WP5: Distributed Mitigation and Resiliency in interdependent scenario

ATENA project want to propose mitigation and reaction strategies in order to cope with disruptive consequences of cascading effects, both vertical (i.e., propagation to physical systems) and horizontal (i.e., propagation to other infrastructures or services that depend on it). This Work Package, led by the University of Roma Tre will  develops near real-time mitigation and reaction strategies at centralised and decentralized level, in order to reduce the risks of upset events.

Approach

New control algorithms, able to provide and to maintain an acceptable level of service towards customers in the face of faults and challenges to normal operation will be developed for cyber-physical systems. Those algorithms will be specifically designed to operate successfully also during cyber-attacks. Applying those control laws within an IACS will help maintaining state awareness and an acceptable operational level in response to threats of unexpected and malicious nature. A modern CI, as a smart grid, has a complex interconnected nature with houses, commercial facilities and several power generation and storage elements that can be also seen as an opportunity to ensuring that the resulting system is more resilient to threats. The ability of operating these systems to achieve a global optimum w.r.t. overall efficiency, stability, security, and resilience will require mechanisms to holistically design complex control systems.Cisia

Work to do

  • Development of near real-time mitigation and reaction strategies at centralized and decentralized level
  • Investigation of emerging Information and Communication models and technologies (SDN, NFV, LTE, etc.) in CIs. Dynamic reconfiguration of security mechanism and relocation (virtualization) of security functions will be performed in a way similar to what currently done in Software Defined Networking. In particular, the adoption of a two-layers SDS architecture will be investigated i.e.:
    • an outer, layer, consisting of a logical slow on-line SDS engine that will leverage the innovative modelling techniques and security metrics defined by WP2 to assess the security level of CIs
    • an inner, layer consisting of a fast on-line engine, will provide the orchestration of the whole set of security mechanisms and security policy enforcing points, then providing a fast response to incoming threats, by adapting the secured networking and control infrastructures in order to:
      1. monitor and predict the resilience and efficiency of the CIs
      2. compute near-real-time control actions to mitigate or counteract on potential threats
      3. temporary exclude nodes with anomalous behavior employing dynamic reconfiguration.

Expected results

  1. A Decision Support System to help operators in reaction phase
  2. Improved mitigation strategies based on interdependency analysis
  3. Improved efficiency of CI through dynamic optimization
  4. Dynamic reconfiguration of security mechanisms and relocation of security functions
  5. Resilient control algorithms for cyber-physical systems
  6. Distributed reaction strategies
  7. New IACS-oriented components for distributed rule-based filtering and field-level security event acquisition
  8. Control algorithms and reaction strategies integration under various scenarios with heterogeneous simulation models

Tasks break down

  • Task 5.1- Requirements and Reference Architecture for the Decision Support System
  • Task 5.2 – Model Based Fault/Attack identification
  • Task 5.3 – Optimal mitigation strategies for CI efficiency under cyber-attacks
  • Task 5.4 – Reaction strategies integration and their ranking into the Decision Support System
  • Task 5.5 –  Software defined Security
  • Task 5.6 – IACS-oriented security components for distributed rule-based filteringBackButton