WorkshopReti

1
ENTE PER LE NUOVE TECNOLOGIE LENERGIA E
LAMBIENTE
ENEAs Project on Management, Safety and Security
of Technological and Energy Networks (Critical
Infrastructure Protection) http//www.progettoreti
.enea.it
Sandro Bologna bologna_at_casaccia.enea.it
JRC-ENEA Meeting Ispra, September 11, 2008
2
Three research Objectives Three different
Demonstrators

• Technological solutions to reduce networks
  vulnerabilities caused by attacks and faults on
  SCADA (Supervision Control And Data Acquisition)
  systems. Improve mutual coordination of LCCIs
  (Large Complex Critical Infrastructures)
  operators to manage potentially dangerous events.
• Simulation, evaluation and prevention of networks
  cascading failures, using advanced models of
  interdependency effects.
• Integrate the data about the state of LCCIs,
  including territorial information, with the scope
  to support the emergency management operators,
  and to make available early-warning indications
  about possible scenario evolutions.

3
D1 Demonstrator General Objective

• Implementation, of a TestBed for developing
  and testing technologies and ICT solutions, which
  are aimed at lowering vulnerabilities of Large
  and Complex Technological Networks (LCCIs) and at
  preventing or mitigate cascading failures through
  real time information shared between LCCIs
  operators

4
INCREASING OF SCADA SYSTEM VULNERABILITY
Increasing of attacks
Internal/external/accidental attacks
Analyses carried out at BCIT (British Columbia
Institute of Technology)
Classification of attack typologies
5
ENEA TESTBED TO EXPERIMENT SCADA SAFEGUARD
TECHNOLOGY
Workstation 3 Control Centre emulator
Workstation 4 Messages communication broker
Workstation 2 RTUs emulators
Workstation 5 Alarms monitoring interface
Workstation 1 Electrical Network Simulator Data
Source
Workstation 6 Disturbance/attacks generator
Communication Network
6
D1 Demostrator ENEA Safeguard SCADA Testing
Facility
7
Rome Mini TELCO Black-out January 2004
NETWORK STATE OVERVIEW ROOT CAUSES
Pre-incident TELCO network in secure state
Station continue working with decreased battery
autonomy
Many external Telco services go down, as the
ACEA data links between control centers
The normal power supply from ACEA was restarted
Return to normal state
AND
2 The battery autonomy finished as Fire Brigate
was not able to eliminate water in time.
3 The full functionality of the SGT station is
restored
1 Flood on the apparatus room of the Telco SGT
station. UPS start from batteries
90 min.
4 hours
8
IRRIIS - Physical set-up of the experimentation
environment
Telecom Simulator
LCCI Telecom Data Base
Optional External Components
SimCIP
MITcommunication
Electrical Control Room
Telecom Control Room
9
ERC-CIP European Reference Network for Critical
Infrastructure Protection
Some of the D1 activities may support the
European Reference Network for Critical
Infrastructure Protection at the JRC ERC-CIP
is a DG JLS initiative
10
D2 Demonstrator General Objective

• Implementation of a National Infrastructure
  Simulation and Analysis Center open to
  contribution from other subject involved in the
  area.
• It will develop models and technological
  solutions to be used for the purpose of
  interdependency analysis based on "what if"
  approach.

11
ENEA
USERS/GIS INTERFACE
CRIAI
MIDDLEWARE (Request Management)
CAMPUS BIOMEDICO
Agent-based model
Entity Resource Model
Tor Vergata
MIDDLEWARE (SIMULATORS INTERFACE)
CRIAI
TELECOMM NETWORK SIMULATOR
POWER GRID SIMULATOR
Infrastrutture n SIMULATOR
ENEA
11
12
CRESCO Simulation Platform running on the top of
ENEA GRID






CRESCO middleware
ENEA GRID layer
13
A Simple view of ENEA GRID
ENEA GRID
14
D2 DemonstratorEU-FP7 DIESIS Project Schema
Public transportation traffic simulator
Railway traffic simulator
Power Grid simulator
TLC network Simulator
User
DIESIS middleware
GRID layer
15
NAT (http//www.progettoreti.enea.it//nat)
16
LEONTIEF Tool (http//www.progettoreti.enea.it//le
ontief)
Each node of a network corresponds to a CI. rij
is an interdependency matrix A
time-dependent solution of the
inoperability xi of the i-th CI upon
disturbance di(t) can be written as
Time-dependent inoperabilities
Effort done to design a method to estimate rij
17
ESFRI European Strategy Forum on Research
Infrastructures

• The final goal of D2 and DIESIS is the
  feasibility study of EISAC (European
  Infrastructures Simulation and Analysis Center)
  in the framework of ESFRI.
• EISAC should be the European e-Infrastructure
  similar to the U.S. NISAC (National
  Infrastructure Simulation and Analysis Center)

18
D3 Demonstrator General Objective

• Implementation of an Early Warning system for
  the protection of the Oil, Gas, Electricity and
  Water distribution networks localised inside the
  territory of Val DAgri, in the Basilicata
  region, South of Italy

19
D3 Demonstrator Early Warning System for the
Val DAgri oil field
20
CIWIN Critical Infrastructure Warning
Information Network

• EU Communication COM (2006)786 of EPCIP (European
  Programme on Critical Infrastructure Protection)
  requires the implementation of a European CIWIN,
  linked to National CIWINs
• The Early Warning System for the Val DAgri oil
  field can be a suitable experience for the
  implementation of the Italian CIWIN

21
List of funded Projects supporting the ENEA
Project (1/4)

• SE-TEC "Feasibility Study for a European Network
  of Secure Test Centres for Reliable
  ICT-controlled Critical Energy Infrastructures"
  funded by EU-EPCIPContact Giordano Vicoli
  email vicoli_at_casaccia.enea.it
• IRRIIS "Integrated Risk Reduction of
  Information-based Infrastructure Systems" funded
  by EU-FP6Contact Sandro Bologna email
  bologna_at_casaccia.enea.it
• CRESCO-LAIIISviluppo di Modelli di Simulazione
  ed Analisi delle Reti Tecnologiche Complesse e
  delle loro Interdipendenze funded by
  MIUR-PONContact Sandro Bologna email
  bologna_at_casaccia.enea.it
• CRESCO-LAII "Sviluppo di tecnologie e modelli
  computazionali per la descrizione di sistemi
  complessi di origine biologica e di materiali
  innovativi" funded by MIUR-PONContact Vittorio
  Rosato email rosato_at_casaccia.enea.it

22
List of funded Projects supporting the ENEA
Project (2/4)

• MIA "Definition of a methodology for the
  assessment of mutual interdependencies between
  ICT and electricity generation/transmission
  infrastructures" funded by EU-EPCIPContact
  Vincenzo Fioriti email vincenzo.fioriti_at_casaccia.
  enea.it
• GIACS "General Integration of the Application of
  Complexity in Science" funded by EU-FP6Contact
  Vittorio Rosato email rosato_at_casaccia.enea.it
• DIESIS "Design of an Interoperable European
  federated Simulation network for critical
  Infrastructures" funded by EU-FP7Contact
  Giovanni Dipoppa email giovanni.dipoppa_at_casaccia.
  enea.it
• MICIE "Tool for systemic risk analysis and secure
  mediation of data exchanged across linked CI
  information infrastructures" funded by
  EU-FP7Contact Michele Minichino email
  minichino_at_casaccia.enea.it

23
List of funded Projects supporting the ENEA
Project (3/4)

• TeRN "Sviluppo di sistemi di early-warning in Val
  d'Agri" funded by Regione BasilicataContact
  Gerardo De Canio email decanio_at_casaccia.enea.it
• ASTROM Assessment of resilience to threats of
  control and data management systems of electrical
  transmission network funded by EU-EPCIP
• Contact Giordano Vicoli emailvicoli_at_casaccia.en
  ea.it
• TRAMP Sistema Integrato di Gestione e Controllo
  per il TRAsporto in Sicurezza di Merci
  Pericolose" funded by MIURContact Giovanni
  Dipoppa email giovanni.dipoppa_at_casaccia.enea.it
• COST MP0801 "Physics of Competition, Cooperation
  and Conflict" funded by ESF 20058Contact
  Vittorio Rosato email rosato_at_casaccia.enea.it

24
List of funded Projects supporting the ENEA
Project (4/4)

• NEISAS National and European Information Sharing
  and Alerting System funded by EU-EPCIP
• Contact Arcangelo Tripi emailtripi_at_casaccia.ene
  a.it