ESCoRTS A European network for the Security of Control & Real Time Systems
|
|
- Alaina Eleanor Parker
- 8 years ago
- Views:
Transcription
1 ESCoRTS A European network for the Security of Control & Real Time Systems Luc Van den Berghe CEN-CENELEC Management Centre 20/05/10 Luxembourg workshop 1
2 Recommendations from a CEN/BT WG161 Survey in 2006 Encourage best practice, possibly in a joint endeavour between manufacturers and end users. Develop and establish test platforms for SCADA & other process control equipment in Europe. Try to reduce the divergence between current standardisation efforts, especially between process control in general and power system control. Liaise with the US. Promote awareness on security risks by the stakeholders personnel like plant and security managers, researchers, process operators, IT specialists, and the general public. 20/05/10 Luxembourg workshop 2
3 ESCoRTS to explore/address these survey conclusions Submitted May 2007 to the FP7 Call SEC : European Security Research Networks (incl. For standardisation) Start of the contract 16 June 2008 Duration 30 months 20/05/2010 Luxembourg workshop 3
4 The Consortium CEN, the European Committee for Standardization: co-ordinator JRC: project author Enginet: Italian SME, dissemination and support to co-ordinator Three main EU manufacturers of SCADA equipment: ABB, Areva, Siemens Three important SCADA end-users in different processes: power generation (Italy, Enel Produzione), electricity transmission (Roumenia, Transelectrica), water management (Italy, Mediterranea delle Acque). OPUS publishing (US): Liaison with US UNINFO: Italian ICT standards organization 20/05/2010 Luxembourg workshop 4
5 Work-package 1 WP1: Complete survey of stakeholder needs and evaluate the market for SCADA security. Complete a survey of the stakeholder needs across the sectors involved Evaluate the market for security related services in EU and structure its key demands Both reports delivered in /05/2010 Luxembourg workshop 5
6 D11 Conclusions Survey of needs EU industry awareness and readiness lags behind US initiatives, but a growing feeling in Europe that security issues are crucial lack of European explicit demand for comprehensive security solutions potential cost of security measures, which might weigh considerably on the overall control equipment cost lack of adoption in Europe of common security references or baselines (be them formal or de facto standards, guidelines, or accepted best practices accepted and applicable across all countries). 6
7 Report addresses D12 Market for SCADA security services Security assessments of the security organization of an operator, also with respect to the implementation of technical security measures. Security testing: (technical) part of a security assessment (for a infrastructure operator), but also relevant for the vendors of control system components or systems. Security training and awareness; adequate training is the most important factor to discriminate a security induced event from an everyday operational fault. 7
8 D12 Market for SCADA security services The D12 study concludes that there is, beside managed security services, definitely a market also for other security services, especially for security consulting, which includes security assessments, testing, and training. But the readiness of the actors (mainly the operators of critical infrastructure) depends on the sector (energy, chemical or pharmaceutical: high awareness) 8
9 Work-package 2 D21 - Survey of current best practice (existing methods, procedures and guidelines, current standardization efforts) D22 Security solutions taxonomy D23 Reports on targeted experiments at the end users (ENEL, Transelectrica, Mediterranea delle Acque) locations (purpose: evaluating a standard for applicability, usability and utility) One targeted experiment still ongoing, rest delivered 9
10 Per standard/guideline Identifier, Title Status, Type Geographic relevance Addressed Industry Addressed Audience Short Description Cross References D21 Survey of standards (1) 10
11 D21 Survey of standards (2) 37 standards, guidelines or regulations relevant for operators or manufacturers in the area of control system (cyber) security 13 are international standards or guidelines, 14 are provided by US committees 10 are defined by European groups, or by groups of European countries. Per sector Independent of the addressed industry (generic): 5 Energy sector: 12 energy generic and 2 energy automation specific Automation area (process and/or manufacturing automation): 13 Oil & gas: 4 Chemistry sector: 2 11
12 D22 Taxonomy of security solutions (1) Report describes the more typical cybersecurity problems encountered by industrial control systems, and the solutions that can be put in place for countering them. It classifies and lists security vulnerabilities, threats and solutions, but is does recommend neither best practices nor possible options(beyond the possibilities of ESCoRTS project) 12
13 D22 Taxonomy of security solutions (2) Part 1: an overview of SCADA architecture, in order to define a common terminology for the whole document and set the scene regarding the problems under discussion. This part includes also a discussion on SCADA protocols. Part 2: vulnerabilities and attacks, with a classification of the security problems. Part 3: potential attack scenarios 13
14 D22 Taxonomy of security solutions (2) Part 4: discusses the best-known countermeasures (as of end 2009), with some technical detail regarding their implementation. Three categories of countermeasures are considered: Communication protocol countermeasures, Filtering and Monitoring countermeasures Architectural countermeasures. 14
15 Work-package 3 WP3: Stimulating convergence of current standardisation efforts. Building on the results of WP1-2, this work package will result into a joint understanding of the way current standardisation efforts are progressing. It will point out and rationalise eventual divergences, and develop a strategic standardisation roadmap so as to structure existing and forthcoming actions. Deliverable: a R&D and standardization Road Map Draft by June 2010; final by October /05/2010 Luxembourg workshop 15
16 Work-package 4 WP4: Requirements for appropriate test platforms for the security of process control equipment and applications. D41 Requirements for a Secure ICT platform for data exchange - delivered D42 - Metrics for cyber security assessment and testing started D43 - Requirements for future cyber security laboratories (following a survey on current test facilities) to start D44 Public results of the verification of the metrics conducted on a replication of a live control system/environment to start Luxembourg workshop 16
17 Work-package 5 WP5: Management and dissemination. a Stakeholders Advisory Board composed of representatives of the relevant industrial sectors, such as power, oil, water, and process automation. The constituency of this board will keep growing along the life of the project: the board has been opened to become a CEN-CENELEC Focus Group 20/05/2010 Luxembourg workshop 17
18 Between now and end 2010 Meeting of the Focus Group (Torino, 30 June) Draft Roadmap Metrics for cyber security assessment and testing Final conference (Brussels, 27 October) Final Roadmap Verification of the metrics in a test performed on the replication of live environment: public results Requirements for future cyber security laboratories 18
19 Thank you 19
Volker Jacumeit, DIN e. V. ILNAS Workshop CSCG Presentation June 4, 2015
Volker Jacumeit, DIN e. V. ILNAS Workshop CSCG Presentation June 4, 2015 Cyber Security Coordination Group Who we are: Advisory body of the European Standards Organizations Composed of experts from CEN/CLC
More informationI3P SCADA Security Research Plan
I3P SCADA Security Research Plan Unifying Stakeholders and Security Programs to Address SCADA Vulnerability and Infrastructure Interdependency Ron Trellue, Team Lead Sandia National Laboratories 1 What
More informationThe European Platform in Network and Information Security (NIS) Fabio Martinelli
The European Platform in Network and Information Security (NIS) Fabio Martinelli Istituto di Informatica e Telematica Consiglio Nazionale delle Ricerche IIT-CNR, Pisa, Italy Cyber security directive -
More informationEFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics
EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics Frances CLEARY 1, Keith HOWKER 2, Fabio MASSACCI 3, Nick WAINWRIGHT 4, Nick PAPANIKOLAOU
More informationStandards for Cyber Security
Best Practices in Computer Network Defense: Incident Detection and Response M.E. Hathaway (Ed.) IOS Press, 2014 2014 The authors and IOS Press. All rights reserved. doi:10.3233/978-1-61499-372-8-97 97
More informationCyber security. Protecting critical infrastructure in a changing world
Cyber security Protecting critical infrastructure in a changing world Sebastian Obermeier, Sascha Stoeter, Ragnar Schierholz, Markus Braendle Twenty years ago, the cyber security of systems and devices
More informationFuture cybersecurity threats and research needs.
www.thalesgroup.com Future cybersecurity threats and research needs. 3 rd Franco-American Workshop on Cybersecurity Lyon Kreshnik Musaraj kreshnik.musaraj@thalesgroup.com December 9. 2014 2 / Challenges
More informationCertification of Electronic Health Record systems (EHR s)
Certification of Electronic Health Record systems (EHR s) The European Inventory of Quality Criteria Georges J.E. DE MOOR, M.D., Ph.D. EUROREC EuroRec The «European Institute for Health Records» A not-for-profit
More informationRoadmap for new Cyber security education in ME
Deliverable 1.4 Roadmap for new Cyber security education in ME European Commission Tempus Project: This project has been funded with support from the European Commission. This publication reflects the
More informationFuture Internet Public-Private Partnership Call 3 (Objectives 1.8-1.9) European Commission Communications Networks, Content and Technology DG
Future Internet Public-Private Partnership Call 3 (Objectives 1.8-1.9) European Commission Communications Networks, Content and Technology DG FI-PPP Leadership beyond R&D ICT applications research Application
More informationCyber Security nei prodotti di automazione
Cyber Security nei prodotti di automazione Marco Biancardi, ABB SpA, Power System Division 11 dicembre 2013, Roma Why is it an issue? Isolated devices Point to point interfaces Proprietary networks Standard
More informationENCS/NEC RESEARCH MEETING
ENCS/NEC RESEARCH MEETING Benessa Defend ベネッサ ディフェンド Benessa.Defend@encs.eu April 21, 2014 NEC, Kawasaki 1 PARTNERING FOR CYBER RESILIENCE We create and bring together knowledge and resources to secure
More informationEUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. Space, Security and GMES Security Research and Development
Ref. Ares(2011)193990-22/02/2011 EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL Space, Security and GMES Security Research and Development Brussels, 17 th February 2011 M/487 EN PROGRAMMING
More informationInformation and IT Security for Power System Operation
Information and IT Security for Power System Operation Göran Ericsson and Kun Zhu 2011-05-25 Agenda Introduction of Svenska Kraftnät - Swedish National Grid Company R&D activities in Sweden - Collaboration
More informationInternet of Things Value Proposition for Europe
Internet of Things Value Proposition for Europe European Commission - DG CONNECT Dr Florent Frederix, (Online) Trust and Cybersecurity unit 7 th European Conference on ICT for Transport Logistics 5 th
More informationEuropean Innovation Partnership on Active and Healthy Ageing. Action Group C2 Interoperable Independent Living Solutions
European Innovation Partnership on Active and Healthy Ageing Action Group C2 Interoperable Independent Living Solutions Peter Wintlev-Jensen and Marianne van den Berg European Commission 21-22 June 2012
More informationWater Sector Initiatives on Cyber Security. Water Sector Cyber Security Symposium Dallas, TX August 15, 2013
Water Sector Initiatives on Cyber Security Water Sector Cyber Security Symposium Dallas, TX August 15, 2013 Presentation Outline The water sector Interdependencies with other critical infrastructure sectors
More informationD 6.4 and D7.4 Draft topics of EEGI Implementation Plan 2016-2018 Revision: Definitive
Project no.: 282794 Project acronym GRID+ Project title: Supporting the Development of the European Electricity Grids Initiative (EEGI) Instrument: Coordination and support action Thematic priority: ENERGY.2011.7.3-1:
More informationCloudingSMEs Deliverable D2.2.4 Roadmap reflecting the SMEs
Deliverable D2.2.4 CloudingSMEs FP7- No. 609604 Deliverable D2.2.1 SMEs Requirements for Cloud Development, Adoption and Evolution CloudingSMEs Deliverable D2.2.4 Roadmap reflecting the SMEs viewpoint
More informationIT Risk Management Era: Research Challenges and Best Practices. Eyal Adar, Founder & CEO Eyal@WhiteCyberKnight.com Chairman of the EU SRMI
IT Risk Management Era: Research Challenges and Best Practices IARA Work Group July 1 st, 2007, Santa Clara - California Eyal Adar, Founder & CEO Eyal@WhiteCyberKnight.com Chairman of the EU SRMI (Security
More informationCybersecurity & the Water Sector
Cybersecurity & the Water Sector NAWC Water Summit October 6, 2013 San Diego, CA Kevin Morley, AWWA How to deal with Cyber Threat? How would our operations change if we did not have SCADA working? How
More informationTECHNICAL SPECIFICATION
TECHNICAL SPECIFICATION IEC/TS 62443-1-1 Edition 1.0 2009-07 colour inside Industrial communication networks Network and system security Part 1-1: Terminology, concepts and models INTERNATIONAL ELECTROTECHNICAL
More informationEuropean Innovation Partnership Agricultural Productivity and Sustainability. Directorate General for Agriculture and Rural Development
European Innovation Partnership Agricultural Productivity and Sustainability Directorate General for Agriculture and Rural Development Context In its Europe 2020 Strategy, the Commission underlines the
More informationCyber-Physical System Security of the Power Grid
Course on: Cyber-Physical System Security of the Power Grid April 9-11, 2013 at KTH Royal Institute of Technology, Stockholm, Sweden Background Cyber Security is essential to today s power grid operation
More informationINTEGRATING STANDARDS IN YOUR HORIZON 2020 PROJECT. Linking R&D and Standardization: a pocket guide for project proposers
INTEGRATING STANDARDS IN YOUR HORIZON 2020 PROJECT Linking R&D and Standardization: a pocket guide for project proposers Table of contents Standards support research & innovation... 3 Do you need standards?.....................................................................
More informationRebecca Massello Energetics Incorporated
Cybersecurity Procurement Language for Energy Delivery Systems Rebecca Massello Energetics Incorporated NRECA TechAdvantage February 25, 2015 Talking Points What is this document? Who can use this document
More informationRelease of the Draft Cybersecurity Procurement Language for Energy Delivery Systems
Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas
More informationENISA workshop on Security Certification of ICT products in Europe
ENISA workshop on Security Certification of ICT products in Europe Introduction On 16th of March 2016 ENISA organised a workshop aiming at bringing together stakeholders from the ICT security certification
More informationProf. Udo Helmbrecht
Prof. Udo Helmbrecht Guiding EU Cybersecurity from Policy to Implementation Udo Helmbrecht Executive Director Information Security for the Public Sector 2015 Stockholm 02/09/15 European Union Agency for
More informationLOGIIC Remote Access. Final Public Report. June 2015 1 LOGIIC - APPROVED FOR PUBLIC DISTRIBUTION
LOGIIC Remote Access June 2015 Final Public Report Document Title LOGIIC Remote Monitoring Project Public Report Version Version 1.0 Primary Author A. McIntyre (SRI) Distribution Category LOGIIC Approved
More informationIndustrial Cybersecurity Center Are you looking for End-Users, Close to Market Approaches, Requirements, Validation and Dissemination?
Industrial Cybersecurity Center Are you looking for End-Users, Close to Market Approaches, Requirements, Validation and Dissemination? Twitter: @info_cci Email: info@cci-es.org Meet the Center Non-profit,
More informationThe Commission Health Emergency Operations Facility:
EUROPEAN COMMISSION The Commission Health Emergency Operations Facility: for a coordinated management of public health emergency at EU level Neither the European Commission nor any person acting on its
More informationEU Customs Detection Technology Expert group Towards rational use of detection technology
EU Customs Detection Technology Expert group Towards rational use of detection technology Wil van Heeswijk Directorate General for Taxation and Customs Union Risk management and Security unit Brussels,
More informationNIST Cloud Computing Program Activities
NIST Cloud Computing Program Overview The NIST Cloud Computing Program includes Strategic and Tactical efforts which were initiated in parallel, and are integrated as shown below: NIST Cloud Computing
More informationTECHNICAL BOARD BT N 9776. Draft BT C135/2014. CEN/BT by correspondence. For vote Issue date: 2014-11-19
BT N 9776 Draft BT C135/2014 TECHNICAL BOARD CEN/BT by correspondence For vote Issue date: 2014-11-19 Simultaneous circulation to CENELEC/BT Deadline: 2015-02-17 SUBJECT Creation of a new CEN/TC Private
More informationDown the SCADA (security) Rabbit Hole. Alberto Volpatto
Down the SCADA (security) Rabbit Hole Alberto Volpatto Alberto Volpatto Security Engineer & Team Leader @ Secure Network Computer Engineer Application Security Specialist What is SCADA? Supervisory operators,
More informationH2020-EUJ-2016: EU-Japan Joint Call. EUJ-02-2016: IoT/Cloud/Big Data platforms in social application contexts
H2020-EUJ-2016: EU-Japan Joint Call EUJ-02-2016: IoT/Cloud/Big Data platforms in social application contexts EUJ-02-2016: IoT/Cloud/Big Data The Challenge The Integration and federation of IoT with Big
More informationA Guide to Horizon 2020 Funding for the Creative Industries
A Guide to Horizon 2020 Funding for the Creative Industries October 2014 Introduction This document is provided as a short guide to help you submit a proposal for the Horizon 2020 funding programme (H2020).
More informationMODERN. Collaborative Project. Topic NMP.2012.1.3-2: Modeling toxicity behavior of engineered nanoparticles
Project No. 309314 MODERN MODELING THE ENVIRONMENTAL AND HUMAN HEALTH EFFECTS OF NANOMATERIALS Collaborative Project Topic NMP.2012.1.3-2: Modeling toxicity behavior of engineered nanoparticles D4.2 Disseminating
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationA Roadmap for Future Architectures and Services for Manufacturing. Carsten Rückriegel Road4FAME-EU-Consultation Meeting Brussels, May, 22 nd 2015
A Roadmap for Future Architectures and Services for Manufacturing Carsten Rückriegel Road4FAME-EU-Consultation Meeting Brussels, May, 22 nd 2015 Road4FAME in a nutshell Road4FAME = Development of a Strategic
More informationEUK-02-2016: South Korea: IoT joint research
HORIZON 2020 WP 2016-17 EUK-02-2016: South Korea: IoT joint research DG CONNECT/DG AGRI/DG MOVE/DG RTD European Commission RIA EUK-02-2016: South Korea: IoT joint research Challenge: IoT has moved from
More informationCyber Security in EU: ENISA approach
Cyber Security in EU: ENISA approach Konstantinos Moulinos, Security Expert European Union Network and Information Security Agency in Electricity Distribution Grids, Brussels European Union Agency for
More informationCIPS 2011 Awarded Grants. Project number Applicant's name Ctry Title Description Grant
CIPS 2011 Awarded Grants Project number Applicant's name Ctry Title Description Grant HOME/2011/CIPS/AG/2012 NATIONAL INSTUTE COMMUNICATION TECHNOLOGIES (INTECO) ES SCADA laboratory and testbed as a service
More informationScalable End-User Access to Big Data http://www.optique-project.eu/ HELLENIC REPUBLIC National and Kapodistrian University of Athens
Scalable End-User Access to Big Data http://www.optique-project.eu/ HELLENIC REPUBLIC National and Kapodistrian University of Athens 1 Optique: Improving the competitiveness of European industry For many
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationDeliverable 1.2 Project Presentation
FP7-PEOPLE-2012-ITN EID Grant agreement no.: 317387 www.secentis.eu Deliverable 1.2 Project Presentation Abstract This document describes the training program, the objectives, the expected results, the
More informationConcept and Project Objectives
3.1 Publishable summary Concept and Project Objectives Proactive and dynamic QoS management, network intrusion detection and early detection of network congestion problems among other applications in the
More informationPROTECTING CRITICAL CONTROL AND SCADA SYSTEMS WITH A CYBER SECURITY MANAGEMENT SYSTEM
PROTECTING CRITICAL CONTROL AND SCADA SYSTEMS WITH A CYBER SECURITY MANAGEMENT SYSTEM Don Dickinson Phoenix Contact USA P.O. Box 4100 Harrisburg, PA 17111 ABSTRACT Presidential Executive Order 13636 Improving
More informationIncluding Threat Actor Capability and Motivation in Risk Assessment for Smart Grids
CPSR-SG 2016: Joint International Workshop on Cyber-Physical Security and Resilience in Smart Grids, 12th April 2016, Vienna Security for smart Electricity GRIDs Including Threat Actor Capability and Motivation
More informationCATS: Cyclist-AEB Testing System
CATS: Cyclist-AEB Testing System Car bicyclist accident analysis and bicyclist dummy development carhs.training gmbh & CATS 1 Introduction Cyclist safety raising issue in Europe carhs.training gmbh & CATS
More informationIndustrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk
Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Cyber Security Risk With Today s Cyber Threats, How Secure is Your Control System? Today, industrial organizations are faced
More informationCEN and CENELEC response to the EC Consultation on Standards in the Digital Single Market: setting priorities and ensuring delivery January 2016
CEN Identification number in the EC register: 63623305522-13 CENELEC Identification number in the EC register: 58258552517-56 CEN and CENELEC response to the EC Consultation on Standards in the Digital
More informationPresidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY
Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND ICT SECURITY December 2013 Presidency of the Council of Ministers THE NATIONAL PLAN FOR CYBERSPACE PROTECTION AND
More informationDr. Markus Braendle, Head of Cyber Security, ABB Group 10 Steps on the Road to a Successful Cyber Security Program Asia Pacific ICS Security SUMMIT
Dr. Markus Braendle, Head of Cyber Security, ABB Group 10 Steps on the Road to a Successful Cyber Security Program Asia Pacific ICS Security SUMMIT December 3, 2013 slide 1 A global leader in power and
More informationDeliverable 6.4 Future Internet Initiatives Year 1
Theme [ICT-2011.1.4] Trustworthy ICT SECurity and trust COoRDination and enhanced collaboration Project Nº 316622 Deliverable 6.4 Future Internet Initiatives Year 1 Responsible: Contributors: Internal
More informationU.S. Army Research, Development and Engineering Command. Cyber Security CRA Overview
U.S. Army Research, Development and Engineering Command Cyber Security CRA Overview Dr. Ananthram Swami, ST Network Science 18FEB 2014 Cyber Security Collaborative Research Alliance A Collaborative Venture
More informationISA Security. Compliance Institute. Role of Product Certification in an Overall Cyber Security Strategy
ISA Security Role of Product Certification in an Overall Cyber Security Strategy Tom Culling Chevron Andre Ristaino ASCI Kevin Staggs - Honeywell John Cusimano exida 1 ISA Security Agenda Who is the ISA
More informationThemenschwerpunkt Nanowissenschaften, Nanotechnologien, Werkstoffe und neue Produktionstechnologien. Gerald Kern
Themenschwerpunkt Nanowissenschaften, Nanotechnologien, Werkstoffe und neue Produktionstechnologien Gerald Kern Europäische & Internationale Programme FFG Österreichische Forschungsförderungsgesellschaft
More informationTRAINING AND PROMOTION OF THE EUROCODES
TRAINING AND PROMOTION OF THE EUROCODES Support to the implementation, harmonization and further development of the Eurocodes H. Gulvanessian, A. Pinto, S. Dimova, G. Tsionis, M. Geradin EUR 22857 EN -
More informationSolutions and IT services for Oil-Gas & Energy markets
Solutions and IT services for The context Companies operating in the Oil-Gas & Energy sectors are facing radical changes that have a significant impact on their business processes. In this context, compliance
More informationBest Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper
Best Practices in ICS Security for Device Manufacturers A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security
More informationRobotics in Horizon 2020: Rules for participation
Robotics in Horizon 2020: Rules for participation Cécile Huet, Deputy Head of Unit Unit A2 - Robotics Directorate-General for Communication Networks, Content and Technology European Commission Brokerage
More informationHow To Manage Risk On A Scada System
Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document
More informationPV GRID. Efficient Grid Integration of European PV: Project Results. Jörg Mayer, Managing Director German Solar Industry Association (BSW-Solar)
PV GRID Efficient Grid Integration of European PV: Project Results Jörg Mayer, Managing Director German Solar Industry Association (BSW-Solar) 16th September 2014 1 PV GRID Key facts An Intelligent Energy
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationDepartment of Information and Technology Management
INFOTEC Overview Department of Information and Technology Management Introduction The Information and Technology Management Department (INFOTEC) is responsible for providing modern, secure, fit for purpose
More informationESKISP6046.02 Direct security architecture development
Overview This standard covers the competencies concerned with directing security architecture activities. It includes setting the strategy and policies for security architecture, and being fully accountable
More informationThreat Information Sharing; Perspectives, Strategies, and Scenarios
Threat Information Sharing; Perspectives, Strategies, and Scenarios 15 June 2015 Tim Grance,, Sarah Brown, Fox-IT, Luc Dandurand, ITU Thomas Millar, US CERT, Pawel Pawlinski, CERT.PL 1 Information Sharing
More informationStrategic Platforms Information Security 2014
Strategic Platforms Information Security 2014 -------------------------- Data Mining for security process monitoring New authentication mechanism for System Information Call for «Expression of Interest»
More informationHelp for the Developers of Control System Cyber Security Standards
INL/CON-07-13483 PREPRINT Help for the Developers of Control System Cyber Security Standards 54 th International Instrumentation Symposium Robert P. Evans May 2008 This is a preprint of a paper intended
More informationCybersecurity in SMEs: Evaluating the Risks and Possible Solutions. BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI
Cybersecurity in SMEs: Evaluating the Risks and Possible Solutions BANCHE E SICUREZZA 2015 Rome, Italy 5 June 2015 Arthur Brocato, UNICRI UNICRI s Main Goals The United Nations Interregional Crime and
More informationProcess Control System Cyber Security Standards an Overview
INL/CON-06-01317 PREPRINT Process Control System Cyber Security Standards an Overview 52nd International Instrumentation Symposium Robert P. Evans May 2006 This is a preprint of a paper intended for publication
More informationD6.1: Service management tools implementation and maturity baseline assessment framework
D6.1: Service management tools implementation and maturity baseline assessment framework Deliverable Document ID Status Version Author(s) Due FedSM- D6.1 Final 1.1 Tomasz Szepieniec, All M10 (31 June 2013)
More informationEU CIP Project DENSEK. Joining forces against cyber threats on European level
EU CIP Project DENSEK Joining forces against cyber threats on European level DENSEK EU CIP Objectives Improving the resilience of the energy infrastructure i.e. improving the security of the Smart Energy
More informationDeliverable 7.1 Web Site and Promotional Materials
Support Action Big Data Europe Empowering Communities with Data Technologies Project Number: 644564 Start Date of Project: 01/01/2015 Duration: 36 months Deliverable 7.1 Web Site and Promotional Materials
More informationWhich cybersecurity standard is most relevant for a water utility?
Which cybersecurity standard is most relevant for a water utility? Don Dickinson 1 * 1 Don Dickinson, Phoenix Contact USA, 586 Fulling Mill Road, Middletown, Pennsylvania, USA, 17057 (*correspondence:
More informationWhy do we need a new approach?
Overview of Compliant e-invoicing Den Haag, November 2009 Why do we need a new approach? Joost Kuipers Den Haag November 2009-1 - The program:... Fiscalis 2013 program; The (e-) audit process; The e-invoicing
More information1 st NEWSLETTER. Created By
JULY 2013 In this issue Introduction 1 The VRUITS project 1 Goals 2 First results: accident and user need analysis, and prioritizations of ITS for Vulnerable Road Users 3 Dissemination 3 Consortium & Contacts
More informationPublic consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures
Public consultation on the contractual public-private partnership on cybersecurity and possible accompanying measures Fields marked with are mandatory. Public consultation on the contractual public-private
More informationSupporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security
Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security www.enisa.europa.eu European Union Agency for Network and Information
More informationNIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA
NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA ViS!T - Verwaltung integriert sichere Informationstechnologie, Wien, 29.10.2014 European Union Agency
More informationCombining Security Risk Assessment and Security Testing based on Standards
Jürgen Großmann (FhG Fokus) Fredrik Seehusen (SINTEF ICT) Combining Security Risk Assessment and Security Testing based on Standards 3 rd RISK Workshop at OMG TC in Berlin, 2015-06-16 3 rd RISK Workshop
More informationWaste reduction and process optimisation in (ECO/08/239048/SI2.535244 )
WASTEred Waste reduction and process optimisation in the European meat and dairy industry (ECO/08/239048/SI2.535244 ) BIOAZUL experience in CIP ECO-INNOVATION BIOAZUL S.L, Malaga (Spain) Environmental
More informationCloudingSMEs Deliverable D5.5.1 Policy Development Guidelines
CloudingSMEs FP7- No. 609604 WP2 SMEs Vision and Road mapping for Cloud Development Deliverable D2.2.1 SMEs Requirements for Cloud Development, Adoption and Evolution CloudingSMEs PROPRIETARY RIGHTS STATEMENT
More informationEU CUSTOMS BUSINESS PROCESS MODELLING POLICY
EUROPEAN COMMISSION MASP Revision 2014 v1.1 ANNEX 4 DIRECTORATE-GENERAL TAXATION AND CUSTOMS UNION Customs Policy, Legislation, Tariff Customs Processes and Project Management Brussels, 03.11.2014 TAXUD.a3
More informationLessons Learned CIP Reliability Standards
Evidence for a requirement was not usable due to a lack of identifying information on the document. An entity should set and enforce a "quality of evidence" standard for its compliance documentation. A
More informationClaes Rytoft, ABB, 2009-10-27 Security in Power Systems. ABB Group October 29, 2009 Slide 1
Claes Rytoft, ABB, 2009-10-27 Security in Power Systems October 29, 2009 Slide 1 A global leader in power and automation technologies Leading market positions in main businesses 120,000 employees in about
More informationSmart Grid Information Security
CEN-CENELEC-ETSI Smart Grid Coordination Group Date: 2014-12 Secretariat: CCMC CEN-CENELEC-ETSI Smart Grid Coordination Group M490-SGCG-SGIS-Intermediate-Report-V1.pdf 1 Contents Page 2 3 4 5 6 7 8 9 10
More informationProject no. 607865. Collaborative Project FP7-SEC-2013-1 www.fp7-shelp.eu. Deliverable D7.4
Project no. S-HELP: Securing - Health.Emergency.Learning.Planning Development of decision support tools for improving preparedness and response of Health Services involved in emergency situations Collaborative
More informationENTSOG Draft Network Code on Interoperability and Data Exchange Rules Public Consultation Questionnaire; GEODE advises on further action
ENTSOG Draft Network Code on Interoperability and Data Exchange Rules Public Consultation Questionnaire; GEODE advises on further action GEODE, the Association of the Independent European Distribution
More informationCertified Information Security Manager (CISM)
Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security
More informationAnnouncement of a new IAEA Co-ordinated Research Programme (CRP)
Announcement of a new IAEA Co-ordinated Research Programme (CRP) 1. Title of Co-ordinated Research Programme Design and engineering aspects of the robustness of digital instrumentation and control (I&C)
More informationOpen Smart Card Infrastructure for Europe
Open Smart Card Infrastructure for Europe v2 Volume 8: Part 3-1: Authors: Security and Protection Profiles (Common Criteria Supporting Document) eesc TB3 Protection Profiles, Security Certification NOTICE
More informationGuidelines for reporting. for Accompanying Measures. implemented as. Specific Support Action
SIXTH FRAMEWORK PROGRAMME Research Infrastructures Action Guidelines for reporting for Accompanying Measures implemented as Specific Support Action This document can be found on the INTERNET at the following
More informationHabEat - FP7-245012. HabEat
HabEat Determining factors and critical periods in food habit formation and breaking in early childhood: a multidisciplinary approach Grant agreement number: FP7-245012 Medium-scale Collaborative Project
More informationSECURE AND TRUSTWORTHY CYBERSPACE (SaTC)
SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) Overview The Secure and Trustworthy Cyberspace (SaTC) investment is aimed at building a cybersecure society and providing a strong competitive edge in the Nation
More informationCybersecurity for Energy Delivery Systems 2010 Peer Review. Dale Peterson Digital Bond, Inc. Bandolier and Portaledge
Cybersecurity for Energy Delivery Systems 2010 Peer Review Alexandria, VA July 20-22, 2010 Dale Peterson Digital Bond, Inc. Bandolier and Portaledge Summary Slide: Bandolier Outcomes: Insure new and upgraded
More informationKnowledge based energy management for public buildings through holistic information modeling and 3D visualization. Ing. Antonio Sacchetti TERA SRL
Knowledge based energy management for public buildings through holistic information modeling and 3D visualization Ing. Antonio Sacchetti TERA SRL About us-1 Tera is a SME born in year 2007, based on the
More informationInternet of Things - Internet of the Future" Workshop in Oslo 2012 02 01
Internet of Things - Internet of the Future" Workshop in Oslo 2012 02 01 The IoT Value Creation Network, Norway Project in the VERDIKT-program The Research Council of Norway Today s Focus CEN and Internet
More information