approccio sistemico alla protezione delle infrastrutture critiche

© 2010 SELEX Sistemi Integrati - Confidential, All rights reserved

TecFOr 2010, Seminario Sicurezza

TechFOr 2010, 18 Maggio, Fiera di RomaTechFOr 2010, 18 Maggio, Fiera di RomaConferenza SELEX Sistemi Integrati & AFCEA Capitolo di RomaConferenza SELEX Sistemi Integrati & AFCEA Capitolo di Roma

"Tecnologie Abilitanti e Sistemi per la Sicurezza: il contributo delle Università e dei Centri di Ricerca"

Approccio sistemico alla protezione Approccio sistemico alla protezione delle Infrastrutture Critichedelle Infrastrutture Critiche

Roberto SetolaUniversità CAMPUS Bio-Medico

[email protected]

Third millennium socio-techno scenario

Financial Services

Public Utilities

Health C

are

Telecomm

unication

<2000

Infrastructures vertically integrated, i.e. autonomous system with limited points of contact

Cyberspace

Ele

ctri

c Po

wer

Net

Hea

lth C

are

Mon

itori

ng S

yste

ms

Fina

ncia

l Ser

vice

s

?

Publ

ic U

tiliti

es

CyberspaceCyberspace

Ele

ctri

c Po

wer

Net

Ele

ctri

c Po

wer

Net

Hea

lth C

are

Hea

lth C

are

Mon

itori

ng S

yste

ms

Mon

itori

ng S

yste

ms

Fina

ncia

l Ser

vice

sFi

nanc

ial S

ervi

ces

??

Publ

ic U

tiliti

esPu

blic

Util

ities

>2000

Infrastructures intergraded, interdependency which share a common framework: the cyberspace

Some episodes….

2006 - Europe

Integration vs Dependability

…. for a lot of GOOD reasons

Social Economical Technological Political

IntegrationIntegration

InterdependenciesInterdependenciesInterdependencies Domino effectDomino effectDomino effect Global threatsGlobal threats

divide et imperadivide et impera

Many actors with clashing interests

No geographical contiguity

Presentation Roadmap & Rational

• Impact Analysis– Macro scale approahes– Topological approaches– Simulation-based approachs

• Tools for Infrastructure Resilience– On-line risk predictor

• Support for investigation & Criminal analysis– SecuFood experiences

• Training & awarness– Master in Homeland Security– AIIC


EU Directive 2008/114/EC

Tools to support Impact Analysis

Macro-scale approches: IIMIIM (Input-output Inoperability Model)

0

0,05

0,1

0,15

0,2

0,25

<1h 1h-6h 6h-12h 12h-24h 24h-48hAir Transportation ElectricityTLC Wired TLC WirelessWater Management Rail TransportationFinance Naval PortsFuel & Petroleum Grid Natural Gas Satellite Communication & Navigation

Fuel & Petroleum

Air transportation

Naval Ports

Finance

To figure out, in terms of inoperability, the overall impact of an external event taking into account cascade and domino phenomena

Using both economic data and info about operative impact that the absence, or the degradation, in the services provided by each infrastructure.

Topological approaches


GARR High-Voltage grid

Cascade effect

Electric grid

TLC network

Rij

Analyze the topological properties of a network w.r.t. its robustness properties

Considering also the link between two or more networks

MOTIAMOTIA

Simulation based-approaches

CISIACISIAA methodology and a

simulation framework specifically designed to analyze scenario composed by several, heterogeneous and interdependent infrastructures


BasiBasic elementsc elements1. Elements exist in order to

supply and/or consume resources (goods, services, operativeness, etc.);

2. Elements (some of them) may suffer faults or failures;

3. Different resources and faults may propagate according “proximities” of different nature;

4. The capability of each element to provide the required resources depends on its “operative condition” (which is derived on the failure it receives and the availability of the resources it requires).

Operative level dynamics

Failure dynamics

Recovery dynamics

In.R

In.F

In.Y

Out.F

Out.Y

Out.R

Internal structure

Several concept of proximity

Tested on a large realistic scenario


• 7 infrastructures:• 29 classes• 43 different

exchanged quantities (13 related to faults)

• 13 different kinds of proximity

CISIA (terminato)

Minuto 10 Livelli: . ooo

0 200 400 600 800 1000 1200

0

200

400

600

800

1000

1200

• 233 Entities• 844 Links• 233 Entities• 844 Links

Federation of simulators


OMNeT++, NS2, e‐Agora, Geo‐referentiation systems (e.g. Gmaps)

Federated Agent Based model,Entity‐resource model

Telco

Electric

Internal dynamics Γ

Inter‐domains inputs

External failures

OL

Vertical simulators

NS‐2 E‐Agora

Telecommunication network

Electric power grid

Telco

Electric

Internal dynamics Γ

Inter‐domains inputs

External failures

OL

Inter‐domains links (service invocation

and failure propagation)

Intra‐domain links

Horizontal model

Improve Infrastructure Resilience

On‐line (real‐time) risk estimator / cascading failure predictor


Field TLC Field ELE

Risk assessment methodologies

Security of European Security of European Food supply chain Food supply chain

Food defenceFood defence == “security of food and drink and their supply chains from all forms of malicious attack including ideologically motive attack leading to contamination or supply failure”[UK CPNI and British Standard Institute (BSI)]

Incidents per year

0,000,200,400,600,801,00

Exposition to large contamination

Support tools for Investigation & Criminal Analysis


In-the-Field Analytical Device (IFAD) able to perform quick non-destructive reliable tests for in-the-field analysis of counterfeit medicines

DSS to support analysis of criminal organization and for pro-active (predictive) investigations

Training

AIIC – Associazione Italiana esperti Infrastrutture Critiche

A no-profit organization to promote “culture”of security for CI

It is composed by representatives from academia, research institutions, CI’s stakeholders and government agencies.

It offers a trans-domain multi-disciplinary point of view to support awareness and strategies for CI protection

www.InfrastruttureCritiche.it

Some references

J. Lopez-Munoz, R. Setola and S.D. Wolthusen, (Eds.), Advances in Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense, Springer-Verlag, Berlin (pubbliczione prevista 2011).R. Setola, S. Geretshuber, (Eds.), Critical Information Infrastructure Security -, Lecture Notes in Computer Science,, Springer-Verlag, Berlin, Vol. 5508, 2009.R. Setola, “How to Measure the Degree of Interdependencies among Critical Infrastructures”, Int. J. of System of Systems Engineering (IJSSE), 2010.G. Oliva, S. Panzieri, and R. Setola, “Agent-Based Input-Output Interdependency Model”, Int. J. of Critical Infrastructure Protection (IJCIP), 2010.R. Setola, S. De Porcellinis, and M. Sforna “Critical Infrastructure Dependency Assessment Using Input-output Inoperability Model”, Int. J. Critical Infrastructure Protection (IJCIP), pp. 170 – 178, 2009.S. De Porcellinis, S. Panzieri and R. Setola, “Model Critical Infrastructure via a Mixed Holistic-Reductionistic Approach”, Int. J. Critical Infrastructures (IJCIS), pp. 86 -99, 2009.S. De Porcellinis, S. Panzieri, R. Setola, and G. Ulivi, “Simulation of Heterogeneous and Interdependent Critical Infrastructures”, Int. J. Critical Infrastructures (IJCIS), pp. 110 – 128, 2008.S. De Porcellinis, L. Issacharoff, S. Meloni, V. Rosato, R. Setola, and F. Tiriticco, “Modelling Interdependent Infrastructures using Interacting Dynamical Models”, Int. J. Critical Infrastructures (IJCIS), pp. 63 – 79, 2008.

For more information


[email protected] [email protected]

approccio sistemico alla protezione delle infrastrutture critiche

Documents