sandro bologna [email protected] jrc-enea meeting ispra, september 11, 2008
DESCRIPTION
E NTE PER LE N UOVE TECNOLOGIE L’ E NERGIA E L’ A MBIENTE. ENEA’s Project on Management, Safety and Security of Technological and Energy Networks (Critical Infrastructure Protection) http://www.progettoreti.enea.it. Sandro Bologna [email protected] JRC-ENEA Meeting - PowerPoint PPT PresentationTRANSCRIPT
Sandro [email protected]
JRC-ENEA Meeting Ispra, September 11, 2008
ENEA’s Project on Management, Safety and Security of Technological and Energy Networks
(Critical Infrastructure Protection)
http://www.progettoreti.enea.it
ENTE PER LE NUOVE TECNOLOGIE L’ENERGIA E L’AMBIENTE
Three research Objectives Three different Demonstrators
1.Technological solutions to reduce networks vulnerabilities caused by attacks and faults on SCADA (Supervision Control And Data Acquisition) systems. Improve mutual coordination of LCCIs (Large Complex Critical Infrastructures) operators to manage potentially dangerous events.
2.Simulation, evaluation and prevention of networks cascading failures, using advanced models of interdependency effects.
3.Integrate the data about the state of LCCIs, including territorial information, with the scope to support the emergency management operators, and to make available “early-warning” indications about possible scenario evolutions.
Implementation, of a “TestBed” for developing and testing technologies and ICT solutions, which are aimed at lowering vulnerabilities of Large and Complex Technological Networks (LCCIs) and at preventing or mitigate cascading failures through real time information shared between LCCIs operators
D1 Demonstrator – General Objective
INCREASING OF SCADA SYSTEM VULNERABILITY
Increasing of attacks Internal/external/accidental attacks
Classification of attack typologies
Analyses carried out at BCIT (British Columbia Institute of Technology)
ENEA TESTBED TO EXPERIMENT SCADA SAFEGUARD TECHNOLOGY
Workstation 1 Electrical Network
Simulator Data Source
Workstation 2 RTUs
emulators
Workstation 3 Control Centre
emulator
Workstation 4 Messages
communication broker
Workstation 5 Alarms monitoring
interface
Workstation 6 Disturbance/attacks
generator
Communication Network
D1 Demostrator ENEA Safeguard SCADA Testing Facility
Rome Mini TELCO Black-out January 2004
Pre-incident TELCO
network in secure state
Station continue
working with decreased
battery autonomy
Many external Telco services
go down, as the ACEA data links between
control centers
The normal power supply
from ACEA was
restarted
Returnto
normal state
AND AND
Trip of main power
supply
Loss of power supply
Damaged equipment replaced
Telco services restart
AND AND
NETWORK STATE OVERVIEW & ROOT CAUSES
1Flood on the
apparatus room of the Telco SGT
station. UPS start from batteries
2The battery autonomy
finished as Fire Brigate was not able to
eliminate water in time.
3The full
functionality of the SGT station is
restored
4 hoursSafe network state
Endangerednetwork state
Disturbednetwork state
Collapsednetwork
Event
Root cause
Legend
90 min.
SimCIPSimCIP
TelecomTelecomSimulatorSimulator
LCCI TelecomLCCI TelecomData BaseData Base
ElectricityElectricitySimulatorSimulator
LCCI ElectricityLCCI ElectricityData BaseData Base
MITcommunicationMITcommunicationElectricity MIT Add-onElectricity MIT Add-on
Telecom MIT Add-onTelecom MIT Add-on
Electrical Electrical SCADA EmulatorSCADA Emulator
TelecomTelecomSCADA EmulatorSCADA Emulator
Electrical Control RoomElectrical Control Room Telecom Control RoomTelecom Control Room
Optional External Components
IRRIIS - Physical set-up of the experimentation environment
ERC-CIP: European Reference Network for Critical Infrastructure Protection
Some of the D1 activities may support the European Reference Network
for Critical Infrastructure Protection at the JRC
ERC-CIP is a DG JLS initiative
Implementation of a National Infrastructure Simulation and Analysis Center open to contribution from other subject involved in the area.
It will develop models and technological solutions to be used for the purpose of interdependency analysis based on "what if" approach.
D2 Demonstrator – General Objective
USERS/GIS INTERFACE
MIDDLEWARE (Request Management)
MIDDLEWARE (SIMULATORS INTERFACE)
POWER GRIDSIMULATOR
TELECOMM NETWORK
SIMULATOR
Infrastrutture nSIMULATOR
Agent-basedmodel Entity – Resource
Model
ENEA
ENEA
CRIAI
CRIAI
Tor Vergata
CAMPUSBIOMEDICO
11
ENEA GRID layer
CRESCO middleware
Power GridSimulator
Agent-based model
Entity-Resourcemodel
Telecomm NetworkSmulator
CRESCO Simulation Platform running on the top of ENEA GRID
Load Leveler LSF
Graphic User Interface LSF multi-cluster as integratorTelnet
User programs & commercial code
ICAWEB
Cluster 5° ( Portici)
& File System
Load Leveler LSF
Graphic User Interface
Telnet
ICAWEB
Cluster 6° ( Brindisi)
AFS Geographical cross platform& File System
Load Leveler LSF
Graphic User Interface LSF multi-cluster as integrator
Telnet
User programs & commercial code
ICAWEB
Cluster 2° (Casaccia)
AFS Geographical cross platform& File System
Load Leveler LSF
Graphic User Interface LSF multi-cluster as integrator
Telnet
User programs & commercial code
ICAWEB
Cluster 4° (Trisaia )
AFS Geographical cross platform& File System
Load Leveler LSF
Graphic User Interface LSF multi-cluster as integrator
Telnet
User programs & commercial code
ICAWEB
Cluster 3° (Frascati)
AFS Geographical cross platform& File System
Load Leveler LSF
Graphic User Interface LSF multi-cluster as integrator
Telnet
User programs & commercial code
ICAWEB
Cluster 1° ( Bologna)
A Simple view of ENEA GRID
D2 DemonstratorEU-FP7 DIESIS Project Schema
GRID layer
DIESIS middleware
Power Grid simulator
Railway traffic simulator
User TLC network
Simulator
Public transportation
traffic simulator
NAT (http://www.progettoreti.enea.it//nat)
Each node of a network corresponds to a CI. ij is an “interdependency” matrix
A time-dependent solution of the inoperability xi of the i-th CI upon disturbance
di(t) can be written as:
Time-dependent
inoperabilities
Effort done to design a method
to estimate ij
LEONTIEF Tool (http://www.progettoreti.enea.it//leontief)
The final goal of D2 and DIESIS is the feasibility study of EISAC (European Infrastructures Simulation and Analysis Center) in the framework of ESFRI. EISAC should be the European e-Infrastructure similar to the U.S. NISAC (National Infrastructure Simulation and Analysis Center)
ESFRI : European Strategy Forum on Research
Infrastructures
Implementation of an “Early Warning” system for the protection of the Oil, Gas, Electricity and Water distribution networks localised inside the territory of Val D’Agri, in the Basilicata region, South of Italy
D3 Demonstrator – General Objective
D3 Demonstrator Early Warning System for the Val D’Agri oil field
EU Communication COM (2006)786 of EPCIP (European Programme on Critical Infrastructure Protection) requires the implementation of a European CIWIN, linked to National CIWINs
The Early Warning System for the Val D’Agri oil field can be a suitable experience for the implementation of the Italian CIWIN
CIWIN : Critical Infrastructure Warning Information
Network
List of funded Projects supporting the ENEA Project (1/4)
• SE-TEC "Feasibility Study for a European Network of Secure Test Centres for Reliable ICT-controlled Critical Energy Infrastructures" funded by EU-EPCIPContact: Giordano Vicoli email: [email protected]
• IRRIIS "Integrated Risk Reduction of Information-based Infrastructure Systems" funded by EU-FP6Contact: Sandro Bologna email: [email protected]
• CRESCO-LAIII“Sviluppo di Modelli di Simulazione ed Analisi delle Reti Tecnologiche Complesse e delle loro Interdipendenze” funded by MIUR-PONContact: Sandro Bologna email: [email protected]
• CRESCO-LAII "Sviluppo di tecnologie e modelli computazionali per la descrizione di sistemi complessi di origine biologica e di materiali innovativi" funded by MIUR-PONContact: Vittorio Rosato email: [email protected]
List of funded Projects supporting the ENEA Project (2/4)
• MIA "Definition of a methodology for the assessment of mutual interdependencies between ICT and electricity generation/transmission infrastructures" funded by EU-EPCIPContact: Vincenzo Fioriti email: [email protected]
• GIACS "General Integration of the Application of Complexity in Science" funded by EU-FP6Contact: Vittorio Rosato email: [email protected]
• DIESIS "Design of an Interoperable European federated Simulation network for critical Infrastructures" funded by EU-FP7Contact: Giovanni Dipoppa email: [email protected]
• MICIE "Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures" funded by EU-FP7Contact: Michele Minichino email: [email protected]
List of funded Projects supporting the ENEA Project (3/4)
• TeRN "Sviluppo di sistemi di early-warning in Val d'Agri" funded by Regione BasilicataContact: Gerardo De Canio email: [email protected]
• ASTROM “Assessment of resilience to threats of control and data management systems of electrical transmission network” funded by EU-EPCIPContact: Giordano Vicoli email:[email protected]
• TRAMP “Sistema Integrato di Gestione e Controllo per il TRAsporto in Sicurezza di Merci Pericolose" funded by MIURContact: Giovanni Dipoppa email: [email protected]
• COST MP0801 "Physics of Competition, Cooperation and Conflict" funded by ESF 20058Contact: Vittorio Rosato email: [email protected]
List of funded Projects supporting the ENEA Project (4/4)
• NEISAS “National and European Information Sharing and Alerting System” funded by EU-EPCIPContact: Arcangelo Tripi email:[email protected]