160 likes | 292 Views
Meeting 12-13 Giugno 2013 Roma. AGENDA 12 Giugno. 11.00 – Benvenuto e presentazione di apertura (SAPIENZA) 11.30 – Incontro con Andrea Guarino (ACEA) e Andrea Cersini 13.00 – Pausa pranzo 14.30 – Presentazione WP1 - stato dei lavori (SAPIENZA ) Interventi:
E N D
AGENDA 12 Giugno 11.00 – Benvenuto e presentazione di apertura (SAPIENZA) 11.30 – Incontro con Andrea Guarino (ACEA) e Andrea Cersini 13.00 – Pausa pranzo 14.30 – Presentazione WP1 - stato dei lavori (SAPIENZA) Interventi: • Stato complessivo delle attività (UNIRM) • Modelli di Minacce e Attacchi cibernetici (POLIMI) • Accidentalfailures (UNINA) • Financial Infrastructure (UNIRM) • PowerGrids (UNIPARTHENOPE) • Transportation (POLITO) • Grado di maturità delle varie infrastrutture critiche in Italia (UNIFI) 16.00 – Coffee break 16.30 – Attività di brainstorming parallelo sui tre scenari di riferimento 18.00 – Chiusura Lavori
AGENDA 13 Giugno 09.30 – Sessione di Management (SAPIENZA) 10.00– Coffee break 10.30 – Presentazione WP2 (POLITO) 11.15 – Presentazione WP3 (UNIPARTHENOPE) 12.00 – Presentazione WP4 (UNITN) 12.45 – PausaPranzo 14.15 – Concluding remarks – Action points – Prossimi meeting (SAPIENZA) 15.30 – Chiusura meeting
Partners’ Presentation Three yearsproject Currently M4 Budget 1.3Meuros
Abstract • growing exposure of the Information Technology (IT) employed within CIs to the Internet • attacks are expected to increase in number and scale improving their precision and accuracy • Improve global situational awareness through IT-based information sharing, which today is mostly done by rudimentary means • gathering, processing and correlating huge amounts of streaming and static data understanding anomaly behaviors and learning automatically constantly changing cyber threats
Abstract • TENACE has the objective of defining collaborative (whenever appropriate), technical and organizational methodologies to raise the protection of such CIs with the specific target of looking at the common steps in order to develop a unifying methodology and understanding the underground economics fuelling an attacker. • Development of algorithms, models, architectures and tools as the means to enable the effective protection of critical infrastructures enhancing their degree of security and dependability. • TENACE will address cyber attacks, combination of cyber and physical attacks and cyber frauds. • TENACE solutions will be validated against real data setsto produce innovative ideas, methodologies, algorithms, software artifacts and infrastructures
Scenarios • Financial infrastructures. The increasing reliance on networked systems made financial organizations rapidly becoming the favorite victims of distributed attacks which result in both short and long term economic losses due to the lack of service availability and infrastructural resilience, and the decreased level of trust on behalf of the customers. • Power grids: The complexity of SCADA control systems, resulting in millions of components from hundreds of different manufacturers and software from many developers, along with the upgrade of legacy systems to more familiar operating systems such as Microsoft Windows or Linux, increased the number of potential cyber vulnerabilities that can be exploited by malicious parties. • Transportation systems: wide range of transport applications, such as transit operations, maintenance and scheduling, administration, payroll, automatic vehicle location, signaling systems. Although transportation systems were mainly targeted for physical attacks (e.g., Madrid 2004 and London 2005), these systems are also considered vulnerable to cyber or combined cyber-physical attacks.
Project Directions Methodologiesfor raising the degree of protection (i.e., security and dependability) of CIs and to get shorter attack reaction time. Such methologies should clearly separate common protection procedures at different CIs and protection procedures characterizing a specific CI. Algorithmsfor detecting specific (direct and indirect) attacks to a CIs that are able to improve the level of protection by considering a continuously evolving adversary. Distributed architectures for CIs, their components, either off-the-shelf (OTS) and legacy, and their resiliency requirements will be studied, in order to define algorithms and middleware architectures for improving protection attributes of future CIs. Toolsand techniques for modeling and evaluating the degree of protection of CIs will be designed. Among the others, the project will investigate CI-specific penetration testing; vulnerability injection tools will be also designed and evaluated. Economic Sciences. Understandingthe underground economics fuelling an attacker and understanding the reason to attack a financial infrastructure
Architecture WP1: Tutti i Partner (CIS-UNIROMA Leader) WP2: POLITO (Leader), CNR, CIS-UNIROMA, UNINA, UNIFI WP3: UNIPARTHENOPE (Leader), UNINA, CNR, CIS-UNIROMA, UNIRC, UNIFI WP4: UNITN (Leader) CIS-UNIROMA, UNINA, UNIPI, UNIRC WP5: Tutti i Partner (UNINA Leader)
ICDCS (June 2014, Madrid, Spain) • Workshop proposal • (submission) Middle september 2013 • (notification) october 2013