Training: Lectures

CIPRNet Lectures

CIPRNet is active to prepare the European Infrastructures Simulation and Analysis Centre
[Click for more information]
EISAC
(European Infrastructure See computer simulation.
[Click for more information]
Simulation
and Analysis Center) improving the competence and knowledge of the European See critical infrastructure protection
[Click for more information]
CIP
Expert community. To this end it arranges and supports information exchange via lectures and conferences hosted or performed by CIPRNet partners. These lectures will be announced on this web page. The lectures are generally arranged as open access scheme, even if in some cases there might exist restrictions. Some lectures will be provided also as web streams.

Announcements of CIPRNet lectures will be published on this web page. Stay tuned!

New CL41: How to evaluate the risk for interdependent Critical Infrastructures scenarios

By Prof. Roberto Setola (University Campus Bio-Medico of Rome), 8th February 2017

Venue: Lithuanian Institute of Energy, Kaunas (LT) 

In the presence of complex scenarios characterised by the presence of several and inter-dependent actors and elements, the usual approaches for effect of uncertainty on objectives
[Click for more information]
Risk
Analysis based on the evaluation of chance of something happening
[Click for more information]
likelihood
and impact cannot be able to capture all the aspects, especially those related to "extreme events". The lecture will illustrate such a phenomena suggesting to approach effect of uncertainty on objectives
[Click for more information]
Risk
Analysis in a holistic perspective adopting an All-source of potential harm
[Click for more information]
Hazard
framework. 

CL40: Cyber security and CIP - challenges and solutions

By Prof. Michal Choras and Dr. Rafal Kozik (University of Science and Technology in Bydgoszcz, Poland), 17th January 2017, 18:00-19:00

Venue: room B111, building ΧΟΔ02, new campus, University of Cyprus, Nicosia (CY)

In this presentation, current situation and challenges related to cyber security of Critical Infrastructures (CI) are discussed. Presented study shows that cyber-related threats should be concerned as important factor incorporated into strategic analysis of infrastructure disruptions, consequences evaluation, and assessment of systems dependencies. During the talk, selected innovative cyber security solutions and approaches were presented. 

Flyer download 

CL39: How to evaluate the risk for interdependent Critical Infrastructures scenarios

By Prof. Roberto Setola (University Campus Bio-Medico of Rome), 9th December 2016

Venue: University of Kent, Canterbury (UK)

In the presence of complex scenarios characterised by the presence of several and inter-dependent actors and elements, the usual approaches for effect of uncertainty on objectives
[Click for more information]
Risk
Analysis based on the evaluation of chance of something happening
[Click for more information]
likelihood
and impact cannot be able to capture all the aspects, especially those related to “extreme events”. The lecture illustrated such a phenomena suggesting to approach effect of uncertainty on objectives
[Click for more information]
Risk
Analysis in a holistic perspective adopting an All-source of potential harm
[Click for more information]
Hazard
framework.

To top

CL38: Dynamical robustness to synchronization of complex networks: methods and applications to electrical infrastructures

By Prof. Mattia Frasca (University of Catania), 5th December 2016, 11.00

Venue: T15, Trapezio building, University Campus Bio-Medico of Rome

In this talk Prof Frasca discussed dynamical robustness of a complex network to noise injected through one of its nodes. The focus is on synchronization of coupled nonlinear systems and, as a special instance of this phenomenon, the consensus protocol for linear integrators were also addressed. An exact closed-form expression of the synchronization error for the consensus protocol and an approximate result for chaotic units is established. From this result, we derive that, while structural robustness is known to be significantly affected by attacks targeted to network hubs, in our case dynamical robustness is controlled by both the A topology is given by connections between components of a CI model.
[Click for more information]
topology
of the network and the dynamics of the units. We provide examples of networks of units where hubs perform better or worse than isolated nodes. The final part of the presentation was the application analyse of this method to power grids, by including a real example (the UCTE European High Voltage grid) and deriving some conclusions on the most and least critical nodes of this network.

CL37: Critical Infrastructure Protection – CIP: Modelling, Simulation & Analysis (MS&A) of CI performances and resilience

by Prof. Mohamed Eid, 25th October (16:00-18:00)

Venue: Lithuanian Institute of Energy, Kaunas and Vytauto Didžiojo universitetas / Vytautas Magnus University (VMU)

Critical infrastructures are complex systems supplying vital services to modern societies. They are more and more smart, connected and distributed. Their rupture can endanger the security of the citizen and the society. Robust models and See computer simulation.
[Click for more information]
simulation
techniques should be developed in order to enhance the See critical infrastructure
[Click for more information]
CI
resilience and to better manage crises in case of See critical infrastructure
[Click for more information]
CI
rupture.

The lecture introduced the basic concepts in MS&A of See critical infrastructure
[Click for more information]
CI
resilience and performances.

To top

CL36: Cyberbezpieczenstwo systemów sterowania elektrowni

by Prof. K. Świrski (Politechnika Warszawska), 21st October 2016, 12:30 h

Venue: room C8, RCI, UTP Bydgoszcz

This lecture concerns the cybersecurity of DCS (Distributed measure that is modifying risk
[Click for more information]
Control
Systems), in particular those controlling processes in critical infrastructures such as energy generation and distribu-tion. Selected threats and examples of military malware are discussed. Practical solutions for protections as well as the relevant norms (e.g. NERC, NISA etc.) are overviewed. The conse-quences for hybrid conflicts and homeland security are presented.

CL35: Increasing Security of Critical Infrastructures through intelligent even correlation

by Salvatore D'Antonio (University of Naples Parthenope), 21st October 2016, 10:20 h

Venue: room C8, RCI, UTP Bydgoszcz

Security Information and An event describes what happens to a component in the CI model if a condition is fulfilled, e.g. the tripping of a transmission line at a certain time.
[Click for more information]
Event
Management (SIEM) is a consolidated technology that relies on the correlation of massive amounts of security-relevant information in order to detect ongoing attacks and intrusions. This correlation process is usually fed with logs generated by network devices and equipment, thus proving to be ineffective against attacks that affect multiple domains (e.g. physical, logical) or different architectural levels (e.g. network, operating system, application) of a service infrastructure. To bridge this gap, a combination of physical and logical security is required that allows for a more effective protection of the infrastructure. Recently some achievements have been made. For example, SEM (Security An event describes what happens to a component in the CI model if a condition is fulfilled, e.g. the tripping of a transmission line at a certain time.
[Click for more information]
Event
Monitoring) and SIM (Security Information Management) have merged into SIEM, and LACS (Logical Access measure that is modifying risk
[Click for more information]
Control
System) and PACS (Physical Access measure that is modifying risk
[Click for more information]
Control
System) have merged into IM (Identity Management), Security Operation Center (SOC) technology has improved significantly, but much is yet to be done. In this talk an An event describes what happens to a component in the CI model if a condition is fulfilled, e.g. the tripping of a transmission line at a certain time.
[Click for more information]
event
collection and correlation approach is presented that brings a significant advancement in the convergence of physical and logical security technologies. In this context, "convergence" means effective cooperation (i.e. a coordinated and results-oriented effort to work together) among previously disjointed functions. The proposed approach relies on data fusion techniques to process heterogeneous data and spot evidence of security issues by using complex An event describes what happens to a component in the CI model if a condition is fulfilled, e.g. the tripping of a transmission line at a certain time.
[Click for more information]
event
pattern detectors that correlate information from multiple architectural layers and domains of the monitored infrastructure. This allows for dependable (i.e. accurate, timely, and trustworthy) detection and diagnosis of attacks, which will ultimately result in the achievement of two goals of paramount importance, and precisely: 1) Guaranteeing the protection of citizens and assets, and 2) Improving the perception of security by citizens. This approach has been validated in three real use cases, with two objectives: 1) Capturing the diversity of the requirements to be satisfied by a platform truly supporting the convergence of physical and logical security technologies; 2) Overcoming fragmentation of security approaches.

To top

CL34: Mathematical Modelling of CI Resilience with a focus on the Cascade effects

by Associated Prof. Mohamed Eid, 18th October 2016, 10:30-12:00

Venue: National Institute of Applied Sciences (INSA) - Rouen, 685 Avenue de l'Université, F-76801 Saint-Etienne du Rouvray (salles DA-R1-02 et DU-B-RJ-08)

Critical Infrastructures Protection (CIP) requires the development of robust mathematical models and powerful See computer simulation.
[Click for more information]
simulation
algorithms and software tools. See critical infrastructure protection
[Click for more information]
CIP
activities aims principally to enhance the CIs resilience facing different kinds of Any indication, circumstance, or event with the potential to disrupt or destroy critical infrastructure, or any element thereof (EU, 2006)
[Click for more information]
threat
. Then, one of the issues in See critical infrastructure protection
[Click for more information]
CIP
is the Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
Modelling
, See computer simulation.
[Click for more information]
Simulation
and Analysis (MS&A) of the See critical infrastructure
[Click for more information]
CI
resilience.

MS&A of the See critical infrastructure
[Click for more information]
CI
resilience should consider the specific nature of each See critical infrastructure
[Click for more information]
CI
. CIs are generally distributed, connected, dependent and interdependent. They are also belonging to different types of technology and operating using several types of physical phenomena. A robust mathematical See conceptual model
[Click for more information]
model
would allow predicting the functional See User-specified behaviour, System-specified behaviour
[Click for more information]
behaviour
of a See critical infrastructure
[Click for more information]
CI
facing a well-define Any indication, circumstance, or event with the potential to disrupt or destroy critical infrastructure, or any element thereof (EU, 2006)
[Click for more information]
threat
under given operational conditions. This would allow the crisis managers to take the best decision at the best moment in order to absorb, mitigate, share, lessen or accept the consequences of the loss of service supply by a set of CIs under a threat's action.

A general review of the concept of resilience and the existing lacks in the common understanding and the use of the concept. How cascade effects impact on the dynamics of the resilience mathematical mode and how dependency/interdependency increase the complexity of the models. A specific interest was given to: the mathematical issues in describing cascade effects.

The targeted audiences are the final courses engineers, PhD followers and professionals concerned by systems' reliability, safety and protection.

CL33: Critical Infrastructures: How to deal with complex interconnected systems of systems to prevent and mitigate cascading failures?

Dr. Yohan Barbarin, 18th October 2016, 08:00-10:00

Venue: National Institute of Applied Sciences (INSA) - Rouen, 685 Avenue de l'Université, F-76801 Saint-Etienne du Rouvray (salles DA-R1-02 et DU-B-RJ-08)

The world is getting more and more interconnected over the years. SCADA systems and large infrastructures follow the same path. Critical / Vital Infrastructures (CI) have been defined by sectors and theirs interconnections can create severe cascading effects. Many examples of such cascading effects occurred over the last two decades. The goal of this lecture is to introduce the context of The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]
critical infrastructure
protection (CIP), discuss the role of Dependency is the relationship between two (critical infrastructure) products or services in which one product or service is required for the generation of the other product or service.
[Click for more information]
dependency
and present ongoing research to prevent and mitigate See cascading failure
[Click for more information]
cascading effect
.

With the support of Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
Modelling
, See computer simulation.
[Click for more information]
Simulation
and Analysis (MS&A) coupled to Geographic Information System (GIS), the EU project CIPRNet proposes an innovative solution for See critical infrastructure protection
[Click for more information]
CIP
. The CIPRNet project covers the 4 following area: See critical infrastructure
[Click for more information]
CI
identification, See critical infrastructure
[Click for more information]
CI
dependencies, effect of uncertainty on objectives
[Click for more information]
risk
management and crisis management. A system is being developed on the concept of "federated simulations".

The targeted audiences are the final courses engineers, PhD followers and professionals concerned by systems' reliability, safety and protection.

To top

CL32: CEIP and Energy Security in Perspective of NATO Energy Security Center of Excellence

by Dr. Artūras PETKUS (NATO Energy Security Centre of Excellence, NATO ENSEC COE, Lithuania), 10th October 2016, 14.30

Venue: CRITIS 2016, UIC Headquarters, Paris (France)

Cyber attacks on key energy infrastructure - and on the electricity system in particular - are increasing, both in number of events or outcomes per defined unit of time
[Click for more information]
frequency
and sophistication (U.S. Department of Homeland Security). Some countries adopt military doctrines, that could be called "Hybrid War". Unlike its conventional counterpart, hybrid war blends elements of diplomacy, clandestine action, disinformation, sabotage, irregular troops and standard kinetic force to achieve strategic objectives. While hybrid war takes place over several dimensions, it appears that critical energy infrastructure and energy industry of any country could be targeted as part of a wider campaign to reduce the county's ability and willingness to resist. Therefore NATO strives to "continue to develop NATO's capacity to support national authorities in protecting The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]
critical infrastructure
, as well as enhancing their resilience against energy supply disruptions that could affect national and collective defence, including hybrid and cyber threats" (NATO Warsaw Summit Declaration). NATO Energy Security Center's of Excellence contribution to this priority was presented.

CL31: Hybrid Simulation of Distributed Large-Scale Critical Infrastructures

by Prof. Massimo Ficco (Seconda Universita Degli Studi di Napoli), 8th September 2016, 09:10-10:00

Venue: University of Science and Technology, Bydgoszcz, Poland (Room C8 RCI)

Critical infrastructures represent the pivotal assets and resources upon which the current society greatly relies to support welfare, economy and quality of life.

Nowadays, the trend is to restructure these infrastructures by applying a System of Systems (SoS) concept, where the sparse islands are progressively interconnected by means of proper middleware solution through wide-area networks. The huge complexity of such systems makes more complicated for designers and developers the task of facing integration and configuration issues of both pre-existing and under development systems. Indeed, integration among components may introduce unexpected system behaviours on dependability and performance that usually manifest during systems installation and execution time. Additionally, as they cannot be detected earlier, they require on-site maintenance operations resulting in increased maintenance costs and overspending in terms of personnel resources. A promising way to cope with these new systems, and to lower maintenance costs, is to reproduce such complex and distributed systems locally, and let them run prior to the actual execution on-site in order to get knowledge about their real See User-specified behaviour, System-specified behaviour
[Click for more information]
behaviour
and define mitigation means and improvement actions. Hybrid and distributed See computer simulation.
[Click for more information]
simulation
strategies, supported by novel technologies for resources virtualization and working environment reproduction, represent the most promising way to define the needed strategies to actually support such paradigm shift.

To top

CL30: CIPRNet talk at SATW: "Aktuelle Forschung zu kritischen Infrastrukturen"

by Erich Rome (Fraunhofer), 21st April 2016

At the SATW Fachveranstaltung "Cyber Security" (Technical An event describes what happens to a component in the CI model if a condition is fulfilled, e.g. the tripping of a transmission line at a certain time.
[Click for more information]
event
of the Swiss Academy of Technical Sciences

Venue: Main building of ETH Zurich, Zurich, Switzerland

A general introduction to the project CIPRNet, with a focus on one of its new capabilities: 'what if' analysis based on federated Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
, See computer simulation.
[Click for more information]
simulation
and analysis of the See User-specified behaviour, System-specified behaviour
[Click for more information]
behaviour
of Critical Infrastructures in crisis situations. The capability shall enable crisis managers of civil protection agencies to explore different courses of action in training situations. A new method for outcome of an event affecting objectives
[Click for more information]
consequence
analysis enables the comparison of the overall outcomes of different courses of action. An extensive conclusion provides experiences and analyses of barriers and success factors of transferring research results on Critical Infrastructures into practical application.

CL29: CIPRNet OpenMI-Webinar

by Bernhard Becker (Deltares) and Andreas Burzel (Deltares), 21st April 2016

Open Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
Modelling
Interface (OpenMI) is an OGC standard that allows time-dependent models to exchange data at run-time. When the standard is implemented, models can run simultaneously and share information at each time step, making See conceptual model
[Click for more information]
model
integration feasible at the operational level. The possibilities of See conceptual model
[Click for more information]
model
coupling with Open Modelling Interface (OpenMI) is a modelling standard emerged from the domain of water system simulation.
[Click for more information]
OpenMI
to modellers and project managers in water related integrated Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
and other interested attendees showed. Different research projects and case studies were presented, where Open Modelling Interface (OpenMI) is a modelling standard emerged from the domain of water system simulation.
[Click for more information]
OpenMI
has been applied in the past and illustrate the added value of See conceptual model
[Click for more information]
model
coupling. The webinar includes the fundamentals about See computer simulation
[Click for more information]
computer model
simulations and computational grids, boundary conditions and See conceptual model
[Click for more information]
model
forcing.

The Open Modelling Interface (OpenMI) is a modelling standard emerged from the domain of water system simulation.
[Click for more information]
OpenMI
Webinar was recorded and it is available here!

This webinar covered the following topics:

To top

CL28: Introduction to Critical Infrastructures (CI) & dependency phenomena

by Eric Luiijf (TNO), 11th March 2016

Venue: Cyber Security Academy, The Hague, The Netherlands

A general introduction on Critical Infrastructures, addressing the following topics:

CL27: Introduction to CIPRNet

by Erich Rome (Fraunhofer), 1st March 2016

At periodic meeting of the VRGeo consortium 

Venue: Sankt Augustin, Germany

A general introduction to the project CIPRNet, with a focus on one of its new capabilities: 'what if' analysis based on federated Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
, See computer simulation.
[Click for more information]
simulation
and analysis of the See User-specified behaviour, System-specified behaviour
[Click for more information]
behaviour
of Critical Infrastructures in crisis situations. The capability shall enable crisis managers of civil protection agencies to explore different courses of action in training situations. A new method for outcome of an event affecting objectives
[Click for more information]
consequence
analysis enables the comparison of the overall outcomes of different courses of action. 

To top

CL26: Avoid enlarging a disaster: take care of critical infrastructure

by Eric Luiijf (TNO), 20th February 2016

At the Annual Symposium of Engineers Without Borders of the Netherlands (EWB-NL) 

Venue: TU Eindhoven, the Netherlands 

The theme of the Symposium is “Technical Challenges in Disaster Response”. Logistics, averting bottlenecks, coordinating governmental efforts and those of aid organizations – they quickly become the preoccupations of those overseeing disaster relief operations. We all feel compelled to help and we would like to contribute. However this does not always have to be by donating money. Clever ideas and practical solutions are just as valuable. Whether it is to create an app to locate people or an easy to put up construction for shelter, all ideas are useful after a disaster where people are left without anything. Link 

CL25: Cyber-physical security solutions for critical infrastructure protection

by Prof. Michal Choras and Dr. Rafal Kozik (UTP), 16th February 2016, 09:30h

Venue: Department of Electrical and Electronic Engineering, University of Cagliari, Building A, Room Mocci, Piazza d\'Armi, 09123, Cagliari, Italy

Abstract: During the lecture the overview of practical cyber-physical security solutions for See critical infrastructure protection
[Click for more information]
CIP
were presented. Moreover, the results and approach of the CIPRNet project were discussed.

Flyer download

To top

CL24: Praxiserfahrungen beim Technologietransfer und Kriterien für Usability im Bereich KRITIS und Bevölkerungsschutz

(engl: Practical experiences in technology transfer and criteria for usability in the areas of The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]
Critical Infrastructure
Protection and Civil Protection)

by Dr. Erich Rome (Fraunhofer IAIS), Leipzig, 4th December 2015

An event describes what happens to a component in the CI model if a condition is fulfilled, e.g. the tripping of a transmission line at a certain time.
[Click for more information]
Event
: SIFO-Fachdialog „Konturen eines technik- und sozialwissenschaftlichen Sicherheitsverständnisses“

Venue: Tagungslounge Leipzig, Leipzig, Germany 

Abstract: The presentation looked into experiences of conditions of successful cooperation between science and users. The See critical infrastructure
[Click for more information]
CI
area is characterised by specific security challenges (complex, interdependent, sometimes cross-border, constantly changing systems; cascading effects; limited access to sensitive information) and the interplay of a wide range of stakeholders (politicians, authorities, operators, civil / Civil Protection, Research Funding / Community). Research in this area requires the establishment of a relationship of trust with operators and a multidisciplinary, mind-set. A key factor of successful technology transfer is the usability of the developed solutions, for example, decision support systems (that can be used in normal operation and emergency situations). Besides that, a pecuniary value added in industrial operation raises the incentive for investment by operators. The research must closely follow the requirements of end-users from the earliest possible stage on (including support for established standards; links to existing systems; interoperability with existing processes; focus on sense-making, a simple representation and interpretability of results and concrete recommendations for action; fast, time-stamped provision of situational relevant information) and develop easy-to-use solutions that bring real support from the perspective of practitioners.

CL23: Secure Estimation for Wireless Control under Denial-of-Service Attacks

by Gabriella Fiore, Ph.D. (University of L’Aquila), Rome, 10th November 2015, 9.30 h

Venue: University Campus Bio-Medico of Rome, Italy

Cyber-Physical Systems (CPSs) are systems found in a wide range of application fields such as power grids, smart buildings, transportation systems and unmanned vehicle systems. CPSs integrate physical processes, computational resources and communication capabilities. The feedback loop between the physical and the computational world through a (wireless) communication network increases the intrinsic properties of something resulting in susceptibility to a risk source that can lead to an event with a consequence
[Click for more information]
vulnerability
of the entire system to failures or to malicious and intentional attacks by an external attacker.

In this talk a novel methodology is presented to estimate the state of the CPS when measurements and measure that is modifying risk
[Click for more information]
control
inputs are corrupted by sparse attacks based on compressed sensing and error correction techniques.

Specifically, conditions are given for the system to be resilient against packet losses and adversarial attacks (e.g., DoS), characterizing the maximum number of corrupted signals that can be tolerated in order to perfectly recover the true system state.

The methodology was demonstrated with respect to a A scenario consists of a CI model, the initial states of all components and the scenario behaviour that describes the events that happen within the scenario.
[Click for more information]
scenario
where UAVs cooperatively transport a flexible payload.

Flyer download 

For further information please send an email to Gabriele Oliva at g.oliva(at)unicampus.it

To top

CL22: Afhankelijkheden en meer [Dependencies and more]

by Eric Luiijf (TNO), TNO Soesterberg for the Dutch National Network for effect of uncertainty on objectives
[Click for more information]
Risk
Management (NNR), 26th October 2015.

Since about 2007 the NNR, the National Network effect of uncertainty on objectives
[Click for more information]
Risk
Management, operates. In September 2012 the informal network has been turned into an association. Various organizations already operate in the field of effect of uncertainty on objectives
[Click for more information]
risk
management and related areas such as security. NNR functions as an umbrella organisation. Although professorial chairs have been set up, journals, and several trade unions exist, effect of uncertainty on objectives
[Click for more information]
risk
management as a discipline is still not sharp profiled and the attention to effect of uncertainty on objectives
[Click for more information]
risk
management is not yet sufficiently anchored in the top of many companies. It therefore seems appropriate to promote contacts between science, government and industry. The NNR organizes 5 to 6 times a year a meeting with speakers from outside and / or from their own circle.

CL21: Cyber Security Aspects of Critical Infrastructures Protection

by Rafal Kozik, PhD Eng (University of Science and Technology, UTP, Bydgoszcz, Poland), 26th October 2015, 13:00

Venue: Sir Alwyn Williams Building (Level 5), School of Computing, University of Glasgow

Abstract: As our world becomes more and more connected via open networks with the cyberspace, many new challenges arise. Therefore, there is a significant effort focused on national critical infrastructures evaluation, simulations and threats analysis. In this presentation current situation and challenges related to cyber security of Critical Infrastructures (CI) are discussed. Presented study shows that cyber-related threats should be concerned as important factor incorporated into strategic analysis of infrastructure disruptions, consequences evaluation, and assessment of systems dependencies.

The lecture covered the following topics:

Flyer download

 

To top

CL20: Stepwise Cloud Migration

by Bernhard Hämmerli at CRITIS 2015, Berlin, Germany, 7th October 2015

Abstract

Cloud Computing creates in any infrastructure operator bad feelings. Operators don’t want the infrastructure and think this is a significant loss of measure that is modifying risk
[Click for more information]
control
. However, when looking in more detail we realize that the facts contradict our feelings: The workforce of Cloud Services is better educated, has often 24by7 security and reaction, has more and quicker option to reconfigure and has often fewer outages. An in-depth analysis discloses a fine grade change of bought and completely self-operated infrastructure towards growing cloud inclusion. An easy to understand example is malware protection: Even when we own the software, unless daily updates from the cloud with newest script files and signature we will not be secure anymore. And it shows perfectly, how the inclusion of the cloud takes place stepwise. The big picture of Cloud Migration: Usually it starts with hybrid solution, where on-premises and cloud are both operating and delivering its part to the overall solution. The seven steps towards cloud migration are.

1.     Know you asset (inventory)
This includes knowing your architecture, the Connections describe links between different components in a CI model.
[Click for more information]
connection
between systems, the mutual impacts etc.

2.     Know your data, including measure that is modifying risk
[Click for more information]
control
data

3.     effect of uncertainty on objectives
[Click for more information]
Risk
Analysis
starts by classifying the data and deciding which data are suitable for the cloud. effect of uncertainty on objectives
[Click for more information]
Risk
is assessed by evaluation how much it would cost, if the data are completely lost or leaked through the cloud. Thereby different data categories such as direct personal and other very sensitive data and general data must be distinguished.

4.     Vendor Contracting Within this stage prior findings on specification and requirements should be presented to the vendors. In following discussions the vendors should have the chance to formulate “how he can support the customer” and to explain “how customers benefit from experience and support for presented top management”.
Security requirements must be clearly communicated up front.

5.     Commissioning and performance acceptance test should be defined up front. A good approach is running each service up front as internal IT process, fully managed and successfully practiced. Afterwards specific services are outsourced successfully. Note: In the discussion the following statement was made: “There is a significant difference between outsourcing and cloud services, with the former being less anonymous than the latter.”

6.     Communication with top management Conclusion: Consolidate all prior findings and present them to top management. Be concise and well prepared when presenting security and compliance dimension and free of preferences: good attitude is defining the challenges and offering solutions including price tag and personnel effort.

7.     Compliance Analysis is usually performed by IT in cooperation with legal, audit and other internal or external parties. The compliance team’s tasks include compliance of all issue-relevant state regulations, business branch authority compliance rules and other stakeholder’s demands such as business partners etc.

If following this path, we recommend to consider the following three issues:
Data classification, IT Architecture Integration and a sound level of organizational maturity.

CL19: Railway Infrastructure Security

Rome, 4th June 2015, at 15.00 h

Venue: University Campus Bio-Medico of Rome (Italy) and web at https://connect.portici.enea.it/unicampus/

The security of railway mass transportation systems represents today a challenge, given their complexity and peculiarities, both from technological and logistic points of view. However, it is mandatory to increase the protection of those systems due to the current sociopolitical A scenario consists of a CI model, the initial states of all components and the scenario behaviour that describes the events that happen within the scenario.
[Click for more information]
scenario
and the centrality of Italy in the year of EXPO 2015.

In collaboration with national and international experts, this lecture aims to highlight the main risks and the most modern solutions used for the protection of railway systems.

Flyer download

For further information please send an email to m.demaggio(at)unicampus.it

To top

CL18: Selected aspects of Critical Infrastructures cybersecurity

by Rafal Kozik, PhD Eng and prof UTP Michal Choras, DSc, Phd Eng. (University of Science and Technology, UTP, Bydgoszcz, Poland), 21st May 2015, at 10.15 h

Venue: Technical University Poznan (PP), Poznan, Poland, Piotrowo 3a, room 16.

Topics covered at the lecture include:

Flyer download

CL17: Innovative Cybersecurity methods for Next Generation Infrastructures

by Wojciech Mazurczyk, DSc, PhD Eng (Warsaw University of Technology, Poland), 7th May 2015, at 10.15 h

Venue: University of Science and Technology (UTP), Bydgoszcz, Poland, building 2.1 at Kaliskiego 7 street, room 39.

Topics covered at the lecture include:

  • Current threats and trends in cybersecurity,
  • New malware trend: utilization of information hiding techniques for improved stealthiness,
  • Bio-inspiration as an innovative approach for cybersecurity.

Flyer download

To top

CL16: Optimal Security Investments for Critical Infrastructure Systems

by Dr Maria Paola Scaparra, Rome, 26th March 2015, 15.00 h

Venue: University Campus Bio-Medico of Rome (Italy) and web at https://connect.portici.enea.it/unicampus/

A crucial issue in today's distribution, supply and emergency response systems is to guarantee continuity and efficiency in service provision in the face of a variety of potential disruptions. Planning against possible disruptive acts of nature or sabotage is an enormous financial and logistical challenge, especially if one considers the scale and complexity of today's infrastructure systems. Since it is generally impractical to secure all assets, it is important to optimize the protection of key system components.  Protection investment problems against worst-case losses are typically formulated as bi-level or tri-level optimization problems. This lecture presents some recent optimization models for identifying efficient investments in protection and security measures for distribution and transportation systems. These models incorporate a variety of different issues such as:  capacity restrictions; correlation of disruptive events and disaster propagation effects; dynamic investments; different objectives (demand coverage, cost, travel time, passenger flow); stochastic aspects (e.g., extent of the disruptions); and resiliency aspects (e.g., recovery times of the disrupted components and disruption frequency). Efficient solution methodologies for solving these complex models was briefly discussed. 

The remote participation via web is possible at https://connect.portici.enea.it/unicampus/

Flyer download (room update 19.3.2015)

For further information please send an email to m.demaggio(at)unicampus.it

CL15: Modeling IT networks with Riverbed Modeler

Bydgoszcz, 12th March 2015 (Thursday), at 11:00 h MET

Venue: University of Technology Poland, Bydgoszcz, building 2.4 at Kaliskiego 7 street, room 110, RCI Labs

The CIPRNet training lecture (Hands-On) about "Modelling IT networks with Riverbed Modeller" was held in form of a workshop. During practical hands-on labs participants had an opportunity to learn how Riverbed Modeller solution could be used for planning, Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
and analysing of critical IT network infrastructure.

Topics covered by the workshop include:

Flyer download

To top

CL14: Optimal device placement in wireless sensor networks

by Dr Claudio Sterle, Rome, 13th February 2015, (Lecture part I, 11.00 h)

Venue: University Campus Bio-Medico of Rome (Italy) and web at https://connect.portici.enea.it/unicampus/

The problem of covering, monitoring and/or controlling a region of interest by wireless sensor networks (WSN) has been widely treated in literature. The presentation resumes the main ILP optimization models, providing also a discussion on some straight extensions and variants which allow to take into account the specific features of the sensors, related monitoring tasks and strategic decisions in WSN design.

Remote participation via web was possible,

Flyer download

CL13: A unified approach for 2D and 3D coverage problems in omni-directional and directional sensor networks

by Prof Dr Antonio Sforza, Rome, 13th February 2015, (Lecture part II, after 11.00 h)

Venue: University Campus Bio-Medico of Rome (Italy) and web at https://connect.portici.enea.it/unicampus/

The presentation proposes a unified and stepwise solving approach for two and three dimensional coverage problems to be used in omni-directional and directional sensor networks, schematizing the region of interest and the sensor potential locations by a 2D or 3D grid of points, and representing the sensor coverage area by a circle or by a circle sector. The built See conceptual model
[Click for more information]
model
constitutes the optimization module of a smart tool for the protection of a railway infrastructure protection, developed for the European project METRIP. The presentation concludes with an application of the proposed approach to a real test case and a discussion of the obtained results.

The remote participation via web is possible at https://connect.portici.enea.it/unicampus/

Flyer download

For further information please send an email to m.demaggio(at)unicampus.it 

To top

CL12: Methods for increasing protection and resilience of critical infrastructures

Polish title: Działania w zakresie ochrony i zwiększenia niezawodności infrastruktury krytycznej

by Prof Michal Choras, DSc, Phd Eng. (UTP),  22nd January 2015, 10:00 am

Venue: s. 39, UTP Bydgoszcz (Lecture part I)

This CIPRNet training lecture contains information about threats to critical infrastructures and methods for See critical infrastructure
[Click for more information]
CI
protection and resilience. Among the presented methods, the CIPRNet solutions such as Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
and See computer simulation.
[Click for more information]
simulation
, decision support services, what-if analysis etc. were described.

Flyer download

CL11: Selected aspects of cybersecurity of critical infrastructures

Polish title: Aspekty bezpieczeństwa cybernetycznego infrastruktur krytycznych

by Dr Rafal Kozik (UTP), 22nd January, 2015, 10:30 am

Venue: s. 39, UTP Bydgoszcz (Lecture part II)

Nowadays, cyber threats are considered as a serious danger to critical infrastructures. Therefore, this CIPRNet training lecture contains information about solutions and methods to detect cyber attacks and increase the resilience of Information and Communication Technologies
[Click for more information]
ICT
part of critical infrastructures.

Flyer download

To top

CL10: Dynamic Functional Modelling of vulnerability and interdependencies of Critical Infrastructures (DMCI)

by Prof. Paolo Trucco, Rome, 20th January 2015, 10.30 h

Venue: ENEA, Rome (Italy) and web (http://webtv.enea.it/livestreaming)

DMCI proved to be suitable for the analysis of heterogeneous infrastructure systems, dynamic dependencies between energy and transport services. A web-based software tool has been developed to implement DMCI, where both the instantiation of See critical infrastructure
[Click for more information]
CI
nodes and the results of simulations are graphically supported by a Geographical Information System
[Click for more information]
GIS
map. According to Ouyang’s literature review on different approaches to Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
and See computer simulation.
[Click for more information]
simulation
of interdependent The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]
critical infrastructure
systems, DMCI belongs to the group of network based approaches, those with the best capabilities to support resilience analysis of interdependent See critical infrastructure
[Click for more information]
CI
. DMCI has been used to See conceptual model
[Click for more information]
model
the regional infrastructure system and support preparedness activities under the Lombardy Government’s Programme on See critical infrastructure protection
[Click for more information]
CIP
.

Flyer download

CL9: Crisis management (edition 2)

by Dr. Rafal Renk (UTP) 15th January 2014. 

This CIPRNet training lecture is a part of the broader course on crisis management at special MBA studies. The course covers the following aspects: introduction to crisis management (functions, phases), crisis management in Poland, analysis of selected cases,  critical infrastructure (including EU projects results), selected technical aspects (like communication, Geographical Information System
[Click for more information]
GIS
systems, IT solutions), social media in crisis management and See computer simulation.
[Click for more information]
simulation
and  modelling. 

The CIPRNet training lecture also contains information about critical infrastructures protection and resilience, cyber protection of  CI, CIPRNet project and CIPRNet Decision Support System
[Click for more information]
DSS
services.

This lecture is a 2nd edition of CIPRNet lecture 3.

To top

CL8: Power grids, smart grids and complex networks

by Dr Antonio Scala, Rome, 3rd December 2014, h15.00

Venue: University Campus Bio-Medico of Rome (Italy) and web at https://connect.portici.enea.it/unicampus/

The objective of the lecture is to present some possible Complex Networks approaches to study and understand Power Grids and to improve them into Smart Grids. We first sketch the general properties of the Electric System with an attention to the effects of Distributed Generation.

We then analyse the effects of renewable power sources on Voltage Controllability. Afterwards, we study the impact of electric line overloads on the nature of Blackouts. Finally, we discuss the possibility of implementing Self Healing capabilities into Power Grids through the use of Routing Protocols.

The remote participation via web is possible at https://connect.portici.enea.it/unicampus/

For further information please send an email to m.demaggio(at)unicampus.it

CL7: System of Systems Simulation in a Cooperative Multinational Environment

by Prof. José Martí (UBC) at CRITIS 2014, Limassol, Cyprus, 13th October 2014. 

Interdependencies among Critical Infrastructures play a major role in understanding the complex physical, economic, and social systems that constitute the fabric of modern societies. Aristotle’s principle of causality is not enough to understand the karmic effects of actions and consequences. Feedback loops are needed to complete the cycle of interactions. The CIPRNet effort and other efforts seek to integrate multiple Critical Infrastructures (electricity, water, communications, and others) from the perspective of understanding their interactions and coordinating their responses across jurisdictions and national borders. This presentation addressed the development of a system of systems simulator capable of linking multiple agents in a cooperative environment to best optimise common objectives. The lecture is structured in the following four parts; a) World Models, b) MATE and i2Sim System of Systems See computer simulation.
[Click for more information]
Simulation
, c) Federated See computer simulation.
[Click for more information]
Simulation
(DR-NEP & DIESIS) and d) Sample Scenarios. 

To top

CL6: Modelling complex systems

by Prof. Roberto Setola (UCBM) at Information Engineering School of the University of Malaga, Malaga (Spain), 18th June 2014. 

A cornerstone concept in many initiatives, such as scientific, technological and public initiatives about critical infrastructures (CI), is the one of ‘interdependency’, assumed as one of the most relevant and innovative elements to be considered in order to define effective management and protection plans. This talk illustrates such phenomena, its causes and some Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
approaches in the line towards developing solutions able to improve the resilience and robustness of See critical infrastructure
[Click for more information]
CI
.

CL5: Modelling interdependency in tightly coupled critical infrastructures

by Dr. Gabriele Oliva (UCBM) at University of Cyprus, 7th May 2014. 

The protection of the national infrastructures (e.g. energy grids, transportation networks, telecommunications systems, etc.), is one of the main issues for national and international security. Dr. Gabriele Oliva gave an overview of the techniques used to See conceptual model
[Click for more information]
model
interdependency and to assess the more vulnerable and more influential ones in the protection of critical infrastructures contest. Furthermore, it was shown how to cope with the lack of adequate quantitative data by resorting to a codification of the experience of stakeholders and infrastructure experts by means of the fuzzy formalism.

To top

CL4: Crisis management

by Dr. Rafal Renk (UTP) at Gniezno, University of Adam Mickiewicz, 9th April 2014. 

This CIPRNet training lecture was a part of the broader course on crisis management at special MBA studies. The course covers the following aspects: introduction to crisis management (functions, phases), crisis management in Poland, analysis of selected cases (e.g. train accident near Szcze-kociny, Sandy hurricane), The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]
critical infrastructure
(including EU projects results), selected technical aspects (like communication, Geographical Information System
[Click for more information]
GIS
systems, IT solutions), social media in crisis management and See computer simulation.
[Click for more information]
simulation
and See conceptual model
[Click for more information]
model
-ling. The CIPRNet training lecture contained information about critical infrastructures protection and resilience, cyber protection of See critical infrastructure
[Click for more information]
CI
, CIPRNet project and CIPRNet Decision Support System
[Click for more information]
DSS
services.

CL3: Recent advances in CIP research and policy support to EPCIP

by Dr. Georgios Giannopoulos (JRC) at University Campus Bio-Medico of Rome, 18th March 2014. 

Dr. Giannopoulos presented a comprehensive overview of the recent advances in See critical infrastructure protection
[Click for more information]
CIP
policy at EU level and the impact on research development in the domain of Critical Infrastructures. In addition he presented the challenges of translating policy needs to scientific research and how this has taken place in JRC. Finally he provided a thorough presentation at technical level on the tools and methodologies that have been developed or are under development in JRC in order to improve the security of Critical Infrastructures against all hazards. The seminar also included interdependencies assessment tools, fault detection techniques and in general tools that help towards improving situational awareness of critical infrastructures. 

To top

CL2: Modellierung, Simulation und Analyse für den Schutz Kritischer Infrastrukturen

English title: Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
Modelling
, See computer simulation.
[Click for more information]
Simulation
and Analysis for The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]
Critical Infrastructure
Protection

by Erich Rome (Fraunhofer) at BAKS, Berlin, 24th September 2013. 

An event describes what happens to a component in the CI model if a condition is fulfilled, e.g. the tripping of a transmission line at a certain time.
[Click for more information]
Event
: Seminar Staatliche Sicherheitsvorsorge – Audience: Public stakeholders

The lecture covered basic topics like general approaches to modelling, See computer simulation.
[Click for more information]
simulation
and analysis (MS&A) for The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]
Critical Infrastructure
Protection (CIP). It tried to give answers to fundamental questions like: What types of data are required for this task? What can computer-based MS&A do and what not? What would be the potential benefit of this type of See computer simulation.
[Click for more information]
simulation
and analysis for civil protection and for crisis and emergency management? What is the state of the art in See critical infrastructure protection
[Click for more information]
CIP
research and its transfer into application? How could sustained support from the See critical infrastructure protection
[Click for more information]
CIP
research communities be realised?

CL1: Interdependency Modelling

by Prof. Roberto Setola (UCBM) at University of Cyprus, 20th September 2013. 

In the last years we observed a significant development of scientific, technological and public initiatives about Critical Infrastructures (CI) and their protection. A cornerstone concept in many of these initiatives is the one of ‘Interdependency’, assumed as one of the most relevant and innovative elements to be considered in order to define effective management and protection plans. The talk illustrates such phenomena, their causes and some Modelling denotes the action of designing and creating a conceptual model or a computational model or a CI model or a computer simulation. Other synonyms may apply as well.
[Click for more information]
modelling
approaches in the line of developed solutions able to improve resilience and robustness of See critical infrastructure
[Click for more information]
CI
.

To top