ESCoRTS A European network for the Security of Control & Real Time Systems

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "ESCoRTS A European network for the Security of Control & Real Time Systems"

Transcription

1 ESCoRTS A European network for the Security of Control & Real Time Systems Luc Van den Berghe CEN-CENELEC Management Centre 20/05/10 Luxembourg workshop 1

2 Recommendations from a CEN/BT WG161 Survey in 2006 Encourage best practice, possibly in a joint endeavour between manufacturers and end users. Develop and establish test platforms for SCADA & other process control equipment in Europe. Try to reduce the divergence between current standardisation efforts, especially between process control in general and power system control. Liaise with the US. Promote awareness on security risks by the stakeholders personnel like plant and security managers, researchers, process operators, IT specialists, and the general public. 20/05/10 Luxembourg workshop 2

3 ESCoRTS to explore/address these survey conclusions Submitted May 2007 to the FP7 Call SEC : European Security Research Networks (incl. For standardisation) Start of the contract 16 June 2008 Duration 30 months 20/05/2010 Luxembourg workshop 3

4 The Consortium CEN, the European Committee for Standardization: co-ordinator JRC: project author Enginet: Italian SME, dissemination and support to co-ordinator Three main EU manufacturers of SCADA equipment: ABB, Areva, Siemens Three important SCADA end-users in different processes: power generation (Italy, Enel Produzione), electricity transmission (Roumenia, Transelectrica), water management (Italy, Mediterranea delle Acque). OPUS publishing (US): Liaison with US UNINFO: Italian ICT standards organization 20/05/2010 Luxembourg workshop 4

5 Work-package 1 WP1: Complete survey of stakeholder needs and evaluate the market for SCADA security. Complete a survey of the stakeholder needs across the sectors involved Evaluate the market for security related services in EU and structure its key demands Both reports delivered in /05/2010 Luxembourg workshop 5

6 D11 Conclusions Survey of needs EU industry awareness and readiness lags behind US initiatives, but a growing feeling in Europe that security issues are crucial lack of European explicit demand for comprehensive security solutions potential cost of security measures, which might weigh considerably on the overall control equipment cost lack of adoption in Europe of common security references or baselines (be them formal or de facto standards, guidelines, or accepted best practices accepted and applicable across all countries). 6

7 Report addresses D12 Market for SCADA security services Security assessments of the security organization of an operator, also with respect to the implementation of technical security measures. Security testing: (technical) part of a security assessment (for a infrastructure operator), but also relevant for the vendors of control system components or systems. Security training and awareness; adequate training is the most important factor to discriminate a security induced event from an everyday operational fault. 7

8 D12 Market for SCADA security services The D12 study concludes that there is, beside managed security services, definitely a market also for other security services, especially for security consulting, which includes security assessments, testing, and training. But the readiness of the actors (mainly the operators of critical infrastructure) depends on the sector (energy, chemical or pharmaceutical: high awareness) 8

9 Work-package 2 D21 - Survey of current best practice (existing methods, procedures and guidelines, current standardization efforts) D22 Security solutions taxonomy D23 Reports on targeted experiments at the end users (ENEL, Transelectrica, Mediterranea delle Acque) locations (purpose: evaluating a standard for applicability, usability and utility) One targeted experiment still ongoing, rest delivered 9

10 Per standard/guideline Identifier, Title Status, Type Geographic relevance Addressed Industry Addressed Audience Short Description Cross References D21 Survey of standards (1) 10

11 D21 Survey of standards (2) 37 standards, guidelines or regulations relevant for operators or manufacturers in the area of control system (cyber) security 13 are international standards or guidelines, 14 are provided by US committees 10 are defined by European groups, or by groups of European countries. Per sector Independent of the addressed industry (generic): 5 Energy sector: 12 energy generic and 2 energy automation specific Automation area (process and/or manufacturing automation): 13 Oil & gas: 4 Chemistry sector: 2 11

12 D22 Taxonomy of security solutions (1) Report describes the more typical cybersecurity problems encountered by industrial control systems, and the solutions that can be put in place for countering them. It classifies and lists security vulnerabilities, threats and solutions, but is does recommend neither best practices nor possible options(beyond the possibilities of ESCoRTS project) 12

13 D22 Taxonomy of security solutions (2) Part 1: an overview of SCADA architecture, in order to define a common terminology for the whole document and set the scene regarding the problems under discussion. This part includes also a discussion on SCADA protocols. Part 2: vulnerabilities and attacks, with a classification of the security problems. Part 3: potential attack scenarios 13

14 D22 Taxonomy of security solutions (2) Part 4: discusses the best-known countermeasures (as of end 2009), with some technical detail regarding their implementation. Three categories of countermeasures are considered: Communication protocol countermeasures, Filtering and Monitoring countermeasures Architectural countermeasures. 14

15 Work-package 3 WP3: Stimulating convergence of current standardisation efforts. Building on the results of WP1-2, this work package will result into a joint understanding of the way current standardisation efforts are progressing. It will point out and rationalise eventual divergences, and develop a strategic standardisation roadmap so as to structure existing and forthcoming actions. Deliverable: a R&D and standardization Road Map Draft by June 2010; final by October /05/2010 Luxembourg workshop 15

16 Work-package 4 WP4: Requirements for appropriate test platforms for the security of process control equipment and applications. D41 Requirements for a Secure ICT platform for data exchange - delivered D42 - Metrics for cyber security assessment and testing started D43 - Requirements for future cyber security laboratories (following a survey on current test facilities) to start D44 Public results of the verification of the metrics conducted on a replication of a live control system/environment to start Luxembourg workshop 16

17 Work-package 5 WP5: Management and dissemination. a Stakeholders Advisory Board composed of representatives of the relevant industrial sectors, such as power, oil, water, and process automation. The constituency of this board will keep growing along the life of the project: the board has been opened to become a CEN-CENELEC Focus Group 20/05/2010 Luxembourg workshop 17

18 Between now and end 2010 Meeting of the Focus Group (Torino, 30 June) Draft Roadmap Metrics for cyber security assessment and testing Final conference (Brussels, 27 October) Final Roadmap Verification of the metrics in a test performed on the replication of live environment: public results Requirements for future cyber security laboratories 18

19 Thank you 19

Volker Jacumeit, DIN e. V. ILNAS Workshop CSCG Presentation June 4, 2015

Volker Jacumeit, DIN e. V. ILNAS Workshop CSCG Presentation June 4, 2015 Volker Jacumeit, DIN e. V. ILNAS Workshop CSCG Presentation June 4, 2015 Cyber Security Coordination Group Who we are: Advisory body of the European Standards Organizations Composed of experts from CEN/CLC

More information

The European Platform in Network and Information Security (NIS) Fabio Martinelli

The European Platform in Network and Information Security (NIS) Fabio Martinelli The European Platform in Network and Information Security (NIS) Fabio Martinelli Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche IIT-CNR, Pisa, Italy Cyber security directive -

More information

I3P SCADA Security Research Plan

I3P SCADA Security Research Plan I3P SCADA Security Research Plan Unifying Stakeholders and Security Programs to Address SCADA Vulnerability and Infrastructure Interdependency Ron Trellue, Team Lead Sandia National Laboratories 1 What

More information

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics

EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics Frances CLEARY 1, Keith HOWKER 2, Fabio MASSACCI 3, Nick WAINWRIGHT 4, Nick PAPANIKOLAOU

More information

Standards for Cyber Security

Standards for Cyber Security Best Practices in Computer Network Defense: Incident Detection and Response M.E. Hathaway (Ed.) IOS Press, 2014 2014 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-61499-372-8-97 97

More information

Cyber security. Protecting critical infrastructure in a changing world

Cyber security. Protecting critical infrastructure in a changing world Cyber security Protecting critical infrastructure in a changing world Sebastian Obermeier, Sascha Stoeter, Ragnar Schierholz, Markus Braendle Twenty years ago, the cyber security of systems and devices

More information

Future cybersecurity threats and research needs.

Future cybersecurity threats and research needs. www.thalesgroup.com Future cybersecurity threats and research needs. 3 rd Franco-American Workshop on Cybersecurity Lyon Kreshnik Musaraj kreshnik.musaraj@thalesgroup.com December 9. 2014 2 / Challenges

More information

Certification of Electronic Health Record systems (EHR s)

Certification of Electronic Health Record systems (EHR s) Certification of Electronic Health Record systems (EHR s) The European Inventory of Quality Criteria Georges J.E. DE MOOR, M.D., Ph.D. EUROREC EuroRec The «European Institute for Health Records» A not-for-profit

More information

The European CYberSecurity cppp ECYS Draft Proposal

The European CYberSecurity cppp ECYS Draft Proposal The European CYberSecurity cppp ECYS Draft Proposal 12 April 2016 The urgency to act We cannot miss the window opportunity for budgetary reasons: create a synergy among the different EC budgets via the

More information

Future Internet Public-Private Partnership Call 3 (Objectives 1.8-1.9) European Commission Communications Networks, Content and Technology DG

Future Internet Public-Private Partnership Call 3 (Objectives 1.8-1.9) European Commission Communications Networks, Content and Technology DG Future Internet Public-Private Partnership Call 3 (Objectives 1.8-1.9) European Commission Communications Networks, Content and Technology DG FI-PPP Leadership beyond R&D ICT applications research Application

More information

Cyber Security nei prodotti di automazione

Cyber Security nei prodotti di automazione Cyber Security nei prodotti di automazione Marco Biancardi, ABB SpA, Power System Division 11 dicembre 2013, Roma Why is it an issue? Isolated devices Point to point interfaces Proprietary networks Standard

More information

ENCS/NEC RESEARCH MEETING

ENCS/NEC RESEARCH MEETING ENCS/NEC RESEARCH MEETING Benessa Defend ベネッサ ディフェンド Benessa.Defend@encs.eu April 21, 2014 NEC, Kawasaki 1 PARTNERING FOR CYBER RESILIENCE We create and bring together knowledge and resources to secure

More information

EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development

EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development Ref. Ares(2011)193990-22/02/2011 EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL Space, Security and GMES Security Research and Development Brussels, 17 th February 2011 M/487 EN PROGRAMMING

More information

Roadmap for new Cyber security education in ME

Roadmap for new Cyber security education in ME Deliverable 1.4 Roadmap for new Cyber security education in ME European Commission Tempus Project: This project has been funded with support from the European Commission. This publication reflects the

More information

Information and IT Security for Power System Operation

Information and IT Security for Power System Operation Information and IT Security for Power System Operation Göran Ericsson and Kun Zhu 2011-05-25 Agenda Introduction of Svenska Kraftnät - Swedish National Grid Company R&D activities in Sweden - Collaboration

More information

Internet of Things Value Proposition for Europe

Internet of Things Value Proposition for Europe Internet of Things Value Proposition for Europe European Commission - DG CONNECT Dr Florent Frederix, (Online) Trust and Cybersecurity unit 7 th European Conference on ICT for Transport Logistics 5 th

More information

Water Sector Initiatives on Cyber Security. Water Sector Cyber Security Symposium Dallas, TX August 15, 2013

Water Sector Initiatives on Cyber Security. Water Sector Cyber Security Symposium Dallas, TX August 15, 2013 Water Sector Initiatives on Cyber Security Water Sector Cyber Security Symposium Dallas, TX August 15, 2013 Presentation Outline The water sector Interdependencies with other critical infrastructure sectors

More information

European Innovation Partnership on Active and Healthy Ageing. Action Group C2 Interoperable Independent Living Solutions

European Innovation Partnership on Active and Healthy Ageing. Action Group C2 Interoperable Independent Living Solutions European Innovation Partnership on Active and Healthy Ageing Action Group C2 Interoperable Independent Living Solutions Peter Wintlev-Jensen and Marianne van den Berg European Commission 21-22 June 2012

More information

CloudingSMEs Deliverable D2.2.4 Roadmap reflecting the SMEs

CloudingSMEs Deliverable D2.2.4 Roadmap reflecting the SMEs Deliverable D2.2.4 CloudingSMEs FP7- No. 609604 Deliverable D2.2.1 SMEs Requirements for Cloud Development, Adoption and Evolution CloudingSMEs Deliverable D2.2.4 Roadmap reflecting the SMEs viewpoint

More information

Cybersecurity & the Water Sector

Cybersecurity & the Water Sector Cybersecurity & the Water Sector NAWC Water Summit October 6, 2013 San Diego, CA Kevin Morley, AWWA How to deal with Cyber Threat? How would our operations change if we did not have SCADA working? How

More information

TECHNICAL SPECIFICATION

TECHNICAL SPECIFICATION TECHNICAL SPECIFICATION IEC/TS 62443-1-1 Edition 1.0 2009-07 colour inside Industrial communication networks Network and system security Part 1-1: Terminology, concepts and models INTERNATIONAL ELECTROTECHNICAL

More information

Cyber-Physical System Security of the Power Grid

Cyber-Physical System Security of the Power Grid Course on: Cyber-Physical System Security of the Power Grid April 9-11, 2013 at KTH Royal Institute of Technology, Stockholm, Sweden Background Cyber Security is essential to today s power grid operation

More information

ENISA workshop on Security Certification of ICT products in Europe

ENISA workshop on Security Certification of ICT products in Europe ENISA workshop on Security Certification of ICT products in Europe Introduction On 16th of March 2016 ENISA organised a workshop aiming at bringing together stakeholders from the ICT security certification

More information

Rebecca Massello Energetics Incorporated

Rebecca Massello Energetics Incorporated Cybersecurity Procurement Language for Energy Delivery Systems Rebecca Massello Energetics Incorporated NRECA TechAdvantage February 25, 2015 Talking Points What is this document? Who can use this document

More information

Prof. Udo Helmbrecht

Prof. Udo Helmbrecht Prof. Udo Helmbrecht Guiding EU Cybersecurity from Policy to Implementation Udo Helmbrecht Executive Director Information Security for the Public Sector 2015 Stockholm 02/09/15 European Union Agency for

More information

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas

More information

INTEGRATING STANDARDS IN YOUR HORIZON 2020 PROJECT. Linking R&D and Standardization: a pocket guide for project proposers

INTEGRATING STANDARDS IN YOUR HORIZON 2020 PROJECT. Linking R&D and Standardization: a pocket guide for project proposers INTEGRATING STANDARDS IN YOUR HORIZON 2020 PROJECT Linking R&D and Standardization: a pocket guide for project proposers Table of contents Standards support research & innovation... 3 Do you need standards?.....................................................................

More information

Industrial Cybersecurity Center Are you looking for End-Users, Close to Market Approaches, Requirements, Validation and Dissemination?

Industrial Cybersecurity Center Are you looking for End-Users, Close to Market Approaches, Requirements, Validation and Dissemination? Industrial Cybersecurity Center Are you looking for End-Users, Close to Market Approaches, Requirements, Validation and Dissemination? Twitter: @info_cci Email: info@cci-es.org Meet the Center Non-profit,

More information

D 6.4 and D7.4 Draft topics of EEGI Implementation Plan 2016-2018 Revision: Definitive

D 6.4 and D7.4 Draft topics of EEGI Implementation Plan 2016-2018 Revision: Definitive Project no.: 282794 Project acronym GRID+ Project title: Supporting the Development of the European Electricity Grids Initiative (EEGI) Instrument: Coordination and support action Thematic priority: ENERGY.2011.7.3-1:

More information

EU Customs Detection Technology Expert group Towards rational use of detection technology

EU Customs Detection Technology Expert group Towards rational use of detection technology EU Customs Detection Technology Expert group Towards rational use of detection technology Wil van Heeswijk Directorate General for Taxation and Customs Union Risk management and Security unit Brussels,

More information

LOGIIC Remote Access. Final Public Report. June 2015 1 LOGIIC - APPROVED FOR PUBLIC DISTRIBUTION

LOGIIC Remote Access. Final Public Report. June 2015 1 LOGIIC - APPROVED FOR PUBLIC DISTRIBUTION LOGIIC Remote Access June 2015 Final Public Report Document Title LOGIIC Remote Monitoring Project Public Report Version Version 1.0 Primary Author A. McIntyre (SRI) Distribution Category LOGIIC Approved

More information

IT Risk Management Era: Research Challenges and Best Practices. Eyal Adar, Founder & CEO Eyal@WhiteCyberKnight.com Chairman of the EU SRMI

IT Risk Management Era: Research Challenges and Best Practices. Eyal Adar, Founder & CEO Eyal@WhiteCyberKnight.com Chairman of the EU SRMI IT Risk Management Era: Research Challenges and Best Practices IARA Work Group July 1 st, 2007, Santa Clara - California Eyal Adar, Founder & CEO Eyal@WhiteCyberKnight.com Chairman of the EU SRMI (Security

More information

Down the SCADA (security) Rabbit Hole. Alberto Volpatto

Down the SCADA (security) Rabbit Hole. Alberto Volpatto Down the SCADA (security) Rabbit Hole Alberto Volpatto Alberto Volpatto Security Engineer & Team Leader @ Secure Network Computer Engineer Application Security Specialist What is SCADA? Supervisory operators,

More information

TECHNICAL BOARD BT N 9776. Draft BT C135/2014. CEN/BT by correspondence. For vote Issue date: 2014-11-19

TECHNICAL BOARD BT N 9776. Draft BT C135/2014. CEN/BT by correspondence. For vote Issue date: 2014-11-19 BT N 9776 Draft BT C135/2014 TECHNICAL BOARD CEN/BT by correspondence For vote Issue date: 2014-11-19 Simultaneous circulation to CENELEC/BT Deadline: 2015-02-17 SUBJECT Creation of a new CEN/TC Private

More information

NIST Cloud Computing Program Activities

NIST Cloud Computing Program Activities NIST Cloud Computing Program Overview The NIST Cloud Computing Program includes Strategic and Tactical efforts which were initiated in parallel, and are integrated as shown below: NIST Cloud Computing

More information

Cyber Security in EU: ENISA approach

Cyber Security in EU: ENISA approach Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency in Electricity Distribution Grids, Brussels European Union Agency for

More information

MODERN. Collaborative Project. Topic NMP.2012.1.3-2: Modeling toxicity behavior of engineered nanoparticles

MODERN. Collaborative Project. Topic NMP.2012.1.3-2: Modeling toxicity behavior of engineered nanoparticles Project No. 309314 MODERN MODELING THE ENVIRONMENTAL AND HUMAN HEALTH EFFECTS OF NANOMATERIALS Collaborative Project Topic NMP.2012.1.3-2: Modeling toxicity behavior of engineered nanoparticles D4.2 Disseminating

More information

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation

More information

CIPS 2011 Awarded Grants. Project number Applicant's name Ctry Title Description Grant

CIPS 2011 Awarded Grants. Project number Applicant's name Ctry Title Description Grant CIPS 2011 Awarded Grants Project number Applicant's name Ctry Title Description Grant HOME/2011/CIPS/AG/2012 NATIONAL INSTUTE COMMUNICATION TECHNOLOGIES (INTECO) ES SCADA laboratory and testbed as a service

More information

European Innovation Partnership Agricultural Productivity and Sustainability. Directorate General for Agriculture and Rural Development

European Innovation Partnership Agricultural Productivity and Sustainability. Directorate General for Agriculture and Rural Development European Innovation Partnership Agricultural Productivity and Sustainability Directorate General for Agriculture and Rural Development Context In its Europe 2020 Strategy, the Commission underlines the

More information

Scalable End-User Access to Big Data http://www.optique-project.eu/ HELLENIC REPUBLIC National and Kapodistrian University of Athens

Scalable End-User Access to Big Data http://www.optique-project.eu/ HELLENIC REPUBLIC National and Kapodistrian University of Athens Scalable End-User Access to Big Data http://www.optique-project.eu/ HELLENIC REPUBLIC National and Kapodistrian University of Athens 1 Optique: Improving the competitiveness of European industry For many

More information

A Guide to Horizon 2020 Funding for the Creative Industries

A Guide to Horizon 2020 Funding for the Creative Industries A Guide to Horizon 2020 Funding for the Creative Industries October 2014 Introduction This document is provided as a short guide to help you submit a proposal for the Horizon 2020 funding programme (H2020).

More information

The Commission Health Emergency Operations Facility:

The Commission Health Emergency Operations Facility: EUROPEAN COMMISSION The Commission Health Emergency Operations Facility: for a coordinated management of public health emergency at EU level Neither the European Commission nor any person acting on its

More information

Cyber Security and Privacy - Program 183

Cyber Security and Privacy - Program 183 Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology

More information

Deliverable 1.2 Project Presentation

Deliverable 1.2 Project Presentation FP7-PEOPLE-2012-ITN EID Grant agreement no.: 317387 www.secentis.eu Deliverable 1.2 Project Presentation Abstract This document describes the training program, the objectives, the expected results, the

More information

Including Threat Actor Capability and Motivation in Risk Assessment for Smart Grids

Including Threat Actor Capability and Motivation in Risk Assessment for Smart Grids CPSR-SG 2016: Joint International Workshop on Cyber-Physical Security and Resilience in Smart Grids, 12th April 2016, Vienna Security for smart Electricity GRIDs Including Threat Actor Capability and Motivation

More information

Deliverable 6.4 Future Internet Initiatives Year 1

Deliverable 6.4 Future Internet Initiatives Year 1 Theme [ICT-2011.1.4] Trustworthy ICT SECurity and trust COoRDination and enhanced collaboration Project Nº 316622 Deliverable 6.4 Future Internet Initiatives Year 1 Responsible: Contributors: Internal

More information

CEN and CENELEC response to the EC Consultation on Standards in the Digital Single Market: setting priorities and ensuring delivery January 2016

CEN and CENELEC response to the EC Consultation on Standards in the Digital Single Market: setting priorities and ensuring delivery January 2016 CEN Identification number in the EC register: 63623305522-13 CENELEC Identification number in the EC register: 58258552517-56 CEN and CENELEC response to the EC Consultation on Standards in the Digital

More information

PROTECTING CRITICAL CONTROL AND SCADA SYSTEMS WITH A CYBER SECURITY MANAGEMENT SYSTEM

PROTECTING CRITICAL CONTROL AND SCADA SYSTEMS WITH A CYBER SECURITY MANAGEMENT SYSTEM PROTECTING CRITICAL CONTROL AND SCADA SYSTEMS WITH A CYBER SECURITY MANAGEMENT SYSTEM Don Dickinson Phoenix Contact USA P.O. Box 4100 Harrisburg, PA 17111 ABSTRACT Presidential Executive Order 13636 Improving

More information

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Cyber Security Risk With Today s Cyber Threats, How Secure is Your Control System? Today, industrial organizations are faced

More information

U.S. Army Research, Development and Engineering Command. Cyber Security CRA Overview

U.S. Army Research, Development and Engineering Command. Cyber Security CRA Overview U.S. Army Research, Development and Engineering Command Cyber Security CRA Overview Dr. Ananthram Swami, ST Network Science 18FEB 2014 Cyber Security Collaborative Research Alliance A Collaborative Venture

More information

ISA Security. Compliance Institute. Role of Product Certification in an Overall Cyber Security Strategy

ISA Security. Compliance Institute. Role of Product Certification in an Overall Cyber Security Strategy ISA Security Role of Product Certification in an Overall Cyber Security Strategy Tom Culling Chevron Andre Ristaino ASCI Kevin Staggs - Honeywell John Cusimano exida 1 ISA Security Agenda Who is the ISA

More information

Themenschwerpunkt Nanowissenschaften, Nanotechnologien, Werkstoffe und neue Produktionstechnologien. Gerald Kern

Themenschwerpunkt Nanowissenschaften, Nanotechnologien, Werkstoffe und neue Produktionstechnologien. Gerald Kern Themenschwerpunkt Nanowissenschaften, Nanotechnologien, Werkstoffe und neue Produktionstechnologien Gerald Kern Europäische & Internationale Programme FFG Österreichische Forschungsförderungsgesellschaft

More information

Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY

Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY December 2013 Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND

More information

TRAINING AND PROMOTION OF THE EUROCODES

TRAINING AND PROMOTION OF THE EUROCODES TRAINING AND PROMOTION OF THE EUROCODES Support to the implementation, harmonization and further development of the Eurocodes H. Gulvanessian, A. Pinto, S. Dimova, G. Tsionis, M. Geradin EUR 22857 EN -

More information

H2020-EUJ-2016: EU-Japan Joint Call. EUJ-02-2016: IoT/Cloud/Big Data platforms in social application contexts

H2020-EUJ-2016: EU-Japan Joint Call. EUJ-02-2016: IoT/Cloud/Big Data platforms in social application contexts H2020-EUJ-2016: EU-Japan Joint Call EUJ-02-2016: IoT/Cloud/Big Data platforms in social application contexts EUJ-02-2016: IoT/Cloud/Big Data The Challenge The Integration and federation of IoT with Big

More information

Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives

Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document

More information

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper Best Practices in ICS Security for Device Manufacturers A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security

More information

Threat Information Sharing; Perspectives, Strategies, and Scenarios

Threat Information Sharing; Perspectives, Strategies, and Scenarios Threat Information Sharing; Perspectives, Strategies, and Scenarios 15 June 2015 Tim Grance,, Sarah Brown, Fox-IT, Luc Dandurand, ITU Thomas Millar, US CERT, Pawel Pawlinski, CERT.PL 1 Information Sharing

More information

PV GRID. Efficient Grid Integration of European PV: Project Results. Jörg Mayer, Managing Director German Solar Industry Association (BSW-Solar)

PV GRID. Efficient Grid Integration of European PV: Project Results. Jörg Mayer, Managing Director German Solar Industry Association (BSW-Solar) PV GRID Efficient Grid Integration of European PV: Project Results Jörg Mayer, Managing Director German Solar Industry Association (BSW-Solar) 16th September 2014 1 PV GRID Key facts An Intelligent Energy

More information

Robotics in Horizon 2020: Rules for participation

Robotics in Horizon 2020: Rules for participation Robotics in Horizon 2020: Rules for participation Cécile Huet, Deputy Head of Unit Unit A2 - Robotics Directorate-General for Communication Networks, Content and Technology European Commission Brokerage

More information

Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps

Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually

More information

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI

Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI UNICRI s Main Goals The United Nations Interregional Crime and

More information

Deliverable 7.1 Web Site and Promotional Materials

Deliverable 7.1 Web Site and Promotional Materials Support Action Big Data Europe Empowering Communities with Data Technologies Project Number: 644564 Start Date of Project: 01/01/2015 Duration: 36 months Deliverable 7.1 Web Site and Promotional Materials

More information

Strategic Platforms Information Security 2014

Strategic Platforms Information Security 2014 Strategic Platforms Information Security 2014 -------------------------- Data Mining for security process monitoring New authentication mechanism for System Information Call for «Expression of Interest»

More information

Concept and Project Objectives

Concept and Project Objectives 3.1 Publishable summary Concept and Project Objectives Proactive and dynamic QoS management, network intrusion detection and early detection of network congestion problems among other applications in the

More information

EU CIP Project DENSEK. Joining forces against cyber threats on European level

EU CIP Project DENSEK. Joining forces against cyber threats on European level EU CIP Project DENSEK Joining forces against cyber threats on European level DENSEK EU CIP Objectives Improving the resilience of the energy infrastructure i.e. improving the security of the Smart Energy

More information

City of Helsinki in Horizon2020 SCC-1 Lighthouse Call

City of Helsinki in Horizon2020 SCC-1 Lighthouse Call City of Helsinki in Horizon2020 SCC-1 Lighthouse Call 17.4.2014 Scale-UP Scope of SCC1-call Identify, develop and deploy replicable, balanced and integrated solutions in the energy, transport, and ICT

More information

ESKISP6046.02 Direct security architecture development

ESKISP6046.02 Direct security architecture development Overview This standard covers the competencies concerned with directing security architecture activities. It includes setting the strategy and policies for security architecture, and being fully accountable

More information

A Roadmap for Future Architectures and Services for Manufacturing. Carsten Rückriegel Road4FAME-EU-Consultation Meeting Brussels, May, 22 nd 2015

A Roadmap for Future Architectures and Services for Manufacturing. Carsten Rückriegel Road4FAME-EU-Consultation Meeting Brussels, May, 22 nd 2015 A Roadmap for Future Architectures and Services for Manufacturing Carsten Rückriegel Road4FAME-EU-Consultation Meeting Brussels, May, 22 nd 2015 Road4FAME in a nutshell Road4FAME = Development of a Strategic

More information

Waste reduction and process optimisation in (ECO/08/239048/SI2.535244 )

Waste reduction and process optimisation in (ECO/08/239048/SI2.535244 ) WASTEred Waste reduction and process optimisation in the European meat and dairy industry (ECO/08/239048/SI2.535244 ) BIOAZUL experience in CIP ECO-INNOVATION BIOAZUL S.L, Malaga (Spain) Environmental

More information

Which cybersecurity standard is most relevant for a water utility?

Which cybersecurity standard is most relevant for a water utility? Which cybersecurity standard is most relevant for a water utility? Don Dickinson 1 * 1 Don Dickinson, Phoenix Contact USA, 586 Fulling Mill Road, Middletown, Pennsylvania, USA, 17057 (*correspondence:

More information

EUK-02-2016: South Korea: IoT joint research

EUK-02-2016: South Korea: IoT joint research HORIZON 2020 WP 2016-17 EUK-02-2016: South Korea: IoT joint research DG CONNECT/DG AGRI/DG MOVE/DG RTD European Commission RIA EUK-02-2016: South Korea: IoT joint research Challenge: IoT has moved from

More information

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures

Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures Fields marked with are mandatory. Public consultation on the contractual public-private

More information

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information

More information

Combining Security Risk Assessment and Security Testing based on Standards

Combining Security Risk Assessment and Security Testing based on Standards Jürgen Großmann (FhG Fokus) Fredrik Seehusen (SINTEF ICT) Combining Security Risk Assessment and Security Testing based on Standards 3 rd RISK Workshop at OMG TC in Berlin, 2015-06-16 3 rd RISK Workshop

More information

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA ViS!T - Verwaltung integriert sichere Informationstechnologie, Wien, 29.10.2014 European Union Agency

More information

CloudingSMEs Deliverable D5.5.1 Policy Development Guidelines

CloudingSMEs Deliverable D5.5.1 Policy Development Guidelines CloudingSMEs FP7- No. 609604 WP2 SMEs Vision and Road mapping for Cloud Development Deliverable D2.2.1 SMEs Requirements for Cloud Development, Adoption and Evolution CloudingSMEs PROPRIETARY RIGHTS STATEMENT

More information

Project no. 607865. Collaborative Project FP7-SEC-2013-1 www.fp7-shelp.eu. Deliverable D7.4

Project no. 607865. Collaborative Project FP7-SEC-2013-1 www.fp7-shelp.eu. Deliverable D7.4 Project no. S-HELP: Securing - Health.Emergency.Learning.Planning Development of decision support tools for improving preparedness and response of Health Services involved in emergency situations Collaborative

More information

Smart Grid Information Security

Smart Grid Information Security CEN-CENELEC-ETSI Smart Grid Coordination Group Date: 2014-12 Secretariat: CCMC CEN-CENELEC-ETSI Smart Grid Coordination Group M490-SGCG-SGIS-Intermediate-Report-V1.pdf 1 Contents Page 2 3 4 5 6 7 8 9 10

More information

Dr. Markus Braendle, Head of Cyber Security, ABB Group 10 Steps on the Road to a Successful Cyber Security Program Asia Pacific ICS Security SUMMIT

Dr. Markus Braendle, Head of Cyber Security, ABB Group 10 Steps on the Road to a Successful Cyber Security Program Asia Pacific ICS Security SUMMIT Dr. Markus Braendle, Head of Cyber Security, ABB Group 10 Steps on the Road to a Successful Cyber Security Program Asia Pacific ICS Security SUMMIT December 3, 2013 slide 1 A global leader in power and

More information

Announcement of a new IAEA Co-ordinated Research Programme (CRP)

Announcement of a new IAEA Co-ordinated Research Programme (CRP) Announcement of a new IAEA Co-ordinated Research Programme (CRP) 1. Title of Co-ordinated Research Programme Design and engineering aspects of the robustness of digital instrumentation and control (I&C)

More information

Guidelines for reporting. for Accompanying Measures. implemented as. Specific Support Action

Guidelines for reporting. for Accompanying Measures. implemented as. Specific Support Action SIXTH FRAMEWORK PROGRAMME Research Infrastructures Action Guidelines for reporting for Accompanying Measures implemented as Specific Support Action This document can be found on the INTERNET at the following

More information

Claes Rytoft, ABB, 2009-10-27 Security in Power Systems. ABB Group October 29, 2009 Slide 1

Claes Rytoft, ABB, 2009-10-27 Security in Power Systems. ABB Group October 29, 2009 Slide 1 Claes Rytoft, ABB, 2009-10-27 Security in Power Systems October 29, 2009 Slide 1 A global leader in power and automation technologies Leading market positions in main businesses 120,000 employees in about

More information

Cybersecurity for Energy Delivery Systems 2010 Peer Review. Dale Peterson Digital Bond, Inc. Bandolier and Portaledge

Cybersecurity for Energy Delivery Systems 2010 Peer Review. Dale Peterson Digital Bond, Inc. Bandolier and Portaledge Cybersecurity for Energy Delivery Systems 2010 Peer Review Alexandria, VA July 20-22, 2010 Dale Peterson Digital Bond, Inc. Bandolier and Portaledge Summary Slide: Bandolier Outcomes: Insure new and upgraded

More information

Internet of Things - Internet of the Future" Workshop in Oslo 2012 02 01

Internet of Things - Internet of the Future Workshop in Oslo 2012 02 01 Internet of Things - Internet of the Future" Workshop in Oslo 2012 02 01 The IoT Value Creation Network, Norway Project in the VERDIKT-program The Research Council of Norway Today s Focus CEN and Internet

More information

Lessons Learned CIP Reliability Standards

Lessons Learned CIP Reliability Standards Evidence for a requirement was not usable due to a lack of identifying information on the document. An entity should set and enforce a "quality of evidence" standard for its compliance documentation. A

More information

Solutions and IT services for Oil-Gas & Energy markets

Solutions and IT services for Oil-Gas & Energy markets Solutions and IT services for The context Companies operating in the Oil-Gas & Energy sectors are facing radical changes that have a significant impact on their business processes. In this context, compliance

More information

Knowledge based energy management for public buildings through holistic information modeling and 3D visualization. Ing. Antonio Sacchetti TERA SRL

Knowledge based energy management for public buildings through holistic information modeling and 3D visualization. Ing. Antonio Sacchetti TERA SRL Knowledge based energy management for public buildings through holistic information modeling and 3D visualization Ing. Antonio Sacchetti TERA SRL About us-1 Tera is a SME born in year 2007, based on the

More information

ENTSOG Draft Network Code on Interoperability and Data Exchange Rules Public Consultation Questionnaire; GEODE advises on further action

ENTSOG Draft Network Code on Interoperability and Data Exchange Rules Public Consultation Questionnaire; GEODE advises on further action ENTSOG Draft Network Code on Interoperability and Data Exchange Rules Public Consultation Questionnaire; GEODE advises on further action GEODE, the Association of the Independent European Distribution

More information

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe'

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe' EUROPEAN COMMISSION Brussels, 2.7.2014 SWD(2014) 214 final COMMISSION STAFF WORKING DOCUMENT Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe' Accompanying

More information

Partnership for Progress Factories of the Future. December 2013 Maurizio Gattiglio Chairman

Partnership for Progress Factories of the Future. December 2013 Maurizio Gattiglio Chairman Partnership for Progress Factories of the Future December 2013 Maurizio Gattiglio Chairman Factories of the Future Manufacturing: Key to our Economy Since some years the important of manufacturing has

More information

Sixth Framework Programme ECO-BUILDING CLUB. Contract No TREN/07/FP6EN/S07.72691/038496

Sixth Framework Programme ECO-BUILDING CLUB. Contract No TREN/07/FP6EN/S07.72691/038496 Sixth Framework Programme ECO-BUILDING CLUB Contract No TREN/07/FP6EN/S07.72691/038496 Stéphane POUFFARY French Environment and Energy Management Agency (ADEME) stephane.pouffary@ademe.fr Ennio FERRERO

More information

Open Smart Card Infrastructure for Europe

Open Smart Card Infrastructure for Europe Open Smart Card Infrastructure for Europe v2 Volume 8: Part 3-1: Authors: Security and Protection Profiles (Common Criteria Supporting Document) eesc TB3 Protection Profiles, Security Certification NOTICE

More information

CATS: Cyclist-AEB Testing System

CATS: Cyclist-AEB Testing System CATS: Cyclist-AEB Testing System Car bicyclist accident analysis and bicyclist dummy development carhs.training gmbh & CATS 1 Introduction Cyclist safety raising issue in Europe carhs.training gmbh & CATS

More information

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES By Wolfgang Röhrig, Programme Manager Cyber Defence at EDA and Wg Cdr Rob Smeaton, Cyber Defence Staff Officer

More information

PROJECT TRACKING and CONTROL

PROJECT TRACKING and CONTROL PROJECT TRACKING and CONTROL 1 Outline of Project Tracking & Control 2 Project Planning & Control Context 3 Realistic and Measurable Plans Create Measurable Plans! 4 Data Sources for Project Tracking 5

More information

Cyber Security in EU: ENISA approach

Cyber Security in EU: ENISA approach Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency Norwegian Energy Days 2015, Oslo European Union Agency for Network and

More information

HabEat - FP7-245012. HabEat

HabEat - FP7-245012. HabEat HabEat Determining factors and critical periods in food habit formation and breaking in early childhood: a multidisciplinary approach Grant agreement number: FP7-245012 Medium-scale Collaborative Project

More information

Software & Supply Chain Assurance: Mitigating Risks Attributable to Exploitable ICT / Software Products and Processes

Software & Supply Chain Assurance: Mitigating Risks Attributable to Exploitable ICT / Software Products and Processes Software & Supply Chain Assurance: Mitigating Risks Attributable to Exploitable ICT / Software Products and Processes Joe Jarzombek, PMP, CSSLP Director for Software & Supply Chain Assurance Stakeholder

More information