Critical Infrastructure Preparedness and Resilience Research Network


< | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z 
References per page:


Giovinazzi, Sonia, Di Pietro, Antonio, Mei, Matteo, Pollino, Maurizio and Rosato, Vittorio
Protection of Critical Infrastructure in the event of Earthquakes: CIPCast-ES
Associazione Nazionale Italiiana Di Ingegneria Sismica Volume XVII , page p. 9.
Pistoia, Italy

Keywords: Seismic risk and vulnerability, Critical infrastructures, Determistic scenarios, Decision Support Systems DSS, Physical damage and Functional impacts

Abstract: This paper presents a novel decision support system for the assessment and mitigation of seismic risk for Critical Infrastructures (CI). The tool, named CIPCast-ES, was developed by ENEA in the framework of the EU-funded CIPRNet project. CIPCast-ES provides a user-friendly geographical interface for querying and analysing data, producing and evaluating scenarios, through the deterministic assessment of the expected physical damage to CI components and the induced impacts for both real and simulated seismic events. A novel contribution introduced in CIPCast-ES, compared to similar simulation platforms, is the integration, in a unique framework, of: (i) real-time acquisition of earthquake events (source: INGV); (ii) seismic fragility assessment of the different components for the different CI systems considered; (iii) estimation of damage and impact scenarios; (iv) estimation of restoration times for CI services and informed support for an optimal allocation of resources. The paper presents the data model that was specifically designed to account for topological and system performance properties and the adopted metrics used to assess CI seismic vulnerability, damage and service impacts. An implementation of CIPCast-ES related to a seismic event in Central Italy affecting the inhabited area of Rome and its Distribution Electric Power Network is presented and discussed in the paper

Note: Associazione Nazionale Italiiana Di Ingegneria Sismica


Stergiopoulos, George, Kotzanikolaou, Panayiotis, Theocharidou, Marianthi, Lykou, Georgia and Gritzalis, Dimitris
Time-based critical infrastructure dependency analysis for large-scale and cross-sectoral failures
International Journal of Critical Infrastructure Protection, 12:46 - 60
ISSN: 1874-5482

Keywords: Critical infrastructures; Cascading failures; Dependency risk graphs; Time analysis; Resilience; Fuzzy logic

Abstract: Abstract Dependency analysis of critical infrastructures is a computationally intensive problem when dealing with large-scale, cross-sectoral, cascading and common-cause failures. The problem intensifies when attempting a dynamic, time-based dependency analysis. This paper extends a previous graph-based risk analysis methodology to dynamically assess the evolution of cascading failures over time. Various growth models are employed to capture slow, linear and rapidly evolving effects, but instead of using static projections, the evolution of each dependency is "objectified" by a fuzzy system that also considers the effects of nearby dependencies. To achieve this, the impact (and, eventually, risk) of each dependency is quantified on the time axis into a form of many-valued logic. In addition, the methodology is extended to analyze major failures triggered by concurrent common-cause cascading events. A critical infrastructure dependency analysis tool, CIDA, that implements the extended risk-based methodology is described. CIDA is designed to assist decision makers in proactively analyzing dynamic and complex dependency risk paths in two ways: (i) identifying potentially underestimated low risk dependencies and reclassifying them to a higher risk category before they are realized; and (ii) simulating the effectiveness of alternative mitigation controls with different reaction times. Thus, the CIDA tool can be used to evaluate alternative defense strategies for complex, large-scale and multi-sectoral dependency scenarios and to assess their resilience in a cost-effective manner.


Luiijf, E.
Cyber (In-)security of Industrial Control Systems: A Societal Challenge
In F. Koornneef and C. van Gulijk, editor, Computer Safety, Reliability, and Security: 34th International Conference, SAFECOMP2015, Delft, The Netherlands, September 23-25, 2015 Proceedings of LNCS , page 7-15.
Publisher: Springer,
September 2015
Luiijf, E.
Building Public Private Cooperation in Cyber Security
The CIP Report, 14(8):11-12
May 2015
Luiijf, E., Theocharidou, M. and Rome, E.
CIPedia©: A Critical Infrastructure Protection and Resilience Resource
The CIP Report, 14(8):3-5
May 2015
Luiijf, Eric and Jan te Paske, Bert
Cyber Security of Industrial Control Systems
The Hague, The Netherlands
March 2015

Keywords: SCADA, ICS, security

Luiijf, Eric and Kernkamp, Allard
Sharing Cyber Security Information
Publisher: TNO, The Hague, The Netherlands
March 2015

Keywords: Information Sharing,cyber security

Kozik, Rafal, Choras, Michal, Flizikowski, Adam, Theocharidou, Marianthi, Rosato, Vittorio and Rome, Erich
Advanced services for critical infrastructures protection
Journal of Ambient Intelligence and Humanized Computing, :1-13
ISSN: 1868-5137

Keywords: Critical infrastructure protection; CIPRNet project; Decision support; Services; Modelling and simulation

Krishna, V.B., Iyer, R.K. and Sanders, W.H.
ARIMA-Based Modeling and Validation of Consumption Readings in Power Grids
10th Int. Conf. on Critical Information Infrastructure Security (CRITIS 2015),

Keywords: smart, meter, anomaly, attack, detection, auto, regressive, moving, average, integrated, electricity, theft, cyber-physical, ARIMA, ARMA, forecasting, critical, infrastructure, security, measurements

Abstract: Smart meters are increasingly being deployed to measure electricity consumption of residential as well as non-residential consumers. The readings reported by these meters form a time series, which is stored at electric utility servers for billing purposes. Invalid readings may be reported because of malicious compromise of the smart meters themselves, or of the network infrastructure that supports their communications. Although many of these meters come equipped with encrypted communications, they may potentially be vulnerable to cyber intrusions. Therefore, there is a need for an additional layer of validation to detect these intrusion attempts. In this paper, we make three contributions. First, we show that the ARMA model proposed in the anomaly detection literature is unsuitable for electricity consumption as most consumers exhibit non-stationary consumption behavior. We use automated model fitting methods from the literature to show that first-order differencing of these non-stationary readings makes them weakly stationary. Thus, we propose the use of ARIMA forecasting methods for validating consumption readings. Second, we evaluate the effectiveness of ARIMA forecasting in the context of a specific attack model, where smart meter readings are modifed to steal electricity. Third, we propose additional checks on mean and variance that can mitigate the total amount of electricity that can be stolen by an attacker by 77:46%. Our evaluation is based on a real, open dataset of readings obtained from 450 consumer meters.

Note: Winning artcle od the 2015 CIPRNet Young CRITIS Award (CYCA)

Luiijf, Eric and Klaver, Marieke
Symposium on Critical Infrastructures: Risk, Responsibility and Liability - Governing Critical ICT: Elements that Require Attention
European Journal of Risk Regulation, 6(2):263 - 270
ISBN: 1867-299X

Abstract: With respect to critical information and communication technologies (ICT), nations most often declare their national critical infrastructure to include telecommunication services and in some cases critical services offered by key Internet Service Providers (ISP). This paper debates whether nations, their policy-makers, legislation and regulation largely overlook and fail to properly govern the full set of ICT elements and services critical to the functioning of their nation. The related societal and economical risk, however, needs to be closely mitigated, managed and governed. Legal and regulatory obligations to increase the ICT resilience may sometimes encourage this process.

Previous | 1, 2, 3, 4, 5, 6, ... , 23 | Next
Export as: