Repository logo
 
Profile Picture
Person

Menoita Henriques, João Pedro

Metadata only
BB15-BFE2-17AA
0000-0001-7380-9511

Filters

2017 - 20182
Reset filters

Settings

Author: Simões, P. × End date: 2019 ×

Search Results

Now showing 1 - 2 of 2
  • An evolved security architecture for distributed industrial automation and control systems
    Publication . Rosa, L.; Proença, J.; Henriques, João; Graveto, V.; Cruz, T.; Simões, P.; Caldeira, Filipe; Monteiro, E.
    Over the recent years, control and sensor systems used for IACS (Industrial Automation and Control Systems) have become more complex, due to the increasing number of interconnected distributed devices, sensors and actuators. Such components are often widely dispersed in the field – this is the case for microgeneration (wire-to-water generation, solar or wind), smart metering, oil and gas distribution or smart water management, among others. This IoT (Internet of Things)-centric IACS paradigm expands the infrastructure boundaries well beyond the single or aggregated-plant, mono-operator vision (mostly associated with geographically constrained systems topologies), being dispersed over a large geographic area, with increasingly small areas of coverage as we progress towards its periphery. This situation calls for a different approach to cyber threat detection, which is one of the most relevant contributions of the ATENA (Advanced Tools to assEss and mitigate the criticality of ICT components and their dependencies over critical infrAstructures) H2020 project (ATENA 2016). This paper presents and describes the ATENA cyber-security architecture, designed for the emerging generation of distributed IoT IACS, leveraging technologies such as Software Defined Networking/Network Function Virtualization and Big data event processing) within the scope of a cyber-detection architecture designed to deal with the inherent challenges of dispersed IACS, involved different operator domains.
    2017Conference object Restricted access Show more
  • On the use of ontology data for protecting critical infrastructures
    Publication . Henriques, João; Caldeira, Filipe; Cruz, T.; Simões, P.
    Modern societies increasingly depend on products and services provided by Critical Infrastructures (CI) in areas such as energy, telecommunications and transportation, which are considered vital for their wellbeing. These CIs usually rely on Industrial Automation and Control Systems (IACS), which are becoming larger and more complex due to the increasing amount of available heterogeneous data generated by a raising number of interconnected control and monitoring devices and involved processes. The Security Information and Event Management (SIEM) systems in charge of protecting these CI usually collect and process data from specialized sources, such as intrusion detection systems, log sources, honeypots, network traffic analysers and process control software. However, they usually integrate only a small fraction of the whole data sources existing in the CI. Valuable generic data sources such as human resources databases, staff check clocks, outsourced service providers and accounting data usually fall outside the specialized perimeter of SIEM, despite their potential usefulness for achieving a truly holistic perspective on the CI cybersecurity awareness. One of the main reasons for this state of affairs is the difficulty of integrating such data into the SIEM systems, since it is usually dispersed across multiple databases, using different schema and not originally intended for security-related applications. The process of collecting and adapting data from each of those sources would typically require a long and expensive process of conversion from each database. Moreover, since these databases may change over time (e.g. introduction of new Human Resources information systems), the system is difficult not only to setup but also to properly maintain over time. In order to address this gap, in this paper we propose a framework for making this process easier by using a semantic web approach for automated collection and processing of corporate data from multiple heterogeneous sources. This way, it becomes possible to make these data available, at reasonable costs, in a format which is suitable for security management purposes – especially those related with audit compliance and forensic analysis
    2018Conference object Restricted access Show more