Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Towards a European strategy for Critical Towards a European strategy for Critical Infrastructure Protection researchInfrastructure Protection research
CRITIS 2008, Rome
Angelo MarinoAngelo MarinoResearch Programme Officer
European CommissionDG Information Society and Media
The content of this presentation is the responsibility of the auThe content of this presentation is the responsibility of the author and does not necessarily thor and does not necessarily represent the view of the European Commission or its servicesrepresent the view of the European Commission or its services
ContentContent
The EU contextCurrent ICT FP researchNew research priorities in ICT WP 2009-10Final considerations
Policy
2004: EU program on CIP (EPCIP) and CI Warning Info Network (CIWIN)
2006: Communication and Directive on EPCIP –HAA & sectoral approach
2007: Sector: Communication on Protecting Europe's Critical Energy and Transport Infrastructure
2008: Formal adoption of EPCIP Directive before end of year
2009: CIWIN operational within Q1
2009: INFSO policy initiative in ICT CIIP sector within Q1
Policy
2004: EU program on CIP (EPCIP) and CI Warning Info Network (CIWIN)
2006: Communication and Directive on EPCIP –HAA & sectoral approach
2007: Sector: Communication on Protecting Europe's Critical Energy and Transport Infrastructure
2008: Formal adoption of EPCIP Directive before end of year
2009: CIWIN operational within Q1
2009: INFSO policy initiative in ICT CIIP sector within Q1
Protection of Critical Infrastructures Protection of Critical Infrastructures -- The EC ContextThe EC Context
Research
IST-FP6 (2002-2006)9 RTD projects, 36M€ EU funding
PASR (2004-2006)5 projects for about 11,5M€ –total cost
FP7 ICT Call 1 (Apr 2007)Focused on security and trust in Networks and Services, and underpinning technologies
FP7 ICT-SEC (Nov 2007)ICT-Security Research Joint Call on Critical Infrastructure Protection
Research
IST-FP6 (2002-2006)9 RTD projects, 36M€ EU funding
PASR (2004-2006)5 projects for about 11,5M€ –total cost
FP7 ICT Call 1 (Apr 2007)Focused on security and trust in Networks and Services, and underpinning technologies
FP7 ICT-SEC (Nov 2007)ICT-Security Research Joint Call on Critical Infrastructure Protection
The EPCIP Framework The EPCIP Framework
The European Programme for Critical Infrastructure Protection The European Programme for Critical Infrastructure Protection (EPCIP)(EPCIP)
Measures designed Measures designed to facilitate the to facilitate the
implementation of implementation of EPCIPEPCIP
Support for Support for Member States Member States
concerning concerning National Critical National Critical Infrastructures Infrastructures
ContingencyContingency
planningplanning
ExternalExternal
dimensiondimension
Accompanying Accompanying financial financial
measures measures
A procedure for the A procedure for the identification and identification and
designation of designation of European Critical European Critical
Infrastructures Infrastructures (ECI)(ECI) EPCIP Action PlanEPCIP Action Plan
CIP expert groups CIP expert groups
CIP information CIP information sharingsharing
identification and identification and analysis of analysis of interdependenciesinterdependencies
CIWINCIWIN
The proposal for The proposal for a Directive a Directive
concerning ECIconcerning ECI
CIWIN system and prototypeCIWIN system and prototype
CIWIN prototype hosted at the JRC in IspraComponents of the future CIWIN system
1. Servers, applications, premises, LAN. It will be located in premises cleared at the EU Secret level.
2. The user’s access system located in the MS: Workstations, applications, LAN, premises.
3. S-TESTA will be cleared at the EU Restricted level.
1
23
Protection of Critical Information Infrastructures Protection of Critical Information Infrastructures ISTIST--FP6 workFP6 work
Critical Utility Infrastructural Resilience
CRUTIAL (strep)
Integrated Risk Reduction of
information-based Infrastructure Systems
IRRIIS (ip)
Dependable security by enhanced reconfigurability
DESEREC (ip)
Research coordination on CIIP (ERA pilot), CI2RCO (ca; closed)
ICT vulnerabilities and relevant defence methodologies, GRID (ca; closed)
Resilience for survivability in IST, RESIST (NoE)
Saturday 04 NOV 06 at 22:10Saturday 04 NOV 06 at 22:10A system disturbance of the electricity grid originated in
Germany led to disruptions of supply in many EU countries
Coordination ActionsResearch roadmaps, metrics and benchmarks, international cooperation, coordination activities
4 Projects: 3.3 m€
4 Projects11 m€
4 Projects18 m€
Identity management,privacy, trust policies
4 Projects22.5 m€
4 Projects: 16 m€Enabling technologies for trustworthy infrastructuresBiometrics, trusted computing, cryptography, secure SW
3 Projects9.8 m€
1 Project9.4 m€
9 Projects: 20 m€Critical Infrastructure ProtectionCritical Infrastructure Protection
ICT Work Programme 2007ICT Work Programme 2007--080833 new FP7 projects in ICT Security & Trust33 new FP7 projects in ICT Security & Trust
Dynamic, reconfigurableservice architectures
Networkinfrastructures
110 M€
Shared view on security of CI’s, including non-technical aspects
System technology, organisation and management, governance, business, users, legal, regulatory
Overall infrastructure resilience and security
The ICTThe ICT--SEC Joint Call on CIPSEC Joint Call on CIP
Joint Call between Security and ICT ThemesJoint Call between Security and ICT ThemesCritical Infrastructure ProtectionCritical Infrastructure Protection
9 new ICT projects9 new ICT projects
Interaction & complexity ininterdependent CIs
Secure & resilient information and process control systems
Coordination Actions:Research roadmaps, metrics and benchmarks
PARSIFAL
PEACE
WSAN4CIP
VIKING
COMIFIN
UAN
INSPIRE
MICIE
SERSCIS
Coordination actionFocused project(STREP)
Interaction & complexity inInteraction & complexity ininterdependent interdependent CIsCIs
MICIEMICIE (2.5 years, 2.5m€): A real-time alert system supporting the decision making of CI operators that predicts risks from threats and the likely cascading effects that may emerge;
PEACEPEACE (27 months, 2.65m€): An emergency management framework for next generation all-IP networks ensuring secure multimedia communication in extreme emergency situations;
SERSCISSERSCIS (3 years, 2m€): A methodology integrating modelling and management of CIs through adaptive Service Oriented Architectures;
WSAN4CIPWSAN4CIP (3 years, 2.7m€): Secure and fault-tolerant wireless sensor and actuator networks for use in the protection and management of CIs;
Secure & resilient information Secure & resilient information and process control systemsand process control systems
INSPIREINSPIRE (2 years, 2.4m€): Secure configuration and managementof communication networks in distributed control systems operating in CIs;
VIKINGVIKING (3 years, 1.8m€): Improving the robustness and security of industrial control systems operating in electric power networks;
UANUAN (3 years, 2.95m€): Developing a security-oriented underwater wireless network infrastructure for the protection of off-shore plants;
COMIFINCOMIFIN (2.5 years, 2.35m€): Protecting financial infrastructures against operational failures and cyber-threats by using a secure scalable overlay communication middleware;
Coordination & research roadmapsCoordination & research roadmaps
PARSIFALPARSIFAL (1.5 years, 0.6m€): A coordination action bringing together ICT security and financial
stakeholders for identifying best practices and new research priorities in protecting financial CIs
Other ICT FP7 projects relating to CIIP (1)Other ICT FP7 projects relating to CIIP (1)WOMBAT and FORWARDWOMBAT and FORWARD
The FORWARD initiative aims at
identifying, networking, and coordinating the multiple research
efforts that are underway in the area of Cyber-
threats defenses, and leveraging
these efforts with other activities to build secure and
trusted ICT systems and
infrastructures
Worldwide Observatory of Malicious Behaviorsand Attack Threats – 36 mths – about 2,9M funding
Other ICT FP7 project relating to CIIP (2)Other ICT FP7 project relating to CIIP (2)DIESISDIESIS
Design of an Interoperable European federated Simulation network for critical InfraStructures – 24 mths – about 1,2M funding
ContentContent
The EU contextThe EU contextThe EU contextCurrent ICT FP researchCurrent ICT FP researchCurrent ICT FP researchNew research priorities in ICT WP 2009-10Final considerationsFinal considerationsFinal considerations
ICT WP 2009ICT WP 2009--1010: m: main principlesain principles
Projects launched in 2009-10 to have impact in 2015-20
By then, global ICT/knowledge infrastructure –market structures - value chains - business models: all will be completely transformed
Research challenges should:
– Encourage firms to explore more innovative options than they would otherwise pursue
– Focus on higher-risk ICT collaborative research in a medium to long-term agenda
Enabling Europe to shape and master Enabling Europe to shape and master the 2015the 2015--20 ICT landscape20 ICT landscape
ICT remains central for adjusting to the changing economic and social realities– lower carbon emission economy, globalisation, new value
chains, higher quality health and social care, inclusion, security,..
3 major technology and socio-economic transformations that Europe can/should lead
– Future Internet– Alternative paths to ICT components and systems– ICT for sustainable development
Future InternetFuture Internet
New emerging network and service infrastructures
– unlimited bandwidth capacity– much higher computing performance– wireless access anywhere– trillions of devices interconnected– integrated security and trust for all– adaptive and personalised services– 3D semantic-based browsing systems
-> refocus and reinforce research effort to ensure European leadership in developing the "Future Internet"
Trustworthy Future InternetTrustworthy Future Internet
Securing the Architecture– Secure, trusted and privacy respecting architecture– Secure network management & control – Securing virtual entities and virtualised infrastructures
Protection against Threats– Threat prediction and prevention
– Self-protection and resilience
Privacy, ID-M and Trust– Identity and naming infrastructure for persons, ‘things’,
virtual entities– Trust Management Infrastructure
Futu
re a
nd E
mer
ging
Te
chno
logi
es
Digital libraries
& Content
Sustainable & personalised
healthcare
ICT for Mobility,
Environment, Energy
ICT for Independent Living and Inclusion
End-to-end systems for Socio-economic goals
Tech
nolo
gy ro
adbl
ocks
Pervasive & Trusted Network & service
infrastructures
Cognitive systems, Interaction,
Robotics
Components, Systems,
Engineering
Trustworthy ICT
ICT Work Programme 2009ICT Work Programme 2009--1010Trustworthy ICTTrustworthy ICT
Priority areas for Priority areas for Trustworthy ICT in WP Trustworthy ICT in WP ’’0909--’’1010
Trustworthy NetworkInfrastructures
Trustworthy ServiceInfrastructures
Networking, Coordination and Support
Technology and Tools for Trustworthy ICT
DRAFT
NoEs, CAs10m€
• Securing the FI (architecture, virtual entities,interfaces & policies, …)
• Monitoring and managing threats• Experimentation• Socio-economics
• Privacy protecting, scalable & interoperable systems, services on the FI
• Managing trustworthiness throughoutlife-cycle of service infrastructures
• User-centric, privacy respecting IDs• Experimentation• User-centricity and socio-economics
• In the network (process control, things, malware)• For services (ID and privacy mgt tools, risk mgt) • For data management (integrity, availability, long term storage,…)• Software assurance, secure software systems engineering• Enabling technologies (biometrics, crypto, …)
90 M€Call 5
(OCT ’09)
IPs, STREPs: 80 m€min 50% to IPs
• Emerging threats and vulnerabilities in the Future Internet• Economics of security • Legal and societal aspects of trustworthy ICT• International cooperation• …
Trustworthy ICT Trustworthy ICT Research StakeholdersResearch Stakeholders
Trustworthy ICT
Networking
Software &Services
Security, Dependability& Trust
Legal Issues
End-User andSocietal Aspects
CriticalInfrastructures
Support International Cooperation between Support International Cooperation between ongoing projectsongoing projects
Supplementary funding to support travel and meetings:
EU-funded project(s) and the partner-project(s)
Eligible costs restricted to travel & subsistence and meetings in the EU with the partner-project(s)
Partner-projects must be able to demonstrate the availability of at least a similar budget
DRAFT0,5 M€
WP 07-08: Call 4(Apr 09)
WP 09-10: Call 6(Apr 10)
MAX 100 K€per prj
Open FP7 research initiativesOpen FP7 research initiativesTheme SecurityTheme Security
10.2.2-3 Security of infrastructures and utilities:
Integrated protection of rail transportation;
Integrated comprehensive approach to airport security
Built infrastructure protection, including building in resilience to attack at the design stage
ContentContent
The EU contextThe EU contextThe EU contextCurrent ICT FP researchCurrent ICT FP researchCurrent ICT FP researchNew research priorities in ICT WP 2009New research priorities in ICT WP 2009New research priorities in ICT WP 2009---101010Final considerations
Availability of up-to-date ‘data’ for research activitiesEngagement and commitment of CI operators/stakeholders– do we address ‘real problems’ with our
research?– best practices & technology transfer
What sort of tangible impact?– targeted market– certification, standardization
Some open issuesSome open issues
Data collection and data sharing on incidents & vulnerabilities in CIs
Tools and platforms for trusted sharing of sensitive information
Enable Researchers to work with fresh and contextual data (wombat & forward)
Attracting CI stakeholders and operatorsAddressing real industrial needsReal demos (real test cases + real data)
Open and sustainable research infrastructures Agreed security metrics & measurementTest-beds for technology assessment, awareness raising &
confidence building and benchmarking
How to make it happen?How to make it happen?