ETA2U poszukuje partnerów do współpracy w projekcie RESIN – RESilience in INdustrial and automation control systems (Idealist Partner Search)
Propozycja zgłoszona do Ideal-ist Partner Search i opatrzona Quality Label.
PROJECT OVERVIEW
Call Identifier: H2020-SECURITY-DS-2015
Topic: DS-3-2015: The role of ICT in Critical Infrastructure Protection
Type of Action: Innovation Actions
Closure Date: 27/08/2015
The main objective of this proposal is to create a security platform for critical infrastructures that, in case of threats/anomalies detected, designs a network protection strategy which is enforced through a Security Orchestrator module. Threat/anomaly analysis will be based on data collected from multiple sources and Big Data analysis tools.
PROJECT DESCRIPTION
Proposal Outline:
The integration of Industrial and Automation Control Systems (IACS) into traditional ICT infrastructures as part of their evolution, is currently experiencing important qualitative security changes. While traditional IACS rely on ad-hoc hardware and software and security by obscurity, the new paradigm makes them vulnerable to traditional ICT threats. The disruptions caused by malfunctions or by targeted attacks against ICT systems can derive cascading effects with potential risks for the wellbeing of the whole society. IACS do not only involve any kind of manufacturing or industrial plant, but also Critical Infrastructures (CI). The consequences of an attack could be never imagined before. Moreover, the disruptions caused by Stuxnet and the cyber-espionage conducted with worms such as the recently discovered Duqu 2.0, expose the lack of security in IACS. While worldwide industry and the general public is not aware of the severity of the risk, some organizations such as control system vendors started to move towards the creation of specific security measures. The potential security risks of IACS and specially of those managing Critical Infrastructures emphasize the need of specific security mechanisms.
This is a game changing situation for IACS security. It is no longer possible to consider that IACS are secure just because the possible attackers do not have information of the target facility. Security by obscurity does not help when most of the equipment is Commercial Off-The-Shelf (COTS) and the communication protocols are standard. Additionally, the cyber-spying malware opens a new era where to consider potential attackers knowledgeable about the factory, helps on creating more advanced security mechanisms.
There are two main courses of action that need to be pursued in a coordinated and intelligent manner in the fight against IACS security incidents: (1) deploying analysis, decision making, alerting and defence mechanisms on ICT and IACS installations, and (2) safeguarding the ecosystem’s health by supporting activities of the European Programme for Critical Infrastructure Protection (EPCIP). The first direction involves existing and also new security products based on extensive information collection and analysis together with mitigation strategy design and interference with networking equipment. Big Data techniques allow the acquisition and analysis of large data sets, which in combination with data analysis systems permit the identification of cascading effects, anomalies and their root causes. Mitigation strategies, on the other hand, involve the analysis and the design of multi-objective optimization solutions, aimed at minimizing the impact of cyber attacks while ensuring the normal functioning of processes by considering not only the current security policies, but also EPCIP recommendations. Novel centralized network administration tools, but most importantly, security orchestration tools and the newly emerging Software Defined Networking technologies, allow the interaction with network and security equipment to enforce the designed mitigation strategy and thus, to reduce the security risks and ultimately to neutralise cyber attacks. While individual companies need security mechanisms alerting and mitigating potential attacks, centralized and coordinated supporting activities are necessary to enforce security when malicious activities target similar and geographically close installations. Such efforts require a central organisation such as the EPCIP which could coordinate support actions based on information gathered from individual installations. In order to promote the participation in such organisation, the knowhow of individual IACS would keep private by secure and privacy aware communication means.
The combination of ADSs, Big Data analysis techniques and Security Orchestration solutions encompassing the emerging SDN technology, provides a new framework of resilient IACS, hereinafter referred to as RESIN. RESIN is a security platform which collects information from multiple sources and evaluates the existence of an anomaly, based on a previously created behavioral model. In case of a detection of an anomalous event, RESIN designs a network protection strategy which is enforced through the Security Orchestrator. Moreover, the RESIN framework supports ECPIC activities by alerting about ongoing attacks and considering EPCIP guidelines during the design of mitigation strategies.
Keywords:
Critical Infrastructure Protection
resilience improvement
big data
SDN
IACS
Security Frameworks
PARTNER PROFILE SOUGHT
Required skills and Expertise:
- Strong academic partner with competencies in secure communications to address the secure communication requirements in the RESIN framework. In this respect, the partner needs to have experience in secure communications in a specific industrial sector
- Automation companies
- Industrial equipement manufacturers
- Different industry partners for use-cases from sectors such as energy, manufacturing, health etc.
- Experts in security
- Experts in Software Defined Networking
Description of work to be carried out by the partner(s) sought:
Academic and research partners are expected to contribute to the design of a framework to enable secure communications among RESIN-enabled components.
Industrial partners are expected to bring industrial automation, security, and/or networking expertise into the project, to assist the design of communications and security solutions for various use cases (according to their background).
Type of partner(s) sought:
Academia, SMEs, Research Institutes and Industry (especially for use-cases).
Looking for a Coordinator for your proposal:
Yes
PROPOSER INFORMATION
Name: Arsene Vlad
email: varsene@eta2u.ro
Phone: +40726852209
Fax: Organisation: ETA2U
Department: ETA2U Innovation
Type of Organisation: Industry – SME
Country: Romania
