encs/nec research meeting -...
TRANSCRIPT
ENCS/NEC RESEARCH MEETING
Benessa Defend
ベネッサ・ディフェンド
April 21, 2014
NEC, Kawasaki
1
PARTNERING FOR CYBER
RESILIENCE
We create and bring together knowledge and resources
to secure European critical infrastructures
2
ENCS: THE HAGUE
- Confidential - 3
ENCS COOPERATIVE ASSOCIATION
• ENCS is independent, not for profit and driven by member
benefits
• Members include owners of critical infrastructures, their
suppliers, academia and regulators
• ENCS provides the network, knowledge and resources
to comply with cyber security regulation and to
stay ahead in cyber security developments
• ENCS creates practical solutions to solve
problems of critical infrastructure owners
4
10 members and partners:
Alliander
KPN
DNV KEMA
Radboud University
TNO
E.ON
Enexis
Westland Infra
Wurldtech
Applied Risk
ORGANIZATION
Research
& Development
Research
& Development
Cyber
Testing
Cyber
Testing
Education
&
Training
Education
&
Training
Information &
Knowledge
Sharing
Information &
Knowledge
Sharing
HR, Finance,
ICT,
Marketing
HR, Finance,
ICT,
Marketing
HR, Finance,
ICT, Marketing
HR, Finance,
ICT, Marketing
ENCS Assembly Committee ENCS Assembly Committee
CEO Office CEO Office
Projects Projects
ENCS Assembly ENCS Assembly
5
PARTNERS WITHIN PROJECTS
6
RESEARCH & DEVELOPMENT
7
ENCS R&D PRINCIPLES
• Dedicated R&D competence in security for ICS and
smart grids
• Research agenda in collaboration with industry and regulators; continuously matched with member needs
• Researchers work on member projects, standardisation groups, advice to regulators etc.
• Integration with test lab and shared projects to push solutions from paper to practice
8
R&D RESEARCH AGENDA
Smart Grid Architecture Model Framework
9
• Security architectures for the smart grid
• Protocol design and analysis
• Testing and attestation methods
• Dependability and security
• Security on constrained devices
• Situational awareness and monitoring
• Privacy by design
PROJECTS
• Recommendations for Europe on SCADA patching, published
by ENISA
• Cyber Security: A Fundamental Basis for Smart Grids
– Monitoring
– Testing
– Privacy
– Standards
• Analysis of smart meter protocols
– DLMS/COSEM
– PRIME
10
FP7 PROJECT: AMADEOS
• Architecture for Multi-criticality Agile Dependable Evolutionary
Open Systems-of-Systems (2013-2016)
• Design methodology and tools to model the development and
evolution of time-sensitive systems of systems (SoS) with
possible emergent behaviors
• Methodology and SoS simulation tools will be tested as part of
a smart grid scenario
• ENCS will lead the task to test the tools and protocols on
smart grid components
• http://amadeos.imag.fr
11
AMADEOS CONSORTIUM
Number Participant organisation name Country
1 Università degli Studi di Firenze Italy
2 Technische Universitaet Wien Austria
3 University of Grenoble France
4 ResilTech Italy
5 Thales Netherlands Netherlands
6 European Network for Cyber Security Netherlands
- Confidential - 12
FP7 PROJECT: PREEMPTIVE
• PREventivE Methodology and Tools to Protect utilitIEs (2014-2017)
• Aims to prevent cyber attacks against ICSs in utility networks
• Develop a context-aware event analysis tool based on specialized
event mining techniques for detecting anomalous behavior
• Execute tests of the PREEMPTIVE tools, analyze the results based
on KPIs, and coordinate dissemination activities
• End User Advisory Board: Israel Electric Corporation, Fundacio
Institut De Recerca De L'Energia De Catalunya, Électricité de
France, ENERGO, CETaqua, GAS Natural Fenosa, and Poste
Italiane
• http://preemptive.eu/
13
PREEMPTIVE CONSORTIUM
14
Number Participant organisation name Country
1 Vitrociset Italy
2 UNIVERSITEIT TWENTE Netherlands
3 SECURITY MATTERS Netherlands
4 APLICACIONES EN INFORMATICA AVANZADA Spain
5 Fraunhofer-Gesellschaft Germany
6 HW Communications UK 7 Università Degli Studi Roma Tre Italy
8 European Network for Cyber Security Netherlands
9 The Israel Electric Corporation Israel
10 Katholieke Universiteit Leuven Belgium 11 Fundacio Institut de Recerca de l’Energia de Catalunya Spain
12 Harnser UK
FP7 PROJECT: SEGRID
• Security for smart Electricity GRIDs (2014-2017)
• Protect smart grids against cyber attacks
• Risk analysis of the SEGRID use cases
• Gap analysis - currently available security standards and the
security level required for the SEGRID use cases
• Improve existing security measures, design new security
solutions and integrate them into the existing environments
• Test the newly developed security solutions in the Security
Integration Test Environment (SITE)
• Starting June 2014
15
SEGRID CONSORTIUM
Number Participant organisation Country
1 TNO Netherlands
2 Swedish Institute of Computer Science Sweden 3 Kungliga Tekniska högskolan Sweden 4 Instituto Consultivo para el Desarrollo Spain 5 European Network for Cyber Security Netherlands 6 Liander Netherlands 7 ABB Schweiz Switzerland 8 ABB AS corporate research Norway 9 Foundation of the Faculty of Sciences of
Lisbon University Portugal
10 Energias de Portugal Portugal
11 ZIV Metering Solutions Spain
16
SEGS WORKSHOP 2014
• Smart Energy Grid Security (SEGS) Workshop
• Topics include
– Smart grid architectures
– Security and dependability in safety-critical real time systems
– Privacy
– Intrusion detection and monitoring
– Risk and threat analysis
– Standards, testing, and certification
– Testbeds and field trials
– Usability and legal issues on grid security
• November 7, 2014 in Scottsdale, Arizona
• In conjunction with ACM Computer and Communications Security Conference
17
COLLABORATION WITH JAPAN
• MOU with CSSC in 2013
– Research
– Testing
– Training
– News and information sharing
• Tomomi Aoyama, Intern from Nagoya Institute of Technology
2013-2014
– Human factors in ACSC (red team/blue team training)
– Professor Ichiro Koshijima
• Mr. Yoshimatsu (CSSC) – SEGS PC 2013, 2014
• CSSC and NIT joined ACSC in The Hague
18
DENSEK
• Distributed ENergy SEcurity Knowledge
• Deliverables
– European Energy ISAC
– Situation Awareness Network
– Information Sharing Platform
• 6-person delegation from NL to Japan April 17-18, 2014
• External Advisory Board Meeting at CSSC Tokyo on April 17
– Uemura-san (METI) EAB member
• Visit to CSSC in Tagajo on April 18
• http://www.densek.eu/
19
Policy and Organisation Assessments (e.g., DoE Maturity Model) Policy and Organisation Assessments (e.g., DoE Maturity Model)
TEST LAB ACTIVITIES
20
Security and Robustness Tests for Devices (e.g., Wurldtech Certification)
Security and Robustness Tests for Devices (e.g., Wurldtech Certification)
Integral End-to-End Test of Systems
Integral End-to-End Test of Systems
Protocol Reviews and Architecture Assessments Protocol Reviews and Architecture Assessments
Test of Research Prototypes and Security Solutions
Test of Research Prototypes and Security Solutions
ENCS ADVANCED
CYBER SECURITY COURSE
• A 5-day advanced cyber security course with a Red Team
Blue Team exercise on a real ICS network
• By attacking or defending a model factory and its network,
participants learn how hackers operate and what you can do
to stop them
• ENCS Advanced Cyber Security Course went live
in Q3 2013
21
WEB-BASED TRAINING
• A 5-module cyber security awareness course for smart grids
and ICS
• Collaboration with Wurldtech
• Launched in 2013
• An official ENCS certificate is provided after successful
completion of the exam
• C-level course in development
22
EXTRA SLIDES
23
PRIVACY ENHANCING
TECHNOLOGIES
24
END-TO-END TESTING
• Test bed for ICS and smart grid networks
– From device/protocol tests to system-wide tests
• Test environment where components, products and systems
can be tested in a real-life environment
• Advice on how to mitigate found vulnerabilities
• Bringing research findings from paper into practice
25
EDUCATION AND TRAINING
• ENCS develops and provides education and training to all
levels across the organisations involved in the critical
infrastructures
• ENCS offers the Advanced Cyber Security Course, web-
based training and customized workshops
• ENCS Research, third party specialists and subject matter
experts participate in training development and delivery
26
WORKING GROUPS AND
STANDARDISATION
European SCADA Control Systems
Information Exchange (EuroSCIE)
European SCADA Control Systems
Information Exchange (EuroSCIE)
Thematic Network for Critical Energy
Infrastructure Protection (TNCEIP)
Thematic Network for Critical Energy
Infrastructure Protection (TNCEIP)
Cyber Security EG: European Network
of Transmission System Operations
for Electricity
Cyber Security EG: European Network
of Transmission System Operations
for Electricity
European Reference Network
Critical Infrastructure
Protection (ERNCIP)
European Reference Network
Critical Infrastructure
Protection (ERNCIP)
European Commission DG
ENER
European Commission DG
ENER
European Commission DG INFSO/CONNECT
European Commission DG INFSO/CONNECT
European Commission DG
HOME
European Commission DG
HOME
Smart Grid Task Force Steering
Committee
Smart Grid Task Force Steering
Committee
M/490 Smart Grid Coordination
Group
M/490 Smart Grid Coordination
Group
Expert Group on Smart Grid
Security
Expert Group on Smart Grid
Security
DG HOME CIIP for SCADA and the
Smart Grid
DG HOME CIIP for SCADA and the
Smart Grid
M/490 Grid Steering
Committee
M/490 Grid Steering
Committee
EUTC EUTC NIS PLATFORM NIS PLATFORM
NIST NIST DECC DECC
Expert Group 2 Data Privacy and
Cyber Security
Expert Group 2 Data Privacy and
Cyber Security
M/490 Working Group for Smart Grid Information
Security (WG SGIS)
M/490 Working Group for Smart Grid Information
Security (WG SGIS)
ETSI ETSI
CEN CEN
CENELEC CENELEC
STEG STEG
Europe
Stand
adisatio
n
Expert Group Minimum Security
Requirements
27