Opendata, web and dolomites
  1. home
  2. trasparenza
  3. open h2020
  4. cipsec
  5. reports

Report

Teaser, summary, work performed and final results

Periodic Reporting for period 1 - CIPSEC (Enhancing Critical Infrastructure Protection with innovative SECurity framework)

Teaser

Over the last years critical infrastructure (CI) operators have needed to incorporate recent advances in the ICT field in order to offer a more efficient service with higher quality. The focus has been put on improving the networking capabilities, incorporating sophisticated...

Summary

Over the last years critical infrastructure (CI) operators have needed to incorporate recent advances in the ICT field in order to offer a more efficient service with higher quality. The focus has been put on improving the networking capabilities, incorporating sophisticated devices searching for this. However, CI represent a very special and specific operation environment, full of peculiarities. Moreover, the adaptation of CI to emerging ICT has been done without a thorough analysis of its impact on security. Now, CI are vulnerable to a whole set of threats and attacks, highly risking public safety, economy and welfare of the population. Available solutions for securing CI are not adequate. Solutions need to consider the IT(information technology) and OT (operational technology) as a whole.

The chellenge is: how to benefit from higher efficiency and better advances in the field of CI without compromising security?

CIPSEC is meant to provide an answer. CIPSEC pursues these goals: 1) create a unified security framework orchestrating state-of-the-art heterogeneous security products and services; 2) Create a security system of solutions and services going beyond the CI borders; 3) Offer high levels of protection in IT and OT; 4) Validate the framework in transportation, health and environment monitoring environments; 5) Consolidate links and collaborate with Standardization Bodies; 6) Provide a framework with high readiness to market.

Society as a whole will be benefited from excellent innovation outcomes that will strengthen European countries security and will boost European competitiveness in CI Protection. CIPSEC will provide a cost-effective multi-domain security solution for CI, enabling the reduction on capital investment in security threats management for CI; will increase the confidence on the ICT role in daily operation of CI, with positive impact in efficiency, quality of service and business profits, with the reduction of the economic risk linked to the consequence of cyber incidents and the reduction of likelihood of environmental disasters; will orchestrate a security solution for CI protection lifecycle, covering before, during and after the incident; and will create awareness on the importance to secure all assets involved in CI daily operation.

Work performed

The grounds of the work in CIPSEC were built by identifying CI common and sectorial requirements, including those of the pilots. This was linked with the results of a research work done in parallel aiming at getting a good picture of the existing market solutions for the CI domain (D1.1). A good understanding of the taxonomy of the different CI environments was necessary to produce these outputs (D1.3).

The aforementioned outputs were leveraged to understand where the gaps are and where the added value of CIPSEC would be. Then,the Consortium defined the CIPSEC basic building blocks (D1.2) and provided a comprehensive design establishing the role of the different products brought by the partners to the project (D2.1).Then, a reference architecture was worked out, being defined as agnostic and with strong flexibility to be integrated with specific CI, starting by the pilots (D2.2).Then, the Consortium started the integration of the different tools. An early prototype was obtained, as an early proof of the feasibility of integrating the products into a single unified framework. This shows the added value of the products working together. The individual products have been designed an innovation roadmap with research enhancements directly applicable to CIPSEC (D2.3). Also, the services that adequately supplement the products integrated in the framework were designed. Those services are vulnerability analysis,contingency plan, training, updating and patching and forensics analysis (D2.4).A first study of dependencies with external CIs which could lead to damages related to cascading effects attacks was done (D3.4).

CIPSEC defined a roadmap for the instantiation of the CIPSEC reference architecture into the pilots. The main outcome so far is an infrastructure map per pilot where CIPSEC solutions are located and their scope of influence is determined (D3.1, D3.2, D3.3). This sets the basis for the actual deployment, testing and validation. A consolidated and deep knowledge of the architectural elements and details of the pilots was reached. It serves to ascertain individual needs and what characteristics could be shared among the pilots. A plan for the application of the solution in production for each pilot is foreseen and considers a rollback process in case of any kind of problem.

Other main highlights are the comprehensive competitor and market analysis for cybersecurity solutions (D5.1). This is an excellent input to work out a exploitation strategy. An early approach to this exploitation strategy was obtained. The individual exploitation plan per partner was further developed and the final version will come at the end of the project. Other activities performed relate to client prospection in events, the analysis of market trends and competitors, and the progress in the definition of each partner´s individual exploitation plan.The Consortium also made a remarkable job in terms of dissemination with several liaison and collaboration activities, training activities, workshops, scientific publications, participation in events, as well as presence in social networks, and CIPSEC website.The Consortium has produced some promotional materials.

CIPSEC also works on the consolidation of International and European links and the collaboration with standardization bodies.

Final results

The main innovation streams in CIPSEC are enumerated in the following:

* The definition of a reference architecture for CI protection against cyber incidents, ellaborated considering the whole security data-cycle involved in the daily infrastructure operation. This architecture leverages upon the design of the framework using highly valuable data coming from the requirements study across different verticals and with special focus on those of the pilots.

* Showing the feasibility of integrating different heterogeneous security products and making them work together,demonstrating the added value brought by the joint features which are not possible when they work separatedly.

* CIPSEC provides a global solution which addresses the global picture of any crisis scenario a CI may undergo. CIPSEC not only secures network edge services of cloud infrastructures in CI scenarios, but also takes into account existing interdependencies.

* CIPSEC underpins the features provided by the products with a set of services forming a security ecosystem and being orchestrated among themselves and with the products in such a way that the client is offered a global, solid and flexible vision concerning the protection of his most valuable assets.

* Making cybersecurity solutions for CI more affordable, with a two-fold effect: 1) most organizations can access to cybersecurity solutions, which in turn helps raise awareness about how critical is to be ready for more and more sophisticated threats and attacks, and how to react to actual incidents, and 2) if the solutions become more affordable, capital can be invested on actual business development and strengthening, with a direct effect in ledgers.

* Finally, CIPSEC components show a high TRL level (from 7 to 9) which gets really closer the actual introduction of the framework into the market.

Website & more info

More info: http://www.cipsec.eu.