PROTECT-IC is mainly focused on providing security mechanisms for critical control systems [1] in charge of monitoring and protecting other critical infrastructures, such as electric energy systems . This protection includes the design of a sustainable and robust control network based on property remote terminal units and specialized protection mechanisms to face any type of anomaly caused within the system, such as failures or threats. The implementation of these mechanisms supposes the analysis of events and alarms, the design of auditing services and forensic mechanisms in order to detect and explain in detail the whole sequence of involved events.
NICS has played an important role in the execution of several tasks and, of course, it has participated in the leadership of one of the main workpackages of this project, in particular on the forensic services for critical infrastructures [2]. To be more precise, NICS has collaborated in the localization of the most vulnerable and threatened points in the system, in the specification and design of a control network composed by different technologies and communication systems [3], standards, protocols and security mechanisms [4], as well as in the performance assessment when different security mechanisms and control processes are concurrently used.
Regarding to the forensic part, NICS has been very involved in the identification and classification of preventive mechanisms and forensic techniques for critical environments. These activities have been the basis for the definition of a specific forensic methodology and the implementation of a forensic mechanism. Finally, NICS has participated in the validation process to analyze its feasibility in real environments, and more specifically, in a remote substation provided by Endesa.
References
- "Security Aspects of SCADA and DCS Environments", In Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense, J. Lopez, S. Wolthunsen, and R. Setola Eds., vol. 7130 , Springer-Verlag, pp. 120-149, 2012.
- "Early Warning System for Cascading Effect Control in Energy Control Systems", In 5th International conference on Critical Information Infrastructures Security (CRITIS'10), LNCS 6712, Springer, pp. 55-67, September, 2010.
- "Acceso seguro a redes de sensores en SCADA a través de Internet", In XI Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2010), pp. 337-342, September, 2010.
- "Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems", In 6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus'09), Springer-Verlag, pp. 86-94, September, 2009.
