Towards a Layered Architectural View for Security Analysis in SCADA Systems

Supervisory Control and Data Acquisition (SCADA) systems support and control the operation of many critical infrastructures that our society depend on, such as power grids. Since SCADA systems become a target for cyber attacks and the potential impact of a successful attack could lead to disastrous consequences in the physical world, ensuring the security of these systems is of vital importance. A fundamental prerequisite to securing a SCADA system is a clear understanding and a consistent view of its architecture. However, because of the complexity and scale of SCADA systems, this is challenging to acquire. In this paper, we propose a layered architectural view for SCADA systems, which aims at building a common ground among stakeholders and supporting the implementation of security analysis. In order to manage the complexity and scale, we define four interrelated architectural layers, and uses the concept of viewpoints to focus on a subset of the system. We indicate the applicability of our approach in the context of SCADA system security analysis.Comment: 7 pages, 4 figure

Resilient Critical Infrastructure Management using Service Oriented Architecture

Abstract—The SERSCIS project aims to support the use of interconnected systems of services in Critical Infrastructure (CI) applications. The problem of system interconnectedness is aptly demonstrated by ‘Airport Collaborative Decision Making’ (ACDM). Failure or underperformance of any of the interlinked ICT systems may compromise the ability of airports to plan their use of resources to sustain high levels of air traffic, or to provide accurate aircraft movement forecasts to the wider European air traffic management systems. The proposed solution is to introduce further SERSCIS ICT components to manage dependability and interdependency. These use semantic models of the critical infrastructure, including its ICT services, to identify faults and potential risks and to increase human awareness of them. Semantics allows information and services to be described in such a way that makes them understandable to computers. Thus when a failure (or a threat of failure) is detected, SERSCIS components can take action to manage the consequences, including changing the interdependency relationships between services. In some cases, the components will be able to take action autonomously — e.g. to manage ‘local’ issues such as the allocation of CPU time to maintain service performance, or the selection of services where there are redundant sources available. In other cases the components will alert human operators so they can take action instead. The goal of this paper is to describe a Service Oriented Architecture (SOA) that can be used to address the management of ICT components and interdependencies in critical infrastructure systems. Index Terms—resilience; QoS; SOA; critical infrastructure, SLA

PolyOrBAC: a security framework for critical infrastructures

International audienceDue to physical and logical vulnerabilities, a critical infrastructure (CI) can encounter failures of various degrees of severity, and since there are many interdependencies between CIs, simple failures can have dramatic consequences on the users. In this paper, we mainly focus on malicious threats that might affect the information and communication system that controls the Critical Infrastructure, i.e., the Critical Information Infrastructure (CII). To address the security challenges that are specific of CIIs, we propose a collaborative access control framework called PolyOrBAC. This approach offers each organization taking part in the CII the capacity of collaborating with the other ones, while maintaining a control on its resources and on its internal security policy. The interactions between organizations participating in the CII are implemented through web services (WS), and for each WS a contract is signed between the service-provider organization and the service-user organization. The contract describes the WS functions and parameters, the liability of each party and the security rules controlling the interactions. At runtime, the compliance of all interactions with these security rules is checked. Every deviation from the signed contracts triggers an alarm, the concerned parties are notified and audits can be used as evidence for sanctioning the party responsible for the deviation. Our approach is illustrated by a practical scenario, based on real emergency actions in an electric power grid infrastructure, and a simulation test bed has been implemented to animate this scenario and experiment with its security issues

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

Current Efforts Concerning ICT Security of the Power Grid

GRID is a Coordination Action funded under the Trust and Security objective of the IST Programme of the 6th Framework to achieve consensus at the European level on the key issues involved by power systems vulnerabilities, in view of the challenges driven by the transformation of the European power infrastructure and ICT integration. GRID wants to assess the needs of the EU power sector on these issues, so as to establish a Roadmap for collaborative research in this area. The present report provides a survey on current efforts somewhat related to the objectives of GRID. Similar to GRID, a number of European and US endeavours have attempted in recent years to draw a Road Map so as to coordinate efforts concerning energy transport/distribution research and CIP.JRC.G.6-Sensors, radar technologies and cybersecurit

List of requirements on formalisms and selection of appropriate tools

This deliverable reports on the activities for the set-up of the modelling environments for the evaluation activities of WP5. To this objective, it reports on the identified modelling peculiarities of the electric power infrastructure and the information infrastructures and of their interdependencies, recalls the tools that have been considered and concentrates on the tools that are, and will be, used in the project: DrawNET, DEEM and EPSys which have been developed before and during the project by the partners, and M\uf6bius and PRISM, developed respectively at the University of Illinois at Urbana Champaign and at the University of Birmingham (and recently at the University of Oxford)

Распределение ресурсов критической IT-инфраструктуры с использованием облачных технологий

В статті розглянуті питання щодо розподілу ресурсів критичної ІТ-інфраструктури з використанням хмарних технологій, визначення параметрів для формування критерію оптимальності управління критичною ІТ-інфраструктурою. Запропонований критерій оптимальності управління чітко визначає умови функціонування критичної ІТ-інфраструктури. В роботі запропонована нечітка багатокритеріальна модель управління ресурсами критичної ІТ-інфраструктури на базі оптимізації за параметрами забезпеченості та надійності ресурсів, побудованої з використанням технології побудови хмар IAAS. Наведений її детальний опис, умови функціонування та приклад її використання в реальному середовищі на прикладі використання технології реплікації для віртуальних машин, на яких розгорнуті критичні сервіси та процеси.The article deals with the issue of resource allocation for critical IT-infrastructure using cloud technology, determine the parameters of creation optimality criterion for managing critical IT-infrastructure. Proposed optimality criterion management clearly defines the conditions for the operation of critical IT-infrastructure. In our work, we proposed the model of fuzzy multicriteria resource management of critical IT-infrastructure based on the optimization of the parameters of security and reliability of resources, built using IAAS cloud technology. In addition, it was considered its details, operating conditions and an example of its use in a production environment on the example of using technology for replication of virtual machines, which are deployed critical services and processes.В статье рассмотрены вопросы распределения ресурсов критической ИТ-инфраструктуры с использованием облачных технологий, определение параметров для формирования критерия оптимальности управления критической ИТ-инфраструктурой. Предложенный критерий оптимальности управления четко определяет условия функционирования критической ИТ-инфраструктуры. В работе предложена нечеткая многокритериальная модель управления ресурсами критической ИТ-инфраструктуры на базе оптимизации по параметрам обеспеченности и надежности ресурсов, построенной с использованием технологии построения облаков IAAS. Приведено ее детальное описание, условия функционирования и пример ее использования в реальной среде на примере использования технологии репликации для виртуальных машин, на которых развернуты критические сервисы и процессы