A quantitative security assessment of modern cyber attacks : a framework for quantifying enterprise security risk level through system's vulnerability analysis by detecting known and unknown threats

Munir, Rashid

January 2014

Cisco 2014 Annual Security Report clearly outlines the evolution of the threat landscape and the increase of the number of attacks. The UK government in 2012 recognised the cyber threat as Tier-1 threat since about 50 government departments have been either subjected to an attack or a direct threat from an attack. The cyberspace has become the platform of choice for businesses, schools, universities, colleges, hospitals and other sectors for business activities. One of the major problems identified by the Department of Homeland Security is the lack of clear security metrics. The recent cyber security breach of the US retail giant TARGET is a typical example that demonstrates the weaknesses of qualitative security, also considered by some security experts as fuzzy security. High, medium or low as measures of security levels do not give a quantitative representation of the network security level of a company. In this thesis, a method is developed to quantify the security risk level of known and unknown attacks in an enterprise network in an effort to solve this problem. The identified vulnerabilities in a case study of a UK based company are classified according to their severity risk levels using common vulnerability scoring system (CVSS) and open web application security project (OWASP). Probability theory is applied against known attacks to create the security metrics and, detection and prevention method is suggested for company network against unknown attacks. Our security metrics are clear and repeatable that can be verified scientifically.

Avaliação do perigo à poluição das águas subterrâneas no município de Piracicaba SP / Hazard assessment for groundwater pollution in the municipality of Piracicaba SP

Garcia, Claudinei

04 June 2018

Submitted by Claudinei Garcia (claudinei.garcia@yahoo.com.br) on 2018-06-25T23:11:26Z No. of bitstreams: 1 AVALIAÇÃO DO PERIGO À POLUIÇÃO DAS ÁGUAS SUBTERRÂNEAS NO MUNICÍPIO DE PIRACICABA SP.pdf: 6931690 bytes, checksum: ca32dc4d54818c6994582918f1151a35 (MD5) / Approved for entry into archive by Lucilene Cordeiro da Silva Messias null (lubiblio@bauru.unesp.br) on 2018-06-26T12:41:18Z (GMT) No. of bitstreams: 1 garcia_c_me_bauru.pdf: 6931693 bytes, checksum: 9701edc264d8220201a6e0dea3d79f0b (MD5) / Made available in DSpace on 2018-06-26T12:41:18Z (GMT). No. of bitstreams: 1 garcia_c_me_bauru.pdf: 6931693 bytes, checksum: 9701edc264d8220201a6e0dea3d79f0b (MD5) Previous issue date: 2018-06-04 / Este trabalho buscou a avaliação do perigo à poluição das águas subterrâneas no município de Piracicaba, através da interação entre os índices de vulnerabilidade intrínseca e vulnerabilidade específica dos aquíferos aflorantes no município de Piracicaba, motivado pela importância estratégica destas fontes, pela ausência de estudos específicos locais e pela crescente demanda de exploração de cunho econômico da área de estudo. Para a análise dos índices de vulnerabilidade intrínseca, que define-se como a capacidade de atenuação natural do meio local à contaminação de determinado aquífero imposta por uma carga contaminante, utilizou-se do método GOD - groundwater hydraulic confinement; overlaying strata; depth to groundwater table (FOSTER, 1987; FOSTER; HIRATA, 1988), e para a avaliação da vulnerabilidade específica que considera a probabilidade de determinado sistema aquífero ser exposto a um contaminante, classe de contaminantes ou atividade contaminante, utilizou-se do método POSH - pollutant origin, surcharge hydraulically (FOSTER, et al., 2006) e da análise do potencial de contaminação das áreas urbanas e rurais por fontes de nitrato. A manipulação de dados envolveu informações de poços profundos outorgados, pedologia e litologia da área de estudo, informações de uso do solo e de fontes potenciais de contaminação local, obtidos de fontes públicas e privadas. A avaliação do perigo à poluição das águas subterrâneas, que pode ser definido como a interação entre a vulnerabilidade intrínseca e a vulnerabilidade específica, se deu pela interação dos resultados obtidos de vulnerabilidade intrínseca e da vulnerabilidade específica, cujos produtos finais se apresentam em forma de mapas situacionais ilustrativos. Embora a análise da vulnerabilidade intrínseca tenha produzido classes predominantes de baixa vulnerabilidade natural, a avaliação da vulnerabilidade específica para o município revelou, ao contrário, índices significativos de fontes potenciais contaminantes difusas e pontuais. Esta particularidade resultou em situação de médio perigo de poluição dos recursos subterrâneos locais para aproximadamente 74% dos pontos avaliados. Os resultados auferidos, embora contextuais objetivam em síntese identificar os locais onde é pertinente se intensificar recursos e esforços para estudos complementares e conclusivos, e constituem primeiro passo importante para a caracterização e avaliação dos riscos aos recursos hídricos subterrâneos locais, frente às novas imposições de demanda de usos de águas subterrâneas, oriundos do crescimento econômico e populacional, atrelados ao esgotamento das fontes de água superficiais. / This work sought to evaluate the danger to groundwater pollution in the municipality of Piracicaba through the interaction between intrinsic vulnerability indexes and specific vulnerability of outlying aquifers in the city of Piracicaba, motivated by the strategic importance of these sources due to the absence of specific local studies and by the growing demand for economic exploration of the study area. For the analysis of the intrinsic vulnerability indexes, which is defined as the natural attenuation capacity of the local environment to the contamination of a given aquifer imposed by a contaminant load, the GOD method was used - groundwater hydraulic confinement; overlaying strata; depth to groundwater table (FOSTER, HIRATA, 1988), and for the assessment of the specific vulnerability that considers the probability of a certain aquifer system being exposed to a contaminant, class of contaminants or contaminant activity, the POSH method - pollutant origin, surcharge hydraulically (FOSTER, et al., 2006) and the analysis of the potential of contamination of urban and rural areas by nitrate sources. Data manipulation involved information from deep wells, pedology and lithology of the study area, land use information and potential sources of local contamination obtained from public and private sources. The groundwater hazard assessment, which can be defined as the interaction between intrinsic vulnerability and specific vulnerability, was the interaction of the results obtained from intrinsic vulnerability and specific vulnerability, the final products of which are presented in the form of maps illustrative situations. Although the analysis of intrinsic vulnerability has produced predominant classes of low natural vulnerability, the assessment of specific vulnerability to the municipality revealed, on the contrary, significant indices of potential diffuse and point source contaminants. This particularity resulted in a situation of average danger of pollution of the local underground resources to approximately 74% of the assessed points. The results obtained, although contextual, aim in a synthesis to identify the places where it is pertinent to intensify resources and efforts for complementary and conclusive studies, and constitute important first step for the characterization and evaluation of the risks to the local groundwater resources, in face of the new impositions of demand of groundwater uses, derived from economic and population growth, linked to the depletion of surface water sources.

Águas subterrâneas

Vulnerabilidade intrínseca

Vulnerabilidade específica

Perigo à contaminação

Groundwater

Intrinsic vulnerability

Specific vulnerability

Danger to contamination.

Timing vulnerability factor analysis in master-slave D flip-flops / Análise do fator de vulnerabilidade temporal em flip-flops mestre-escravo do tipo D

Zimpeck, Alexandra Lackmann

January 2016

O dimensionamento da tecnologia trouxe consequências indesejáveis para manter a taxa de crescimento exponencial e levanta questões importantes relacionadas com a confiabilidade e robustez dos sistemas eletrônicos. Atualmente, microprocessadores modernos de superpipeline normalmente contêm milhões de dispositivos com cargas nos nós cada vez menores. Esse fator faz com que os circuitos sejam mais sensíveis a variabilidade ambiental e aumenta a probabilidade de um erro transiente acontecer. Erros transientes em circuitos sequenciais ocorrem quando uma única partícula energizada deposita carga suficiente perto de uma região sensível. Flip-Flops mestreescravo são os circuitos sequencias mais utilizados em projeto VLSI para armazenamento de dados. Se um bit-flip ocorrer dentro deles, eles perdem a informação prévia armazenada e podem causar um funcionamento incorreto do sistema. A fim de proporcionar sistemas mais confiáveis que possam lidar com os efeitos da radiação, este trabalho analisa o Fator de Vulnerabilidade Temporal (Timing Vulnerability Factor - TVF) em algumas topologias de flip-flops mestre-escravo em estágios de pipeline sob diferentes condições de operação. A janela de tempo efetivo que o bit-flip ainda pode ser capturado pelo próximo estágio é definido com janela de vulnerabilidade (WOV). O TVF corresponde ao tempo que o flip-flop é vulnerável a erros transientes induzidos pela radiação de acordo com a WOV e a frequência de operação. A primeira etapa deste trabalho determina a dependência entre o TVF com a propagação de falhas até o próximo estágio através de uma lógica combinacional com diferentes atrasos de propagação e com diferentes modelos de tecnologia, incluindo também as versões de alto desempenho e baixo consumo. Todas as simulações foram feitas sob as condições normais pré-definidas nos arquivos de tecnologia. Como a variabilidade se manifesta com o aumento ou diminuição das especificações iniciais, onde o principal problema é a incerteza sobre o valor armazenado em circuitos sequenciais, a segunda etapa deste trabalho consiste em avaliar o impacto que os efeitos da variabilidade ambiental causam no TVF. Algumas simulações foram refeitas considerando variações na tensão de alimentação e na temperatura em diferentes topologias e configurações de flip-flops mestre-escravo. Para encontrar os melhores resultados, é necessário tentar diminuir os valores de TVF, pois isso significa que eles serão menos vulneráveis a bit-flips. Atrasos de propagação entre dois circuitos sequenciais e frequências de operação mais altas ajudam a reduzir o TVF. Além disso, estas informações podem ser facilmente integradas em ferramentas de EDA para ajudar a identificar os flip-flops mestre-escravo mais vulneráveis antes de mitigar ou substituí-los por aqueles tolerantes a radiação. / Technology scaling has brought undesirable issues to maintain the exponential growth rate and it raises important topics related to reliability and robustness of electronic systems. Currently, modern super pipelined microprocessors typically contain many millions of devices with ever decreasing load capacitances. This factor makes circuits more sensitive to environmental variations and it is increased the probability to induce a soft error. Soft errors in sequential circuits occur when a single energetic particle deposits enough charge near a sensitive node. Master-slave flip-flops are the most adopted sequential elements to work as registers in pipeline and finite state machines. If a bit-flip happens inside them, they lose the previous stored information and may cause an incorrect system operation. To provide reliable systems that can cope with radiation effects, this work analysis the Timing Vulnerability Factor (TVF) of some master-slave D flip-flops topologies in pipeline stages under different operating conditions. The effective time window, which the bit-flip can still be captured by the next stage, is defined as Window of Vulnerability (WOV). TVF corresponds to the time that a flip-flop is vulnerable to radiation-induced soft errors according to WOV and clock frequency. In the first step of this work, it is determined the dependence between the TVF with the fault propagation to the next stage through a combinational logic with different propagation delays and with different nanometer technological models, including also high performance and low power versions. All these simulations were made under the pre-defined nominal conditions in technology files. The variability manifests with an increase or decreases to initial specification, where the main problem is the uncertainty about the value stored in sequential. In this way, the second step of this work evaluates the impact that environmental variability effect causes in TVF. Some simulations were redone considering supply voltage and temperature variations in different master-slave D flip-flop topologies configurations. To achieve better results, it is necessary to try to decrease the TVF values to reduce the vulnerability to bit-flips. The propagation delay between two sequential elements and higher clock frequencies collaborates to reduce TVF values. Moreover, all the information can be easily integrated into Electronic Design Automation (EDA) tools to help identifying the most vulnerable master-slave flip-flops before mitigating or replacing them by radiation hardened ones.

Microeletrônica

Tolerancia : Falhas

Microelectronics

Soft errors

Window of vulnerability

Timing vulnerability factor

Environmental variability

Assessing vulnerability to sea level rise in the state of São Paulo, Brazil

Miranda Francisco, Marcela

January 2018

The study aims to assess vulnerability to sea level rise of the municipal population from the coastal region of the state of São Paulo. This vulnerability assessment focus on degrees of vulnerability and what are the main factors that affect vulnerability to sea level rise in the municipalities. The study has included indicators of vulnerability to sea level rise which were represented through vulnerability mapping reflecting the degrees of adaptive capacity, sensitivity, exposure and total vulnerability of the municipalities. The results have shown that São Vicente, São Sebastião, Praia Grande, Santos and Guarujá were classified as highly vulnerable to sea level rise and Santos as the most vulnerable municipality. The assessment indicated that approximately 1 million inhabitants of the coastal zone of São Paulo could be affected by a rise of up to 1 meter in the sea level in one generation time, around 100 years. Social factors are among the main factors that affect vulnerability, which are especially related to urban infrastructure; however biophysical factors, particularly linked to erosion and inundation are significant factors to vulnerability to sea level rise in the municipalities likewise, economic factors, as the most vulnerable municipalities concentrate industries with high polluting potential. The identified main factors that affect coastal vulnerability should be integrated in policy considerations that should also focus on long term urban management strategies.

Brazil

climate change

coastal vulnerability

sea level rise

vulnerability assessment

Environmental Sciences

Miljövetenskap

Timing vulnerability factor analysis in master-slave D flip-flops / Análise do fator de vulnerabilidade temporal em flip-flops mestre-escravo do tipo D

Zimpeck, Alexandra Lackmann

January 2016

O dimensionamento da tecnologia trouxe consequências indesejáveis para manter a taxa de crescimento exponencial e levanta questões importantes relacionadas com a confiabilidade e robustez dos sistemas eletrônicos. Atualmente, microprocessadores modernos de superpipeline normalmente contêm milhões de dispositivos com cargas nos nós cada vez menores. Esse fator faz com que os circuitos sejam mais sensíveis a variabilidade ambiental e aumenta a probabilidade de um erro transiente acontecer. Erros transientes em circuitos sequenciais ocorrem quando uma única partícula energizada deposita carga suficiente perto de uma região sensível. Flip-Flops mestreescravo são os circuitos sequencias mais utilizados em projeto VLSI para armazenamento de dados. Se um bit-flip ocorrer dentro deles, eles perdem a informação prévia armazenada e podem causar um funcionamento incorreto do sistema. A fim de proporcionar sistemas mais confiáveis que possam lidar com os efeitos da radiação, este trabalho analisa o Fator de Vulnerabilidade Temporal (Timing Vulnerability Factor - TVF) em algumas topologias de flip-flops mestre-escravo em estágios de pipeline sob diferentes condições de operação. A janela de tempo efetivo que o bit-flip ainda pode ser capturado pelo próximo estágio é definido com janela de vulnerabilidade (WOV). O TVF corresponde ao tempo que o flip-flop é vulnerável a erros transientes induzidos pela radiação de acordo com a WOV e a frequência de operação. A primeira etapa deste trabalho determina a dependência entre o TVF com a propagação de falhas até o próximo estágio através de uma lógica combinacional com diferentes atrasos de propagação e com diferentes modelos de tecnologia, incluindo também as versões de alto desempenho e baixo consumo. Todas as simulações foram feitas sob as condições normais pré-definidas nos arquivos de tecnologia. Como a variabilidade se manifesta com o aumento ou diminuição das especificações iniciais, onde o principal problema é a incerteza sobre o valor armazenado em circuitos sequenciais, a segunda etapa deste trabalho consiste em avaliar o impacto que os efeitos da variabilidade ambiental causam no TVF. Algumas simulações foram refeitas considerando variações na tensão de alimentação e na temperatura em diferentes topologias e configurações de flip-flops mestre-escravo. Para encontrar os melhores resultados, é necessário tentar diminuir os valores de TVF, pois isso significa que eles serão menos vulneráveis a bit-flips. Atrasos de propagação entre dois circuitos sequenciais e frequências de operação mais altas ajudam a reduzir o TVF. Além disso, estas informações podem ser facilmente integradas em ferramentas de EDA para ajudar a identificar os flip-flops mestre-escravo mais vulneráveis antes de mitigar ou substituí-los por aqueles tolerantes a radiação. / Technology scaling has brought undesirable issues to maintain the exponential growth rate and it raises important topics related to reliability and robustness of electronic systems. Currently, modern super pipelined microprocessors typically contain many millions of devices with ever decreasing load capacitances. This factor makes circuits more sensitive to environmental variations and it is increased the probability to induce a soft error. Soft errors in sequential circuits occur when a single energetic particle deposits enough charge near a sensitive node. Master-slave flip-flops are the most adopted sequential elements to work as registers in pipeline and finite state machines. If a bit-flip happens inside them, they lose the previous stored information and may cause an incorrect system operation. To provide reliable systems that can cope with radiation effects, this work analysis the Timing Vulnerability Factor (TVF) of some master-slave D flip-flops topologies in pipeline stages under different operating conditions. The effective time window, which the bit-flip can still be captured by the next stage, is defined as Window of Vulnerability (WOV). TVF corresponds to the time that a flip-flop is vulnerable to radiation-induced soft errors according to WOV and clock frequency. In the first step of this work, it is determined the dependence between the TVF with the fault propagation to the next stage through a combinational logic with different propagation delays and with different nanometer technological models, including also high performance and low power versions. All these simulations were made under the pre-defined nominal conditions in technology files. The variability manifests with an increase or decreases to initial specification, where the main problem is the uncertainty about the value stored in sequential. In this way, the second step of this work evaluates the impact that environmental variability effect causes in TVF. Some simulations were redone considering supply voltage and temperature variations in different master-slave D flip-flop topologies configurations. To achieve better results, it is necessary to try to decrease the TVF values to reduce the vulnerability to bit-flips. The propagation delay between two sequential elements and higher clock frequencies collaborates to reduce TVF values. Moreover, all the information can be easily integrated into Electronic Design Automation (EDA) tools to help identifying the most vulnerable master-slave flip-flops before mitigating or replacing them by radiation hardened ones.

Microeletrônica

Tolerancia : Falhas

Microelectronics

Soft errors

Window of vulnerability

Timing vulnerability factor

Environmental variability

Modeling Class of Software Vulnerabilities with Vulnerability Cause Graphs

Hiran, Rahul

January 2009

Vulnerabilities discovered in software are not only due to programming errors but also due to designflaws. There are a number of methods to avoid design flaws which are all manual processes and needexpertise. We believe that the study of models of classes of vulnerabilities would give developerssufficient knowledge in how to avoid these vulnerabilities. A model of class of vulnerability can alsohelp in the decision making process during the software development process.In this thesis, we present a procedure for modeling a class of vulnerabilities given instances ofVulnerability Cause Graphs (VCGs). Using VCGs will structure the representation of causes tovulnerabilities.The approach presented in this thesis makes it possible to divide the work of modeling a class ofvulnerability without any permanent dependence on any specific persons. The approach is also flexible enough to accommodate new causes of vulnerabilities in software when being discovered.

Vulnerability modelling

Vulnerability Cause Graphs

VCG

class VCG

Computer Sciences

Datavetenskap (datalogi)

Cybersecurity: Probabilistic Behavior of Vulnerability and Life Cycle

Rajasooriya, Sasith Maduranga

28 June 2017

Analysis on Vulnerabilities and Vulnerability Life Cycle is at the core of Cybersecurity related studies. Vulnerability Life Cycle discussed by S. Frei and studies by several other scholars have noted the importance of this approach. Application of Statistical Methodologies in Cybersecurity related studies call for a greater deal of new information. Using currently available data from National Vulnerability Database this study develops and presents a set of useful Statistical tools to be applied in Cybersecurity related decision making processes. In the present study, the concept of Vulnerability Space is defined as a probability space. Relevant theoretical analyses are conducted and observations in the vulnerability space in aspects of events and states are discussed. Transforming IT related cybersecurity issues into analytical formation so that abstract and conceptual knowledge from Mathematics and Statistics can be applied is a challenge. However, to overcome rising threats from Cyber-attacks such an integration of analytical foundation to understand the issues and develop strategies is essential. In the present study we apply well known Markov approach in a new approach of Vulnerability Life Cycle to develop useful analytical methods to assess the Risk associated with a vulnerability. We also presents, a new Risk Index integrating the results obtained and details from the Common Vulnerability Scoring System (CVSS). In addition, a comprehensive study on the Vulnerability Space is presented discussing the likelihood of probable events in the probability sub-spaces of vulnerabilities. Finally, an Extended Vulnerability Life Cycle model is presented and discussed in relation to States and Events in the Vulnerability Space that lays down a strong foundation for any future vulnerability related analytical research efforts.

Cyber Security

Markov Model

Vulnerability

Risk Factor

Vulnerability Life Cycle

Mathematics

Statistics and Probability

A Quantitative Security Assessment of Modern Cyber Attacks. A Framework for Quantifying Enterprise Security Risk Level Through System's Vulnerability Analysis by Detecting Known and Unknown Threats

Munir, Rashid

January 2014

Cisco 2014 Annual Security Report clearly outlines the evolution of the threat landscape and the increase of the number of attacks. The UK government in 2012 recognised the cyber threat as Tier-1 threat since about 50 government departments have been either subjected to an attack or a direct threat from an attack. The cyberspace has become the platform of choice for businesses, schools, universities, colleges, hospitals and other sectors for business activities. One of the major problems identified by the Department of Homeland Security is the lack of clear security metrics. The recent cyber security breach of the US retail giant TARGET is a typical example that demonstrates the weaknesses of qualitative security, also considered by some security experts as fuzzy security. High, medium or low as measures of security levels do not give a quantitative representation of the network security level of a company. In this thesis, a method is developed to quantify the security risk level of known and unknown attacks in an enterprise network in an effort to solve this problem. The identified vulnerabilities in a case study of a UK based company are classified according to their severity risk levels using common vulnerability scoring system (CVSS) and open web application security project (OWASP). Probability theory is applied against known attacks to create the security metrics and, detection and prevention method is suggested for company network against unknown attacks. Our security metrics are clear and repeatable that can be verified scientifically

A Vulnerability Assessment Approach for Home Networks : A case of Cameroon

Tanyi, Elvis Etengeneng

January 2023

The research highlights the importance of vulnerability assessment in evaluating the effectiveness of security mechanisms in computer and network systems. While vulnerability assessment is commonly practiced by companies and businesses, it is often underlooked in the context of home networks. The misconception that home networks are not lucrative targets for cyber criminals has been shattered with the emergence of the Covid-19 pandemic, which forced many individuals to work from home, adding to their normal daily personal home network device interactions, making their home networks more vulnerable to attacks. The situation iseven more challenging in developing countries like Cameroon, where there is a significant IT gap due to limited access to quality IT education and training opportunities. To address these issues, the research employed two main methods. Firstly, the systematic Review of Literature (SRL) method was used to investigate the types of systems used in home networks, common vulnerabilities, and attacks associated with them. Additionally, a step-by-step guide using opensource tools was developed to assist home users in evaluating the security of their networks. The second method utilized was the experimental method, with the use of semi-structured interviews for data collection. This demonstrated how selected tools such as Zenmap and Nessus, along with associated techniques, could be effectively used by home users to assess the security posture of their networks. This practical approach contributed to the development of a targeted vulnerability assessment methodology for home users. Furthermore, recommendations were provided to help home users mitigate identified vulnerabilities in their networks.

Vulnerability Assessment

Home Networks

Vulnerability scanning

developing countries

Cameroon

Information Systems

Vulnerability of Forests to Climatic and Non-Climatic Stressors : A Multi-Scale Assessment for Indian Forests

Sharma, Jagmohan

January 2015

During the 21st century, climatic change and non-climatic stressors are likely to impact forests leading to large-scale forest and biodiversity loss, and diminished ecological benefits. Assessing the vulnerability of forests and addressing the sources of vulnerability is an important risk management strategy. The overall goal of this research work is to develop methodological approaches at different scales and apply them to assess the vulnerability of forests in India for developing strategies for forest adaptation. Indicator-based methodological approaches have been developed for vulnerability assessment at local, landscape and national scales under current climate scenario, and at national scale under future climate scenario. Under current climate scenario, the concept of inherent vulnerability of forests has emerged by treating vulnerability as a characteristic internal property of a forest ecosystem independent of exposure. This approach to assess vulnerability is consistent with the framework presented in the latest report of Intergovernmental Panel on Climate Change (IPCC AR5 2014). Assessment of vulnerability under future climate scenario is presented only at national scale due to challenges associated with model-based climate projections and impact assessment at finer scales. The framework to assess inherent vulnerability of forests at local scale involves selection of vulnerability indicators and pair wise comparison method (PCM) to assign the indicator weights. The methodology is applied in the field to a 300-ha moist deciduous case study forest (Aduvalli Protected Forest, Chikmagalur district) in the Western Ghats area, where a vulnerability index value of 0.248 is estimated. Results of the study indicate that two indicators - ‘preponderance of invasive species’ and ‘forest dependence of community’ - are the major drivers of inherent vulnerability at present. The methodology developed to assess the inherent vulnerability at landscape scale involves use of vulnerability indicators, the pair wise comparison method, and geographic information system (GIS) tools. Using the methodology, assessment of inherent vulnerability of Western Ghats Karnataka (WGK) landscape forests is carried out. Four vulnerability indicators namely, biological richness, disturbance index, canopy cover and slope having weights 0.552, 0.266, 0.123 and 0.059, respectively are used. The study shows that forests at one-third of the grid points in the landscape have high and very high inherent vulnerability, and natural forests are inherently less vulnerable than plantation forests. The methodology used for assessment of forest inherent vulnerability at the national scale was same as used at landscape scale. 40% of forest grid points in India are assessed with high and very high inherent vulnerability. Except in pockets, the forests in the three biodiversity hotspots in India i.e., the Western Ghats in peninsular India, northeastern India, and the northern Himalayan region are assessed to have low to medium inherent vulnerability. Vulnerability of forests under future climate scenario at national scale is estimated by combining the results of assessment of climate change impact and inherent vulnerability. In the present study, ensemble climatology from five CMIP5 (Coupled Model Intercomparison Project phase 5) climate models for RCP (Representative Concentration Pathways) 4.5 and 8.5 in short (2030s) and long term (2080s) is used as input to IBIS (Integrated Biosphere Simulator) dynamic vegetation model. Forest grid points projected to experience vegetation-shift to a new plant functional type (PFT) under future climate are categorized under ‘extremely high’ vulnerability category. Such forest grid points in India are 22 and 23% in the short term under RCP4.5 and 8.5 respectively, and these percentages increase to 31 and 37% in the long term. IBIS simulated vegetation projections are also compared with LPJ (Lund-Potsdam-Jena) simulated projections. Both the vegetation models agree that forests at about one-third of the grid points could be impacted by future climate but the spatial distribution of impacted grid points differs between the models. Vulnerability assessment is a powerful tool for building long-term resilience in the forest sector in the context of projected climate change. From this study, three forest scenarios emerge in India for developing adaptation strategies namely: (a) less disturbed primary forests; (b) degraded and fragmented primary forests; and (c) secondary (plantation) forests. Minimizing anthropogenic disturbance and conserving biodiversity are critical to reduce forest vulnerability of less disturbed primary forests. For disturbed forests and plantations, adaptive management aimed at forest restoration is necessary to build resilience. Mainstreaming forest adaptation in India through Forest Working Plans and realignment of the forestry programs is necessary to manage the risk to forests under climate change.

Indian Forests

Climate Stressors

Climate Change Impact Assessment

Vulnerability of Forests

Forest-Climate Interaction

Indian Forests - Impact Assessment

Forest Vulnerability Assessment

Inherent Vulnerability - Western Ghats

Sustainable Technologies