Project full title: Advanced Tools to assEss and mitigate the criticality of ICT compoNents and their dependencies over Critical InfrAstructures
Grant agreement no.: 700581
Coordinator: Selex ES S.p.A. (IT)
Consortium: Consorzio per la Ricerca nell’Automatica e nelle Telecomunicazioni (IT), CREOS Luxembourg Electricity & Gas Transmission and Distribution (LU), Dipartimento Informatica e Automazione – Università di Roma Tre (IT), Agenzia nazionale per le nuove tecnologie, l’energia e lo sviluppo sostenibile ENEA (IT), Israel Electric Corporation IEC IL, itrust consulting (LU), Multitel asbl (BE), Sapienza Studies (ES), Université du Luxembourg (LU), University of Coimbra Faculdade de Ciências e Tecnologia (PT), La Société Wallonne des Eaux (BE), Institute of Baltic Studies (EE)
Duration: 36 months
Starting Date: May 2016
Expected Ending:April 2019
Key Persons:Prof. Francesco Delli Priscoli, Prof. Vincenzo Suraci, Dr. Antonio Pietrabissa, Dr. Francesco Liberati
Project Description: Over recent years, IACS (Industrial and Automation Control Systems) and SCADA (Supervisory Control and Data Acquisition) systems adopted in Critical Infrastructures (CI), such as smart grids, water, oil and gas distribution networks, have become more complex due to the increasing number of interconnected distributed devices, sensors and actuators, often widely dispersed in the field, and the larger amount of information exchanged among system components. Such systems need to be flexibly and securely configured, monitored, and managed to prevent the in-creasing of risks due to both operational errors and cyber-attacks, including intrusions and malware that could compromise their operations or even result in disasters. With the emergence of the Internet of Things (IoT) generation of IACS, the boundaries of the protected infrastructures are growing well beyond the single or aggregated-plant, mono-operator vision. Instead of monolithic systems, deployed on geographically constrained spaces, these systems are characterize by a considerable degree of capillarity, being dispersed over wide geographic areas, with increasingly small coverage as they progress towards periphery. This poses new challenges because, as the boundaries of the IACS expand towards households, they in-volve several other operators, such as telecommunications or utility providers, in a scenario that naturally demands the introduction of multi-tenancy mechanisms. The new ICT paradigms, where virtualization is playing an important role (e.g., Software Defined Network-ing/Network Function Virtualization – SDN/NFV, Infrastructure as a service and Software as a service – IaaS, SaaS), provide interesting new features for flexibly and efficiently managing, monitoring and controlling devices and data traffic. Unfortunately, with the OT/IT convergence, OT (Operation Technologies) will benefit of the new features coming from IT, but will also inherit IT new threats that potentially can impact CIs. Therefore, in such in-creasingly sophisticated and networked scenarios, the current approach to Cyber Security for IACSs has to be im-proved with new tools and models capable to protect the whole value chain of a CI. To keep pace of escalating risk levels, while preserving efficient and flexible management of CIs, ATENA project aims at leveraging the outcomes from previous European Research activities, particularly from CockpitCI and MICIE EU projects and pushes at innovating them by exploiting advanced features of ICT and Cyber Security, to be tailored and validated in selected Use Cases, in order to be adopted at operational industrial maturity level. Within this aim, the project not only proposes an innovative and modernised logical framework with design improvements of role, operation, architecture, and security components for IACSs, exploiting also Software Defined Networking and Software Defined Security paradigms, but recommends equipment and algorithms devoted to patch already existing IACSs without the disruption of current services.
The project is organized into R&D macro-activities widespread in the different project WPs, as shown in the following figure.
Each technical WP foresees requirement identification, development and testing phases, allowing to already output working tools and exploitable results during the execution of the project, and not only towards its end:
- WP1 is the Management WP, contains all the activities related to management of the Project
- WP2 deals with modelling (hybrid) and simulation, tools and processes to simulate the cascading effects due to anomalies propagation
- WP3, WP4 and WP5, stating from the specification of requirements and architectures, are in charge of designing and implementing the innovative tool suite; in particular: WP3 deals with the static selection of the CI configuration (IACS design for security), WP4 deals with detection and correlation systems protecting ICT both at software and at physical level (honeypots, shadow RTUs, correlators, etc.), WP5 deals with the dynamic distributed mitigation and reconfiguration strategies.
- WP6 develops and integrates all tool suite components
- WP7 validates and test on-the-field the ATENA tool suite
- WP8 is about project communication and commercial strategy ensuring the Project brings the desired scientific, technological, economical and societal impact.