CISUC

Towards protecting critical infrastructures

Authors

Abstract

Critical Infrastructures (CIs) provide an uncountable number of essential services able to support the global economy and also our current way of life. Services such as power distribution, transport networks, telecommunications, the Internet, among others, are now an integral part of the citizens’ lives and businesses. These types of infrastructures are referred to as “Critical” due to the fact that in case of failure or breakdown in providing quality of service, the impact on society and the economy of a country can be enormous.
CIs are particularly exposed to a growing number of threats including natural disasters and equipment failure. CIs are also attracting interest from groups of hackers and terrorists, primarily due to the strong visibility and consequences that may result even from a small successful attack. Information and Communication Technology (ICT) security plays a major role in CI protection and risk prevention for single and also for interconnected CIs were cascading effects might occur because of the interdependencies that exist among different CIs.
This chapter addresses Critical Infrastructure Protection (CIP) paying particular attention to the risk alert exchange among CIs. The main result obtained from the MICIE Project are discussed along with the mechanisms that manage and measure, the degree of confidence assigned to risk alerts generated or received by CIs in order to improve risk alerts accuracy and consequently improve the resilience of CIs when faced with inaccurate or inconsistent risk alerts. An on-going project that followed MICIE is also presented. CockpitCI Project aims to improve the resilience and dependability of Critical Infrastructures through the automatic detection of cyber-threats and the sharing of real-time information about attacks among CI Owners. CockpitCI addresses one of the fundamental MICIE’s shortcomings by adding SCADA-oriented security detection capabilities, which provide input to models for risk prediction and assessment of the operational status of the Industrial Control Systems (ICSs).


Keywords

Critical Infrastructure Protection, ICT security, Trust and Reputation Management, Intrusion Detection Systems, SCADA; HoneyPots

Related Project

FP7 CockpitCI: Cybersecurity on SCADA: risk prediction, analysis and reaction tools for Critical Infrastructures

Book Chapter

Cybersecurity Policies and Strategies for Cyberwarfare Prevention, 7, pp. 123-169, IGI-Global, July 2015

DOI


Cited by

Year 2018 : 2 citations

 Piero Siroli, Gian. (2018). Considerations on the Cyber Domain as the New Worldwide Battlefield. The International Spectator. 53. 111-123. DOI:10.1080/03932729.2018.1453583.

 Yu-Min Joo & Teck-Boon Tan (2018) Smart Cities: A New Age of Digital Insecurity, Survival, 60:2, 91-106, DOI: 10.1080/00396338.2018.1448577. URL (full paper): http://scholarbank.nus.sg/bitstream/10635/141601/1/10.108000396338.2018.1448577.pdf

Year 2017 : 2 citations

 Roger A. Hallman, Jose Romero-Mariona, et al., "Standardized and Repeatable Technology Evaluation for Cybersecurity Acquisition", SPAWAR Systems Pacific Technical Document 3316, February 2017. Available at: https://www.researchgate.net/profile/Roger_Hallman2/publication/316976845_Standardized_and_Repeatable_Technology_Evaluation_for_Cybersecurity_Acquisition/links/591b3e214585153b614fa208/Standardized-and-Repeatable-Technology-Evaluation-for-Cybersecurity-Acquisition.pdf

 Kasemsap, K. "Robotics: Theory and Applications." In Cybersecurity Breaches and Issues Surrounding Online Threat Protection, pp. 311-345. IGI Global, 2017. DOI: 10.4018/978-1-5225-1941-6.ch013