Kingdom by the Raspberrypi Foundation.
Raspbian
Raspbian or Raspberry Pi OS is a Linux-based operating system built specifically for
Raspberry Pi. It is packed with all the necessary tools and features that are required for
day-to-day use. It will possibly run on every kind of Raspberry Pi board with a few
exceptions, like the Raspberry Pi's pico edition, because of its far smaller form factor and
computing power.

2. What are the common challenges in OT security? 8M July 2019

Common Challenges in OT Security The security challenges faced in IoT are by no
means new and are not limited to specific industrial environments. The following
sections discuss some of the common challenges faced in IoT.
Erosion of Network Architecture: There is a wide variety in secured network designs
within and across different industries. example, power utilities have a strong history of
leveraging modern technologies for operational activities, and in North America there are
regulatory requirements in place from regulatory authorities, such as North American
Electric Reliability Corporation’s (NERC’s) Critical Infrastructure Protection (CIP)
Pervasive Legacy Systems: Due to the static nature and long life cycles of equipment
in industrial environments, many operational systems may be deemed legacy systems.
For example, in a power utility environment, it is not uncommon to have racks of old
mechanical equipment still operating alongside modern intelligent electronic devices
(IEDs). In many cases, legacy components are not restricted to isolated network
segments but have now been consolidated into the IT operational environment. From a
security perspective, this is potentially dangerous as many devices may have historical
vulnerabilities or weaknesses that have not been patched and updated, or it may be that
patches are not even available due to the age of the equipment.
Insecure Operational Protocols: The structure and operation of most of these protocols
is often publicly available. While they may have been originated by a private firm, for
the sake of interoperability, they are typically published for others to implement. Thus, it
 becomes a relatively simple matter to compromise the protocols themselves and
introduce malicious actors that may use them to compromise control systems for either
reconnaissance or attack purposes that could lead to undesirable impacts in normal
system operation.
Device Insecurity: Beyond the communications protocols that are used and the
installation base of legacy systems, control and communication elements themselves have
a history of vulnerabilities. To understand the nature of device insecurity, it is important
to review the history of what vulnerabilities were discovered and what types of devices
were affected. A review of the time period 2000 to 2010 reveals that the bulk of
discoveries were at the higher levels of the operational network, including control
systems trusted to operate plants, transmission systems, oil pipelines, or whatever critical
function is in use.

3. With diagram, explain a four layered smart city Iot architecture.

10M Feb 2021
The four-layered smart city IoT architecture provides a structured framework for deploying and
managing IoT solutions in urban environments. Data flows from devices at the street layer to
the city network layer and connects to the data center layer, where the data is aggregated,
normalized, and virtualized. The data center layer provides information to the services layer,
which consists of the applications that provide services to the city. Each layer serves a specific
purpose and contributes to the overall functionality of the smart city ecosystem. Let's discuss
each layer in detail:

1. Street Layer:
● The street layer consists of devices and sensors deployed throughout the city
streets and public spaces.
● Sensors in this layer collect various types of data, such as environmental
conditions (e.g., air quality), traffic patterns, pedestrian movements, and
vehicle counts.
● Video cameras with video analytics capabilities can detect vehicles, faces, and
traffic conditions for traffic management and security purposes.
 ● Data collected from sensors at this layer provides real-time insights into
street-level activities and conditions.
● At the street layer of a smart city IoT architecture, sensors such as magnetic
sensors aid in parking management by detecting vehicle occupancy.
● Lighting controllers adjust streetlight brightness based on time schedules and
ambient light conditions, promoting energy efficiency.
● Video cameras with advanced analytics capabilities facilitate traffic management
and surveillance tasks.
● Air quality sensors monitor pollution levels, guiding environmental policies.
Device counters estimate device presence for traffic analysis and infrastructure
planning.
2. City Layer:
● The city layer is situated above the street layer and serves as an aggregation
point for data collected from sensors.
● Network routers and switches are deployed at this layer to handle the
transportation of data across the city's infrastructure.
● The city layer ensures that data from sensors is reliably transported to the data
center or cloud for further processing.
● Some applications are delay- and jitter-sensitive, and some other applications
require a deterministic approach to frame delivery.
● It must support various IoT protocols and applications, including those that are
delay-sensitive or require deterministic data delivery.
3. Data Center Layer:
● The data center layer is where data collected from sensors is sent for processing
analysis.
● and Data centers host applications that analyze and correlate sensor data to derive
meaningful insights and trends.
● Examples of applications include traffic management systems, environmental
monitoring, and public safety initiatives.
● Cloud infrastructure plays a crucial role in providing scalable storage and
computing resources for processing large volumes of data efficiently.
● The data center layer enables city authorities to make informed decisions and take
automated actions based on real-time data.
● In addition, multiple contractors can store and process data at the same time,
without the complexity of exclusively owned space.
● This proximity and flexibility also facilitate the exchange of information between
smart systems and allow for the deployment of new applications that can leverage
information from several IoT systems.
 4. Services Layer:
● The services layer delivers value to various stakeholders within the city,
including city operators, citizens, and businesses.
● It encompasses a wide range of applications and services built on top of the data
generated by IoT devices.
● Examples of services include smart parking solutions, traffic optimization
algorithms, public transportation systems, and citizen engagement platforms.
● Data from the lower layers is utilized to provide tailored services to different user
groups, addressing their specific needs and use cases.
● The services layer enhances the quality of life in the city, improves operational
efficiency, and promotes sustainable development.

Overall, the four-layered smart city IoT architecture provides a comprehensive framework for

deploying and managing IoT solutions that address the complex challenges faced by modern

urban environments. By leveraging sensor data, networking infrastructure, data processing

capabilities, and value-added services, cities can become more efficient, resilient, and livable for

their inhabitants.
 4. The purdue Model for Control Hierarchy or Explain security
between Levels and Zones in the Process Control Hierarchy Model.
8M Nov 2020

In the Process Control Hierarchy Model, security between levels and zones is crucial for
safeguarding industrial processes and ensuring the reliability of operations. The model organizes
the control and communication layers into distinct levels, each with its own functions and
responsibilities. These levels include the enterprise zone, operational zone, safety zone, and
demilitarized zone (DMZ).
This model identifies levels of operations and defines each level. The enterprise and operational
domains are separated into different zones and kept in strict isolation via an industrial
demilitarized zone (DMZ):

You need to analyze and secure the basic network design. Most automated process systems or
even hierarchical energy distribution systems have a high degree of correlation between the
network design and the operational design. It is a basic tenet of ISA99 and IEC 62443 that
functions should be segmented into zones (cells) and that communication crossing the
boundaries of those zones should be secured and controlled through the concept of conduits. In
response to this, it is suggested that a security professional discover the state of his or her
network and all communication channels. Normal network discovery processes can be highly
problematic for older networking equipment. In fact, the discovery process in pursuit of
improved safety, security, and operational state can result in degradation of all three.
Enterprise Zone:
Levels 4 and 5, which is enterprise network and business planning and logistics network
encompass corporate-level applications and IT services, such as Enterprise Resource
Planning(ERP), Customer Relationship Management(CRM) and business planning
networks.
 Security measures in this zone focus on protecting sensitive business data and ensuring
the integrity and availability of corporate resources.
Demilitarized Zone:
The DMZ provides a buffer zone where services and data can be shared between the
operational and enterprise zones. It also allows for easy segmentation of organizational
control. By default, no traffic should traverse the DMZ; everything should originate from
or terminate on this area.
Operational zone:
Level 3: Operations and control: This level includes the functions involved in
managing the workflows to produce the desired end products and for monitoring and
controlling the entire operational system. This could include production scheduling,
reliability assurance, systemwide control optimization, security management, network
management, and potentially other required IT services, such as DHCP, DNS, and
timing
Level 2: Supervisory control: This level includes zone control rooms, controller status,
control system network/application administration, and other control-related
applications, such as human-machine interface (HMI) and historian.
Level 1: Basic control: At this level, controllers and IEDs, dedicated HMIs, and other
applications may talk to each other to run part or all of the control function.
Level 0: Process: This is where devices such as sensors and actuators and machines such
as drives, motors, and robots communicate with controllers or IEDs.
Safety zone
Safety-critical: This level includes devices, sensors, and other equipment used to manage the
safety functions of the control system

5. Discuss with example, the fundamentals of Arduino Programming.

8M Feb 2021

6. Write a note on DS18B20 temperature sensor in detail. 8M Nov

2020
● The DS18B20 also has an alarm function that can be configured to output a signal when
the temperature crosses a high or low threshold that’s set by the user
● A 64 bit ROM stores the device’s unique serial code. This 64 bit address allows a
microcontroller to receive temperature data from many sensors with identity.
● The DS18B20 temperature sensor is perfect for projects like weather stations and home
automation systems.
● The size is same as a transistor and use only one wire for the data signal
● It is extremely accurate and take measurements quickly
7. Explain Formal Risk Analysis Structures and its frameworks.
The key for any industrial environment is that it needs to address security holistically and
not just focus on technology. It must include people and processes, and it should include
all the vendor ecosystem components that make up a control system

OCTAVE
OCTAVE (Operationally Critical Threat, Asset and Vulnerability Evaluation) has
undergone multiple iterations. The version this section focuses on is OCTAVE Allegro,
which is intended to be a lightweight and less burdensome process to implement. Allegro
assumes that a robust security team is not on standby or immediately at the ready to
initiate a comprehensive security review. This approach and the assumptions it makes are
quite appropriate, given that many operational technology areas are similarly lacking in
security-focused human assets. Figure 8-5 illustrates the OCTAVE Allegro steps and
phases.
OCTAVE is a balanced information-focused process. What it offers in terms of discipline
and largely unconstrained breadth, however, is offset by its lack of security specificity.
There is an assumption that beyond these steps are seemingly means of identifying
specific mitigations that can be mapped to the threats and risks exposed during the
analysis process.
FAIR
FAIR (Factor Analysis of Information Risk) is a technical standard for risk definition
from The Open Group. While information security is the focus, much as it is for
OCTAVE, FAIR has clear applications within operational technology. Like OCTAVE, it
also allows for non-malicious actors as a potential cause for harm, but it goes to greater
lengths to emphasize the point. For many operational groups, it is a welcome
acknowledgement of existing contingency planning. Unlike with OCTAVE, there is a
significant emphasis on naming, with risk taxonomy definition as a very specific target.
FAIR places emphasis on both unambiguous definitions and the idea that risk and
associated attributes are measurable. Measurable, quantifiable metrics are a key area of
emphasis, which should lend itself well to an operational world with a richness of
operational data. At its base, FAIR has a definition of risk asthe probable frequency and
probable magnitude of loss. With this definition, a clear hierarchy of sub-elements
emerges, with one side of the taxonomy focused on frequency and the other on
magnitude. Loss even frequency is the result of a threat agent acting on an asset with a
resulting loss to the organization. This happens with a given frequency called the threat
event frequency (TEF), in which a specified time window becomes a probability. There
are multiple sub-attributes that define frequency of events, all of which can be understood
with some form of measurable metric. Threat event frequencies are applied to a
vulnerability. Vulnerability here is not necessarily some compute asset weakness, but is
more broadly defined as the probability that the targeted asset will fail as a result of the
actions applied. There are further sub-attributes here as well.