Impact of Network Infrastructure Parameters to the Effectiveness of Cyber Attacks Against Industrial Control Systems

The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of SCADA systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we identify the communication and control logic implementation parameters that influence the outcome of attacks against NICS and that could be used as effective measures for increasing the resilience of industrial installations. The implemented scenario involves a powerful attacker that is able to send legitimate Modbus packets/commands to control hardware in order to bring the physical process into a critical state, i.e. dangerous, or more generally unwanted state of the system. The analysis uses a Boiling Water Power Plant to show that the outcome of cyber attacks is influenced by network delays, packet losses, background traffic and control logic scheduling time. The main goal of this paper is to start an exploration of cyber-physical effects in particular scenarios. This study is the first of its kind to analyze cyber-physical systems and provides insight to the way that the cyber realm affects the physical realm

ARTEFACTS: How do we want to deal with the future of our one and only planet?

The European Commission’s Science and Knowledge Service, the Joint Research Centre (JRC), decided to try working hand-in-hand with leading European science centres and museums. Behind this decision was the idea that the JRC could better support EU Institutions in engaging with the European public. The fact that European Union policies are firmly based on scientific evidence is a strong message which the JRC is uniquely able to illustrate. Such a collaboration would not only provide a platform to explain the benefits of EU policies to our daily lives but also provide an opportunity for European citizens to engage by taking a more active part in the EU policy making process for the future. A PILOT PROGRAMME To test the idea, the JRC launched an experimental programme to work with science museums: a perfect partner for three compelling reasons. Firstly, they attract a large and growing number of visitors. Leading science museums in Europe have typically 500 000 visitors per year. Furthermore, they are based in large European cities and attract local visitors as well as tourists from across Europe and beyond. The second reason for working with museums is that they have mastered the art of how to communicate key elements of sophisticated arguments across to the public and making complex topics of public interest readily accessible. That is a high-value added skill and a crucial part of the valorisation of public-funded research, never to be underestimated. Finally museums are, at present, undergoing something of a renaissance. Museums today are vibrant environments offering new techniques and technologies to both inform and entertain, and attract visitors of all demographics.JRC.H.2-Knowledge Management Methodologies, Communities and Disseminatio

AMICI: An Assessment Platform for Multi-Domain Security Experimentation on Critical Infrastructures

This paper presents AMICI, a new Assessment/analysis platform for Multiple Interdependent Critical Infrastructures (CIs). Its architecture builds on our previous work and uses Emulab to recreate ICT software and hardware components and Simulink to run the physical process models. Our previous framework is extended with software components to provide a set of capabilities that would enable the analysis of complex interdependencies between multiple CIs: flexible integration of multiple physical process models; opened architecture to enable interaction with ad-hoc software; support experimentation with real software/malware; automated experiment management capabilities. The applicability of the approach is proven through a case study involving three CIs: ICT, power grid and railway.JRC.E.2-Technology Innovation in Securit

EPIC: A Testbed for Scientifically Rigorous Cyber-Physical Security Experimentation

Recent malware, like Stuxnet and Flame, constitute a major threat to Networked Critical Infrastructures (NCIs), e.g., power plants. They revealed several vulnerabilities in today's NCIs, but most importantly they highlighted the lack of an efficient scientific approach to conduct experiments that measure the impact of cyber threats on both the physical and the cyber parts of NCIs. In this paper we present EPIC, a novel cyber-physical testbed and a modern scientific instrument that can provide accurate assessments of the effects that cyber-attacks may have on the cyber and physical dimensions of NCIs. To meet the complexity of today's NCIs, EPIC employs an Emulab-based testbed to recreate the cyber part and multiple software simulators for the physical part. Its main advantage is that it can support very accurate, real-time, repeatable and realistic experiments with heterogeneous infrastructures. We show how EPIC can be applied to explore the impact of cyber-attacks and Information and Communications Technology (ICT) system disruptions on the power grid as well as their cascading effects to the railway system.JRC.E.2-Technology Innovation in Securit

Enabling the Experimental Exploration of Operating Procedures in Critical Infrastructures

Nowadays, the operation of Critical Infrastructures (CIs) relies on automated techniques for handling normal function. Human operators are far from been eliminated and they are still the most important actors in abnormal situations and contingencies. Modern testbeds for the experimental analysis of CI either totally ignore the human factor or include real Human Machine Interfaces (HMIs) and software but require the presence of real human operators during an experiment. Although experimentation with human-in-the-loop can provide invaluable experimental data for human decision making and reactions, it would be impossible to do a systematic exploration of the vast parameter space in terms of possible human operator decisions, reasoning and actions. Therefore, in this paper we argue that existing testbeds should include simulated human decision-making capabilities in order to close this important loop that plays a crucial role in the outcome of cyber security experiments involving CIs. Furthermore, we propose an extension of our previously developed experimentation framework with generic Human Decision units that enable the integration of HMI and human operator models. The developed prototype was evaluated by assessing the impact of different human operator reactions during an attack against a cyber-physical infrastructure that is modeled with the IEEE 30-bus power grid.JRC.G.6-Security technology assessmen