approccio sistemico alla protezione delle infrastrutture critiche
TRANSCRIPT
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
TecFOr 2010, Seminario Sicurezza
TechFOr 2010, 18 Maggio, Fiera di RomaTechFOr 2010, 18 Maggio, Fiera di RomaConferenza SELEX Sistemi Integrati & AFCEA Capitolo di RomaConferenza SELEX Sistemi Integrati & AFCEA Capitolo di Roma
"Tecnologie Abilitanti e Sistemi per la Sicurezza: il contributo delle Università e dei Centri di Ricerca"
Approccio sistemico alla protezione Approccio sistemico alla protezione delle Infrastrutture Critichedelle Infrastrutture Critiche
Roberto SetolaUniversità CAMPUS Bio-Medico
Third millennium socio-techno scenario
Financial Services
Public Utilities
Health C
are
Telecomm
unication
<2000
Infrastructures vertically integrated, i.e. autonomous system with limited points of contact
Cyberspace
Ele
ctri
c Po
wer
Net
Hea
lth C
are
Mon
itori
ng S
yste
ms
Fina
ncia
l Ser
vice
s
?
Publ
ic U
tiliti
es
CyberspaceCyberspace
Ele
ctri
c Po
wer
Net
Ele
ctri
c Po
wer
Net
Hea
lth C
are
Hea
lth C
are
Mon
itori
ng S
yste
ms
Mon
itori
ng S
yste
ms
Fina
ncia
l Ser
vice
sFi
nanc
ial S
ervi
ces
??
Publ
ic U
tiliti
esPu
blic
Util
ities
>2000
Infrastructures intergraded, interdependency which share a common framework: the cyberspace
Some episodes….
2006 - Europe
Integration vs Dependability
…. for a lot of GOOD reasons
Social Economical Technological Political
IntegrationIntegration
InterdependenciesInterdependenciesInterdependencies Domino effectDomino effectDomino effect Global threatsGlobal threats
divide et imperadivide et impera
Many actors with clashing interests
No geographical contiguity
Presentation Roadmap & Rational
• Impact Analysis– Macro scale approahes– Topological approaches– Simulation-based approachs
• Tools for Infrastructure Resilience– On-line risk predictor
• Support for investigation & Criminal analysis– SecuFood experiences
• Training & awarness– Master in Homeland Security– AIIC
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
EU Directive 2008/114/EC
Tools to support Impact Analysis
Macro-scale approches: IIMIIM (Input-output Inoperability Model)
0
0,05
0,1
0,15
0,2
0,25
<1h 1h-6h 6h-12h 12h-24h 24h-48hAir Transportation ElectricityTLC Wired TLC WirelessWater Management Rail TransportationFinance Naval PortsFuel & Petroleum Grid Natural Gas Satellite Communication & Navigation
Fuel & Petroleum
Air transportation
Naval Ports
Finance
To figure out, in terms of inoperability, the overall impact of an external event taking into account cascade and domino phenomena
Using both economic data and info about operative impact that the absence, or the degradation, in the services provided by each infrastructure.
Topological approaches
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
GARR High-Voltage grid
Cascade effect
Electric grid
TLC network
Rij
Analyze the topological properties of a network w.r.t. its robustness properties
Considering also the link between two or more networks
MOTIAMOTIA
Simulation based-approaches
CISIACISIAA methodology and a
simulation framework specifically designed to analyze scenario composed by several, heterogeneous and interdependent infrastructures
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
BasiBasic elementsc elements1. Elements exist in order to
supply and/or consume resources (goods, services, operativeness, etc.);
2. Elements (some of them) may suffer faults or failures;
3. Different resources and faults may propagate according “proximities” of different nature;
4. The capability of each element to provide the required resources depends on its “operative condition” (which is derived on the failure it receives and the availability of the resources it requires).
Operative level dynamics
Failure dynamics
Recovery dynamics
In.R
In.F
In.Y
Out.F
Out.Y
Out.R
Internal structure
Several concept of proximity
Tested on a large realistic scenario
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
• 7 infrastructures:• 29 classes• 43 different
exchanged quantities (13 related to faults)
• 13 different kinds of proximity
CISIA (terminato)
Minuto 10 Livelli: . ooo
0 200 400 600 800 1000 1200
0
200
400
600
800
1000
1200
• 233 Entities• 844 Links• 233 Entities• 844 Links
Federation of simulators
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
OMNeT++, NS2, e‐Agora, Geo‐referentiation systems (e.g. Gmaps)
Federated Agent Based model,Entity‐resource model
Telco
Electric
Internal dynamics Γ
Inter‐domains inputs
External failures
OL
Vertical simulators
NS‐2 E‐Agora
Telecommunication network
Electric power grid
Telco
Electric
Internal dynamics Γ
Inter‐domains inputs
External failures
OL
Inter‐domains links (service invocation
and failure propagation)
Intra‐domain links
Horizontal model
Improve Infrastructure Resilience
On‐line (real‐time) risk estimator / cascading failure predictor
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
Field TLC Field ELE
Risk assessment methodologies
Security of European Security of European Food supply chain Food supply chain
Food defenceFood defence == “security of food and drink and their supply chains from all forms of malicious attack including ideologically motive attack leading to contamination or supply failure”[UK CPNI and British Standard Institute (BSI)]
Incidents per year
0,000,200,400,600,801,00
Exposition to large contamination
Support tools for Investigation & Criminal Analysis
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved
In-the-Field Analytical Device (IFAD) able to perform quick non-destructive reliable tests for in-the-field analysis of counterfeit medicines
DSS to support analysis of criminal organization and for pro-active (predictive) investigations
Training
AIIC – Associazione Italiana esperti Infrastrutture Critiche
A no-profit organization to promote “culture”of security for CI
It is composed by representatives from academia, research institutions, CI’s stakeholders and government agencies.
It offers a trans-domain multi-disciplinary point of view to support awareness and strategies for CI protection
www.InfrastruttureCritiche.it
Some references
J. Lopez-Munoz, R. Setola and S.D. Wolthusen, (Eds.), Advances in Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense, Springer-Verlag, Berlin (pubbliczione prevista 2011).R. Setola, S. Geretshuber, (Eds.), Critical Information Infrastructure Security -, Lecture Notes in Computer Science,, Springer-Verlag, Berlin, Vol. 5508, 2009.R. Setola, “How to Measure the Degree of Interdependencies among Critical Infrastructures”, Int. J. of System of Systems Engineering (IJSSE), 2010.G. Oliva, S. Panzieri, and R. Setola, “Agent-Based Input-Output Interdependency Model”, Int. J. of Critical Infrastructure Protection (IJCIP), 2010.R. Setola, S. De Porcellinis, and M. Sforna “Critical Infrastructure Dependency Assessment Using Input-output Inoperability Model”, Int. J. Critical Infrastructure Protection (IJCIP), pp. 170 – 178, 2009.S. De Porcellinis, S. Panzieri and R. Setola, “Model Critical Infrastructure via a Mixed Holistic-Reductionistic Approach”, Int. J. Critical Infrastructures (IJCIS), pp. 86 -99, 2009.S. De Porcellinis, S. Panzieri, R. Setola, and G. Ulivi, “Simulation of Heterogeneous and Interdependent Critical Infrastructures”, Int. J. Critical Infrastructures (IJCIS), pp. 110 – 128, 2008.S. De Porcellinis, L. Issacharoff, S. Meloni, V. Rosato, R. Setola, and F. Tiriticco, “Modelling Interdependent Infrastructures using Interacting Dynamical Models”, Int. J. Critical Infrastructures (IJCIS), pp. 63 – 79, 2008.
For more information
© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved