Project full title: Cybersecurity on SCADA: risk prediction, analysis and reaction tools for Critical Infrastructures
Grant agreement no.:285647
Coordinator: Selex ES (Italy)
Consortium: Universidade De Coimbra, Agenzia Nazionale per Le Nuove Tecnologie, L’energia E Lo Sviluppo Economico Sostenibile, Itrust Consulting Sarl, Centre De Recherche Public Henri Tudor, Compania Nationala De Transport Alenergiei Electrice Transelectrica Sa, Universita Degli Studi Roma Tre, the Israel Electric Corporation Limited, University of Surrey, Consorzio per La Ricerca Nell’ Automatica E Nelle Telecomunicazioni C.R.A.T., Selex Sistemi Integrati Spa, Lyse Energias, Multitel Asbl, Selex Es Spa, Luxembourg Institute of Science and Technology
Duration: 36 months
Starting Date: 1-1-2012
Expected Ending: 31-12-2014
Key Persons: Prof. Francesco Delli Priscoli, Prof. Roberto Cusani, Prof. Roberto Baldoni, Dr. Francesco Liberati, Dr. Donato Macone
CockpitCI aims to improve the resilience and dependability of Critical Infrastructures (CIs) by the automatic detection of cyber-threats and the sharing of real-time information about attacks among CI owners.
CockpitCI aims to identify, in real time, the CI functionalities impacted by cyber-attacks and assess the degradation of CI delivered services.
CockpitCI aims to classify the associated risk level, broadcast an alert at different security levels and activate a strategy of containment of the possible consequences of cyber-attacks.
CockpitCI aims to leverage the ability of field equipment to counteract cyber-attacks by deploying preservation and shielding strategies able to guarantee the required safety.
CockpitCI will design and develop a system capable of detecting malicious network traffic which may disrupt the correct functioning of a SCADA system and tamper with its normal operation.
CockpitCI will rely on a unifying approach across the Critical Infrastructures modelling domain. Models and software tools will be used to predict the Quality of Services (QoS) delivered by SCADA systems early. Indicators of SCADA QoS will be computed using an adequate representation of the technological networks supporting SCADA services, accounting cyber multi-phased attacks and accidental failures.
CockpitCI will aggregate the information of potential cyber-attacks induced on SCADA systems or telecommunication systems used to support the operation of CIs, and identify the potential unsecured area of the CIs.
CockpitCI will research traffic monitoring and attack detection. New machine learning based approaches for unusual traffic event detection will be analysed and several typologies of cyber-threats will be modeled as well as the cyber inter-dependencies of the composite CIs system.
CockpitCI will provide a framework to allow the community of CI owners to exchange real-time information about attacks, extending the capabilities developed in the previous MICIE project. It will extend the prediction capabilities by considering cascading events induced by faults and cyber-attacks and also develop a strategic analysis tool able to calculate the potential threat of coordinated cyber-attacks on CIs.
 Panzieri, S.; Foglietta, C.; Macone, D.; Liberati, F.; Simeoni, A., “Detection and Impact of, Cyber Attacks in a Critical Infrastructures Scenario: the CockpitCI Approach,” Int. J. of System of Systems Engineering, Vol. 4, Nos. 3/4, 2013
 Macone, D.; Liberati, F.; Simeoni, A.; Delli Priscoli, F.; Castrucci, M.; Panzieri, S.; Iassinovski, S.; Minichino, M.; Ciancamerla, E., “Detection of and Reaction to Cyber Attacks in a Critical Infrastructures Scenario: the CockpitCI Approach,” The International Defense and Homeland Security Simulation Workshop, 19-21 September 2012, Vienna, Austria