Resilient Critical Infrastructure Management using Service Oriented Architecture

Abstract—The SERSCIS project aims to support the use of interconnected systems of services in Critical Infrastructure (CI) applications. The problem of system interconnectedness is aptly demonstrated by ‘Airport Collaborative Decision Making’ (ACDM). Failure or underperformance of any of the interlinked ICT systems may compromise the ability of airports to plan their use of resources to sustain high levels of air traffic, or to provide accurate aircraft movement forecasts to the wider European air traffic management systems. The proposed solution is to introduce further SERSCIS ICT components to manage dependability and interdependency. These use semantic models of the critical infrastructure, including its ICT services, to identify faults and potential risks and to increase human awareness of them. Semantics allows information and services to be described in such a way that makes them understandable to computers. Thus when a failure (or a threat of failure) is detected, SERSCIS components can take action to manage the consequences, including changing the interdependency relationships between services. In some cases, the components will be able to take action autonomously — e.g. to manage ‘local’ issues such as the allocation of CPU time to maintain service performance, or the selection of services where there are redundant sources available. In other cases the components will alert human operators so they can take action instead. The goal of this paper is to describe a Service Oriented Architecture (SOA) that can be used to address the management of ICT components and interdependencies in critical infrastructure systems. Index Terms—resilience; QoS; SOA; critical infrastructure, SLA

MIDDLEWARE FOR SMART HETEROGENEOUS CRITICAL INFRASTRUCTURE NETWORKS INTERCOMMUNICATION

Svrha je ovog preglednog rada objasniti princip i izložiti rezultate dosadašnjih istraživanja nove SWEEPS tehnike ispiranja korijenskog kanala. Standardna obrada korijenskih kanala tijekom endodontskog liječenja uključuje mehaničku instrumentaciju ručnim ili strojnim instrumentima te kemijsku obradu sredstvima za ispiranje poput NaOCl i EDTA. Tijekom instrumentacije kanala formiraju se debris i zaostatni sloj, koje je potrebno ukloniti. U dezinfekciji endodontskog prostora zuba ključan je raspad bakterijskog biofilma koji se postiže brzim strujanjem sredstva za ispiranje u kanalu. Dinamičan protok sredstva za ispiranje u kanalu potreban je za dosezanje svih dijelova endodontskog prostora, održavanje učinkovite koncentracije sredstva i za stvaranje smičnog stresa na stijekama koji uklanja biofilm. Zbog ograničenja pasivnog ispiranja špricom i iglom (nedovoljna izmjena tekućine u korijenskom kanalu) došlo je do razvoja brojnih tehnika aktivacije sredstva za ispiranje, poput zvučno i ultrazvučno aktiviranog ispiranja. Noviji doprinos poboljšanju učinkovitosti dezinfekcije korijenskih kanala predstavlja laserski aktivirano ispiranje (engl. laser-activated irrigation, LAI) pomoću erbij lasera. Posebna tehnika LAI zove se fotonima inducirano fotoakustično strujanje (engl. photon-induced photoacoustic streaming, PIPS), a temelji se na nastanku kavitacija i šok-valova koji čiste stijenke kanala. Tehnološkim napretkom postavki lasera omogućen je razvoj novih tehnika. Emisija fotoakustičnog strujanja pojačana udarnim valom (engl. Shock Wave Enchanced Emission of Photoacoustic Streaming, SWEEPS) nova je tehnika ispiranja korijenskih kanala koja se temelji na pojačanju šok-valova dodatnim pulsom laserske zrake. U literaturi još nema dovoljno radova na temelju kojih bi se mogao jasno definirati učinak SWEEPS tehnike.The aim of this study is to explain the principles and present the results of past research of the new SWEEPS root canal irrigation technique. Standard procedure during endodontic therapy involves mechanical instrumentation using hand or rotary files and chemical treatment that uses irrigants such as NaOCl and EDTA. During root canal instrumentation, debris and smear layer are formed and they need to be removed. Deattachment of bacterial biofilm plays a key role in endodontic disinfection and is originated by a fast stream of irrigant inside the root canal. Dinamic flow of irrigant inside the root canal is necessary for reaching all parts of endodontic space, maintaining an effective irrigant concentration and producing shear stress on root canal walls, which removes the biofilm. Limitations of passive needle irrigation (insufficient exchange of irrigant in the root canal) induced the development of numerous irrigation activation techniques, such as sonic and ultrasonic activation of irrigation. A new contribution to improving the efficiency of root canal disinfection is laser-activated irrigation (LAI) using erbium lasers. A special technique that LAI uses is photon-induced photoacoustic streaming (PIPS) and it is based on producing cavitations and shockwaves which debride the root canal walls. Technological progress of laser settings enabled the development of new techniques. Shock Wave Enchanced Emission of Photoacoustic Streaming (SWEEPS) is a new irrigation activation technique based on the enchancement of shockwaves by using additional laser pulse. There have not been enough papers published to clearly define the efficacy of SWEEPS technique

An Assessment Model to Improve National Cyber Security Governance

Today, cyber space has been embraced by individuals, organizations and nations as an indispensable instrument of daily life. Accordingly, impact of cyber threats has continuously been increasing. Critical infrastructure protection and fighting against cyber threats are crucial elements of national security agendas of governments. In this regard, governments need to assess the roles and responsibilities of public and private organizations to address the problems of current cyber protection postures and to respond with reorganization and reauthorization of these postures. A risk management approach is critical in placing these efforts in an ongoing lifecycle process. In this paper, a model is proposed to be used in national cyber security risk management processes. We argue that this model simplifies and streamlines national risk management processes. For this purpose, a matrix is created to partition the problem space. Cyber threat detection and response activities constitute one dimension of the matrix. The second dimension divides the timeline of cyber incidents into three: before, during and after incidents. The resulting matrix is then populated with responsible bodies which need to address each case. As a result, a national cyber security responsibility model is proposed for policy/decision makers and academics. We believe that the proposed model would be useful for governments in analyzing their national responsibility distribution to address gaps and conflicts in their current cyber security postures and for academics in analyzing natural cyber security systems and comparative studies

Current Efforts Concerning ICT Security of the Power Grid

GRID is a Coordination Action funded under the Trust and Security objective of the IST Programme of the 6th Framework to achieve consensus at the European level on the key issues involved by power systems vulnerabilities, in view of the challenges driven by the transformation of the European power infrastructure and ICT integration. GRID wants to assess the needs of the EU power sector on these issues, so as to establish a Roadmap for collaborative research in this area. The present report provides a survey on current efforts somewhat related to the objectives of GRID. Similar to GRID, a number of European and US endeavours have attempted in recent years to draw a Road Map so as to coordinate efforts concerning energy transport/distribution research and CIP.JRC.G.6-Sensors, radar technologies and cybersecurit

Protecting critical infrastructure in the EU: CEPS task force report

2sìCritical infrastructures such as energy, communications, banking, transportation, public government services, information technology etc., are more vital to industrialized economies and now than ever before. At the same time, these infrastructures are becoming increasingly dependent on each other, such that failure of one of them can often propagate and result in domino effects. The emerging challenge of Critical (information) Infrastructure Protection (C(I)IP) has been recognized by nearly all member states of the European Union: politicians are increasingly aware of the threats posed by radical political movements and terrorist attacks, as well as the need to develop better response capacity in case of natural disasters. Responses to these facts have been in line with the available resources and possibilities of each country, so that certain countries are already quite advanced in translating the C(I)IP challenge into measures, whereas others are lagging behind. In the international arena of this policy domain, Europe is still in search of a role to play. Recently, CIIP policy has been integrated in the EU Digital Agenda, which testifies to the growing importance of securing resilient infrastructures for the future. This important and most topical Task Force Report is the result of in-depth discussions between experts from different backgrounds and offers a number of observations and recommendations for a more effective and joined-up European policy response to the protection of critical infrastructure.openopenAndrea Renda; Bernhard HaemmerliRenda, Andrea; Bernhard, Haemmerl

Legal issues in clouds: towards a risk inventory.

Cloud computing technologies have reached a high level of development, yet a number of obstacles still exist that must be overcome before widespread commercial adoption can become a reality. In a cloud environment, end users requesting services and cloud providers negotiate service-level agreements (SLAs) that provide explicit statements of all expectations and obligations of the participants. If cloud computing is to experience widespread commercial adoption, then incorporating risk assessment techniques is essential during SLA negotiation and service operation. This article focuses on the legal issues surrounding risk assessment in cloud computing. Specifically, it analyses risk regarding data protection and security, and presents the requirements of an inherent risk inventory. The usefulness of such a risk inventory is described in the context of the OPTIMIS project

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies