Bingo
In addition to many other things. Seems like a simple idea but why the hell haven't I ever thought of that?
are there any recommended formats for SBOM?
I suspect you did, but there's too many threads to chase
I got a year of free thinking at airbus
it did take about 6 months to break the noise floor of the predictions (augmented dickey fuller suggested 3 month was a limit)
No... I love to claim I did but that one skipped me. I need to add this idea to some models.
@anfractuosity - yes SPDX and CycloneDX, https://www.ntia.gov/sbom
turns out old WW2 stats and little
Little's law did the tirck
Airbus owns the IP, but we agreed to publish most of it, and I can talk freely sometime about where it will go.
@anfractuosity there are a few formats/frameworks. Depends on how you will be using it. Some are also in development.
https://www.eia.gov/todayinenergy/detail.php?id=35652
Average frequency and duration of electric distribution outages vary by states
Interruptions in electricity service vary by frequency and duration across the many electric distribution systems that serve about 145 million customers in the United States. In 2016, customers experienced an average of 1.3 interruptions and went without power for four hours during the year.
motorwaysteps.co.uk. A website about the infrastructure access stairs on motorways (freeways). They all need to be designed, and cost many tens of thousands of (currency units) each. And you don't see them until someone mentions them to you.
Pylons are nice, but I missLove this!
EIA is a great resource. I used them for the piece I wrote on petroleum pipelines, and a new piece coming out tomorrow on "Black Starts" for the grid
Is DNS infrastructure? :D
oooooh, I love that you're writing a blackstarts piece
DNS is Critical infrastructure I'd say!
@anfractuosity I am partial to the SBOM Energy stuff being done through the DOE/INL/NTIA
https://onlinelibrary.wiley.com/doi/10.1111/risa.13291
You might like this simulation approach we made:Thanks, I hope I do the topic justice. I only have 1500 words or so, tough to put in much detail.
Not so much about blackstarts but estimating the impact of outages on say transport
@eireann.leverett Eye of the Lucifer…. The hotest hell…. (would be my answer) 🤣🤣🤣
My company is participating in the SBOM POC hosted by INL, usign the SAG-PM software representing a well known utility in hte mid Atlantic area
doing intersectoral stuff is super hard, but the oxford team came up with a cool voronoi decomposition to estimate substation outage effects on train stations
I think aDoulus is wrokign with OSIsoft on the software vendor side. REA is working on the consumer side of the SBOM POC
aDolus is doing some great stuff.
I guess if the talk is over, me and Patrick can have a whisky?
I've got an "Emergency Decadence" at hand.
Cheers, old friend. We need to do that sometime soon.
Indeed
@Patrick C Miller they are one of only a handful oc C-SCRM vendors with the ability to process NTIA SBOM's. Microfot gobbled up Refirm Labs and IBM gobbled up BoxBoat. C-SCRM is becoming a thing
I agreeA wiseman said: To make critical damage to electricity distribution, with still small effort and costs -> buy 2 offroads (Mitsubishi L200 e.g.), and use them to physically attack 2 big substations…. No APT, expensive research…..
cool probability site for you risk nerds
https://seeing-theory.brown.edu/
BROWN
DANIEL KUNIN
Seeing Theory
A visual introduction to probability and statistics.
Our trust in infrastructure is inversely proportional to how well we understand it
Have started looking into use of Bayes Theorem for vulnerability analysis - look interesting.
It is powerful stuff, applying it is tricky. I think it's just about getting to know bayes as a tool regularly.
It is very useful in many contexts
Hoping to know more shortly.
If you ever need us, I run a small cyber risk consultancy as well as doing cyber insurance.
I'm bringing another academic on board soon who is looking for quantiative problems to solve.
Will definitely keep that in mind - it's hard to find people with stats and cybersec proficiency
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.