critical information infrastructure protection: urgent vs. important
DESCRIPTION
Critical Information Infrastructure Protection: Urgent vs. Important. Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security Forum UPC – Barcelona – Jun. 2012. Critical Information Infrastructure. July 15 th 96 American president signed Executive Order 13010 - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/1.jpg)
Critical Information Infrastructure Protection: Urgent vs. Important
Miguel Correia2012 Workshop on Cyber Security and Global Affairs
and Global Security ForumUPC – Barcelona – Jun. 2012
![Page 2: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/2.jpg)
2
Critical Information Infrastructure• July 15th 96 American president signed Executive Order 13010
– introduced (or popularized?) the term critical infrastructures
• Identifies 8 classes of critical infrastructures:– telecommunications, electrical power systems, gas/oil storage and
transportation, banking/finance, transportation, water supply systems, emergency services, continuity of government
• Critical information infrastructures – the ICT partof these infrastructures
![Page 3: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/3.jpg)
3
Power grid
• Recent past:– Power grid undergone significant computerization and interconnection– Improved operation, but became exposed to cyber-threats
• Present/future:– Smart grid: smart metering, distributed generation… - ICT is core– More computerization and interconnection, higher exposure to cyber-
threats
![Page 4: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/4.jpg)
4
Power grid is under siege• 2003: Davis-Besse nuclear power plant’s control systems
blocked by the Slammer/Sapphire worm
• 2007: experimental DHS-sponsored cyber-attack destructs a power generator
• 2009: US electrical grid allegedly penetrated by spies from China, Russia and others
• 2010: Stuxnet damages centrifuges in Iranian nuclear enrichment center
![Page 5: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/5.jpg)
5
URGENT: REDUCING RISK
![Page 6: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/6.jpg)
6
Risk is highrisk = level of threat X degree of vulnerability X impact
• Level of threat is high – nation states, random threats, extortion
• Degree of vulnerability is high – as shown by the previous cases
• Impact is high – think of a city without power for hours/weeks
likelihood of successful attack
It is urgent to reduce this riskBy reducing the degree of vulnerability
![Page 7: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/7.jpg)
7
NIST SP 800-82• “Guide to Industrial Control Systems (ICS) Security”, Jun. 2011• Recommendations about
– Network architecture – firewall usage, network segregation,…– Management controls – planning, risk assessment,…– Operational controls – personnel security, contingency planning,
configuration management,…– Technical controls – authentication, access control, systems and
communication protection,…• ICT security applied to CIIP
![Page 8: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/8.jpg)
8
IEC 62351• “Power systems management and associated information
exchange – Data and communications security”, May 2007• Recommendations about the security of TC57 protocols
– protection from eavesdropping, man-in-the-middle, spoofing, and replay
• ICT security applied to CIIP
![Page 9: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/9.jpg)
9
Urgent to apply these standards• In comparison with “normal” ICT systems…• before applying these standards:
risk = level of threat X degree of vulnerability X impactmuch higher!
much higher!higher!higher!
![Page 10: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/10.jpg)
10
Urgent to apply these standards• In comparison with “normal” ICT systems…• after applying these standards:
risk = level of threat X degree of vulnerability X impact
The risk must still be more reduced!The degree of vulnerability has to become much lower than in ICT systems
much higher!
much higher!samehigher!
![Page 11: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/11.jpg)
11
IMPORTANT: RESEARCH ABOUT REDUCING RISK MUCH MORE
![Page 12: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/12.jpg)
Substation ASubstation B
Substation C
Architecture – WAN-of-LANs
12
![Page 13: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/13.jpg)
Substation ASubstation B
Substation C
CIS - CRUTIAL Information Switch
13
![Page 14: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/14.jpg)
CIS Protection Service• Objective: effectively block incoming attacks• CIS-PS works at application layer and is a distributed firewall• It is intrusion-tolerant thanks to replication and diversity• It is self-healing thanks to replica rejuvenation• It cannot be attacked even if there are 0-day
vulnerabilities
14
![Page 15: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/15.jpg)
CIS Communication Service• Objective: circumvent faults and DDoS attacks in the WAN• CIS run JITER algorithm – timely-critical messages exploit:• Multihoming: CII facilities often connected to 2 ISPs• Overlay channels: messages sent indirectly through other CIS• Communication is timely/secure even under harsh fault/attack
scenarios
15
CIS A CIS B
CIS C
CIS D
Network fault, DDoS attack
![Page 16: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/16.jpg)
16
New directions beyond CRUTIAL• Threats like Stuxnet might not be blocked by these
mechanisms; some research directions:• Replication/rejuvenation/diversity inside the LANs
– For critical servers, e.g., SCADA servers– For control devices: Programmable Logic Controllers (PLC), Remote
Terminal Units (RTU)• Continuous vulnerability assessment (instead of periodic
scanning)• Anomaly-based endpoint assessment
![Page 17: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/17.jpg)
Conclusions
• The power grid and other critical information infrastructures are vulnerable to cyber-attacks
• It is urgent to do the urgent: apply standards and recommendations
• But ICT-like security mechanisms are not enough: the threat level and impact of CII failure is high, so risk remains high
• So it is important to do what is important: to investigate novel protection mechanisms that greatly reduce the degree of vulnerability
17
![Page 18: Critical Information Infrastructure Protection: Urgent vs. Important](https://reader036.vdocument.in/reader036/viewer/2022062310/56816471550346895dd656a5/html5/thumbnails/18.jpg)
More info at my web page: google miguel correia inesc-id