Browsing by Author "Simoes, Paulo"
Now showing 1 - 9 of 9
Results Per Page
Sort Options
- Assurance and trust indicators to evaluate accuracy of on-line risk in critical infrastructuresPublication . Schaberreiter, Thomas; Caldeira, Filipe; Aubert, Jocelyn; Monteiro, Edmundo; Khadraoui, Djamel; Simoes, PauloCritical infrastructure (CI) services are consumed by the society constantly and we expect them to be available 24 hours a day. A common definition is that CIs are so vital to our society that a disruption or destruction would have a severe impact on the social well-being and the economy on national and international levels. CIs can be mutually dependent on each other and a failure in one infrastructure can cascade to another (inter)dependent infrastructure and cause service disruptions. Methods to better assess and monitor CIs and their (inter)dependencies at run-time in order to be able to evaluate possible risks have to be developed. Furthermore, methods to ensure the validity of evaluated risk have to be investigated. In this work, we build on existing work of CI security modelling, a CI model that allows modelling the risks of CI services at run-time. We conduct a study of indicators allowing to evaluate the correctness of calculated service risk, taking into account various sources contributing to this evaluation. Trust-based indicators are introduced to capture the dynamically changing behaviour of a system.
- Design and implementation of a mediation system enabling secure communication among Critical InfrastructuresPublication . Castrucci, Marco; Neri, Alessandro; Caldeira, Filipe; Aubert, Jocelyn; Khadraoui, Djamel; Aubigny, Matthieu; Harpes, Carlo; Simoes, Paulo; Suraci, Vincenzo; Capodieci, PaoloNowadays, the increase of interdependencies among different Critical Infrastructures (CI) makes it more and more difficult to protect without using a systemic approach that considers a single infrastructure as part of a complex system of infrastructures. A strong collaboration among CI owners is required to avoid, or at least to limit the propagation of failures from one infrastructure to another and to put CI in safety mode. The key element enabling this required cooperation is the possibility for them to exchange relevant information related to the status of their infrastructures and to the services provided. In this paper, we present a middleware solution that allows CIs sharing real-time information, enabling the design and implementation of fault mitigation strategies and mechanisms to prevent the cascading phenomena generated by the failure propagation from one infrastructure to another.
- Improved Resilience of Interdependent Critical Infrastructures via on-line Alerting SystemPublication . Capodieci, Paolo; Diblasi, Stefano; Ciancamerla, Ester; Minichino, Michele; Foglietta, Chiara; Lefevre, Davide; Oliva, Gabriele; Panzieri, Stefano; Setola, Roberto; De Porcellinis, Stefano; Delli Priscoli, Francesco; Castrucci, Marco; Suraci, Vincenzo; Lev, Leonid; Shneck, Yosi; Khadraoui, Djamel; Aubert, Jocelyn; Iassinovski, Serguei; Jiang, Jianmin; Simoes, Paulo; Caldeira, Filipe; Spronska, Agnieszka; Harpes, Carlo; Aubigny, MatthieuThis paper illustrates the activities under development within the FP7 EU MICIE project. The project is devoted to design and implement an on-line alerting system, able to evaluate, in real time, the level of risk of interdependent Critical Infrastructures (CIs). Such a risk is generated by undesired events and by the high level of interconnection of the different infrastructures. Heterogeneous models are under development to perform short term predictions of the Quality of Service (QoS) of each CI according to the QoS of the others, to the level of interdependency among the Infrastructures, and according to the undesired events identified in the reference scenario.
- Secure Mediation Gateway Architecture Enabling the Communication Among Critical InfrastructuresPublication . Caldeira, Filipe; Castrucci, Marco; Aubigny, Matthieu; Macone, Donato; Monteiro, Edmundo; Rente, Francisco; Simoes, Paulo; Suraci, VincenzoRepresenting one of the most technological dependencies of contemporary societies, Critical Infrastructures (CIs) have to ensure the highest security levels to be able of fulfill their duty in any circumstances. This is the main goal of MICIE (Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures) FP7 ICT-SEC project: the design and implementation of a real-time CI risk level prediction and alerting system [1]. In order to reach this objective, one of the main key challenge to be addressed is the design and the implementation of a Secure Mediation Gateway (SMGW), namely a new innovative network element able to: (i) discover CI status information, (ii) overcome information heterogeneity and (iii) provide a secure communication of such information among peer CIs. All the information discovered and collected by the SMGW are then provided to a dedicated prediction tool which is in charge of calculating a risk prediction for the CIs. This paper presents the functional architecture of the SMGW designed within the MICIE project, putting in evidence how it is possible to discover information and exchange critical information over a insecure network like Internet.
- Trust and Reputation for Information Exchange in Critical InfrastructuresPublication . Caldeira, Filipe; Monteiro, Edmundo; Simoes, PauloToday’s Critical Infrastructures (CI) are highly interdependent in order to deliver their services with the required level of quality and availability. Information exchange among interdependent CI plays a major role in CI protection and risk prevention for interconnected CI were cascading effects might occur because of their interdependencies. This paper addresses the problem of the quality of information exchanged among interconnected CI and also the quality of the relationship in terms of trust and security. The use of trust and reputation indicators associated with the information exchange is the proposed solution. The proposed solution is being applied to information exchange among interconnected CI in scope of the European FP7 MICIE project, in order to improve information accuracy and to protect each CI from using inconsistent and non trustable information about critical events.
- Trust and Reputation Management for Critical Infrastructure ProtectionPublication . Caldeira, Filipe; Monteiro, Edmundo; Simoes, PauloToday’s Critical Infrastructures (CI) depend of Information and Communication Technologies (ICT) to deliver their services with the required level of quality and availability. ICT security plays a major role in CI protection and risk prevention for single and also for interconnected CIs were cascading effects might occur because of the interdependencies that exist among different CIs. This paper addresses the problem of ICT security in interconnected CIs. Trust and reputation management using the Policy Based Management paradigm is the proposed solution to be applied at the CI interconnection points for information exchange. The proposed solution is being applied to the Security Mediation Gateway being developed in the European FP7 MICIE project, to allow for information exchange among interconnected CIs.
- Trust and reputation management for critical infrastructure protectionPublication . Caldeira, Filipe; Monteiro, Edmundo; Simoes, PauloToday's critical communication technologies (ICTs) to deliver their services with the required level of quality and availability. ICT security plays a major role in CI protection and risk prevention for single and also for interconnected CIs were cascading effects might occur because of the interdependencies that exist among different CIs. This work addresses the problem of ICT security in interconnected CIs. Trust and reputation management using the policy-based management paradigm is the proposed solution to be applied at the CI interconnection points for information exchange. The proposed solution is being applied to the Security Mediation Gateway being developed in the scope of the European FP7 MICIE project, to allow information exchange among interconnected CIs.
- Trust Based Interdependency Weighting for On-line Risk Monitoring in Interdependent Critical InfrastructuresPublication . Caldeira, Filipe; Schaberreiter, Thomas; Varrette, Sébastien; Monteiro, Edmundo; Simoes, Paulo; Pascal, Bouvry; Khadraoui, DjamelCritical infrastructure (CI) services are constantly consumed by the society and are not expected to fail. A common definition states that CIs are so vital to our society that a disruption would have a severe impact on both the society and the economy. CI sectors include, amongst others, electricity, telecommunication and transport. CIs can be mutually dependent on each others services and a failure in one of these elements can cascade to another (inter)dependent CI. CI security modelling was introduced in previous work to enable on-line risk monitoring in CIs that depend on each other by exchanging risk alerts expressed in terms of a breach of Confidentiality, a breach of Integrity and degrading Availability (C,I,A). While generally providing a solid basis for risk monitoring, there is no way of evaluating if a risk alert received from an external CI is accurate. In this paper we propose a solution to this problem by adding a trust based component to the CI security model in order to improve its accuracy and resilience to inconsistent or inaccurate risk alerts provided by (inter)dependent CIs, allowing to evaluate the correctness of the received alerts. The proposed approach is validated on a realistic scenario by evaluating a dependency between the computing and the telecommunication sectors in the context of the Grid'5000 platform.
- Trust based interdependency weighting for on-line risk monitoring in interdependent critical infrastructuresPublication . Caldeira, Filipe; Schaberreiter, Thomas; Monteiro, Edmundo; Jocelyn, Aubert; Simoes, Paulo; Khadraoui, DjamelCritical infrastructure (CI) services are constantly consumed by the society and are expected to be available 24 hours a day. A common definition states that CIs are so vital to our society that a disruption or destruction would have a severe impact on the social well-being and the economy nationally and internationally. CI sectors include, amongst others, the electricity, telecommunication, air traffic and transport sectors. CIs can be mutually dependent on each other and a failure in one CI can cascade to another dependent or interdependent CI to cause service disruptions. Methods to better assess and monitor CIs and their dependencies in order to predict possible risks have to be developed. Information about the current risk in a service provided by a CI can contribute not only to increase CI security, but also to increase the confidence of consumers and CIs that depend on this service. In this paper, a previous work on CI security modelling is extended. A trust based component is added to the security model as a means to improve its accuracy and its resilience to inconsistent information provided by dependent CIs allowing to evaluate the correctness of information received from those dependencies.