Technologies for Critical Infrastructure Protection on cyber-attacks
PROTECT-IC is mainly focused on providing security mechanisms for critical control systems in charge of monitoring and protecting other critical infrastructures, such as electric energy systems. This protection includes the design of a sustainable and robust control network based on property remote terminal units and specialized protection mechanisms to face any type of anomaly caused within the system, such as failures or threats. The implementation of these mechanisms supposes the analysis of events and alarms, the design of auditing services and forensic mechanisms in order to detect and explain in detail the whole sequence of involved events.
NICS has played an important role in the execution of several tasks and, of course, it has participated in the leadership of one of the main workpackages of this project, in particular on the forensic services for critical infrastructures. To be more precise, NICS Lab has collaborated in the localisation of the most vulnerable and threatened points in the system, in the specification and design of a control network composed by different technologies and communication systems, standards, protocols and security mechanisms, as well as in the performance assessment when different security mechanisms and control processes are concurrently used.
Regarding to the forensic part, NICS Lab has been very involved in the identification and classification of preventive mechanisms and forensic techniques for critical environments. These activities have been the basis for the definition of a specific forensic methodology and the implementation of a forensic mechanism. Finally, NICS has participated in the validation process to analyze its feasibility in real environments, and more specifically, in a remote substation provided by Endesa.
Research Project Funded by:
- (2011): Secure SCADA Framework for the Protection of Energy Control Systems. In: Concurrency and Computation Practice & Experience, vol. 23, no. 12, pp. 1414-1430, 2011, ISSN: 1532-0626.
- (2010): Early Warning System for Cascading Effect Control in Energy Control Systems. In: 5th International conference on Critical Information Infrastructures Security (CRITIS’10), pp. 55-67, Springer Springer, Athens, Greece, 2010, ISSN: 0302-9743.
- (2010): Acceso seguro a redes de sensores en SCADA a través de Internet. In: XI Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2010), pp. 337-342, Tarragona (Spain), 2010, ISBN: 978-84-693-3304-4.
- (2009): Adaptive Dispatching of Incidences Based on Reputation for SCADA Systems. In: 6th International Conference on Trust, Privacy and Security in Digital Business (TrustBus’09), pp. 86-94, Springer-Verlag Springer-Verlag, Linz, Austria, 2009, ISBN: 978-3-642-03747-4.