European Reference Network for Critical Infrastructure Protection: ERNCIP Handbook 2018 edition

The ERNCIP network has been established to improve the protection of critical infrastructures in the EU. The European Reference Network for Critical Infrastructure Protection (ERNCIP) therefore works in close cooperation with all types of CIP stakeholders, focusing particularly on the technical protective security solutions. This handbook aims to assist the dissemination of the activities and results of ERNCIP. It is intended that the document will be updated and issued by the ERNCIP Office in spring each year. The information provided will be up to date as of the end of the previous calendar year, i.e. in this case as at 31 December 2017. The report summarises the achievements of all the ERNCIP Thematic Groups, providing a convenient way to access information on any specific theme of interest covered by ERNCIP. The report also describes current thematic group activities, to allow subject-matter experts and critical infrastructure operators to identify ongoing areas of research they might be interested in assisting. This report is publicly available via the ERNCIP web site, and is distributed to all ERNCIP Group of EU CIP Experts for onward dissemination within their Member States.JRC.E.2-Technology Innovation in Securit

European CIP-related Testing Capabilities: Gaps and Challenges

One of ERNCIP’s goals is to identify gaps in European CIP-related experimental and testing capabilities, and to set up a wider debate on how to deal with these gaps. This report draws an indicative picture about the known state of European CIP-related test capabilities. The analysis is primarily based on an ERNCIP online questionnaire on the issue circulated at the end of 2012, which was completed by 65 respondents representing different types of ERNCIP stakeholders. The ERNCIP Thematic Groups have also provided information about their respective capabilities and perceived gaps in their sectors. This report aims to provoke further debate among the ERNCIP stakeholder communities.JRC.G.6-Security technology assessmen

After-action Analysis of the Magic Maggiore Workshop on Expert Support and Reachback

The European Commission’s Joint Research Centre (JRC) in collaboration with the Global Initiative to Combat Nuclear Terrorism (GICNT) organized a two and a half-day workshop on expert support and reachback entitled Magic Maggiore at the JRC Ispra, Italy in 28-30 March 2017. Through a series of presentations, case studies, panel discussions, and a demonstration exercise, Magic Maggiore helped raise awareness and build commitment towards technical reachback. Furthermore, the workshop presented best practices to address key challenges, and identified areas for future work in this field. The workshop included a real-time detection and reachback exercise of a hypothetical nuclear security incident, put on between the JRC (Ispra) and France (Paris). The demonstration focused on core components of alarm adjudication and information exchange between front line officers, a national reachback centre, and an advanced centralised reachback centre located in Paris. A list of concrete post-workshop activities has been generated. The purpose of the list is to pave the way for the identification of the next steps towards development of European capabilities for nuclear security and in more general, for CBRNE security. Reachback is necessary for alarm adjudication to provide timely information for a balanced response. Information sharing between competent authorities is of vital importance for nuclear security. Due to the variety of responsibilities, Technical, Scientific and Operational support needs to be defined. The Member States should consider developing joint protocols on data structures and data handling to ease the information flow and so the response time.JRC.E.2-Technology Innovation in Securit

European Reference Network for Critical Infrastructure Protection: ERNCIP Handbook 2017 edition Version 1.0

The ERNCIP network has been established to improve the protection of critical infrastructures in the EU. The European Reference Network for Critical Infrastructure Protection (ERNCIP) therefore works in close cooperation with all types of CIP stakeholders, focusing particularly on the technical protective security solutions. This handbook aims to assist the dissemination of the activities and results of ERNCIP. It is intended that the document will be updated and issued by the ERNCIP Office in spring each year. The information provided will be up to date as of the end of the previous calendar year, i.e. in this case as at 31 December 2016. The report summarises the achievements of all the ERNCIP Thematic Groups, providing a convenient way to access information on any specific theme of interest covered by ERNCIP. The report also describes current thematic group activities, to allow subject-matter experts and critical infrastructure operators to identify ongoing areas of research they might be interested in assisting. This report is publicly available via the ERNCIP web site, and is distributed to all ERNCIP Group of EU CIP Experts for onward dissemination within their Member State.JRC.E.2-Technology Innovation in Securit

European Reference Network for Critical Infrastructure Protection: - Novel Detection Technologies for Nuclear Security

Radiation detectors are used in nuclear security to detect nuclear and other radioactive materials out of regulatory control. In nuclear security, both the operational environment and detector technologies are constantly evolving. This document provides an overview on recent development on radiation detection technologies that are likely to have an impact on nuclear security in the near future. The four main topics covered are: detectors for gamma-ray spectrometry, neutron detectors, data acquisition and source localisation. This document will be published together with another report that concentrates on the impact of novel detection technologies from operational point of view. Therefore, the focus of this document is on technical aspects of the technologies.JRC.E.2-Technology Innovation in Securit

European Reference Network for Critical Infrastructure Protection: Thematic areas. State of the Art

This report reviews the achievements to date in the ERNCIP Thematic Areas, describing why they were prioritised, how the work is organised, and summarising the focus and challenges of each thematic group. The report contains a SWOT-analysis of the current way of organising the work of the thematic groups. The report concludes with recommendations, divided into those applicable in the short term, i.e. to the current ERNCIP period (2013-2014), and those applicable for the longer term for preparing the (possible) next ERNCIP period (2015-2020).JRC.G.6-Security technology assessmen

Establishment of the European Reference Network for Critical Infrastructure Protection (ERNCIP)

The lack of EU-wide conformity assessment for security-related equipment, systems, and services is a barrier to the development of security-related products. The ERNCIP project provides a framework for CIP-related experimental facilities and laboratories to share knowledge and expertise, and to harmonize test protocols throughout Europe, aiming at improved protection of critical infrastructure in the EU against all types of threats and hazards. Following a preliminary phase, the project was endorsed by the Member States and was launched in 2011. This paper presents the preliminary results from ERNCIP from its first year, describing in detail the foundation of the first Thematic Areas and the development of the Inventory.JRC.G.6-Security technology assessmen

Guidance for production of a Water Security Plan in drinking water supply

Although the European Directive 2008/114/EC on protection of critical infrastructures has not designated the water supply sector as a critical infrastructure, all governments recognise their water supply as vital to their national security. Water systems are vulnerable to unintentional and intentional threats, which can include physical acts of sabotage, cyber-attack on information or SCADA systems, and contamination. In the face of an anomalous situation of contamination of drinking water, it is essential to minimise the impact of potential health risks during and after the emergency. This document provides guidance to water utility operators on assessing the risks they face, and on the factors to consider for improving their detection capabilities. Guidance is also provided on the preparation of response and recovery plans in the case of a contamination event. Water security planning will help to identify security vulnerabilities and establish security measures in water supply systems to detect intentional contamination, including a communication strategy to facilitate a fast and effective response. Where a water safety plan already exists, the water security planning should be integrated with the safety plan approach. The first step in water security planning is for the water utility operator to assess its risks to threats of deliberate contamination of the drinking water, with the risk assessment providing the basis for the design and implementation of the Water Security Plan. Through this risk assessment process, a target protection level could be set, with utility operators identifying the benefits of installing sensors in the network together with an event detection software and/or procedure. Criteria such as time to detect contamination, and the volume of contaminated water supplied will help to identify sensor deployment options. The recommended structure for the creation and maintenance of a Water Security comprises four phases: Phase 1 – Planning and preparation Phase 2 – Protection: Event detection and confirmation Phase 3 – Response: Planning and management of the event Phase 4 – Remediation and recovery Planning and preparation will include creation and maintenance of the Water Security Plan, allocation of roles and responsibilities, undertaking risk assessments to identify the mitigation and security measures, and performing the relevant training and exercising. When an emergency occurs, it is vital not to waste time deciding how to act, and debating what to communicate to consumers. Advance planning for an emergency will help to mitigate the impacts by faster communication and implementation of mitigation measures. Event detection involves the monitoring of indicators, and immediate response in case of a potential contamination, leading up to confirmation of the nature of the event. For the identification of possible emergency situations, water utility operators rely on information from monitoring and control systems, which can quickly identify an anomalous situation, and from information from various external sources. Online contamination warning systems is one focus of water security planning, along with customer complaint monitoring, public health surveillance, and enhanced security. Online contamination monitoring offers the best opportunity to minimize the consequences of intentional contamination, although to ensure timely detection of contamination, it must be integrated with routine operational monitoring. The immediate response in the event of a confirmed contamination is critical, involving communication with the public and with local/national emergency authorities to ensure a safe drinking water supply. This phase is followed by the remedial activities that lead to a full return to normal service of uncontaminated drinking water. The remediation and rehabilitation plan forms the final section of the Water Security Plan, and will need to be developed after the contamination incident is confirmed, and the full extent is determined. Regular revision of the water security plan forms an essential part of its lifecycle. All drinking water systems have some degree of vulnerability to contamination, with experience indicating that the threat of deliberate contamination is real. While steps can be taken to prevent intentional contamination, it is impossible to completely eliminate this risk, and therefore water utility operators need to consider developing and implementing a Water Security Plan.JRC.E.2-Technology Innovation in Securit

Overview of Disaster Risks that the EU faces: Internal assessment based on JRC databases

In response to a request by ECHO.A.3, the Joint Research Centre (JRC) collected a short overview of available scientific data and methods for risk assessment in Europe. The JRC has a long standing research programme in monitoring, modelling and assessing risk for various hazard types, including natural, human and combinations. While several Units are active in this area, it is not always an objective to create or collect data on hazards and risks in a pan-European database. More often, Units work on methodologies or underlying research. However, in support of ECHO’s role in EU Risk Assessment, JRC compiled the available information from various Units into a technical report for ECHO.A.3, which will serve to have baseline data on risks in Europe. If relevant, this may also be the basis for defining specific projects with JRC to elaborate further on European wide risk assessments.JRC.G.2-Global security and crisis managemen