ATENA project aims at leveraging the outcomes from previous European Research activities, particularly from CockpitCI and MICIE EU projects and pushes at innovating them by exploiting advanced features of ICT and Cyber Security, to be tailored and validated in selected Use Cases, in order to
be adopted at operational industrial maturity level.
The ATENA project is organized according to the following five objectives:
Objective 1 – Develop a Unified Modelling Framework and with ad-hoc models to control physical flow efficiency and improve resilience across CIs against threats of their IACSs and related ICT infrastructuresDescription of the work. Critical Infrastructures can be envisaged as complex systems. This is particularly true when a massively connected and highly dispersive scenario is considered and dependencies on Information and Communication Technologies play a key role. In order to understand CI behaviour, identify their vulnerability and protect them against increasing level of cybercrime, a Unified Modelling Framework is really helpful and challenging at the same time. The ATENA project will use such a framework for assessing CI flow efficiency, robustness, reconfiguration and resilience under cyber-physical threats aiming at increasing CI operators and customers awareness, providing real time optimization of CI flows at different (national, regional, urban) levels.
Objective 2 – Define dynamic security paradigms for resilience of Cyber-Physical systems. CIs are increasingly being controlled by ICT networked objects and are becoming Cyber-Physical Systems (CPS) where industrial Ethernet based on IP protocol is widely adopted. ATENA will develop methodologies and technologies for increasing CPS auto-reconfiguring capability when a fault or an attack affects their functionalities. This resilience-related capability tries to extend the standard security approaches based on perimeter defence by introducing the concept of Dynamic Reconfiguration of Security Mechanisms and Relocation of Security Functions as a consequence of detected attacks and taking into account the current operations in the CI.
Objective 3 – Develop new anomaly detection algorithms and risk assessment methodologies within a distributed Cyber-Physical environment. Considering that new generations of IACS are becoming massively distributed systems, new approaches to anomaly detection and risk assessment will be developed, capable of tackling the challenges introduced by the capillary nature of such infrastructures and their dispersion over wide geographic areas. Big Data-like data processing strategies, Fog-Computing mechanisms and new distributed situation assessment algorithms will become strategic. In particular, a distributed Intrusion Detection System (IDS) will help in identifying new, hitherto unknown attacks affecting the system. ATENA will also develop a formalization of the steps between the detection of a cyber-event and the evaluation of the risk associated to the failure of a component, and then, to the failure of the entire CI. This kind of vulnerability assessment will have to take into account the problems related to the interdependent nature of all CIs.
Objective 4 – Develop a suite of integrated ICT networked components for detection and reaction in presence of adverse events in industrial distributed systems. ATENA project will develop and test several of the best breed devices and Cyber-Physical Systems (CPS) adapted to implement the strategies depicted above. Examples include devices such as the Shadow-RTU, able to detect attacks on RTUs, or the SMART-Extension, that has a filtering capability to protect a process by letting only the right commands reach the RTUs or create an alternative secure channel in case of endangerment of the usual one. Other devices will consist in distributed appliances like the Secure Mediation Network Gateway, to unify the information exchange, or the SMART Network Manager helping in redefining network topology. Due to the massively distributed nature of the protected infrastructure, the detection and reaction mechanisms will constitute a complex distributed hardware and software stack, potentially requiring the introduction of multi tenancy support, as well as the involvement of telecommunications and cloud operator infrastructures.
Objective 5 – Validate the ATENA models and tool suite in significant Use Cases. CI Operators will provide use cases to model, design and validate ATENA project approaches and results, also taking in account the work of the ERNCIP Thematic Group, “Case Studies for the Cyber-security of Industrial Automation and Control Systems”, which aims to identify the need to test and certify IACS used in critical infrastructure. The proposed use cases, that will include several cyber-threats, are focused on: 1. Electricity domain with CI operators IEC and CREOS (grid transmission and distribution, customer site – smart home, smart neighborhood operation and physical protection of the electrical grid and customer site); 2. Gas domain with CI operator CREOS (distribution and automatic load-shedding management); 3. Water domain with CI operator SWDE (water distribution and treatment); 4. ICT domain (premises network, field network, corporate network and inter-domain services).
As tangible results, the ATENA project will produce a set of tools that, implementing innovative models, methodologies and algorithms for security assurance, and interacting with the available smart components of a CI, will increase the level of cyber-physical security and resilience of underpinning CI & IACS. This result will be proved as a quantifiable benefit for the involved End Users that operate a CI in terms of, reduction of service unavailability time, and decrease in security recovery costs.
More information on the project info