Scroll Top

PISCIS

Platform for the Secure Interconnection of Critical Infrastructures

  • Excellence Project , funded by the Andalusian Government Research Program (P10-TIC-06334)
  • Duration: 15/03/2011 to 14/09/2015
Project Overview: 

PISCIS deals with the development of a platform based on security services, which is specifically designed to protect the interconnection between critical control infrastructures. This platform will ensure transparency in the communication processes, scalability and extensibility without inferring complexities in the underlying infrastructures.

For the development, a set of security services, at both high level and low level, are analyzed, designed and implemented by the NICS research group. Particularly, the security services at low level refers to those associated with the communication. They comprise the establishment of secure channels (confidentiality, integrity, authentication, authorization, non-reputation and accountability), location privacy of sensor nodes, intrusion detection and quality of service.

Regarding security services at high level, these correspond with those associated to the interconnection and functionality between infrastructures, such as for example: security policy management for the interoperability, trust and reputation management, as well as management of alerts, incidents and response for ensuring prevention. As a result, critical control systems could establish secure communications each other by simply adapting the platform without changing their existing infrastructures, in addition to improving their protection and services against unexpected incidents or threats that could cause devastating effects in cascading.

The results of the PISCIS project have been very varied, in terms of protection[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22], defense[23][24][25][26][27][28][29][30][31], trust[32][33], and privacy[34][35][36][37][38], as also indicated below in the references section.

References

  1. Isaac Agudo and Ali El Kaafarani and David Nuñez and Siani Pearson (2016): A Technique for Enhanced Provision of Appropriate Access to Evidence across Service Provision Chains. In: 10th International IFIP Summer School on Privacy and Identity Management, pp. 187-204, 2016, ISBN: 978-3-319-41762-2.
  2. Cristina Alcaraz and Javier Lopez and Stephen Wolthusen (2016): Policy Enforcement System for Secure Interoperable Control in Distributed Smart Grid Systems. In: Journal of Network and Computer Applications, vol. 59, pp. 301–314, 2016, ISSN: 1084-8045.
  3. David Nuñez and Isaac Agudo and Javier Lopez (2016): Nuevas nociones de seguridad y transformaciones genéricas para criptosistemas de recifrado delegado. In: XIV Reunión Española sobre Criptología y Seguridad de la Información, pp. 174-179, Mahón, Menorca, Islas Baleares, 2016, ISBN: 978-84-608-9470-4.
  4. David Nuñez and Isaac Agudo and Javier Lopez (2016): On the Application of Generic CCA-Secure Transformations to Proxy Re-Encryption. In: Security and Communication Networks, vol. 9, pp. 1769-1785, 2016, ISSN: 1939-0114.
  5. David Nuñez and Isaac Agudo and Javier Lopez (2015): A Parametric Family of Attack Models for Proxy Re-Encryption. In: 28th IEEE Computer Security Foundations Symposium, pp. 290-301, IEEE Computer Society IEEE Computer Society, Verona, Italy, 2015, ISSN: 1063-6900.
  6. Ana Nieto and Javier Lopez (2015): Contextualising Heterogeneous Information in Unified Communications with Security Restrictions. In: Computer Communications, vol. 68, pp. 33-46, 2015, ISSN: 0140-3664.
  7. David Nuñez and Isaac Agudo and Javier Lopez (2015): NTRUReEncrypt: An Efficient Proxy Re-Encryption Scheme Based on NTRU. In: 10th ACM Symposium on Information, Computer and Communications Security (AsiaCCS), pp. 179-189, 2015, ISBN: 978-1-4503-3245-3.
  8. Carmen Fernandez-Gago and David Nuñez (2015): Metrics for Accountability in the Cloud. In: Accountability and Security in the Cloud, vol. 8937, pp. 129-153, 2015.
  9. Carmen Fernandez-Gago and Vasilis Tountopoulos and Simone Fischer-Hübner and Rehab Alnemr and David Nuñez and Julio Angulo and Tobias Pulls and Theo Koulouris (2015): Tools for Cloud Accountability: A4Cloud Tutorial. In: 9th IFIP Summer School on Privacy and Identity Management for the Future Internet in the Age of Globalisation, pp. 219-236, Springer IFIP AICT Springer IFIP AICT, Patras (Greece), 2015, ISSN: 978-3-319-18621-4.
  10. David Nuñez and Isaac Agudo and Javier Lopez (2014): Delegated Access for Hadoop Clusters in the Cloud. In: IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2014), pp. 374-379, IEEE IEEE, Singapore, 2014, ISBN: 978-1-4799-4093-6.
  11. Ana Nieto (2014): Evaluation of Dynamic Instantiation in CPRM-based Systems. In: 9th International Conference on Risk and Security of Internet and Systems (CRiSIS’14), pp. 52-66, Springer Springer, Trento (Italy), 2014, ISBN: 978-3-319-17127-2.
  12. Ana Nieto and Javier Lopez (2014): Security and QoS Tradeoff Recommendation System (SQT-RS) for Dynamic Assessing CPRM-based Systems. In: 10th ACM International Symposium on QoS and Security for Wireless and Mobile Networks (Q2SWinet’14), pp. 25-32, ACM ACM, Montréal (Canada), 2014, ISBN: 978-1-4503-3027-5.
  13. David Nuñez and Carmen Fernandez-Gago and Siani Pearson and Massimo Felici (2013): A Metamodel for Measuring Accountability Attributes in the Cloud. In: 2013 IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2013), pp. 355-362, IEEE IEEE, Bristol, UK, 2013, ISBN: 978-0-7685-5095-4.
  14. Ana Nieto and Javier Lopez (2013): Analysis and Taxonomy of Security/QoS tradeoff solutions for the Future Internet. In: Security and Communication Networks (SCN) Journal, vol. 7, pp. 2778-2803, 2013, ISSN: 1939-0114.
  15. David Nuñez and Isaac Agudo and Javier Lopez (2013): Leveraging Privacy in Identity Management as a Service through Proxy Re-Encryption. In: Ph.D Symposium of the European Conference on Service-Oriented and Cloud Computing (ESOCC) 2013, Málaga, Spain, 2013.
  16. Cristina Alcaraz and Rodrigo Roman and Pablo Najera and Javier Lopez (2013): Security of Industrial Sensor Network-based Remote Substations in the context of the Internet of Things. In: Ad Hoc Networks, vol. 11, pp. 1091–1104, 2013, ISSN: 1570-8705.
  17. Javier Lopez and Cristina Alcaraz and Rodrigo Roman (2013): Smart Control of Operational Threats in Control Substations. In: Computers & Security, vol. 38, pp. 14-27, 2013, ISSN: 0167-4048.
  18. Cristina Alcaraz and Javier Lopez (2012): Analysis of Requirements for Critical Control Systems. In: International Journal of Critical Infrastructure Protection (IJCIP), vol. 5, pp. 137–145, 2012, ISSN: 1874-5482.
  19. David Nuñez and Isaac Agudo and Javier Lopez (2012): Integrating OpenID with Proxy Re-Encryption to enhance privacy in cloud-based identity services. In: IEEE CloudCom 2012, pp. 241 - 248, IEEE Computer Society IEEE Computer Society, Taipei, Taiwan, 2012, ISSN: 978-1-4673-4509-5.
  20. Ana Nieto and Javier Lopez (2012): Security and QoS relationships in Mobile Platforms. In: The 4th FTRA International Conference on Computer Science and its Applications (CSA 2012), pp. 13-21, Springer Netherlands Springer Netherlands, Jeju (Korea), 2012, ISBN: 978-94-007-5699-1.
  21. Ana Nieto and Javier Lopez (2012): Security and QoS tradeoffs: towards a FI perspective. In: Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on, pp. 745-750, IEEE IEEE, Fukuoka (Japan), 2012, ISBN: 978-0-7695-4652-0/12.
  22. Ana Nieto and Javier Lopez (2012): Traffic Classifier for Heterogeneous and Cooperative Routing through Wireless Sensor Networks. In: Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on, pp. 607-612, IEEE IEEE, Fukuoka (Japan), 2012, ISBN: 978-0-7695-4652-0/12.
  23. Lorena Cazorla and Cristina Alcaraz and Javier Lopez (2018): Cyber Stealth Attacks in Critical Information Infrastructures. In: IEEE Systems Journal, vol. 12, pp. 1778-1792, 2018, ISSN: 1932-8184.
  24. Lorena Cazorla and Cristina Alcaraz and Javier Lopez (2015): A Three-Stage Analysis of IDS for Critical Infrastructures. In: Computers & Security, vol. 55, no. November, pp. 235-250, 2015, ISSN: 0167-4048.
  25. Lorena Cazorla and Cristina Alcaraz and Javier Lopez (2015): Awareness and Reaction Strategies for Critical Infrastructure Protection. In: Computers and Electrical Engineering, vol. 47, pp. 299-317, 2015, ISSN: 0045-7906.
  26. Cristina Alcaraz and Javier Lopez (2014): Diagnosis Mechanism for Accurate Monitoring in Critical Infrastructure Protection. In: Computer Standards & Interfaces, vol. 36, pp. 501-512, 2014, ISSN: 0920-5489.
  27. Cristina Alcaraz and Javier Lopez (2014): WASAM: A Dynamic Wide-Area Situational Awareness Model for Critical Domains in Smart Grids. In: Future Generation Computer Systems, vol. 30, pp. 146-154, 2014, ISSN: 0167-739X.
  28. Ruben Rios and Jose A. Onieva and Javier Lopez (2013): Covert Communications through Network Configuration Messages. In: Computers & Security, vol. 39, Part A, pp. 34 - 46, 2013, ISSN: 0167-4048.
  29. Lorena Cazorla and Cristina Alcaraz and Javier Lopez (2013): Towards Automatic Critical Infrastructure Protection through Machine Learning. In: 8th International Conference on Critical Information Infrastructures Security, pp. 197-203, Springer Springer, Amsterdam, The Netherlands, 2013, ISSN: 0302-9743.
  30. Cristina Alcaraz and Javier Lopez (2012): Addressing Situational Awareness in Critical Domains of a Smart Grid. In: 6th International Conference on Network and System Security (NSS 2012), pp. 58-71, Springer-Verlag Springer-Verlag, Wu Yi Shan, Fujian, China, 2012, ISSN: 978-3-642-34600-2.
  31. Ana Nieto and Gerardo Fernandez (2012): Sistema Colaborativo de Detección y Reacción ante Intrusiones basado en Intel vPro. In: XII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2012), pp. 45-50, San Sebastián, 2012, ISBN: 978-84-615-9933-2.
  32. Francisco Moyano and Carmen Fernandez-Gago and Kristian Beckers and Maritta Heisel (2015): Engineering Trust- and Reputation-based Security Controls for Future Internet Systems. In: The 30th ACM/SIGAPP Symposium On Applied Computing (SAC 2015), pp. 1344-1349, Salamanca, Spain, 2015, ISBN: 978-1-4503-3196-8.
  33. Francisco Moyano and Carmen Fernandez-Gago and Javier Lopez (2012): Implementing Trust and Reputation Systems: A Framework for Developers’ Usage. In: International Workshop on Quantitative Aspects in Security Assurance, Pisa, 2012.
  34. David Nuñez and Isaac Agudo and Javier Lopez (2015): Privacy-Preserving Identity Management as a Service. In: Felici, Massimo; Fernandez-Gago, Carmen (Ed.): Accountability and Security in the Cloud, vol. 8937, pp. 114-125, Springer International Publishing, 2015, ISBN: 978-3-319-17198-2.
  35. Ruben Rios and Jorge Cuellar and Javier Lopez (2015): Probabilistic receiver-location privacy protection in wireless sensor networks. In: Information Sciences, vol. 321, pp. 205 - 223, 2015, ISSN: 0020-0255.
  36. David Nuñez and Isaac Agudo (2014): BlindIdM: A Privacy-Preserving Approach for Identity Management as a Service. In: International Journal of Information Security, vol. 13, pp. 199-215, 2014, ISSN: 1615-5262.
  37. Ruben Rios and Javier Lopez and Jorge Cuellar (2014): Location Privacy in WSNs: Solutions, Challenges, and Future Trends. In: Foundations of Security Analysis and Design VII, vol. 8604, pp. 244-282, Springer, 2014, ISSN: 0302-9743.
  38. Javier Lopez and Ruben Rios and Jorge Cuellar (2014): Preserving Receiver-Location Privacy in Wireless Sensor Networks. In: Information Security Practice and Experience (ISPEC 2014), pp. 15-27, Springer Springer, Fuzhou, China, 2014, ISSN: 0302-9743.