modelling security of critical infrastructures a
play

Modelling Security of Critical Infrastructures: A Survivability - PowerPoint PPT Presentation

Sep 06, 2023 •575 likes •983 views

Modelling Security of Critical Infrastructures: A Survivability Assessment guez , Jos e Merseguer , Simona Bernardi Ricardo J. Rodr { rjrodriguez, jmerse, simonab } @unizar.es All wrongs reversed Dpto. de Inform

  1. Modelling Security of Critical Infrastructures: A Survivability Assessment ıguez † , Jos´ e Merseguer † , Simona Bernardi § Ricardo J. Rodr´ { rjrodriguez, jmerse, simonab } @unizar.es � All wrongs reversed † Dpto. de Inform´ § Centro Universitario de la Defensa atica e Ingenier´ ıa de Sistemas Universidad de Zaragoza, Zaragoza, Spain Academia General Militar, Zaragoza, Spain 15 de Junio, 2016 II Jornadas Nacionales de Investigaci´ on en Ciberseguridad Granada, Espa˜ na Accepted in The Computer Journal . doi: 10.1093/comjnl/BXU096

  2. Introduction (I) Critical Infrastructures Provide essential services to the society Power distribution, water treatment, telco, financial services. . . Discontinuity of service may lead to fatalities or injuries Different nature, from unintended acts of nature to intentional attacks (e.g., sabotage, terrorism) R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 2 / 27

  3. Introduction (II) Recent examples 2003 Northeast (U.S.) blackout Attributed to downed power line 11 deaths and an estimated $6B in economic damages, plus disrupted power over a wide area for two days 2013 Bowman Avenue Dam in NY was compromised, and control of the floodgates was gained Attributed to Iranian hackers 2015 Prykarpattyaoblenergo Control Center (PCC) in the Ivano-Frankivsk region of Western Ukraine Leaving 230K residents without power for up to 6 hours Presumed Russian cyberattacker Not only safe, but also secure R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 3 / 27

  4. Introduction (III) The game just begun. . . Cyberattacks against SCADA systems doubled in 2014: more than 160K (Dell’s 2015 Annual Security Report) Malware targeting SCADA systems identified: Examples: Stuxnet, Havex, and BlackEnergy3 R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 4 / 27

  5. Introduction (IV) Survivability Capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents Usually qualitative in nature; and not precise or detailed enough to facilitate measurable survivability requirements and evaluations Survivability strategies phases: Resistance 1 Recognition 2 Recovery 3 R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 5 / 27

  6. Introduction (IV) Survivability Capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents Usually qualitative in nature; and not precise or detailed enough to facilitate measurable survivability requirements and evaluations Survivability strategies phases: Resistance 1 Recognition 2 Recovery 3 Our proposal SecAM (Security Analysis and Modelling) UML profile Enables survivability analysis for critical infrastructures to provide capabilities for assessing defence plans R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 5 / 27

  7. Introduction (V) Advantages Specification, in a quantitatively and quantitatively manner, of security and survivability in early stages of development Specific models for infrastructures and attack patterns Survivability analysis through formal models (in particular, Generalized Stochastic Petri nets) Model-checking techniques Allows steady-state analysis Efficient techniques, as linear algebra and linear programming-based techniques R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 6 / 27

  8. Introduction (V) Advantages Specification, in a quantitatively and quantitatively manner, of security and survivability in early stages of development Specific models for infrastructures and attack patterns Survivability analysis through formal models (in particular, Generalized Stochastic Petri nets) Model-checking techniques Allows steady-state analysis Efficient techniques, as linear algebra and linear programming-based techniques Disadvantages Model complexity increased Lack of CASE tools with automated translation R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 6 / 27

  9. Background (I): UML profile UML profile UML tailored for specific purposes: profiling Stereotypes and tagged values Extend model semantics Allow to express non-functional properties (e.g., performance, reliability, security) within the model R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 7 / 27

  10. Background (I): UML profile UML profile UML tailored for specific purposes: profiling Stereotypes and tagged values Extend model semantics Allow to express non-functional properties (e.g., performance, reliability, security) within the model OMG example Modelling and Analysis of RT Embedded systems (MARTE) Provides support for performance and schedulability analysis Well-defined language to express NFPs (VSL, Value Specification Language ) R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 7 / 27

  11. Background (II): GSPNs UML profiling sounds cool, but. . . Express quantitative properties for analysis Transformation to formal models (in particular, Generalized Stochastic Petri nets) Good (and mature) analysis framework R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 8 / 27

  12. Background (II): GSPNs UML profiling sounds cool, but. . . Express quantitative properties for analysis Transformation to formal models (in particular, Generalized Stochastic Petri nets) Good (and mature) analysis framework GSPN – explanation simplified Underlying Markov-chain Places (circles, p X ) Transitions (white/black bars, t X ) Time interpretation Immediate transitions ( t = 0) Timed (allows different probabilistic distributions) Tokens (black dots) R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 8 / 27

  13. SecAM Profile (I): a General Overview (1) <<import>> <<profile>> <<profile>> <<modelLibrary>> MARTE DAM MARTE::MARTE_Library::BasicNFP_T ypes <<import>> <<import>> <<import>> <<modelLibrary>> <<profile>> SecAM::SecAM_Library SecAM <<modelLibrary>> Basic_SECA_T ypes SecAM_Library <<import>> <<import>> <<apply>> Complex_SECA_T ypes <<profile>> SecAM_UML_Extensions MARTE::VSL::DataT ype SecAM relies on two profiles: MARTE: analysis capabilities (among other features) Dependability Analysis and Modeling (DAM): concepts shared by the dependability and security fields Set of stereotypes; and basic and complex types R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 9 / 27

  14. SecAM Profile (I): a General Overview (2) Security SecAM packages attributes (P1) (P2) (P3) (P4) √ √ √ Integrity √ √ Availability √ √ √ Confidentiality √ Authorisation √ Non-repudiation √ Authenticity (P1): Cryptographic ; (P2): SecurityMechanisms (P3): Resilience ; (P4): AccessControl R. J. Rodr´ ıguez, J. Merseguer, S. Bernardi Modelling Security of CIs: A Survivability Assessment JNIC 2016 10 / 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

PROTECTION FOR CRITICAL INFRASTRUCTURES BY SERGIO BELLARDO Founder of Eurocontrolli 25 years

PROTECTION FOR CRITICAL INFRASTRUCTURES BY SERGIO BELLARDO Founder of Eurocontrolli 25 years

RADAR-BASED PERIMETER PROTECTION FOR CRITICAL INFRASTRUCTURES BY SERGIO BELLARDO Founder of Eurocontrolli 25 years ago A quarter of life spent providing security systems Vast experience in Security , T elecom and Fire Established

706 views • 26 slides
Critical Information Infrastructures: What Lies Ahead? Giampiero Giacomello EIB Seminar

Critical Information Infrastructures: What Lies Ahead? Giampiero Giacomello EIB Seminar

Critical Information Infrastructures: What Lies Ahead? Giampiero Giacomello EIB Seminar November 6, 2013 What are Critical Information Infrastructures ? Critical Infrastructures (CI) are the arteries and veins of Western urbanized

170 views • 16 slides
Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case

Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case

Airports as critical transportation infrastructures increasingly impacted by cyberattacks: a case study CYBER SECURITY &amp; PRIVACY FORUM 2014 CSP Track 3 _ Cyber Attacks &amp; Defences in critical Infrastructure CYSPA Alessandro Pollini, Deep

336 views • 15 slides
Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin

A A Conceptual Nationwide Cyber Situational Awareness Framework for Critical In Infrastructures Hayretdin Bahi , Olaf Manuel Maennel Centre For Digital Forensics and Cyber Security Tallinn University of Technology Evolvement of Cyber

470 views • 13 slides
Securely accessing remote sensors in critical infrastructures. SUPERVISORS: RESEARCH PROJECT 2

Securely accessing remote sensors in critical infrastructures. SUPERVISORS: RESEARCH PROJECT 2

Securely accessing remote sensors in critical infrastructures. SUPERVISORS: RESEARCH PROJECT 2 CEDRIC BOTH PAVLOS LONTORFOS JEROEN DO BOER 1 SECURITY AND NETWORK ENGINEERING The use of sensors Transportation Power grid networks

729 views • 24 slides
Incident Response and its role in Protecting Critical Infrastructures Dr. Kaleem Ahmed Usmani

Incident Response and its role in Protecting Critical Infrastructures Dr. Kaleem Ahmed Usmani

Incident Response and its role in Protecting Critical Infrastructures Dr. Kaleem Ahmed Usmani Officer-In-Charge, Computer Emergency Response Team of Mauritius (CERT-MU) Presentation Outline What CERT-MU does? Critical Infrastructures

604 views • 32 slides
Assessing and Improving Operational Resilience of Critical Infrastructures and Other Systems An

Assessing and Improving Operational Resilience of Critical Infrastructures and Other Systems An

Introduction Models Analysis Algorithms Extensions Conclusions References Assessing and Improving Operational Resilience of Critical Infrastructures and Other Systems An INFORMS TutORial Associate Professor David L. Alderson Distinguished

1.37k views • 99 slides
Public Interest Tech = who gets to build critical digital infrastructures where, with which

Public Interest Tech = who gets to build critical digital infrastructures where, with which

Public Interest Tech = who gets to build critical digital infrastructures where, with which resources, to whose benefit, at what expense? Why am i here? Mostly: https://medium.com/@katharina.meyer/von-moonshots-und-protot

389 views • 17 slides
Regional Climate Modelling using Grid Infrastructures S. K. Dash and Deepika Vaddi

Regional Climate Modelling using Grid Infrastructures S. K. Dash and Deepika Vaddi

Regional Climate Modelling using Grid Infrastructures S. K. Dash and Deepika Vaddi Acknowledgements: Stefano Cozzini, Filippo Giorgi, Abdus Salam ICTP Centre for Atmospheric Sciences Indian Institute of Technology Delhi Hauz Khas, New

623 views • 36 slides
RESEARCH PROJECT PREVENTING MOST COMMON ATTACKS ON CRITICAL INFRASTRUCTURES Wouter Miltenburg

RESEARCH PROJECT PREVENTING MOST COMMON ATTACKS ON CRITICAL INFRASTRUCTURES Wouter Miltenburg

RP#80 RESEARCH PROJECT PREVENTING MOST COMMON ATTACKS ON CRITICAL INFRASTRUCTURES Wouter Miltenburg &amp; Koen Veelenturf University of Amsterdam Students Master System and Network Engineering Supervisors: Jaya Baloo &amp; Oscar Koeroo

314 views • 14 slides
A T oo Limited List of Infrastructures Identifjed as Critical Yvo Desmedt Department of

A T oo Limited List of Infrastructures Identifjed as Critical Yvo Desmedt Department of

A T oo Limited List of Infrastructures Identifjed as Critical Yvo Desmedt Department of Computer Science, Florida State University, T allahassee,Florida, FL 32306-4530, USA, and Royal Holloway, University of London, UK desmedt@cs.fsu.edu,

477 views • 16 slides
and Cybersecurity in Critical Industrial Infrastructures Mary Ann Lundteigen 1 and Bjrn Axel

and Cybersecurity in Critical Industrial Infrastructures Mary Ann Lundteigen 1 and Bjrn Axel

The Need of Improved Methods to Handle Functional Safety and Cybersecurity in Critical Industrial Infrastructures Mary Ann Lundteigen 1 and Bjrn Axel Gran 2 22.5.2019 1 Professor, NTNU (mary.a.lundteigen@ntnu.no) 2 Halden Project &amp; Adjunct

338 views • 14 slides
Model based Quantitative Resilience Assessment of Critical Information Infrastructures Andrea

Model based Quantitative Resilience Assessment of Critical Information Infrastructures Andrea

Model based Quantitative Resilience Assessment of Critical Information Infrastructures Andrea Bondavalli bondavalli@unifi.it http://rcl.dsi.unifi.it Universit degli Studi di Firenze Outline Short Intro The research framework and the

660 views • 49 slides
Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System

Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System

Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System Dr. Igor Nai Fovino Head of the Research Department Global Cyber Security Center The Global Cyber Security Center, is an International not-for-profit

615 views • 33 slides
Towards a Reference Architecture for Service- Oriented Cross Domain Security Infrastructures Wen

Towards a Reference Architecture for Service- Oriented Cross Domain Security Infrastructures Wen

Towards a Reference Architecture for Service- Oriented Cross Domain Security Infrastructures Wen Zhu Dr. Lowell Vizenor Dr. Avinash Srinivasan 7 th International Conference on Internet and Distributed Computing Systems Agenda Background

128 views • 12 slides
Time-critical reactive systems (modelling) Jos Proena HASLab - INESC TEC Universidade do

Time-critical reactive systems (modelling) Jos Proena HASLab - INESC TEC Universidade do

Time-critical reactive systems (modelling) Jos Proena HASLab - INESC TEC Universidade do Minho Braga, Portugal April, 2016 Motivation Timed Automata Semantics Modelling in Uppaal Motivation Specifying an airbag saying that in a car

519 views • 48 slides
Matematik former morgendagens satellitter Md MATH p KU 15-11-2018 This is a footer TIC

Matematik former morgendagens satellitter Md MATH p KU 15-11-2018 This is a footer TIC

Matematik former morgendagens satellitter Md MATH p KU 15-11-2018 This is a footer TIC TICRA One of the first spin-offs from Electromagnetics Institute at DTU (1971) 2 TIC TICRA A his istory ry of f excellence The glo lobal l

466 views • 31 slides
THE COBRA PROGRAMMING LANGUAGE At SoCal Code Camp January 2009 cobra-language.com 1 YOUR

THE COBRA PROGRAMMING LANGUAGE At SoCal Code Camp January 2009 cobra-language.com 1 YOUR

THE COBRA PROGRAMMING LANGUAGE At SoCal Code Camp January 2009 cobra-language.com 1 YOUR SPEAKER Chuck Nor^H^H^H Esterbrook AKA Cobra Commander Independent contractor / consultant Based in Los Angeles

2.21k views • 33 slides
Hello. I am Morgan McGuire, presenting a collaboration with Julie Dorsey, Eric Haines, John

Hello. I am Morgan McGuire, presenting a collaboration with Julie Dorsey, Eric Haines, John

Hello. I am Morgan McGuire, presenting a collaboration with Julie Dorsey, Eric Haines, John Hughes, Steve Marschner, Matt Pharr, and Peter Shirley on A Taxonomy of Bidirectional Scattering Distribution Function Lobes for Rendering Engineers With

671 views • 35 slides
Crowdsourcing Erfurt Meeting@QoMEX 2017 30 May 2017, 16.00-16.30 Tobias Hossfeld, Babak

Crowdsourcing Erfurt Meeting@QoMEX 2017 30 May 2017, 16.00-16.30 Tobias Hossfeld, Babak

Task Force Crowdsourcing Erfurt Meeting@QoMEX 2017 30 May 2017, 16.00-16.30 Tobias Hossfeld, Babak Naderi WG1 Research Agenda: Crowdsourcing TF 1. Overview on recent activities of CS TF (Tobias, Babak, 10 min) 2. Short

1.07k views • 39 slides
Interconnection, Peering IXPs What and How Interconnection 2 Interconnection The Internet is

Interconnection, Peering IXPs What and How Interconnection 2 Interconnection The Internet is

Interconnection, Peering IXPs What and How Interconnection 2 Interconnection The Internet is all about interconnection! 3 Interconnection Typically Interconnection between networks in the Internet is implemented in two ways Transit

1.19k views • 60 slides
Marketing Strategies That Eli liminate Price Resistance And In Increase Sale les Revenue

Marketing Strategies That Eli liminate Price Resistance And In Increase Sale les Revenue

Marketing Strategies That Eli liminate Price Resistance And In Increase Sale les Revenue Johnny Campbell, DTM, AS The Transition Man 1. What can I do that my competition will NOT Do? 2. What value can I add that my competition doesn't add? 3.

487 views • 35 slides
The The Enigma Enigma Machine Machine History of Computing December 6, 2006 Mike Koss

The The Enigma Enigma Machine Machine History of Computing December 6, 2006 Mike Koss

The The Enigma Enigma Machine Machine History of Computing December 6, 2006 Mike Koss Invention of Enigma ! Invented by Arthur Scherbius, 1918 ! Adopted by German Navy, 1926 ! Modified military version, 1930 ! Two Additional rotors added,

533 views • 30 slides
Combination of GNSS and InSAR for Future Australian Datums Interferometric Synthetic Aperture

Combination of GNSS and InSAR for Future Australian Datums Interferometric Synthetic Aperture

Combination of GNSS and InSAR for Future Australian Datums Interferometric Synthetic Aperture Radar Thomas Fuhrmann, Matt Garthwaite, Sarah Lawrie, Nick Brown Motivation Current situation Static Datum: fixed coordinates Plate Motion model

551 views • 41 slides

More recommend