Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ilias Spais AEGIS IT RESEARCH LTD H2020 Project Clustering Workshop

Published byElla Lisa West Modified over 6 years ago

Similar presentations

Presentation on theme: "Ilias Spais AEGIS IT RESEARCH LTD H2020 Project Clustering Workshop"— Presentation transcript:

1 Enhancing Critical Infrastructure Protection with innovative SECurity framework
Ilias Spais AEGIS IT RESEARCH LTD H2020 Project Clustering Workshop 31/01/2018 The research leading to these results has received funding from the European Union’s Horizon 2020 Research and Innovation Programme, under Grant Agreement no

2 What we do Who we are Software and Services
Focus on both Research and Innovation Cyber Security – anonymity - privacy Advanced visualizations and monitoring Turning research achievements into products Computer Science – talented IT Researchers and Engineers SME located in UK and Germany More than 10 years in R&D projects Two active collaborations: I-BiDaaS and CIPSEC © CIPSEC Project, Jan 2018

3 Overview Project name: Enhancing Critical Infrastructure Protection with innovative SECurity framework Grant Agreement no.: Start day: May 1st 2016 Duration: 36 months Call identifier: H2020-DS Topic: DS The role of ICT in Critical Infrastructure Protection. Cost: ,00 € © CIPSEC Project, Jan 2018

4 Making a long story short
The critical point: CI are an integrated part of our lives as they provide services to citizens, businesses and government. The main aim of CIPSEC is to create a unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection (detect, identify and mitigate threats) in IT (information technology) and OT (operational technology) departments of CIs. CIPSEC will offer a complete security ecosystem of additional services that can support the proposed technical solutions to work reliably and with professional quality. These services include vulnerability tests and recommendations, key personnel training courses, forensics analysis, standardization and protection against cascading effects.  All solutions and services will be validated in three pilots performed in three different CI environments (transportation, health, environment). CIPSEC will also develop a marketing strategy for optimal positioning of its solutions in the CI security market. Basics © CIPSEC Project, Jan 2018

5 Objectives Unified security framework for CI Anomaly detection, anti-malware, cyber-security, data privacy, distributed denial of service, hardware security. Easy integration of heterogeneous systems to the CIPSEC framework. Security Ecosystem System vulnerability tests and recommendations, contingency plans based on PPPs, training courses and certification, updating/patching mechanisms, and forensics analysis. Transportation, health and environment pilots Validate our proposed solution under real conditions: System modules level (in each industrial section and security aspect), and system level (the complete framework). Links and standardizations bodies EPCIP (European Program for Critical Infrastructure Protection). ERNCIP (European Reference Network for Critical Infrastructure Protection). Ready to market Security frameworks for transportation, health or environmental monitoring CIs TRL 7/8. Industrial partners will bring to the CIPSEC project their own market products services (up to TRL 8/9) © CIPSEC Project, Jan 2018

6 CIPSEC framework design and development
Work plan Dissemination, standards, exploitation and business models exploration CIPSEC framework design and development Deployment, integration, evaluation and validation WP1 Start date: M1 WP2 Start date: M1 WP3 Start date: M10 WP4 Start date:M19 WP5 Start date:M1 WP1: Analyzing specific CI security requirements clearly assessing weak points and current limitations. WP2: Setting the whole CIPSEC solution tailored to CI scenarios. WP3: Integrating the CIPSEC solution to the three pilot scenarios proposed in the project for validation. WP4: Final adjustments turning into a close to market solution running on real operational scenarios. WP5: Starting from the very beginning, capturing and collecting all project contributions for communication, exploitation, and standardization purposes. WP6: Dealing with overall project management aspects. WP tasks © CIPSEC Project, Jan 2018

7 Protection of medical and non-medical subsystems
Pilot 1- Health The Hospital Clinic de Barcelona (HCB) is one of the most recognized and representative largest public tertiary university hospitals in Spain and in the EU. Some of the most representative OT in HCB are: Monitoring and therapeutic equipment Imaging equipment High interventionist areas Surveillance cameras Access control Temperature and gas concentration active RFID sensors Voice over IP Patient’s bedside multimedia monitors Main objective Protection of medical and non-medical subsystems © CIPSEC Project, Jan 2018

8 Pilot 2- Environment Network AQDRS (Air Quality Detection Regional System) The Net is composed of: 7 COP Operating Provincial Center 78 fixed public stations 6 mobile public stations 900 sensors Connected to several other IT systems (apps and databases) The system records 25 million data per year. Main objective Protection of the network © CIPSEC Project, Jan 2018

9 Pilot 3- Railway transportation
Biggest business premises in Germany – with public access 5,700 Stations (in Germany) as gate to railway transportation 33,500 km rail network 48,800 heated railway switches (of 70,000 total) Approx. 3,300 interlocking systems of various types 1,323 electronic interlockings (ESTW) Main objective Safe railway operation © CIPSEC Project, Jan 2018

10 Partners Consortium: 13 partners Webpage: www.cipsec.eu
Project coordinator: ATOS Partners Users Academic partners Industrial partners © CIPSEC Project, Jan 2018

11 CIPSEC community - Contact
Web site: (subscription) YouTube presentation: Twitter account: CIPSEC LinkedIn account: Project Coordinator (ATOS): Antonio Alvarez Romero Scientific Coordinator (FORTH): Sotiris Ioannidis © CIPSEC Project, Jan 2018

12 Thank you © CIPSEC Project, Jan 2018

13 User training Critical Infrastructure Platform CIPSEC Core Framework
Contingency plan System manager User/System manager Layer Reconfigurations/adjustments plan Reaction mitigation actions Recommendations Presentation Layer Configuration of detection reasoner Forensics Analysis Visualization Tool Dashboard Data Processing Layer potential anomalies inferred, risk assessment Historic anomalies DB Store anonymized data Anonymized Sensitive data Data anonymization and Privacy security data Updating/Patching Forensics service events/alerts (threats, etc) Detection Layer Incidents, events, alarms Anomaly detection reasoner Compliance Management Acquisition Layer Network logs and anomaly reports Security logs Future security services plugged Vulnerability reports Activity on auth and authz Integrity failures Vulnerability Assessment Identity Access Management Integrity Management Endpoint Detection and Response External security services Crypto services - Authentications report (access failures) - Unauthorized accesses - Phishing/scam detection - DDoS detection - Malware scans - Honeypot detected events - Network logs from agents - NIDS/HIDS info - Latency checks - Connect to legacy security services already available at CIs (IDS, IPS, firewalls, etc.) - Sanitization - Vulnerability scans - Integrity checks (i.e.., firmware checksum) - Latency checks (i.e., ping) - Data integrity check (encryption strenght) Sensitive data OT sensor data Network Security (DPI firewalls, routers with ACL, network segmentation, DMZ, NAC, etc) Critical Infrastructure Components (sensors, computers, network, servers, routers, …) User training

Download ppt "Ilias Spais AEGIS IT RESEARCH LTD H2020 Project Clustering Workshop"

Similar presentations

CIRAS PROJECT OVERVIEW

CIRAS PROJECT OVERVIEW
GAMMA Overview. Key Data Grant Agreement n° 312382 Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget: 14.837.981.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Security Controls – What Works

Security Controls – What Works
Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Presentation of projects’ ideas. 1. Madrid Network “A public-private network which aim is to contibute actively to position Madrid Region in the top.

Presentation of projects’ ideas. 1. Madrid Network “A public-private network which aim is to contibute actively to position Madrid Region in the top.
ATTRACT – From Open Science to Open Innovation Information Sharing Meeting Brussels, June 19, 2014 Markus Nordberg (CERN) Development and Innovation Unit.

ATTRACT – From Open Science to Open Innovation Information Sharing Meeting Brussels, June 19, 2014 Markus Nordberg (CERN) Development and Innovation Unit.
Participation in 7FP Anna Pikalova National Research University “Higher School of Economics” National Contact Points “Mobility” & “INCO”

Participation in 7FP Anna Pikalova National Research University “Higher School of Economics” National Contact Points “Mobility” & “INCO”
MTBC Cloud Computing Initiative  Applications of cloud computing  Overview of the NSF Net-Centric Software and Systems (NCSS) I/UCRC  MTBC and NCSS.

MTBC Cloud Computing Initiative  Applications of cloud computing  Overview of the NSF Net-Centric Software and Systems (NCSS) I/UCRC  MTBC and NCSS.
Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.

Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.
LSEC H2020-DS - & CIP-2016-2017 Ulrich Seldeslachts, Brussels, January 27th, 2016.

LSEC H2020-DS - & CIP Ulrich Seldeslachts, Brussels, January 27th, 2016.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Dr. Stelios Panagiotou, Dr. Stelios C.A. Thomopoulos Integrated Systems Laboratory Institute of Informatics and Telecommunications National Center for.

Dr. Stelios Panagiotou, Dr. Stelios C.A. Thomopoulos Integrated Systems Laboratory Institute of Informatics and Telecommunications National Center for.
CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.

CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.
Chapter 21 Successfully Implementing The Information System.

Chapter 21 Successfully Implementing The Information System.
CRITICAL INFRASTRUCTURE RISK ASSESSMENT SUPPORT CIRAS PROJECT OVERVIEW 2nd Stakeholders’ Workshop Aschaffenburg, November, 26th, 2015 Jaime Martín, Project.

CRITICAL INFRASTRUCTURE RISK ASSESSMENT SUPPORT CIRAS PROJECT OVERVIEW 2nd Stakeholders’ Workshop Aschaffenburg, November, 26th, 2015 Jaime Martín, Project.
Security and resilience for Smart Hospitals Key findings

Security and resilience for Smart Hospitals Key findings
Information Systems Security

Information Systems Security

Similar presentations

Ads by Google