1 / 27

Critical Infrastructure Protection: A 21 st Century Challenge

Critical Infrastructure Protection: A 21 st Century Challenge. Professor Madjid Merabti. PROTECT: Research Centre for Critical Infrastructure Computer Technology and Protection

gurit
Download Presentation

Critical Infrastructure Protection: A 21 st Century Challenge

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Critical Infrastructure Protection: A 21st Century Challenge Professor Madjid Merabti PROTECT: Research Centre for Critical Infrastructure Computer Technology and Protection School of Computing and Mathematical SciencesLiverpool John Moores University, Byrom Street, Liverpool L3 3AF, UKEmail: M.Merabti@ljmu.ac.uk Web: http://www.ljmu.ac.uk/cmp/

  2. Critical InfrastructuresWe Live in a High Connected World Financial system Water supply system Power grid Oil infrastructure Telecommunications infrastructure Transport system Air traffic control network

  3. A Typical Critical Infrastructure Power Grid and its Components

  4. Critical Infrastructures Features

  5. Complexity

  6. A Computer Control System • The SCADA system

  7. Interdependency • In 1990 the AT&T PSTN network suffered a fault due to human error causing nationwide problems

  8. Interdependency • Siberian Pipeline Explosion (1982):Trojan inserted into SCADA software that caused explosion • Roosevelt Dam (1994): Hacker breaks into floodgate SCADA systems • GAZPROM (2000):Hackers gain control of Russian natural gas pipeline • August 2003: CSX Train Signaling System  and the Sobig Virus • June 2009 : insider/employee attack on US hospital SCADA systems.

  9. Critical Infrastructure Protection Challenges

  10. A Real Threat • The Stuxnet a Cyber Attack

  11. Increasing Cyber Attacks/Threats We must learn to defend, delay, attack and manoeuvre in cyberspace, just as we might on the land, sea or air and all together at the same time. Future war will always include a cyber dimension and it could become the dominant form. At the moment we don't have a cyber command and I'm very keen we have one”. He added: Whether we like it or not, cyber is going to be part of future warfare, just as tanks and aircraft are today. It's a cultural change. In the future I don't think state-to-state warfare will start in the way it did even 10 years ago. It will be cyber or banking attacks - that's how I'd conduct a war if I was running a belligerent state or a rebel movement. It's semi-anonymous, cheap and doesn't risk people [dailymail.co.uk] General Sir David Richards Head of UK arm forces

  12. Attack on a Power Grid

  13. Other Issues • Cascading vulnerability problem • The blackouts of North America happened due to a cascade of failures. It affected the power generation system, water supply, transportation, communication system, and industry • The convergence of control networks with public and critical networks potentially exposes the control systems to additional security vulnerabilities • Use of wireless technology in critical systems expose vulnerable to attacks

  14. Other Issues • Developing new virtual environments where the characteristics of critical infrastructures and their complexity could be mapped and visualized.

  15. A System of Systems Problem

  16. Crisis Management • Any crisis (natural or human made) impose high damage risk to Critical Infrastructure • Japan tsunami 2011

  17. Critical Infrastructure Protection Solutions

  18. System Modelling

  19. Systems-of-Systems Design Models systems interactions Check properties Of individual devices Of topological structure Test against security patterns Highlight potential security vulnerabilities

  20. Security • Research in critical infrastructures should cover all the security aspects e.g. • Intrusion detection • Vulnerability analysis • Data protection solutions • ANIKETOS project • Comprised of 17 partners from across the EU • A €13.9 million project

  21. Crisis Management Solution

  22. Research Centre for Critical Infrastructure Computer Technology and Protection (PROTECT)

  23. PROTECT Vision • Networked Appliances Laboratory (NAL) • Home networking and entertainment systems • Ubiquitous computing and biofeedback processing • Sensor networking and environmental monitoring • Network and Information Security Technology Laboratory (NISTL) • Identity management and system-of-systems security • Trust management and system monitoring • Security interfaces and reputation schemes • Computer forensics and digital rights management

  24. PROTECT Vision • Computer Games Research Laboratory (CGRL) • Game and middleware engine development • Online game development and deployment • Peer-to-peer technologies and applied artificial intelligence • Interaction techniques between real and virtual environments • Serious games technologies applied to education and training, and digital interactive storytelling

  25. 3D Modelling

  26. System of System Security

  27. Conclusion • Critical Infrastructure Challenges • Critical infrastructures strongly rely on systems and networks built over computing technologies and information systems. • These systems need to be protected and redesigned to cope against serious incidents and attacks. • Complexity and Interdependency between systems exist at every level. • Joint efforts of researchers from different disciplines is the way forward • Our vision • New modelling, design, and protection approaches • Regroup many research disciplines such as: distributed systems, digital communication, gaming technology data and system modelling

More Related