Critical Infrastructure Protection Approaches: Analytical Outlook on Capacity Responsiveness to Dynamic Trends

Overview: Critical infrastructures (CIs) – any asset with a functionality that is critical to normal societal functions, safety, security, economic or social wellbeing of people, and disruption or destruction of which would have a very significant negative societal impact. CIs are clearly central to the normal functioning of a nation’s economy and require to be protected from both intentional and unintentional sabotages. It is important to correctly discern and aptly manage security risks within CI domains. The protection (security) of CIs and their networks can provide clear benefits to owner organizations and nations including: enabling the attainment of a properly functioning social environment and economic market, improving service security, enabling integration to external markets, and enabling service recipients (consumers, clients, and users) to benefit from new and emerging technological developments. To effectively secure CI system, firstly, it is crucial to understand three things - what can happen, how likely it is to happen, and the consequences of such happenings. One way to achieve this is through modelling and simulations of CI attributes, functionalities, operations, and behaviours to support security analysis perspectives, and especially considering the dynamics in trends and technological adoptions. Despite the availability of several security-related CI modelling approaches (tools and techniques), trends such as inter-networking, internet and IoT integrations raise new issues. Part of the issues relate to how to effectively (more precisely and realistically) model the complex behavior of interconnected CIs and their protection as system of systems (SoS). This report attempts to address the broad goal around this issue by reviewing a sample of critical infrastructure protection approaches; comprising tools, techniques, and frameworks (methodologies). The analysis covers contexts relating to the types of critical infrastructures, applicable modelling techniques, risk management scope covered, considerations for resilience, interdependency, and policy and regulations factors. Key Findings: This research presents the following key findings: 1. There is not a single specific Critical Infrastructure Protection (CIP) approach – tool, technique, methodology or framework – that exists or emerges as a ‘fit-for-all’; to allow the modelling and simulation of cyber security risks, resilience, dependency, and impact attributes in all critical infrastructure set-ups. 2. Typically, two or more modelling techniques can be (need to be) merged to cover a broader scope and context of modelling and simulation applications (areas) to achieve desirable highlevel protection and security for critical infrastructures. 3. Empirical-based, network-based, agent-based, and system dynamics-based modelling techniques are more widely used, and all offer gains for their use. 4. The deciding factors for choosing modelling techniques often rest on; complexity of use, popularity of approach, types and objectives of user Organisation and sector. 5. The scope of modelling functions and operations also help to strike the balance between ‘specificity’ and ‘generality’ of modelling technique and approach for the gains of in-depth analysis and wider coverage respectively. 6. Interdependency and resilience modelling and simulations in critical infrastructure operations, as well as associated security and safety risks; are crucial characteristics that need to be considered and explored in revising existing or developing new CIP modelling approaches. Recommendations: Key recommendations from this research include: 1. Other critical infrastructure sectors such as emergency services, food & agriculture, and dams; need to draw lessons from the energy and transportation sectors for the successive benefits of: i. Amplifying the drive and efforts towards evaluating and understanding security risks to their infrastructure and operations. ii. Support better understanding of any associated dependencies and cascading impacts. iii. Learning how to establish effective security and resilience. iv. Support the decision-making process linked with measuring the effectiveness of preparedness activities and investments. v. Improve the behavioural security-related responses of CI to disturbances or disruptions. 2. Security-related critical infrastructure modelling approaches should be developed or revised to include wider scopes of security risk management – from identification to effectiveness evaluations, to support: i. Appropriate alignment and responsiveness to the dynamic trends introduced by new technologies such as IoT and IIoT. ii. Dynamic security risk management – especially the assessment section needs to be more dynamic than static, to address the recurrent and impactful risks that emerge in critical infrastructures

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

Disaster management in smart cities

The smart city concept, in which data from different systems are available, contains a multitude of critical infrastructures. This data availability opens new research opportunities in the study of the interdependency between those critical infrastructures and cascading effects solutions and focuses on the smart city as a network of critical infrastructures. This paper proposes an integrated resilience system linking interconnected critical infrastructures in a smart city to improve disaster resilience. A data-driven approach is considered, using artificial intelligence and methods to minimize cascading effects and the destruction of failing critical infrastructures and their components (at a city level). The proposed approach allows rapid recovery of infrastructures’ service performance levels after disasters while keeping the coverage of the assessment of risks, prevention, detection, response, and mitigation of consequences. The proposed approach has the originality and the practical implication of providing a decision support system that handles the infrastructures that will support the city disaster management system—make the city prepare, adapt, absorb, respond, and recover from disasters by taking advantage of the interconnections between its various critical infrastructures to increase the overall resilience capacity. The city of Lisbon (Portugal) is used as a case to show the practical application of the approach.info:eu-repo/semantics/publishedVersio

The State-of-the-Art Survey on Optimization Methods for Cyber-physical Networks

Cyber-Physical Systems (CPS) are increasingly complex and frequently integrated into modern societies via critical infrastructure systems, products, and services. Consequently, there is a need for reliable functionality of these complex systems under various scenarios, from physical failures due to aging, through to cyber attacks. Indeed, the development of effective strategies to restore disrupted infrastructure systems continues to be a major challenge. Hitherto, there have been an increasing number of papers evaluating cyber-physical infrastructures, yet a comprehensive review focusing on mathematical modeling and different optimization methods is still lacking. Thus, this review paper appraises the literature on optimization techniques for CPS facing disruption, to synthesize key findings on the current methods in this domain. A total of 108 relevant research papers are reviewed following an extensive assessment of all major scientific databases. The main mathematical modeling practices and optimization methods are identified for both deterministic and stochastic formulations, categorizing them based on the solution approach (exact, heuristic, meta-heuristic), objective function, and network size. We also perform keyword clustering and bibliographic coupling analyses to summarize the current research trends. Future research needs in terms of the scalability of optimization algorithms are discussed. Overall, there is a need to shift towards more scalable optimization solution algorithms, empowered by data-driven methods and machine learning, to provide reliable decision-support systems for decision-makers and practitioners

Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems

In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)

Cascading Failures in Complex Networks

Cascading failure is a potentially devastating process that spreads on real-world complex networks and can impact the integrity of wide-ranging infrastructures, natural systems, and societal cohesiveness. One of the essential features that create complex network vulnerability to failure propagation is the dependency among their components, exposing entire systems to significant risks from destabilizing hazards such as human attacks, natural disasters or internal breakdowns. Developing realistic models for cascading failures as well as strategies to halt and mitigate the failure propagation can point to new approaches to restoring and strengthening real-world networks. In this review, we summarize recent progress on models developed based on physics and complex network science to understand the mechanisms, dynamics and overall impact of cascading failures. We present models for cascading failures in single networks and interdependent networks and explain how different dynamic propagation mechanisms can lead to an abrupt collapse and a rich dynamic behavior. Finally, we close the review with novel emerging strategies for containing cascades of failures and discuss open questions that remain to be addressed.Comment: This review has been accepted for publication in the Journal of Complex Networks Published by Oxford University Pres

Critical Services continuity, Resilience and Security: Proceedings of the 56th ESReDA Seminar

Critical Infrastructures (CIs) remain among the most important and vital service providers to modern societies. Severe CIs’ disruptions may endanger security of the citizen, availability of strategic assets and even the governance stability. Not surprisingly, CIs are often targets of intentional attacks, either of physical or cyber nature. Newly emerging hybrid threats primarily target CIs as part of the warfare. ESReDA as one of the most active EU networks in the field has initiated a project group (CI-PR/MS&A-Data) on the “Critical Infrastructure/Modelling, Simulation and Analysis – Data”. The main focus of the project group is to report on the state of progress in MS&A of the CIs preparedness & resilience with a specific focus on the corresponding data availability and relevance. In order to report on the most recent developments in the field of the CIs preparedness & resilience MS&A and the availability of the relevant data, ESReDA held its 48th, 52nd and 56th Seminars. The 56th ESReDA Seminar on “Critical Services continuity, Resilience and Security” attracted about 30 participants from industry, authorities, operators, research centres and academia. The seminar programme consisted of 18 technical papers, two plenary speeches and an interactive session on Climate & CI protection.JRC.G.10-Knowledge for Nuclear Security and Safet