SlideShare a Scribd company logo

Securing Critical Infrastructures with a cybersecurity digital twin

Download as PPTX, PDF
Massimiliano Masi
Massimiliano Masi

Critical Infrastructures are common targets for cyber-and-physical attacks. Smart Grids, Water Transport Systems, Railway, or Motorway witness an increase of malware and attacks partially due to the IT/OT convergence. Usually, critical infrastructures are composed by legacy software or hardware that cannot be easily patched or upgraded, facilitating the work of the attackers by exposing vulnerabilities solved in IT decades ago. Moreover, it is usually impossible to have a test system for such infrastructures, where a security countermeasure is evaluated for its impact. In fact, in OT systems, availability is of its utmost importance, thus adding a security countermeasure has to be carefully evaluated to not hinder such property. To overcome such shortcomings, digital twins are used. In this talk, it will be presented how digital twins specifically devised for cybersecurity are used for the evaluation of threats in cyber-and-physical systems in an industrial environment. In particular, it will be shown how a digital twin will be systematically derived from the Architectural representation of a real-world industrial system (the "collaborative intelligent transport system") and how the security measures are evaluated with an specific architectural view.

Automotive
1 of 29
OCCASIONE D’USO DATA IN GG/MM/AA 1 Securing Critical Infrastructures with a Cybersecurity Digital Twin Massimiliano Masi - <mmasi@autostrade.it> IEEE CBI 2023, Prague 22/06/2023
OCCASIONE D’USO DATA IN GG/MM/AA 1. What are critical infrastructures A. The definitions – and the legal context B. Examples: the Intelligent Transport Systems. 2. The problem: OT Security A. Difference between IT/OT Security 1. The use of EA A. A digital twin for cybersecurity: the cybersecurity view B. A systematic creation of the DT starting from the RAMI 4.0 2. A couple of real use cases: a Road Tunnel and C-ITS PROPOSED AGENDA
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures seen from the law The law (2008/114/CE/) defines ‘critical infrastructure’ means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State as a result of the failure to maintain those functions; Examples are (they all have a EA) • Healthcare facilities, and their IT infrastructure • The entire financial sector • Energy, from transmission to distribution • Transportation: road, maritime, aviation, and water supply Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: a Computer Science perspective Usually, critical infrastructures utilizes hardware and software components which are specifically devised for the operations In Healthcare • Medical Equipment under the Medical Device Regulation • Picture Archiving and Communication Systems (PACS) In Energy Supply • Programmable Logic Controllers (PLC) to monitor and actuate energy management • Intelligent Electronic Devices (IED) enabling use cases such as the Virtual Power Plant Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems A virtual power plant, an water management facility, or truck platooning system, are examples of remote-controlled cyber-and-physical systems. A control room, usually sends commands to actuate the controlled devices to modify the physical world, and receives information from sensors sensing from the real world. In Road Transportation • A red light might affect the traffic regulations In Energy Supply • Sensors may return values from a PV used by a software to decide the day-ahead electricity consumption Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Attacks Critical Infrastructures Cybersecurity attacks may be originated from the digital infrastructures to impact on the digital infrastructures itself, or even impact the physical world. And VICEVERSA.
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems When an attack is performed towards a Critical Infrastructure it may affect our lives. • Trains might not be circulating (economic loss) • Hospitals are not able to treat patients (potential casualties) • Water can be poisoned (potential casualties) • Fuel might not be available (unavailability of vehicles) • Goods might not be circulating (economic loss, and eventual casualties) Think availability of critical infrastructures in case of disasters (natural, human, or war) Campi flegrei • A volcano is sleeping over a population of millions of inhabitants Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems Critical Infrastructures Protection (CIP) is in most case the mastering of many interdependent subsystems composed by Industrial Automation and Control Systems (IACS – introducing the IEC 62443-x-y jargon) • According with EU JRC, IACS are complex systems composed by all the components (PLCs, SCADA, HMI, Data Loggers) that are integrated into critical infrastructures and industrial production environments. Threats, Countermeasures, risk analyses are different than in IT Cybersercurity Testing Business Continuity Plans is impossible: there is no test tunnel or substation, or water pipe! Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: interconnected Systems are all interconnected: unavailability of the power grid may have an interruption on the traffic, as tunnels shall be closed after 1 hour of lack of power, which may create congestion in a smart city and patients can’t be hospitalised… This is at european level! Reasons of such cascading effects? Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: We need EA! Critical Infrastructures
OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures are complex systems of systems • All interconnected, different data domains • No test infrastructures, usually the system is tailored to the specific use case • (Luckily) CI owners are required to test business continuity and incident response plans. • Need to include also physical attacks that can influence the digital world and viceversa. How to solve? The Problem
OCCASIONE D’USO DATA IN GG/MM/AA Securing OT systems is different than Typical IT • Availability over Integrity and Confidentiality • The phases: (rare) Security By Design, Securing Legacy, and Attack Simulations • Systems are there to stay: they expose vulnerabilities solved in IT decades ago • PLCs are different than Computers, the programming languages does not have the modern measures (buffer overflows are normal) • The traffic of the communication network should be exactly the one expected by the devices. Pings of Death are possible • Attacker can be APTs, or disgruntled employees, skilled on the IACS functioning Typical Countermeasures • Network segregation and segmentation, DMZ, no ZTNA as today • Attacker is Dolev-Yao, omnipotent • And many other myths https://gca.isa.org/blog/common-ics-cybersecurity-myths-lessons- learned OT (and I-IoT) Security
OCCASIONE D’USO DATA IN GG/MM/AA THE ROLE OF A MOTORWAY OPERATOR THE CONTEXT Road Operators are considered critical infrastructures in some countries. • Service Disruptions impact other critical infrastructure [ENISA] • Service is delivered through IT/OT/IoT infrastructure: Variable Message Signs, C-ITS, Red lights. Such data is used for Traffic Management Plans • Road operators are interconnected indirectly through National Access Points and directly to exchange Real Time Traffic Information (RTTI) and Safety Related Traffic Information (SRTI) • It is also a typical company, with IT systems: endpoints, ERP, social networking PECULIARITIES [ENISA] Good Practices on Interdependencies between OES and DSPs, Nov. 2018 IMPACTS 14 • Usually operates Optic Fiber-based network equipment, geographically distributed • Energy supply, Diesel Engines, Radio Equipment, Charging Stations • Network congestion could cause pressure on other adjacent infrastructures (Hospitals, Smart Cities, Good delivery), and causes vehicle crashes • Malfunctioning on a Road Tunnel IoT/OT equipment can cause injuries and deaths
OCCASIONE D’USO DATA IN GG/MM/AA DATA FROM DIFFERENT SECURITY DOMAINS THE CONTEXT Typical data journey • Read from a sensor on the road (IoT). Data is semantically and syntactically different (e.g., CCTV, LoraWAN). • Sensors and actuators in Tunnels. Data is exchanged using OT protocols from IoT devices, actuating tunnel pumps in case of fire. • Data arrives in a Data Center or in a Cloud VPC. Risks related to cloud have to be considered • Data is elaborated in a Traffic Control Center:Traffic Management Plans, SRTI, RTTI, send Hazardous Location Notification • C-ITS data arrives at 10hz per vehicle over a public network (DSRC) According with IEC 62443, those may have different Security Level Target (SL-T) • This means different countermeasures on integrity, confidentiality • How to trust data from C-ITS? Security Policy only requires a “ISO 27001 certification” 15
OCCASIONE D’USO DATA IN GG/MM/AA RAMI, 27001, 62443 THE CONTEXT Use of IEC 62443 • Mapping all the abstract architectural assets to the RAMI 4.0 framework • Use Business and Functional as target for the high-level risk analysis • Use Communication as hint for zone and conduit • Use integration and assets to select the items for the low-level risk analysis • Perform security testing The 27001 protection rings • Multi-compliance: security zones share 27001 and 62443 requirements • Use of the NIST Cybersecurity Framework as a mapping tool • IEC 62443-2-1 and the related TR, should be updated 16
OCCASIONE D’USO DATA IN GG/MM/AA Many definitions and many publications • In this context it is adopted the definition from Grieves, Manufacturing Excellence Through Virtual Factory Replication (2015) • We consider a virtual description of a physical product that is accurate to both micro-and macro- level. • Digital twins exhibit fidelity, a high number of parameters transferred between the physical and the virtual entity, high accuracy and a satisfying level of abstraction. • In the past physical models have been widely used in engineering and architecture to help the design and facilitate physical testing of buildings, plants, machines and systems. • Digital twin can be either inline, where an actuation on the twin has an immediate effect on the system, or asynchronous, where an actuation on the twin is actuated at a second stage DIGITAL TWIN
OCCASIONE D’USO DATA IN GG/MM/AA Many definitions and many publications • Other meanings are as digital shadows, when not communicating or interacting with their physical counterpart, or models • The use of a Digital Twin in Cybersecurity is not new. Publications and PoC exists to demonstrate its usage for Security Operation Centre DIGITAL TWIN We are using a methodology that systematically gets the description of the IACS from its Reference Architecture and builds its digital twin. On that, we evaluate countermeasures, and we test Business Continuity Plans. Results will be then, asynchronously, implemented site by site
OCCASIONE D’USO DATA IN GG/MM/AA It is divided in 3 steps • It leverages the concept of Reference Architecture and Solution Architecture to produce the architecture models needed to design the cybersecurity Digital Twin • It starts with a model or by mapping the system into a Reference Architecture. • We introduce a cybersecurity view with the following viewpoint • Overview: enabling the assessment of BCPs and security posture of IACS • Concerns: decrease the cyber-threat risk to acceptable levels • Anti-Concerns: ROI Analysis • Typical Stakeholders: business decision makers and cybersecurity experts • Mode Kind • Choose a Reference Architecture Framework • Translating the View into a Digital Twin • Identify Attack Scenarios The Methodology
OCCASIONE D’USO DATA IN GG/MM/AA Generating a Cybersecurity View • Choose an Architecture Framework (e.g., RAMI 4.0, SGAM, TOGAF). It is worth noting that the methodology is parametric, as long as mapping exists • For legacy systems, a mapping is required from the system to the EA conceptual space • The mapping may be guided by existing frameworks, such as the NIST CSF for CIP. • Once the system is in the conceptual space, the view is created by selecting the architectural elements to be protected, by Business Impact Analyses, Risk Analysis, regulations Step 1
OCCASIONE D’USO DATA IN GG/MM/AA Deriving the Cybersecurity Digital Twin • The elements in the EA Conceptual space in the Cybersecurity View are translated into Meta Attack Language (MAL) Step 2
OCCASIONE D’USO DATA IN GG/MM/AA Security simulations and countermeasure identification • Once the system is represented in MAL, SecuriCAD has been used to perform simulations • Simulations are performed using a twin concept, which includes specific threats related to the IACS (e.g, water poisoning, or tunnel light system availability) • Simulations enable reasonings also on the Techniques, Tactics, and Procedures from the MITRE ATT&CK matrix for ICS Step 3
OCCASIONE D’USO DATA IN GG/MM/AA The methodology in Practice: a Road Tunnel
OCCASIONE D’USO DATA IN GG/MM/AA Target for (cyber)terrorist attacks • By nature, a tunnel connects two sites physically separated by geographic obstacles (mountain, rivers, sea) • Hence a malfunctioning tunnel leads to economic loss and pressure over other infrastructures lying on both sides of the entrance. • Road Authorities are required to perform risk analysis and business continuity plans Road Tunnels
OCCASIONE D’USO DATA IN GG/MM/AA Building a reference architecture of the road tunnel and generating a Cybersecurity View • The system under analysis already exist, and no EA conceptual models are available • We mapped all the components of a single tunnel (around 200) into RAMI 4.0 to create the EA space • The cybersecurity mappings have been performed following the NIST CSF CIP v1.1. • ID.AM-3 – data flows are mapped -> all the traffic from all the switches has been sniffed and the entire network map has been created. Results of elements in the RAMI 4.0 Communication layer • ID.AM-2 - Software platforms and applications within the organization are inventoried -> Results are elements in the RAMI 4.0 Asset layer Phase 1
OCCASIONE D’USO DATA IN GG/MM/AA Phase 2: deriving the cybersecurity digital twin From: Massimiliano Masi, Giovanni Paolo Sellitto, Helder Aranha, Tanja Pavleska: Securing critical infrastructures with a cybersecurity digital twin. Softw. Syst. Model. 22(2): 689-707 (2023)
OCCASIONE D’USO DATA IN GG/MM/AA Phase 3: Simulations • Excerpt from the digital twin • Two attack scenario: • SCADA compromised by a credential leak without MFA • Maintainer laptop with Industroyer • Segregation at firewall level is easy, but what is the impact? • Costs, maintenance, unfeasible • Air gapping solutions? • Other techniques bypassing air gap exists, unfeasible • Adding an Intrusion Detection System nearby the SCADA? • Would not hinder availability • Detection procedures and automations shall be in place • With MAL and SecuriCAD we have been able to show the effects and the costs-effectiveness analysis to management
OCCASIONE D’USO DATA IN GG/MM/AA Countermeasures have been implemented • The results obtained from the simulations have been implemented in tunnels • Business Continuity Plans are created, designed, and simulated for their safety before changing the traffic regulations (BCP tests can’t be performed with live traffic) • The model is used for continuous improvement: when new attack techniques, or scenario arise, we perform detailed simulations – other product exists, but the model is systematically created from the system After the Simulations
OCCASIONE D’USO DATA IN GG/MM/AA 29 CONCLUSIONS Complexity of Critical Infrastructure Protection 29 What we have seen A methodology to use MAL as a model representing the CI Simulations over a road Tunnel

Recommended

Light Weight Cryptography for IOT.pptx
Light Weight Cryptography for IOT.pptxLight Weight Cryptography for IOT.pptx
Light Weight Cryptography for IOT.pptx
DineshBoobalan
 
Secure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart waySecure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart way
Eficode
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
Maganathin Veeraragaloo
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
Rochester Security Summit
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
Santosh Khadsare
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
Erik Taavila
 
Network Design and Security Best Practices
Network Design and Security Best PracticesNetwork Design and Security Best Practices
Network Design and Security Best Practices
Mike Sherwood
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
James Wickett
 

Recommended

Light Weight Cryptography for IOT.pptx
Light Weight Cryptography for IOT.pptxLight Weight Cryptography for IOT.pptx
Light Weight Cryptography for IOT.pptx
DineshBoobalan
 
Secure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart waySecure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart way
Eficode
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
Maganathin Veeraragaloo
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
Rochester Security Summit
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
Santosh Khadsare
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
Erik Taavila
 
Network Design and Security Best Practices
Network Design and Security Best PracticesNetwork Design and Security Best Practices
Network Design and Security Best Practices
Mike Sherwood
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
James Wickett
 
Fortinet k
Fortinet kFortinet k
Fortinet k
mrehan2k2
 
Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security Framework
Karthikeyan Dhayalan
 
Gap Assessment for DevOps
Gap Assessment for DevOpsGap Assessment for DevOps
Gap Assessment for DevOps
Marc Hornbeek
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Cissp Training PPT
Cissp Training PPTCissp Training PPT
Cissp Training PPT
ADEPT TECHNOLOGY
 
Threat Modeling Using STRIDE
Threat Modeling Using STRIDEThreat Modeling Using STRIDE
Threat Modeling Using STRIDE
Girindro Pringgo Digdo
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modeling
Prabath Siriwardena
 
Cissp Study notes.pdf
Cissp Study notes.pdfCissp Study notes.pdf
Cissp Study notes.pdf
MAHESHUMANATHGOPALAK
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdf
MIlton788007
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Damn Vulnerable Chemical Process
Damn Vulnerable Chemical ProcessDamn Vulnerable Chemical Process
Damn Vulnerable Chemical Process
Positive Hack Days
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat Modeling
Danny Wong
 
Vmware view overview
Vmware view overviewVmware view overview
Vmware view overview
Manny Singh
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
Forescout Technologies Inc
 
RA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I start
Rockwell Automation
 
DevOps Powerpoint Presentation Slides
DevOps Powerpoint Presentation SlidesDevOps Powerpoint Presentation Slides
DevOps Powerpoint Presentation Slides
SlideTeam
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLC
BDPA Charlotte - Information Technology Thought Leaders
 
PCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management CompliancePCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management Compliance
ControlCase
 
"Fundamentals of Monocular SLAM," a Presentation from Cadence
"Fundamentals of Monocular SLAM," a Presentation from Cadence"Fundamentals of Monocular SLAM," a Presentation from Cadence
"Fundamentals of Monocular SLAM," a Presentation from Cadence
Edge AI and Vision Alliance
 
IRJET- Power Theft and Fault Detection using IoT Technology
IRJET- Power Theft and Fault Detection using IoT TechnologyIRJET- Power Theft and Fault Detection using IoT Technology
IRJET- Power Theft and Fault Detection using IoT Technology
IRJET Journal
 
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Power System Operation
 

More Related Content

What's hot

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdf
MIlton788007
 
DevOps Powerpoint Presentation Slides
DevOps Powerpoint Presentation SlidesDevOps Powerpoint Presentation Slides
DevOps Powerpoint Presentation Slides
SlideTeam
 
"Fundamentals of Monocular SLAM," a Presentation from Cadence
"Fundamentals of Monocular SLAM," a Presentation from Cadence"Fundamentals of Monocular SLAM," a Presentation from Cadence
"Fundamentals of Monocular SLAM," a Presentation from Cadence
Edge AI and Vision Alliance
 

What's hot (20)

Fortinet k
Fortinet kFortinet k
Fortinet k
 
Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security Framework
 
Gap Assessment for DevOps
Gap Assessment for DevOpsGap Assessment for DevOps
Gap Assessment for DevOps
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Cissp Training PPT
Cissp Training PPTCissp Training PPT
Cissp Training PPT
 
Threat Modeling Using STRIDE
Threat Modeling Using STRIDEThreat Modeling Using STRIDE
Threat Modeling Using STRIDE
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modeling
 
Cissp Study notes.pdf
Cissp Study notes.pdfCissp Study notes.pdf
Cissp Study notes.pdf
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdf
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Damn Vulnerable Chemical Process
Damn Vulnerable Chemical ProcessDamn Vulnerable Chemical Process
Damn Vulnerable Chemical Process
 
7 Steps to Threat Modeling
7 Steps to Threat Modeling7 Steps to Threat Modeling
7 Steps to Threat Modeling
 
Vmware view overview
Vmware view overviewVmware view overview
Vmware view overview
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
 
RA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I startRA TechED 2019 - SS16 - Security Where and Why do I start
RA TechED 2019 - SS16 - Security Where and Why do I start
 
DevOps Powerpoint Presentation Slides
DevOps Powerpoint Presentation SlidesDevOps Powerpoint Presentation Slides
DevOps Powerpoint Presentation Slides
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLC
 
PCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management CompliancePCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management Compliance
 
"Fundamentals of Monocular SLAM," a Presentation from Cadence
"Fundamentals of Monocular SLAM," a Presentation from Cadence"Fundamentals of Monocular SLAM," a Presentation from Cadence
"Fundamentals of Monocular SLAM," a Presentation from Cadence
 

Similar to Securing Critical Infrastructures with a cybersecurity digital twin

Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Power System Operation
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Leonardo ENERGY
 
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Power System Operation
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
George Wainblat
 
Low-cost real-time internet of things-based monitoring system for power grid ...
Low-cost real-time internet of things-based monitoring system for power grid ...Low-cost real-time internet of things-based monitoring system for power grid ...
Low-cost real-time internet of things-based monitoring system for power grid ...
IJECEIAES
 

Similar to Securing Critical Infrastructures with a cybersecurity digital twin (20)

IRJET- Power Theft and Fault Detection using IoT Technology
IRJET- Power Theft and Fault Detection using IoT TechnologyIRJET- Power Theft and Fault Detection using IoT Technology
IRJET- Power Theft and Fault Detection using IoT Technology
 
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...
 
Security challenges to power grid and smart grid infrastructures
Security challenges to power grid and smart grid infrastructuresSecurity challenges to power grid and smart grid infrastructures
Security challenges to power grid and smart grid infrastructures
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
 
IRJET- Wireless Sensor Network and its Application in Civil Infrastructure
IRJET- Wireless Sensor Network and its Application in Civil InfrastructureIRJET- Wireless Sensor Network and its Application in Civil Infrastructure
IRJET- Wireless Sensor Network and its Application in Civil Infrastructure
 
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
 
Cyber physical systems and robotics
Cyber physical systems and roboticsCyber physical systems and robotics
Cyber physical systems and robotics
 
Significance of Satellites in IoT
Significance of Satellites in IoTSignificance of Satellites in IoT
Significance of Satellites in IoT
 
IRJET- Fault Detection, Classification and Location using GPS System
IRJET- Fault Detection, Classification and Location using GPS SystemIRJET- Fault Detection, Classification and Location using GPS System
IRJET- Fault Detection, Classification and Location using GPS System
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
 
Low-cost real-time internet of things-based monitoring system for power grid ...
Low-cost real-time internet of things-based monitoring system for power grid ...Low-cost real-time internet of things-based monitoring system for power grid ...
Low-cost real-time internet of things-based monitoring system for power grid ...
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
 
IRJET- Internet of Things (IoT) based Smart Grid
IRJET- Internet of Things (IoT) based Smart GridIRJET- Internet of Things (IoT) based Smart Grid
IRJET- Internet of Things (IoT) based Smart Grid
 
The efficacy and challenges of scada and smart grid integration
The efficacy and challenges of scada and smart grid integrationThe efficacy and challenges of scada and smart grid integration
The efficacy and challenges of scada and smart grid integration
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMSSECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
 
Smart Grid Deployment Experience and Utility Case Studies
Smart Grid Deployment Experience and Utility Case StudiesSmart Grid Deployment Experience and Utility Case Studies
Smart Grid Deployment Experience and Utility Case Studies
 

More from Massimiliano Masi

eHealth 2018 http://www.ehealth20xx.at/program-blockchain/
eHealth 2018 http://www.ehealth20xx.at/program-blockchain/eHealth 2018 http://www.ehealth20xx.at/program-blockchain/
eHealth 2018 http://www.ehealth20xx.at/program-blockchain/
Massimiliano Masi
 
A governance model for ubiquitous medical devices accessing eHealth data: the...
A governance model for ubiquitous medical devices accessing eHealth data: the...A governance model for ubiquitous medical devices accessing eHealth data: the...
A governance model for ubiquitous medical devices accessing eHealth data: the...
Massimiliano Masi
 

More from Massimiliano Masi (18)

Cybersecurity Task Force at ASECAP Days 2023
Cybersecurity Task Force at ASECAP Days 2023Cybersecurity Task Force at ASECAP Days 2023
Cybersecurity Task Force at ASECAP Days 2023
 
A Cybersecurity Digital Twin for Critical Infrastructure Protection
A Cybersecurity Digital Twin for Critical Infrastructure ProtectionA Cybersecurity Digital Twin for Critical Infrastructure Protection
A Cybersecurity Digital Twin for Critical Infrastructure Protection
 
Enabling a Zero Trust Architecture in Smart Grids through a Digital Twin
Enabling a Zero Trust Architecture in Smart Grids through a Digital TwinEnabling a Zero Trust Architecture in Smart Grids through a Digital Twin
Enabling a Zero Trust Architecture in Smart Grids through a Digital Twin
 
Security and Safety by Design in the Internet of Actors an Architectural Appr...
Security and Safety by Design in the Internet of Actors an Architectural Appr...Security and Safety by Design in the Internet of Actors an Architectural Appr...
Security and Safety by Design in the Internet of Actors an Architectural Appr...
 
Achieving Interoperability Through IHE
Achieving Interoperability Through IHEAchieving Interoperability Through IHE
Achieving Interoperability Through IHE
 
Securing Mobile e-Health Environments by Design: A Holistic Architectural App...
Securing Mobile e-Health Environments by Design: A Holistic Architectural App...Securing Mobile e-Health Environments by Design: A Holistic Architectural App...
Securing Mobile e-Health Environments by Design: A Holistic Architectural App...
 
Enabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approachEnabling Security-by-design in Smart Grids: An architecture-based approach
Enabling Security-by-design in Smart Grids: An architecture-based approach
 
Corso IFTS CyberSecurity Expert - Attacco di Armando e Operazione Black Tulip
Corso IFTS CyberSecurity Expert - Attacco di Armando e Operazione Black TulipCorso IFTS CyberSecurity Expert - Attacco di Armando e Operazione Black Tulip
Corso IFTS CyberSecurity Expert - Attacco di Armando e Operazione Black Tulip
 
Corso IFTS CyberSecurity Expert - Creazione di una CA con OpenSSL
Corso IFTS CyberSecurity Expert - Creazione di una CA con OpenSSLCorso IFTS CyberSecurity Expert - Creazione di una CA con OpenSSL
Corso IFTS CyberSecurity Expert - Creazione di una CA con OpenSSL
 
Corso IFTS CyberSecurity Expert - Cifrai Asimmetrici
Corso IFTS CyberSecurity Expert - Cifrai AsimmetriciCorso IFTS CyberSecurity Expert - Cifrai Asimmetrici
Corso IFTS CyberSecurity Expert - Cifrai Asimmetrici
 
Corso IFTS CyberSecurity Expert
Corso IFTS CyberSecurity ExpertCorso IFTS CyberSecurity Expert
Corso IFTS CyberSecurity Expert
 
The need for interoperability in blockchain-based initiatives to facilitate c...
The need for interoperability in blockchain-based initiatives to facilitate c...The need for interoperability in blockchain-based initiatives to facilitate c...
The need for interoperability in blockchain-based initiatives to facilitate c...
 
Blockchain Technology - Common Use-Cases
Blockchain Technology - Common Use-CasesBlockchain Technology - Common Use-Cases
Blockchain Technology - Common Use-Cases
 
Automating Smart Grid Solution Architecture Design
Automating Smart Grid Solution Architecture DesignAutomating Smart Grid Solution Architecture Design
Automating Smart Grid Solution Architecture Design
 
Introduction to Blockchain Technologies
Introduction to Blockchain TechnologiesIntroduction to Blockchain Technologies
Introduction to Blockchain Technologies
 
eHealth 2018 http://www.ehealth20xx.at/program-blockchain/
eHealth 2018 http://www.ehealth20xx.at/program-blockchain/eHealth 2018 http://www.ehealth20xx.at/program-blockchain/
eHealth 2018 http://www.ehealth20xx.at/program-blockchain/
 
A governance model for ubiquitous medical devices accessing eHealth data: the...
A governance model for ubiquitous medical devices accessing eHealth data: the...A governance model for ubiquitous medical devices accessing eHealth data: the...
A governance model for ubiquitous medical devices accessing eHealth data: the...
 
Addressing Security and Provide through IHE Profiles
Addressing Security and Provide through IHE Profiles Addressing Security and Provide through IHE Profiles
Addressing Security and Provide through IHE Profiles
 

Recently uploaded

Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...
amitlee9823
 
Sales & Marketing Alignment_ How to Synergize for Success.pptx.pdf
Sales & Marketing Alignment_ How to Synergize for Success.pptx.pdfSales & Marketing Alignment_ How to Synergize for Success.pptx.pdf
Sales & Marketing Alignment_ How to Synergize for Success.pptx.pdf
Aggregage
 
Delhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
shivangimorya083
 
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111
ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111
ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111
Sapana Sha
 
Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝
Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝
Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar
83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar
83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar
dollysharma2066
 
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 
如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一
如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一
如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一
opyff
 
Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...
Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...
Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...
amitlee9823
 
9990611130 Find & Book Russian Call Girls In Vijay Nagar
9990611130 Find & Book Russian Call Girls In Vijay Nagar9990611130 Find & Book Russian Call Girls In Vijay Nagar
9990611130 Find & Book Russian Call Girls In Vijay Nagar
GenuineGirls
 
如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一
如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一
如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一
ozave
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...
Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...
Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Delhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
shivangimorya083
 
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
amitlee9823
 

Recently uploaded (20)

Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Mumbai Call On 9920725232 With Body to body massage wit...
 
design a four cylinder internal combustion engine
design a four cylinder internal combustion enginedesign a four cylinder internal combustion engine
design a four cylinder internal combustion engine
 
Sales & Marketing Alignment_ How to Synergize for Success.pptx.pdf
Sales & Marketing Alignment_ How to Synergize for Success.pptx.pdfSales & Marketing Alignment_ How to Synergize for Success.pptx.pdf
Sales & Marketing Alignment_ How to Synergize for Success.pptx.pdf
 
Delhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Mayur Vihar 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
 
Why Won't Your Subaru Key Come Out Of The Ignition Find Out Here!
Why Won't Your Subaru Key Come Out Of The Ignition Find Out Here!Why Won't Your Subaru Key Come Out Of The Ignition Find Out Here!
Why Won't Your Subaru Key Come Out Of The Ignition Find Out Here!
 
ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111
ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111
ENJOY Call Girls In Okhla Vihar Delhi Call 9654467111
 
Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝
Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝
Call Girls in Shri Niwas Puri Delhi 💯Call Us 🔝9953056974🔝
 
83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar
83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar
83778-77756 ( HER.SELF ) Brings Call Girls In Laxmi Nagar
 
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一
如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一
如何办理女王大学毕业证(QU毕业证书)成绩单原版一比一
 
Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...
Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...
Vip Mumbai Call Girls Mira Road Call On 9920725232 With Body to body massage ...
 
What Causes BMW Chassis Stabilization Malfunction Warning To Appear
What Causes BMW Chassis Stabilization Malfunction Warning To AppearWhat Causes BMW Chassis Stabilization Malfunction Warning To Appear
What Causes BMW Chassis Stabilization Malfunction Warning To Appear
 
9990611130 Find & Book Russian Call Girls In Vijay Nagar
9990611130 Find & Book Russian Call Girls In Vijay Nagar9990611130 Find & Book Russian Call Girls In Vijay Nagar
9990611130 Find & Book Russian Call Girls In Vijay Nagar
 
Lucknow 💋 (Genuine) Escort Service Lucknow | Service-oriented sexy call girls...
Lucknow 💋 (Genuine) Escort Service Lucknow | Service-oriented sexy call girls...Lucknow 💋 (Genuine) Escort Service Lucknow | Service-oriented sexy call girls...
Lucknow 💋 (Genuine) Escort Service Lucknow | Service-oriented sexy call girls...
 
如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一
如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一
如何办理麦考瑞大学毕业证(MQU毕业证书)成绩单原版一比一
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...
Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...
Call Now ≽ 9953056974 ≼🔝 Call Girls In Shankar vihar ≼🔝 Delhi door step delev...
 
Stay Cool and Compliant: Know Your Window Tint Laws Before You Tint
Stay Cool and Compliant: Know Your Window Tint Laws Before You TintStay Cool and Compliant: Know Your Window Tint Laws Before You Tint
Stay Cool and Compliant: Know Your Window Tint Laws Before You Tint
 
Delhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls East Of Kailash 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
 

Securing Critical Infrastructures with a cybersecurity digital twin

  • 1. OCCASIONE D’USO DATA IN GG/MM/AA 1 Securing Critical Infrastructures with a Cybersecurity Digital Twin Massimiliano Masi - <mmasi@autostrade.it> IEEE CBI 2023, Prague 22/06/2023
  • 2. OCCASIONE D’USO DATA IN GG/MM/AA 1. What are critical infrastructures A. The definitions – and the legal context B. Examples: the Intelligent Transport Systems. 2. The problem: OT Security A. Difference between IT/OT Security 1. The use of EA A. A digital twin for cybersecurity: the cybersecurity view B. A systematic creation of the DT starting from the RAMI 4.0 2. A couple of real use cases: a Road Tunnel and C-ITS PROPOSED AGENDA
  • 3. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures seen from the law The law (2008/114/CE/) defines ‘critical infrastructure’ means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State as a result of the failure to maintain those functions; Examples are (they all have a EA) • Healthcare facilities, and their IT infrastructure • The entire financial sector • Energy, from transmission to distribution • Transportation: road, maritime, aviation, and water supply Critical Infrastructures
  • 4. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: a Computer Science perspective Usually, critical infrastructures utilizes hardware and software components which are specifically devised for the operations In Healthcare • Medical Equipment under the Medical Device Regulation • Picture Archiving and Communication Systems (PACS) In Energy Supply • Programmable Logic Controllers (PLC) to monitor and actuate energy management • Intelligent Electronic Devices (IED) enabling use cases such as the Virtual Power Plant Critical Infrastructures
  • 5. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems A virtual power plant, an water management facility, or truck platooning system, are examples of remote-controlled cyber-and-physical systems. A control room, usually sends commands to actuate the controlled devices to modify the physical world, and receives information from sensors sensing from the real world. In Road Transportation • A red light might affect the traffic regulations In Energy Supply • Sensors may return values from a PV used by a software to decide the day-ahead electricity consumption Critical Infrastructures
  • 6. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Attacks Critical Infrastructures Cybersecurity attacks may be originated from the digital infrastructures to impact on the digital infrastructures itself, or even impact the physical world. And VICEVERSA.
  • 7. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems When an attack is performed towards a Critical Infrastructure it may affect our lives. • Trains might not be circulating (economic loss) • Hospitals are not able to treat patients (potential casualties) • Water can be poisoned (potential casualties) • Fuel might not be available (unavailability of vehicles) • Goods might not be circulating (economic loss, and eventual casualties) Think availability of critical infrastructures in case of disasters (natural, human, or war) Campi flegrei • A volcano is sleeping over a population of millions of inhabitants Critical Infrastructures
  • 8. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems Critical Infrastructures Protection (CIP) is in most case the mastering of many interdependent subsystems composed by Industrial Automation and Control Systems (IACS – introducing the IEC 62443-x-y jargon) • According with EU JRC, IACS are complex systems composed by all the components (PLCs, SCADA, HMI, Data Loggers) that are integrated into critical infrastructures and industrial production environments. Threats, Countermeasures, risk analyses are different than in IT Cybersercurity Testing Business Continuity Plans is impossible: there is no test tunnel or substation, or water pipe! Critical Infrastructures
  • 9. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: Cyber-and-Physical Systems Critical Infrastructures
  • 10. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: interconnected Systems are all interconnected: unavailability of the power grid may have an interruption on the traffic, as tunnels shall be closed after 1 hour of lack of power, which may create congestion in a smart city and patients can’t be hospitalised… This is at european level! Reasons of such cascading effects? Critical Infrastructures
  • 11. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures: We need EA! Critical Infrastructures
  • 12. OCCASIONE D’USO DATA IN GG/MM/AA Critical Infrastructures are complex systems of systems • All interconnected, different data domains • No test infrastructures, usually the system is tailored to the specific use case • (Luckily) CI owners are required to test business continuity and incident response plans. • Need to include also physical attacks that can influence the digital world and viceversa. How to solve? The Problem
  • 13. OCCASIONE D’USO DATA IN GG/MM/AA Securing OT systems is different than Typical IT • Availability over Integrity and Confidentiality • The phases: (rare) Security By Design, Securing Legacy, and Attack Simulations • Systems are there to stay: they expose vulnerabilities solved in IT decades ago • PLCs are different than Computers, the programming languages does not have the modern measures (buffer overflows are normal) • The traffic of the communication network should be exactly the one expected by the devices. Pings of Death are possible • Attacker can be APTs, or disgruntled employees, skilled on the IACS functioning Typical Countermeasures • Network segregation and segmentation, DMZ, no ZTNA as today • Attacker is Dolev-Yao, omnipotent • And many other myths https://gca.isa.org/blog/common-ics-cybersecurity-myths-lessons- learned OT (and I-IoT) Security
  • 14. OCCASIONE D’USO DATA IN GG/MM/AA THE ROLE OF A MOTORWAY OPERATOR THE CONTEXT Road Operators are considered critical infrastructures in some countries. • Service Disruptions impact other critical infrastructure [ENISA] • Service is delivered through IT/OT/IoT infrastructure: Variable Message Signs, C-ITS, Red lights. Such data is used for Traffic Management Plans • Road operators are interconnected indirectly through National Access Points and directly to exchange Real Time Traffic Information (RTTI) and Safety Related Traffic Information (SRTI) • It is also a typical company, with IT systems: endpoints, ERP, social networking PECULIARITIES [ENISA] Good Practices on Interdependencies between OES and DSPs, Nov. 2018 IMPACTS 14 • Usually operates Optic Fiber-based network equipment, geographically distributed • Energy supply, Diesel Engines, Radio Equipment, Charging Stations • Network congestion could cause pressure on other adjacent infrastructures (Hospitals, Smart Cities, Good delivery), and causes vehicle crashes • Malfunctioning on a Road Tunnel IoT/OT equipment can cause injuries and deaths
  • 15. OCCASIONE D’USO DATA IN GG/MM/AA DATA FROM DIFFERENT SECURITY DOMAINS THE CONTEXT Typical data journey • Read from a sensor on the road (IoT). Data is semantically and syntactically different (e.g., CCTV, LoraWAN). • Sensors and actuators in Tunnels. Data is exchanged using OT protocols from IoT devices, actuating tunnel pumps in case of fire. • Data arrives in a Data Center or in a Cloud VPC. Risks related to cloud have to be considered • Data is elaborated in a Traffic Control Center:Traffic Management Plans, SRTI, RTTI, send Hazardous Location Notification • C-ITS data arrives at 10hz per vehicle over a public network (DSRC) According with IEC 62443, those may have different Security Level Target (SL-T) • This means different countermeasures on integrity, confidentiality • How to trust data from C-ITS? Security Policy only requires a “ISO 27001 certification” 15
  • 16. OCCASIONE D’USO DATA IN GG/MM/AA RAMI, 27001, 62443 THE CONTEXT Use of IEC 62443 • Mapping all the abstract architectural assets to the RAMI 4.0 framework • Use Business and Functional as target for the high-level risk analysis • Use Communication as hint for zone and conduit • Use integration and assets to select the items for the low-level risk analysis • Perform security testing The 27001 protection rings • Multi-compliance: security zones share 27001 and 62443 requirements • Use of the NIST Cybersecurity Framework as a mapping tool • IEC 62443-2-1 and the related TR, should be updated 16
  • 17. OCCASIONE D’USO DATA IN GG/MM/AA Many definitions and many publications • In this context it is adopted the definition from Grieves, Manufacturing Excellence Through Virtual Factory Replication (2015) • We consider a virtual description of a physical product that is accurate to both micro-and macro- level. • Digital twins exhibit fidelity, a high number of parameters transferred between the physical and the virtual entity, high accuracy and a satisfying level of abstraction. • In the past physical models have been widely used in engineering and architecture to help the design and facilitate physical testing of buildings, plants, machines and systems. • Digital twin can be either inline, where an actuation on the twin has an immediate effect on the system, or asynchronous, where an actuation on the twin is actuated at a second stage DIGITAL TWIN
  • 18. OCCASIONE D’USO DATA IN GG/MM/AA Many definitions and many publications • Other meanings are as digital shadows, when not communicating or interacting with their physical counterpart, or models • The use of a Digital Twin in Cybersecurity is not new. Publications and PoC exists to demonstrate its usage for Security Operation Centre DIGITAL TWIN We are using a methodology that systematically gets the description of the IACS from its Reference Architecture and builds its digital twin. On that, we evaluate countermeasures, and we test Business Continuity Plans. Results will be then, asynchronously, implemented site by site
  • 19. OCCASIONE D’USO DATA IN GG/MM/AA It is divided in 3 steps • It leverages the concept of Reference Architecture and Solution Architecture to produce the architecture models needed to design the cybersecurity Digital Twin • It starts with a model or by mapping the system into a Reference Architecture. • We introduce a cybersecurity view with the following viewpoint • Overview: enabling the assessment of BCPs and security posture of IACS • Concerns: decrease the cyber-threat risk to acceptable levels • Anti-Concerns: ROI Analysis • Typical Stakeholders: business decision makers and cybersecurity experts • Mode Kind • Choose a Reference Architecture Framework • Translating the View into a Digital Twin • Identify Attack Scenarios The Methodology
  • 20. OCCASIONE D’USO DATA IN GG/MM/AA Generating a Cybersecurity View • Choose an Architecture Framework (e.g., RAMI 4.0, SGAM, TOGAF). It is worth noting that the methodology is parametric, as long as mapping exists • For legacy systems, a mapping is required from the system to the EA conceptual space • The mapping may be guided by existing frameworks, such as the NIST CSF for CIP. • Once the system is in the conceptual space, the view is created by selecting the architectural elements to be protected, by Business Impact Analyses, Risk Analysis, regulations Step 1
  • 21. OCCASIONE D’USO DATA IN GG/MM/AA Deriving the Cybersecurity Digital Twin • The elements in the EA Conceptual space in the Cybersecurity View are translated into Meta Attack Language (MAL) Step 2
  • 22. OCCASIONE D’USO DATA IN GG/MM/AA Security simulations and countermeasure identification • Once the system is represented in MAL, SecuriCAD has been used to perform simulations • Simulations are performed using a twin concept, which includes specific threats related to the IACS (e.g, water poisoning, or tunnel light system availability) • Simulations enable reasonings also on the Techniques, Tactics, and Procedures from the MITRE ATT&CK matrix for ICS Step 3
  • 23. OCCASIONE D’USO DATA IN GG/MM/AA The methodology in Practice: a Road Tunnel
  • 24. OCCASIONE D’USO DATA IN GG/MM/AA Target for (cyber)terrorist attacks • By nature, a tunnel connects two sites physically separated by geographic obstacles (mountain, rivers, sea) • Hence a malfunctioning tunnel leads to economic loss and pressure over other infrastructures lying on both sides of the entrance. • Road Authorities are required to perform risk analysis and business continuity plans Road Tunnels
  • 25. OCCASIONE D’USO DATA IN GG/MM/AA Building a reference architecture of the road tunnel and generating a Cybersecurity View • The system under analysis already exist, and no EA conceptual models are available • We mapped all the components of a single tunnel (around 200) into RAMI 4.0 to create the EA space • The cybersecurity mappings have been performed following the NIST CSF CIP v1.1. • ID.AM-3 – data flows are mapped -> all the traffic from all the switches has been sniffed and the entire network map has been created. Results of elements in the RAMI 4.0 Communication layer • ID.AM-2 - Software platforms and applications within the organization are inventoried -> Results are elements in the RAMI 4.0 Asset layer Phase 1
  • 26. OCCASIONE D’USO DATA IN GG/MM/AA Phase 2: deriving the cybersecurity digital twin From: Massimiliano Masi, Giovanni Paolo Sellitto, Helder Aranha, Tanja Pavleska: Securing critical infrastructures with a cybersecurity digital twin. Softw. Syst. Model. 22(2): 689-707 (2023)
  • 27. OCCASIONE D’USO DATA IN GG/MM/AA Phase 3: Simulations • Excerpt from the digital twin • Two attack scenario: • SCADA compromised by a credential leak without MFA • Maintainer laptop with Industroyer • Segregation at firewall level is easy, but what is the impact? • Costs, maintenance, unfeasible • Air gapping solutions? • Other techniques bypassing air gap exists, unfeasible • Adding an Intrusion Detection System nearby the SCADA? • Would not hinder availability • Detection procedures and automations shall be in place • With MAL and SecuriCAD we have been able to show the effects and the costs-effectiveness analysis to management
  • 28. OCCASIONE D’USO DATA IN GG/MM/AA Countermeasures have been implemented • The results obtained from the simulations have been implemented in tunnels • Business Continuity Plans are created, designed, and simulated for their safety before changing the traffic regulations (BCP tests can’t be performed with live traffic) • The model is used for continuous improvement: when new attack techniques, or scenario arise, we perform detailed simulations – other product exists, but the model is systematically created from the system After the Simulations
  • 29. OCCASIONE D’USO DATA IN GG/MM/AA 29 CONCLUSIONS Complexity of Critical Infrastructure Protection 29 What we have seen A methodology to use MAL as a model representing the CI Simulations over a road Tunnel

Editor's Notes

  1. TITOLO | Carattere Univers | Grandezza carattere 36 | GRASSETTO SOTTOTITOLO | Carattere Univers | Grandezza carattere 20 | GRASSETTO In alto a destra inserire sempre con Carattere Univers 14 | GRASSETTO | COLORE BIANCO Occasione d’uso (es. CDA) Struttura o Direzione scrivente Data con gg/mm/aa