Basic ATENA Tools suite configuration

According to the consortium experience and in order to address the security/resiliency required for CI, the design approach of ATENA tools suite will be based on two different control loops:

  • a static, off-line, long term control loop that is in charge of configuring the system according to the security assessment, and updating it on a periodic basis or when particular events require (new threats or discovery of previously undetected vulnerabilities)
  • a dynamic, on-line, short term control loop that is in charge to promptly react to attacks and threats that may impact the operational life of the system.

Role of the off-line loop

  • collection of a set of Context Information (i.e. high-level information about the CI architecture, available technologies, countermeasures and potential threats)
  • enforcement of the CI Secure Configuration (trough Configuration Command) on the basis of such information and of the Desired S/R (Security and Resilience) level and Desired Context (parameters to be optimised other than S/R level)
  • Endorsement of subsidiary ancillary objectives (e.g., Desired Context optimization)
  • Storage of the selected configurations with the associated context information in a dedicated Knowledge Base in order to easily deploy them according to cyber-security context.

Role of on-line loop

  • Continuously monitoring of CI system, basing on the relevant Measurements, as well as on the information stored in the Knowledge Base (DB)
  • Detection of attacks by using prediction and machine learning algorithms, rules and policies.
  • Computation of the mitigation actions to contain the attack
  • Enforcement of countermeasure to the system, or information to the operator about the actions to be enforced.

 

ToolsSuiteConfig-2

Technology of on-line control

Essentially based on two components:

  1. a detection/actuation mechanism mainly based on Network Function Virtualization (NFV) and Software Defined Networking (SDN) techniques, which provide support for multi-tenancy, allowing the distribution of responsibilities in a shared management model.
  2. a reaction/resilience mechanism based on the new concept of Software Defined Security (SDS) that integrates IACS security design, distributed awareness, mitigation and resiliency functionalities into a unique framework able to dynamically and proactively react to the evolving threats by enforcing the most appropriate security policies in each CI nodeBackButton