Chapter 17 CREATING A EUROPEAN SCADA SECURITY TESTBED

Abstract Supervisory control and data acquisition (SCADA) systems are commonly used to monitor and control critical infrastructure assets. However, over the past two decades, they have evolved from closed, proprietary systems to open networks comprising commodity platforms running common operating systems and TCP/IP stacks. The open architecture and increased connectivity provide more functionality and reduce costs, but they significantly increase the vulnerabilities and the exposure to threats. Since SCADA systems and the critical infrastructure assets they control must have 24/7 availability, it is imperative to understand and manage the risk. This paper makes the case for a European SCADA security testbed that can be used to analyze vulnerabilities, threats and the impact of attacks, ultimately helping design new architectures and robust security solutions. The paper also discusses testbed requirements, deployment strategies and potential hurdles

Analyzing the Cyber Risk in Critical Infrastructures

Information and communication technology (ICT) plays an important role in critical infrastructures (CIs). Some ICT-based services are in itself critical for the functioning of society while other ICT elements are essential for the functioning of critical processes within CIs. Moreover, many critical processes within CIs are monitored and controlled by industrial control systems (ICS) also referred to as operational technology (OT). In line with the CI-concept, the concept of critical information infrastructure (CII) is introduced comprising both ICT and OT. It is shown that CIIs extend beyond the classical set of CIs. The risk to society due to inadvertent and deliberate CI/CII disruptions has increased due to the interrelation, complexity, and dependencies of CIs and CIIs. The cyber risk due to threats to and vulnerabilities of ICT and OT is outlined. Methods to analyze the cyber risk to CI and CII are discussed at both the organization, national, and the service chain levels. Cyber threats, threat actors, and the organizational, personnel, and technological cyber security challenges are outlined. An outlook is given to near future cyber security risk challenges, and therefore upcoming risk, stemming from (industrial) internet of things and other new cyber-embedded technologies

CIPedia©: a Critical Infrastructure Protection and Resilience resource

CIPedia© (www.cipedia.eu) is a Wiki-based body of common knowledge for the wide international community of critical infrastructure (CI) protection and resilience stakeholders such as policy makers, researchers, governmental agencies, emergency management organizations, CI operators, and even the public.JRC.G.5-Security technology assessmen

Mitigating Emergent Vulnerabilities in Oil and Gas Assets via Resilience

Part 1: THEMES AND ISSUESInternational audienceThis chapter discusses digital vulnerabilities and resilience in the Norwegian oil and gas infrastructure. The Norwegian oil and gas sector is a part of the European Union’s critical infrastructure because Norway supplies approximately 10% of the European Union’s oil and 30% of its gas. Hidden, dynamic and emergent risks are considered and resilience engineering is suggested as a framework for handling, recovering from and adapting to unexpected incidents

Critical Infrastructures, Protection and Resilience

This chapter introduces the concept of Critical Infrastructure (CI). Although old civilisations had CI, the protection and resilience of CI has come to the fore again in the last two decades. The risk to society due to inadvertent and deliberate CI disruptions has largely increased due to interrelation, complexity, and dependencies of these infrastructures. The increased use of information and telecommunication technologies (ICT) to support, monitor, and control CI functionalities has contributed to this. This interest in CI and complex systems is strongly related to initiatives by several governments that from the end of the 90s of the previous century recognised the relevance of the undisturbed functioning of CI for the wellbeing of their population, economy, and so on. Their policies highlighted early the increasing complexity of CI and the challenges of providing such CI services without disruption, especially when accidental or malicious events occur. In recent years, most national policies have evolved following a direction from protection towards resilience. The need for this shift in perspective and these concepts are also analysed in this chapter.JRC.E.2-Technology Innovation in Securit

On the feasibility of device fingerprinting in industrial control systems

As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters