180 likes | 393 Views
Analysis, Assessment and Exercise on Critical Infratructure Protection. Presentation November, 2002 PISA. Reinhard Hutter Senior Vice President IABG mbH Division IK Einsteinstr. 20 D-85521 Ottobrunn Phone: +49 89 6088 2524 Email: hutter@iabg.de www.iabg.de www.aksis.de. Telecommunication.
E N D
Analysis, Assessment and Exercise onCritical Infratructure Protection Presentation November, 2002 PISA Reinhard HutterSenior Vice PresidentIABG mbH Division IKEinsteinstr. 20D-85521 OttobrunnPhone: +49 89 6088 2524Email: hutter@iabg.de www.iabg.dewww.aksis.de Slide 1
Telecommunication Transportation (Ship) Government Banking & Finance Transportation (Rail) Energy Information Transportation (Air) Vital Human Services Dependencies andInterdependencies Critical Infrastructures Slide 2
Fuels, Lubricants Fuel Transport Shipping Power for Signalling, Switchers Transpor- tation Transportation Fuel for Generators, ,Lubricants SCADA Communications Transpor- tation Fuel Transport Shipping SCADA Communications Power for pumping Stations, Storage Control Systems Oil Fuels, Lubricants Water for Production Cooling Emission reduction Electric Power Fuel for Generators, Water for Cooling, Emission reduction Power for Switchers Natural Gas Heat Power for Pump & Lift Stations Control Systems SCADA Communications Power for compressors Storage, Control Systems Fuel for Generators, Water Water for Cooling, Source: “Critic. Infrastruct Dependencies” Rinaldi, Peerenboom,Kelly 2002 Telecom SCADA Communications Infrastructure Interdependencies Slide 3
Number of Events 60 +) in thousands *) in hundreds 50 Defense Cyber Incidents +) 40 CyberIncidentsHandled +) 30 Industry and nondefense Government Cyber Incidents +) Prosecuted Cyber Criminal Case *) 20 Vulnerabilities Reported *) 10 0 Cyber Threat and Critical Infrastructures Trends of Cyber „Events“ Slide 4
Critical Infrastructures Analysis & Assessment • Quantitative Analyses urgently Required • The Methodological Challenge - Multi-Objective - Multi-MOE - Multi-Sided - Multi-Disciplined • Compared to Military OR and Modelling & Simulation - More Complex and less Money • C Y T E X - The CyberTerrorExercise, Nov. 2001 • What ist the Power of Modelling and Simulation? Slide 5
Analysis Tasks M&S Support Cooperability Policies / Strategies Decision Support etc. Socio-economic Models Scenario techniques Gaming etc Societies and Economy Interoperability Cost-Benefit Analysis Risk and Safety Management Decision Support etc. System of CIS- Systems Systems Dynamics Empirical Modelling Cost-Benefit Models etc Cost-Benefit Analysis Decision Support Risk and Safety Management Vulnerability Analysis etc. Systems Simulation Optimization Algorithms Human Behaviour Models Cost-Benefit Models etc. Indi- vidual CIS Vulnerability Sustainability Maintenability etc. Techn. Compo- nents Technical Simulation Experimentation LCC Models etc. Critical Infrastructure Analyses Slide 6
The Stairway of Knowledge about Threat, Dependencies and Risks The Threat Model Real Exercised Simulated Computer based Scenarios Reflection Models Thoughts Who nows? Reality () LiveExercises () Degree of Reality VirtualSimulation Constructive Simulation Degree of Abstraction Generic Studies Intuition Ignorance Widely Vague Thoughts Software System Real unknown Model Components System Approaches to the CIP Domain Slide 7
Very high The Scope of ACIP Risks & Cost of Damages QuantitativeValidity Statistical Validity Very low Ignorance Intuition Generic Constructive Virtual Live Reality -------------S i m u l a t i o n------------- The Benefits of Approaches Slide 8
ACIP Analyses Methodologies Government Economy Society • Socio-economic Models • Gaming • Scenario techniques etc. Socio-Econ. Syst. Policies/Strategies • Syst. Dynamics • Empirical Modelling • Gaming “System of Systems” Compound of Critical Infrastructures Co-operation&Decision Support Systems´ Interdependencies • Systems Sim. • Optimization • Algorithms • Human Be- • haviour Mod. Cost Benefit Analysis Risk Analysis/Safety Management Knowledge Management ... Individual Systems Telecommunication Energy Transportation • Technical • Simul. • Experi- • mentation Vulnerability Analysis ... Computer Nav. System Power lines Switches Technical Components Modelling & Simulation Architecture Slide 10
Standard Operation Monitoring &Information sharing Daily Operation Training &Exercises ScenarioGen. Threat Assessment Model basedExercises CostEffectiveness E v a l u a t i o n P l a n n i n g TechnicalEnhancementProgress M & S AssessmentTools AlternativesOptimization DependabilityAnalysis Vulnerability Assessment Exercises &Decision SupportTools InvestmentPriorities & Ro I EmergencyResponse Counter Measures (Combat) Protection Alert &Warning Protection and Counter Action Modelling & Simulation Support to all CIP related Processes Slide 13
-an Example GovernmentMilitaryPublic Admin Tele-Communication Energy CrisisManagement Transportation & Logistics Banks & Finance The Cyber Terror Exercise, Nov.12-14, 2001 Year 200X City of Berlin 28 Jan G8 Summit 21 Jan Terror. Manifesto 22 Jan Intelligence Ass. Gov’t Task Force 23 Jan Chancellor’s Crisis Meeting 24 Jan Gov’t Press Conf. 24-28 Jan Replanning of Safety & Security Forces 28 Jan 08:00 a.m. Start of Co-ordinated Cyber Attacks Slide 14
ExerciseControlStaff Situation Analysis White Cells Event Generation MessageGeneration Media InteractionManagement CrisisResponseTeams(6) Communications TechnicalSupport Reaction/CounterMeasure Generation Damage Assessment Modelling &Simulation Reporting Game Elements and Organisations Slide 15
El. Energy E-Bomb / Elect. Breakd. Bomb Alert Banks‘ Perf. Cash Bookings Total TelecommsDisruptions • Down to approx. 10%: • Long Distance Calls • Inter-Reg. Bank Transactions • Air Traffic/Surveillance • Rail & Street Traffic Controls Gov IT / BSI DoS Attack Thermal Power Plt. Rail/Air Traffic False Alarms Limited Signals/Controls Police/Fire Brg DoS Attack Electricity Outage 08:30 09:30 07:00 08:00 09:00 10:00 11:00 12:00 13:00 14:00 Events, Disruptions, Consequences
Analysis for Critical Infrastructure Protection Conclusions • Increasing Complexity • Global Interdependencies Require Global Co-operation • New Threats, Vulnerabilities and Risks • Dynamic World • New Security Concepts • New Roles of Security Forces, Private Sector, and Armed Forces • Cross-Sector Co-Operation • New Analysis Challenge • Increasing Acceptance of Analytical Approaches • Learn from Existing Approaches and Methodologies Slide 17
Options for Co-operation • Integration in DeSIRE • Integrated work • Separate subproject • Work Share Model • R&D, integration, verification, testing as a standalone IP • Validation & application to defined problems inside Desire • Defined Interfaces for Co-operation • Organization • Communication • Workshare • Technological and methodological standards and interfaces • Stand alone • loose information sharing • Customer controlled co-ordination Slide 18