Download presentation
Presentation is loading. Please wait.
Published byAugustus White Modified over 9 years ago
1
Sandro Bologna - ENEA bologna@casaccia.enea.it http://www.progettoreti.enea.it Workshop – AICT Roma 25 Settembre, 2008 Alcune iniziative di ricerca in Europa e in Italia sul ruolo della ICT nella Protezione delle Infrastrutture Critiche E NTE PER LE N UOVE TECNOLOGIE L’ E NERGIA E L’ A MBIENTE
2
CyberLayer OrganisationalLayer Intra-dependency Inter-dependency PhysicalLayer Three Layers Model for the Critical Infrastructure Increasing importance of the “Cyber Layer” and “Inter-dependency”
3
Current Structure of the Electrical System in Europe Transmission National / International Subtransmission Regional Low Voltage Distribution System
4
Integrated infrastructures for active network operation Meter storage Demand response Gx Gy Communicati on control local area 3 G2 G3 storage Demand response Meter Communicatio n control local area 2 DSO 1 Communication network G1 storage Demand response Meter Communicati on control local area 1 Bulk gen. TSO DGop n DGop 2 DGop 1 DSO n DSO 2 Information Communication control Power flow Microgrid Power grid
5
EPCIP Directorate General JLS (Policy) EPCIP Directorate General JLS (Policy) FP7 SECURITY Theme Directorate General ENTR (Security Research and Development) FP7 SECURITY Theme Directorate General ENTR (Security Research and Development) FP7 IST Theme Directorate General INFSO (Security) FP7 IST Theme Directorate General INFSO (Security) FP7 EU Policy and Research in CIP-CIIP FP7 EU Policy and Research in CIP-CIIP Joint R&D Directorate General INFSO (Internet; network and information security) Directorate General INFSO (Internet; network and information security) Policy
6
Geographical allocation of CIIP R&D relevant initiatives 44 national and 28 EU co-funded (CI2RCO Project 2006) Notice that EU projects are counted for each participating country
7
National initiatives – overview (CI2RCO Project 2006)
8
Geographical distribution of partners into the 28 EU co- funded initiatives (CI2RCO Project 2006) 57% of the partners from 4 countries
9
CONCLUSIONS FROM GAP ANALYSIS (1/4) (CI2RCO Project 2007) #1 CIP/CIIP is still a very immature field of research #2 There is not yet a real community of researchers - even if there is an increasing large number of actors interested on but not converging #3 This is partially due to the absence of a clear policy, both EU and MS, about CIP/CIIP and a clear vision of what “concretely" are CIP/CIIP, which are their goals, constraints and boundaries
10
CONCLUSIONS FROM GAP ANALYSIS (2/4) (CI2RCO Project 2007) #4 The majority of Member States have neither a Strategic Plan on CIIP nor a Specific R&D Program #5 The majority of the R&D activities are funded under different labels, from IT security to Border Control. Moreover, there is a set of different Agencies promoting this kind of initiatives, often with limited coordination #6 National initiatives of MS are inhomogeneous in economical dimension and time span #7 In several MS Ministries of interior or defence are in charge to coordinate national initiatives
11
CONCLUSIONS FROM GAP ANALYSIS (3/4) (CI2RCO Project 2007) #8 Stakeholders involvement appears largely deficient. They shown an application oriented vision strongly related to their own infrastructure and business framework, with a limited attention on border elements and trans-domain consequences #9 In several countries important CI stakeholders appear quite completely absent from the scenario and there is a limited participation from infrastructure's controllers providers (SCADA providers) #10 Stakeholders initiatives are mainly focused on the risk analysis aspects more than in the technology development to master and shape the future development of their infrastructures
12
CONCLUSIONS FROM GAP ANALYSIS (4/4) (CI2RCO Project 2007) #11 Most of the partners for the EU-funded projects are from a small number of EU Countries (Germany, France, UK, Italy, Netherlands) and in particular from the same organisations. #12 Strong need to better harmonize EU participation among the Member States because CIIP is a trans- national problem, increasing with globalisation and complexity #13 Strong need to stimulate R&D involvment and funding from Industrial Stakeholders, Regional and National Governments #14 Strong need to create a European Research Area on CIIP
13
A Feedback from 1st CI2RCO Conference Rome, 30 March, 2006 Too many roadmaps and strategic projects instead of projects from which I can really benefit in daily environment (source: energy provider)
14
Addressing the safety and security issue: the ENEA SAFEGUARD approach OBJECTIVE REFERENCE INFRASTRUCTURE A supervisory and control system (SCADA) of the electrical transmission network Development of a network of software components (Agents) to increment the survivability of information intensive critical infrastructures as the electrical transport and distribution networks, during attacks, intrusions, or anomalies caused by network instabilities.
15
SAFEGUARD multi-agent architecture Control system of electrical network (RTUs & Control Centers) Home LCCIs Topology agent Negotiation agent MMI agent Other LCCIs Foreign electrical networks Communication networks ------------------- Correlation agent Action agent Low level agents High level agents Network state monitors Intrusion Detection wrappers Anomaly detector agents Actuators Commands and information Only information Network protection at global level Network protection at local level
16
Area 1 Area 2 Area 3 Substations Loads Generators Power transport network Supervisory and Control System Electrical system physical layer SIA-R CCN CCR SIA-C Remote Units Control Centers Information Network Communication Network Data concentrators IMPLEMENTATION OF SAFEGUARD TECHNOLOGIES IN THE ELECTRICAL SYSTEM RTU Event sequences checking agent Invariant checking agent Communication ports checking agent RTU state hybrid detector
17
ENEA Testing Platform of SAFEGUARD Technology emulation on a local network of the components belonging to a SCADA distributed system RTU 1 RTU 2 RTU 3 RTU n Electrical load-flow simulator (e-Agora) SCADA Control Center National Network Data Base (Gegional DB) Network Data Base (National DB) SCADA data exchange bus Attacks/faults Console design running log/document TEST PLATFORM Safeguard high level agents (correlator, action ect.) SCADA Control Center Regional Message “broker” Event sequences hybrid detector (Case Base reasoning) Hybrid detector for State Estimation (Checking Invariants) RTU state hybrid detector (Neural Network) Communication hybrid detector (Data Mining technique) Low Level Agents
18
ENEA TEST PLATFORM OF SAFEGUARD TECHNOLOGY
19
OBJECTIVE: REFERENCES INFRASTRUTTURES: An electrical distribution network A public voice/data tele-communication network Provide a technology (named MIT, Middleware Improved Technology) which will reduce the risk of cascading failures caused by interdependency between Large Complex Critical Infrastructures (LCCI) MIT system will support information sharing between LCCIs operators to augment their mutual situational awareness. MIT system will support negotiation and coordinated actions between neighbouring systems for the establishment of effective and optimal measures; Addressing the cascading failures issue: the ENEA IRRIIS approach
20
Interdependencies between Electrical and Telecommunication Networks
21
Overall IRRIIS MIT architecture Telecom Data Base Other Data Bases Electrical Data Base Inter LCCIs data exchange Communication Components LCCIs Data Bases & Alarm logs LCCI 1 LCCI 2 LCCI n Add-on Components
22
The Italian IRRIIS Scenario MANAGING “INTERDEPENDENCY” BETWEEN DIFFERENT INFRASTRUCTURES
23
SimCIP TelecomSimulator LCCI Telecom Data Base ElectricitySimulator LCCI Electricity Data Base MITcommunication Electricity MIT Add-on Telecom MIT Add-on Electrical SCADA Emulator Telecom Electrical Control Room Telecom Control Room Optional External Components IRRIIS - Physical set-up of the experimentation environment
24
MIT components Telecom MIT components Electricity Local attacker Telecom Telecom network simulation Power backup simulation Electrical network simulation Local attacker Electricity Global attacker SCADA emulation Test Bed communication channel Local LAN Additional analysis tools Experimentation GUI Logger Local LAN Experimentation Archive MIT communication channel Electricity monitoring panel Experimentation SERVER Telecom monitoring panel View of the IRRIIS Test Bed at ENEA
25
Addressing the cascading failures issue: the MICIE approach
26
CRUTIAL is a RTD Project in the area of Critical Information Infrastructure Protection launched by the European Union under the Information Society Technologies priority of the Sixth Framework Programme. The project addresses new networked ICT systems for the management of the electric power grid, in which artefacts controlling the physical process of electricity transportation need to be connected with information infrastructures, through corporate networks (intranets), which are in turn connected to the Internet. CESI RICERCA electricity grid communication network Critical Utility InfrastructurAL Resilience FP6-2004-IST-4-027513 http://crutial.cesiricerca.it modelling interdependent infrastructures resilient to both accidental failures and malicious attacks CRUTIAL’s innovative approach resides in attempting at casting them into new architectural patterns Objectives Investigation of models and architectures that cope with openness, heterogeneity and evolvability endured by electrical utilities infrastructures Analysis of critical scenarios which ICT faults provoke serious impact on the controlled electric power infrastructures Evaluation of distributed architectures enabling dependable control and management of the power grid Work Packages WP1 Identification and description of Control System Scenarios WP2 Interdependencies modelling WP3 Testbed development WP4 Architectural solutions WP5 Analysis and evaluation of Control System Scenarios WP6 Dissemination WP7 Management
27
Addressing the communication resilience in power control systems: the CESI Ricerca CRUTIAL approach OBJECTIVE REFERENCE INFRASTRUCTURE Electric Power Transmission and Distribution Grids Control and Data Networks for Operation and Maintenance activities to develop the representative control algorithms in the testbeds integrating the electric power system and the information infrastructure
28
Telecontrol testbed - Control system scenarios scenario 1: DSO teleoperation –use of public IP backbone for DSO supervision and control –assess redundant communication architecture –assess vulnerabilities of standard protocols and impact on control scenario 2: interaction between TSO/DSO in emergency –assess defense plan actuation (automatic load shedding) –assess security of the TSO-DSO communications –evaluate the impact of attacks in emergency conditions scenario 3: integration of DSO operation & maintenance –process control and corporate intranet integration –evaluate the impact of attacks and fault propagation scenario 4: ICT maintenance of control infrastructures –assess remote functional testing and operations on ICT devices –assess remote reconfiguration of the substation automation
29
Scenario 1b: DoS attack implementation Control System Scenarios Simulation of a DoS attack to a Centre router/gateway by TSP insider 2 - Communication bandwidth reduction 4 - Loss of remote supervision and control functions of all controlled substations from the primary Centre 1 - TSP insider starts attack PSTN Backu p 3 - Communication backup line Telecontrol testbed – scenario 1b
30
Telecontrol Testbed at CESI Ricerca
31
The CRESCO approach wants to be a “proof of concept” of different Simulation Tools supporting (inter)dependencies simulation –The “proof of concepts” is based on a limited number of scenarios built upon a process of knowledge elicitation from the stakeholders The CRESCO approach wants to be a “proof of concept” of computational layers supporting the Simulation Platform – The goal is to assess major advantages/disadvantages deriving from the use of HPC GRID, in particular ENEA- GRID The CRESCO approach wants to be a “proof of concept” of the basic problems with Federated Simulation – The “proof of concepts” is based on a limited number of Simulators (CISIA, CIAB, eAgora, NS2, Omnet) Addressing the Interdependencies modelling and simulation issue: the ENEA CRESCO approach
32
USERS/GIS INTERFACE MIDDLEWARE (Request Management) MIDDLEWARE (SIMULATORS INTERFACE) POWER GRID SIMULATOR TELECOMM NETWORK SIMULATOR Infrastrutture n SIMULATOR Agent-based model Entity – Resource Model ENEA CRIAI Tor Vergata CAMPUS BIOMEDICO
33
ENEA GRID layer CRESCO middleware Power Grid Simulator Agent-based model Entity-Resource model Telecomm Network Smulator CRESCO Simulation Platform running on the top of ENEA GRID
34
GRID layer DIESIS middleware Power Grid simulator @ENEA Railway traffic simulator @TNO User @IAIS Network Simulator @ICL Public transportation traffic simulator @CRIAI DIESIS ARCHITECTURE Design of an Interoperable European federated Simulation network for critical InfraStructures
35
NEISAS – National and European Information Sharing and Alerting System Funded by EC DG JLS EPCIP 2008 program Objective: deployment of a prototype of a National and European Information Sharing and Alerting System Partners: ENEA, Italian Cabinet Office, UK Home Office, UK CPNI, Dutch NICC, Booz & co, Symantec 35
36
MS3I – Messaging Standard for Sharing Security Information Funded by EC DG JLS EPCIP 2007 program Objective: Definition of an Information Sharing framework for exchanging alerts and reports on new vulnerabilities, threats, incidents and good practices Partners: Symantec, AIIC, Polizia Postale (C.N.A.I.P.I.C.) Stakeholders: National CIP centres, CERTs, CI operators in 15 countries 36
37
ECCRAMM – Energy Control Centre Risk Analsysis and Management Methodology Funded by EC DG JLS EPCIP 2007 program Objective: deployment of Risk Management methodology to protect Energy Control Centres Partners: Symantec, UCTE, 9 UCTE TSOs, Estonian Ministry of Economics, Eesti Energia (Estonian TSO) 37
38
Some of the Projects with participation of ENEA and/or CESI Ricerca (1/5) RdS 2006-2008 AdP con MSE: Area “Governo del Sistema” e Area “Trasmissione e Distribuzione” funded by MSE SECURE: Security of Energy considering Uncertainty, Risk and Economic Implications funded by EU-FP7 REALISEGRID: REseArch methodoLogIes and technologieS for the effective development of pan-European GRID funded by EU-FP7 HARRISON: Galileo Time and Synchronization Applications funded by EC/ESA MORE MICROGRIDS: Advanced Architectures and Control Concepts for Microgrids funded by EU-FP6
39
DERRI: Distributed Energy Resources Research Infrastructure funded by EU-FP7 DER-LAB: Network of DER LABoratories funded by EU-FP6 OSN: Osservatorio sulla Sicurezza Nazionale supported by RdS 2006- 2008 AdP, funded by MSE GRID: Coordination Action on ICT vulnerabilities of power systems and relevant defense methodologies funded by EU-FP6 CRUTIAL: Critical UTility InfrastructurAL resilience funded by EU-FP6 DAMSE: European Methodology for Dams Security Assessment funded by EU-EPCIP Some of the Projects with participation of ENEA and/or CESI Ricerca (2/5)
40
Some of the Projects with participation of ENEA and/or CESI Ricerca (3/5) MIA: Methodology for Interdependence Assessment between ICT and electricity infrastructures, funded by EU-EPCIP ASTROM: ASsessment of resilience to ThReaths of cOntrol and data Management systems of electrical network, funded by EU-EPCIP ESTEC: Feasibility Study for a European Network of Secure Test Centres for Reliable ICT-controlled Critical Energy Infrastructures, funded by EU-EPCIP IRRIIS: Integrated Risk reduction of Information-based Infrastructure Systems, funded by EU-FP6 MICIE: Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures, funded by EU-FP7
41
Some of the Projects with participation of ENEA and/or CESI Ricerca (4/5) CRESCO.LAIII: Sviluppo di Modelli di Simulazione ed Analisi delle Reti Tecnologiche Complesse e delle loro Interdipendenze, funded by MIUR-PON GIACS: General Integration of the Application of Complexity in Science, funded by EU-FP6 DIESIS: Design of an Interoperable European federated Simulation network for critical Infrastructures, funded by EU-FP7 COST MP0801: Physics of Competition, Cooperation and Conflict, funded by ESF 2008 TeRN: Sviluppo di sistemi di Early-Warning in Val d’Agri, funded by Regione Basilicata
42
Some of the Projects with participation of ENEA and/or CESI Ricerca (5/5) NEISAS: National and European Information Sharing and Alerting System, funded by EU-EPCIP TRAMP: Sistema Integrato di Gestione e Controllo per il TRAsporto in Sicurezza di Merci pericolose, funded by MIUR
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.