Meeting 12-13 Giugno 2013 Roma AGENDA 12 Giugno 11.00 – Benvenuto e presentazione di apertura (SAPIENZA) 11.30 – Incontro con Andrea Guarino (ACEA) e Andrea Cersini 13.00 – Pausa pranzo 14.30 – Presentazione WP1 - stato dei lavori (SAPIENZA) Interventi: – – – – – – – Stato complessivo delle attività (UNIRM) Modelli di Minacce e Attacchi cibernetici (POLIMI) Accidental failures (UNINA) Financial Infrastructure (UNIRM) Power Grids (UNIPARTHENOPE) Transportation (POLITO) Grado di maturità delle varie infrastrutture critiche in Italia (UNIFI) 16.00 – Coffee break 16.30 – Attività di brainstorming parallelo sui tre scenari di riferimento 18.00 – Chiusura Lavori AGENDA 13 Giugno 09.30 – Sessione di Management (SAPIENZA) 10.00 – Coffee break 10.30 – Presentazione WP2 (POLITO) 11.15 – Presentazione WP3 (UNIPARTHENOPE) 12.00 – Presentazione WP4 (UNITN) 12.45 – Pausa Pranzo 14.15 – Concluding remarks – Action points – Prossimi meeting (SAPIENZA) 15.30 – Chiusura meeting Breve presentazione progetto Partners’ Presentation Università degli Studi di ROMA "La Sapienza" Università degli Studi di NAPOLI "Federico II" Politecnico di MILANO Politecnico di TORINO Università degli Studi di NAPOLI "Parthenope" Università di PISA Consiglio Nazionale delle Ricerche Università degli Studi di TRENTO Università degli Studi di FIRENZE Three years project Currently M4 Budget 1.3Meuros Università degli Studi "Mediterranea" di REGGIO CALABRIA Abstract growing exposure of the Information Technology (IT) employed within CIs to the Internet attacks are expected to increase in number and scale improving their precision and accuracy Improve global situational awareness through IT-based information sharing, which today is mostly done by rudimentary means gathering, processing and correlating huge amounts of streaming and static data understanding anomaly behaviors and learning automatically constantly changing cyber threats Abstract TENACE has the objective of defining collaborative (whenever appropriate), technical and organizational methodologies to raise the protection of such CIs with the specific target of looking at the common steps in order to develop a unifying methodology and understanding the underground economics fuelling an attacker. Development of algorithms, models, architectures and tools as the means to enable the effective protection of critical infrastructures enhancing their degree of security and dependability. TENACE will address cyber attacks, combination of cyber and physical attacks and cyber frauds. TENACE solutions will be validated against real data sets to produce innovative ideas, methodologies, algorithms, software artifacts and infrastructures Scenarios Financial infrastructures. The increasing reliance on networked systems made financial organizations rapidly becoming the favorite victims of distributed attacks which result in both short and long term economic losses due to the lack of service availability and infrastructural resilience, and the decreased level of trust on behalf of the customers. Power grids: The complexity of SCADA control systems, resulting in millions of components from hundreds of different manufacturers and software from many developers, along with the upgrade of legacy systems to more familiar operating systems such as Microsoft Windows or Linux, increased the number of potential cyber vulnerabilities that can be exploited by malicious parties. Transportation systems: wide range of transport applications, such as transit operations, maintenance and scheduling, administration, payroll, automatic vehicle location, signaling systems. Although transportation systems were mainly targeted for physical attacks (e.g., Madrid 2004 and London 2005), these systems are also considered vulnerable to cyber or combined cyber-physical attacks. Mapping partners-scenarios Project Directions Methodologies for raising the degree of protection (i.e., security and dependability) of CIs and to get shorter attack reaction time. Such methologies should clearly separate common protection procedures at different CIs and protection procedures characterizing a specific CI. Algorithms for detecting specific (direct and indirect) attacks to a CIs that are able to improve the level of protection by considering a continuously evolving adversary. Distributed architectures for CIs, their components, either off-the-shelf (OTS) and legacy, and their resiliency requirements will be studied, in order to define algorithms and middleware architectures for improving protection attributes of future CIs. Tools and techniques for modeling and evaluating the degree of protection of CIs will be designed. Among the others, the project will investigate CI-specific penetration testing; vulnerability injection tools will be also designed and evaluated. Economic Sciences. Understanding the underground economics fuelling an attacker and understanding the reason to attack a financial infrastructure Architecture WP1: Tutti i Partner (CISUNIROMA Leader) WP2: POLITO (Leader), CNR, CIS-UNIROMA, UNINA, UNIFI WP3: UNIPARTHENOPE (Leader), UNINA, CNR, CISUNIROMA, UNIRC, UNIFI WP4: UNITN (Leader) CISUNIROMA, UNINA, UNIPI, UNIRC WP5: Tutti i Partner (UNINA Leader) Upcoming Events OPODIS (Deadline 23 June) ICDCS (June 2014, Madrid, Spain) • Workshop proposal – (submission) Middle september 2013 – (notification) october 2013