SlideShare a Scribd company logo

CloudCERT and SCADALAB projects overview

J
JMBALBOA

The document summarizes two European projects - SCADALAB and CLOUDCERT. SCADALAB aims to create a SCADA laboratory and test bed service for assessing the security of critical infrastructure. It will develop a testing methodology, design laboratory and test bed architectures, and establish a workflow for security assessments. CLOUDCERT aims to create a collaborative platform for critical infrastructure operators, authorities, and CERTs to exchange security-related information and handle incidents. The platform will provide services, shared and private repositories, and allow content propagation across a growing European network of participating organizations.

Technology
1 of 25
With the financial support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme. European Commission - Directorate-General Justice, Freedom and Security 8th CERT workshop - Part I CLOUDCERT and SCADALAB projects presentation Speaker: Enrique Redondo – INTECO (Spain)
AGENDA Agenda 1) INTECO 2) SCADALAB project  Introduction  Main purpose  Main activities 3) CLOUDCERT project  Introduction.  Main Objectives.  European Dimension and Project Roadmap  Project Work packages and status. Contact information 2
INTECO The National Institute of Communication Technologies (INTECO) ●León
INTECO: Brief introduction Who is INTECO?  Provision of services, research and coordination.  Participation in several European projects (ASASEC, ACDC, CloudCERT, SCADALAB, etc.)  INTECO-CERT. Preventive and reactive services:. Citizens + Entities (+ CCII ) (CCII with CNPIC).  Cyber security centre at the national level. (NCP ICT PSP) Membership
INTECO: Other projects beneficiaries (I) Participants  Leaded by INTECO.  9 members in total.  Leaded by INTECO.  6 members in total.
INTECO: Other projects beneficiaries (II) Participants description AEI Seguridad  Non-profit organization in a form of association which main objective is to improve the international competitiveness of the Spanish companies.  Role: Analyze current methodologies and to participate in the design of the laboratory architecture.  Organism in charge of promoting, coordinating and supervising all critical infrastructure protection (CIP).  Role: Advice in any activity under taken.  Role: User in the information model definition, experimentation and pilot activities.CNPIC
INTECO: Other projects beneficiaries (III) Europe for Business  European Consulting company specialized in the identification of relevant European Union grant opportunities for European organisations.  Role: Lead training and awareness tasks.  Role: Lead dissemination tasks.  As part of the EVERIS group, is a multi-national consulting company.  Role: Lead dissemination tasks. EVERIS Consultancy Ltd Participants description
INTECO: Other projects beneficiaries (IV) ICSA  Foundation whose tasks are to deal in innovative ways with security, defence and intelligence issues.  Role: Lead the assessment of the test bed tool.  Global technology, innovation and talent company.  Role: Lead analysis and design package with the help of INTECO. INDRA Sistemas Participants description
INTECO: Other projects beneficiaries (V) TELVENT ENERGY  IT and industrial automation company specialized in SCADA and IT systems for energy utility. It has been acquired by the Schneider Electric group.  Role: Co lead the building of the lab and they lead the laboratory implementation.  Part of Schneider Electric, is an international company dedicated to improve efficiency, safety, and security.  Role: Co lead the building of the laboratory and lead the package of results sharing. TELVENT GLOBAL SERVICES Participants description
INTECO: Other projects beneficiaries (VI) Theodore Puskás Foundation  Foundation supervised and founded by Hungary government.  Role: Participation in methodology, sharing results, training and awareness.  Company specialized in research, training and advising on cyber-security and cyber-intelligence issues.  Role: Leads the design of the methodology and participates in pilot implementation, training and awareness.  Role: Provide requirements for the system concept, and definition of the security framework. ZANASI SrL Participants description
SCADALAB PROJECT SCADA LAB Project
IT Systems ICS SCADALAB PROJECT: Introduction • is at mature stage • importance C(50%) I(30%), A(20%) • patches are released regularly Cyber security • At a very early stage • Importance C(5%) I(35%), A(60%) • patches are released quite slow Cyber security • ISO standards • International regulations • Well known methodologies Standards, regulations and methodologies • Local standards • Local regulations • No well known methodologies Standards, regulations and methodologies • Standard architectures / protocols • Proprietary/unknown components are present to a certain extent Architecture and protocols • No standardized architectures / protocols • Proprietary components Architecture and protocols Comparing ICS and IT Systems
SCADALAB PROJECT: Main purpose Purpose of the project SCADA LAB Test Beds Area Test bed 1 Test bed 2 … Laboratory Area Test Plan 1 Test Plan 2 Test Plan N SCADALAB: SCADA Laboratory and Test bed as a service for critical infrastructure protection.  LAB: Framework to manage assessment plans and from where the tests will be carried out.  TEST BED: Target of Evaluation.
SCADALAB PROJECT: Main activities (I) Definition of testing methodology STARTING POINTS 1. ICS Base architecture. 2. Test bed and laboratory area requirements 3. Analysis of existing methodologies 4. Type of security assessment 5. Approach of the test inventory 1 PLANNING a) ORGANIZATIONAL LEVEL ASSESSMENT a) SET THE LAB b) EXECUTION REPORTING a) CALCULATION OF THE METRICS b) REPORT OF FINDINGS b) OPERATIONAL LEVEL c) TECHNICAL LEVEL Phases Activities 2 3
SCADALAB PROJECT: Main activities (II) Design of the laboratory architecture LABORATORYAREA
SCADALAB PROJECT: Main activities (III) Design of the test bed architecture TEST BED AREA
SCADALAB PROJECT: Main activities (IV) Workflow of the security assessment SCADALAB FRONTEND SCADALAB TESTING AGENT SCADALAB SERVER SCADALAB WORKSTATION TESTBED RESULTS
CLOUDCERT PROJECT CLOUD Cert Project
 If you are a CERT. CLOUDCERT PROJECT: Brief introduction Can be CLOUDCERT interesting for you? You can use this platform to handle with Critical Infrastructure incidents and share information.  If you have to interact with National Authorities for CIP. Depending on its national competencies you can assign within the platform the most proper role: Coordination, supervision, participation, etc.  If your constituency includes Critical infrastructure operators. You can get a customize platform to provide services and tools for your CIP constituency (forum, wiki, etc).
CLOUDCERT PROJECT: Main objectives (I) Transport Nuclear Energy Space TIC Water Financial Chem Research FoodHealth Admin CIP Authority CERTCERT  CIP Actors.  CIP Information Exchange:  Security contents (such as Vulnerabilities, News, Notes, Advisories, etc.)  Workflows trough services such as forums, wikis, etc.  Cloud Paradigm. Content exchange in a collaborative model.  Web Access.  Secured API.  Extensible services catalog. Can be CLOUDCERT interesting for you?
CLOUDCERT PROJECT: Main objectives (II) Workflow of the platform Entity TransportEntity Financial Entity Energy CloudCERT User Console Services Contents Private repository Supervisor CIP Authority CERT CloudCERT Admin Console Configuration Management Registration Admin Moderation Moderator Moderation Shared Repository Content Propagation Admin Permissions Users Contents Private repository Contents Private repository Public Web site PublicationAPI
CLOUDCERT PROJECT: European Dimension and Project Roadmap (I) Long Term Roadmap CLOUDCERT Platform. CNPIC INTECO CERT CERT Hungary National CloudCERT. CLOUDCERT. CNPIC … CERT1 … CERT2 … Org1 Org2 Org1 Org2 Org1 Org2 National CloudCERT Network. National CloudCERT. CLOUDCERT. European CloudCERT Network. National CloudCERT Network. National CloudCERT. CLOUDCERT. European CloudCERT National CloudCERTs Network National CloudCERT CloudCERT Platform 2 years
SNAPSHOTS CLOUDCERT CLOUDCERT PROJECT: European Dimension and Project Roadmap (II)
With the financial support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme. European Commission - Directorate-General Justice, Freedom and Security Thank you!
CONTACTS Web: http://scadalab.eu Email: info@scadalab.eu Web: http://cloudcert.european-project.eu Email: info@cloudcert.european-project.eu For further information, Collaboration, Experimentation. Issues / Questions / Discussion.

Recommended

CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...
CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...
CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...TI Safe
 
ICN in the IRTF and IETF
ICN in the IRTF and IETFICN in the IRTF and IETF
ICN in the IRTF and IETFDirk Kutscher
 
“Federated Edge Computing System Architectures,” a Presentation from Intel
“Federated Edge Computing System Architectures,” a Presentation from Intel“Federated Edge Computing System Architectures,” a Presentation from Intel
“Federated Edge Computing System Architectures,” a Presentation from IntelEdge AI and Vision Alliance
 
IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...
IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...
IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...MicheleNati
 
Towards universitas indonesia_next_generation_firewall_service
Towards universitas indonesia_next_generation_firewall_serviceTowards universitas indonesia_next_generation_firewall_service
Towards universitas indonesia_next_generation_firewall_serviceTonny Adhi Sabastian
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eumanelmedina
 
Rin armenia icin 2020
Rin armenia icin 2020Rin armenia icin 2020
Rin armenia icin 2020Eduard Grasa
 
ITU-T Study Group 17 Introduction
ITU-T Study Group 17 IntroductionITU-T Study Group 17 Introduction
ITU-T Study Group 17 IntroductionITU
 

Recommended

CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...
CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...
CLASS 2018 - Palestra de Luis Salomão Carvalho (Tenente Coronel - Defesa Naci...TI Safe
 
ICN in the IRTF and IETF
ICN in the IRTF and IETFICN in the IRTF and IETF
ICN in the IRTF and IETFDirk Kutscher
 
“Federated Edge Computing System Architectures,” a Presentation from Intel
“Federated Edge Computing System Architectures,” a Presentation from Intel“Federated Edge Computing System Architectures,” a Presentation from Intel
“Federated Edge Computing System Architectures,” a Presentation from IntelEdge AI and Vision Alliance
 
IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...
IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...
IoTMeetupGuildford#19: Michele Nati, Boosting IoT interoperability, F-Interop...MicheleNati
 
Towards universitas indonesia_next_generation_firewall_service
Towards universitas indonesia_next_generation_firewall_serviceTowards universitas indonesia_next_generation_firewall_service
Towards universitas indonesia_next_generation_firewall_serviceTonny Adhi Sabastian
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eumanelmedina
 
Rin armenia icin 2020
Rin armenia icin 2020Rin armenia icin 2020
Rin armenia icin 2020Eduard Grasa
 
ITU-T Study Group 17 Introduction
ITU-T Study Group 17 IntroductionITU-T Study Group 17 Introduction
ITU-T Study Group 17 IntroductionITU
 
Edge Computing Standardisation and Initiatives
Edge Computing Standardisation and InitiativesEdge Computing Standardisation and Initiatives
Edge Computing Standardisation and InitiativesAxel Rennoch
 
Internet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_finalInternet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_finalAnastasios Economides
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiativekantarainitiative
 
Aditess ltd a Cyprus start up
Aditess ltd a Cyprus start up Aditess ltd a Cyprus start up
Aditess ltd a Cyprus start up NIKOLAOS KOUTRAS
 
2018.11 eclipse overview (japan meeting)
2018.11 eclipse overview (japan meeting)2018.11 eclipse overview (japan meeting)
2018.11 eclipse overview (japan meeting)Mike Milinkovich
 
Trends on Data Graphs & Security for the Internet of Things
Trends on Data Graphs & Security for the Internet of ThingsTrends on Data Graphs & Security for the Internet of Things
Trends on Data Graphs & Security for the Internet of ThingsGhislain Atemezing
 
Testing Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingTesting Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingAxel Rennoch
 
Main Innovations of the SerIoT project
Main Innovations of the SerIoT project Main Innovations of the SerIoT project
Main Innovations of the SerIoT project SerIoT project
 
Eyes of things
Eyes of thingsEyes of things
Eyes of thingsEyes of Things
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summitElsa Prieto
 
Experiences of an Irish Researcher in FP6
Experiences of an Irish Researcher in FP6Experiences of an Irish Researcher in FP6
Experiences of an Irish Researcher in FP6Miguel Ponce de Leon @ TSSG / Waterford Institute of Technology
 
European Open Science Cloud: Concept, status and opportunities
European Open Science Cloud: Concept, status and opportunitiesEuropean Open Science Cloud: Concept, status and opportunities
European Open Science Cloud: Concept, status and opportunitiesEOSC-hub project
 
About Infracritical
About InfracriticalAbout Infracritical
About Infracriticalinfracritical
 
Fabrice Clari - EC-FIA
Fabrice Clari - EC-FIAFabrice Clari - EC-FIA
Fabrice Clari - EC-FIAStandardization2010
 
IEEE Education Society: Reshaping the Future of Technology
IEEE Education Society: Reshaping the Future of Technology IEEE Education Society: Reshaping the Future of Technology
IEEE Education Society: Reshaping the Future of Technology Manuel Castro
 
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) USKim Holm
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
 
D0.1 V2.0 Project Presentation
D0.1 V2.0 Project PresentationD0.1 V2.0 Project Presentation
D0.1 V2.0 Project Presentationlatifladid
 
EOSC-hub RDA 11 Colocation Presentation
EOSC-hub RDA 11 Colocation PresentationEOSC-hub RDA 11 Colocation Presentation
EOSC-hub RDA 11 Colocation PresentationEOSC-hub project
 
Access Control in ESDIN: Shibboleth
Access Control in ESDIN: ShibbolethAccess Control in ESDIN: Shibboleth
Access Control in ESDIN: ShibbolethEDINA, University of Edinburgh
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 

More Related Content

Similar to CloudCERT and SCADALAB projects overview

Edge Computing Standardisation and Initiatives
Edge Computing Standardisation and InitiativesEdge Computing Standardisation and Initiatives
Edge Computing Standardisation and InitiativesAxel Rennoch
 
Internet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_finalInternet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_finalAnastasios Economides
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiativekantarainitiative
 
Aditess ltd a Cyprus start up
Aditess ltd a Cyprus start up Aditess ltd a Cyprus start up
Aditess ltd a Cyprus start up NIKOLAOS KOUTRAS
 
2018.11 eclipse overview (japan meeting)
2018.11 eclipse overview (japan meeting)2018.11 eclipse overview (japan meeting)
2018.11 eclipse overview (japan meeting)Mike Milinkovich
 
Trends on Data Graphs & Security for the Internet of Things
Trends on Data Graphs & Security for the Internet of ThingsTrends on Data Graphs & Security for the Internet of Things
Trends on Data Graphs & Security for the Internet of ThingsGhislain Atemezing
 
Testing Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingTesting Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingAxel Rennoch
 
Main Innovations of the SerIoT project
Main Innovations of the SerIoT project Main Innovations of the SerIoT project
Main Innovations of the SerIoT project SerIoT project
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summitElsa Prieto
 
European Open Science Cloud: Concept, status and opportunities
European Open Science Cloud: Concept, status and opportunitiesEuropean Open Science Cloud: Concept, status and opportunities
European Open Science Cloud: Concept, status and opportunitiesEOSC-hub project
 
IEEE Education Society: Reshaping the Future of Technology
IEEE Education Society: Reshaping the Future of Technology IEEE Education Society: Reshaping the Future of Technology
IEEE Education Society: Reshaping the Future of Technology Manuel Castro
 
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) USKim Holm
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaEUBrasilCloudFORUM .
 
D0.1 V2.0 Project Presentation
D0.1 V2.0 Project PresentationD0.1 V2.0 Project Presentation
D0.1 V2.0 Project Presentationlatifladid
 
EOSC-hub RDA 11 Colocation Presentation
EOSC-hub RDA 11 Colocation PresentationEOSC-hub RDA 11 Colocation Presentation
EOSC-hub RDA 11 Colocation PresentationEOSC-hub project
 

Similar to CloudCERT and SCADALAB projects overview (20)

Edge Computing Standardisation and Initiatives
Edge Computing Standardisation and InitiativesEdge Computing Standardisation and Initiatives
Edge Computing Standardisation and Initiatives
 
Internet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_finalInternet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_final
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiative
 
Aditess ltd a Cyprus start up
Aditess ltd a Cyprus start up Aditess ltd a Cyprus start up
Aditess ltd a Cyprus start up
 
2018.11 eclipse overview (japan meeting)
2018.11 eclipse overview (japan meeting)2018.11 eclipse overview (japan meeting)
2018.11 eclipse overview (japan meeting)
 
Trends on Data Graphs & Security for the Internet of Things
Trends on Data Graphs & Security for the Internet of ThingsTrends on Data Graphs & Security for the Internet of Things
Trends on Data Graphs & Security for the Internet of Things
 
Testing Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge ComputingTesting Challenges and Approaches in Edge Computing
Testing Challenges and Approaches in Edge Computing
 
Main Innovations of the SerIoT project
Main Innovations of the SerIoT project Main Innovations of the SerIoT project
Main Innovations of the SerIoT project
 
Eyes of things
Eyes of thingsEyes of things
Eyes of things
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summit
 
Experiences of an Irish Researcher in FP6
Experiences of an Irish Researcher in FP6Experiences of an Irish Researcher in FP6
Experiences of an Irish Researcher in FP6
 
European Open Science Cloud: Concept, status and opportunities
European Open Science Cloud: Concept, status and opportunitiesEuropean Open Science Cloud: Concept, status and opportunities
European Open Science Cloud: Concept, status and opportunities
 
About Infracritical
About InfracriticalAbout Infracritical
About Infracritical
 
Fabrice Clari - EC-FIA
Fabrice Clari - EC-FIAFabrice Clari - EC-FIA
Fabrice Clari - EC-FIA
 
IEEE Education Society: Reshaping the Future of Technology
IEEE Education Society: Reshaping the Future of Technology IEEE Education Society: Reshaping the Future of Technology
IEEE Education Society: Reshaping the Future of Technology
 
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US
20090620 CWID EDI-gateway (EDI) Identity Management (IDM) US
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agenda
 
D0.1 V2.0 Project Presentation
D0.1 V2.0 Project PresentationD0.1 V2.0 Project Presentation
D0.1 V2.0 Project Presentation
 
EOSC-hub RDA 11 Colocation Presentation
EOSC-hub RDA 11 Colocation PresentationEOSC-hub RDA 11 Colocation Presentation
EOSC-hub RDA 11 Colocation Presentation
 
Access Control in ESDIN: Shibboleth
Access Control in ESDIN: ShibbolethAccess Control in ESDIN: Shibboleth
Access Control in ESDIN: Shibboleth
 

Recently uploaded

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

CloudCERT and SCADALAB projects overview

  • 1. With the financial support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme. European Commission - Directorate-General Justice, Freedom and Security 8th CERT workshop - Part I CLOUDCERT and SCADALAB projects presentation Speaker: Enrique Redondo – INTECO (Spain)
  • 2. AGENDA Agenda 1) INTECO 2) SCADALAB project  Introduction  Main purpose  Main activities 3) CLOUDCERT project  Introduction.  Main Objectives.  European Dimension and Project Roadmap  Project Work packages and status. Contact information 2
  • 3. INTECO The National Institute of Communication Technologies (INTECO) ●León
  • 4. INTECO: Brief introduction Who is INTECO?  Provision of services, research and coordination.  Participation in several European projects (ASASEC, ACDC, CloudCERT, SCADALAB, etc.)  INTECO-CERT. Preventive and reactive services:. Citizens + Entities (+ CCII ) (CCII with CNPIC).  Cyber security centre at the national level. (NCP ICT PSP) Membership
  • 5. INTECO: Other projects beneficiaries (I) Participants  Leaded by INTECO.  9 members in total.  Leaded by INTECO.  6 members in total.
  • 6. INTECO: Other projects beneficiaries (II) Participants description AEI Seguridad  Non-profit organization in a form of association which main objective is to improve the international competitiveness of the Spanish companies.  Role: Analyze current methodologies and to participate in the design of the laboratory architecture.  Organism in charge of promoting, coordinating and supervising all critical infrastructure protection (CIP).  Role: Advice in any activity under taken.  Role: User in the information model definition, experimentation and pilot activities.CNPIC
  • 7. INTECO: Other projects beneficiaries (III) Europe for Business  European Consulting company specialized in the identification of relevant European Union grant opportunities for European organisations.  Role: Lead training and awareness tasks.  Role: Lead dissemination tasks.  As part of the EVERIS group, is a multi-national consulting company.  Role: Lead dissemination tasks. EVERIS Consultancy Ltd Participants description
  • 8. INTECO: Other projects beneficiaries (IV) ICSA  Foundation whose tasks are to deal in innovative ways with security, defence and intelligence issues.  Role: Lead the assessment of the test bed tool.  Global technology, innovation and talent company.  Role: Lead analysis and design package with the help of INTECO. INDRA Sistemas Participants description
  • 9. INTECO: Other projects beneficiaries (V) TELVENT ENERGY  IT and industrial automation company specialized in SCADA and IT systems for energy utility. It has been acquired by the Schneider Electric group.  Role: Co lead the building of the lab and they lead the laboratory implementation.  Part of Schneider Electric, is an international company dedicated to improve efficiency, safety, and security.  Role: Co lead the building of the laboratory and lead the package of results sharing. TELVENT GLOBAL SERVICES Participants description
  • 10. INTECO: Other projects beneficiaries (VI) Theodore Puskás Foundation  Foundation supervised and founded by Hungary government.  Role: Participation in methodology, sharing results, training and awareness.  Company specialized in research, training and advising on cyber-security and cyber-intelligence issues.  Role: Leads the design of the methodology and participates in pilot implementation, training and awareness.  Role: Provide requirements for the system concept, and definition of the security framework. ZANASI SrL Participants description
  • 12. IT Systems ICS SCADALAB PROJECT: Introduction • is at mature stage • importance C(50%) I(30%), A(20%) • patches are released regularly Cyber security • At a very early stage • Importance C(5%) I(35%), A(60%) • patches are released quite slow Cyber security • ISO standards • International regulations • Well known methodologies Standards, regulations and methodologies • Local standards • Local regulations • No well known methodologies Standards, regulations and methodologies • Standard architectures / protocols • Proprietary/unknown components are present to a certain extent Architecture and protocols • No standardized architectures / protocols • Proprietary components Architecture and protocols Comparing ICS and IT Systems
  • 13. SCADALAB PROJECT: Main purpose Purpose of the project SCADA LAB Test Beds Area Test bed 1 Test bed 2 … Laboratory Area Test Plan 1 Test Plan 2 Test Plan N SCADALAB: SCADA Laboratory and Test bed as a service for critical infrastructure protection.  LAB: Framework to manage assessment plans and from where the tests will be carried out.  TEST BED: Target of Evaluation.
  • 14. SCADALAB PROJECT: Main activities (I) Definition of testing methodology STARTING POINTS 1. ICS Base architecture. 2. Test bed and laboratory area requirements 3. Analysis of existing methodologies 4. Type of security assessment 5. Approach of the test inventory 1 PLANNING a) ORGANIZATIONAL LEVEL ASSESSMENT a) SET THE LAB b) EXECUTION REPORTING a) CALCULATION OF THE METRICS b) REPORT OF FINDINGS b) OPERATIONAL LEVEL c) TECHNICAL LEVEL Phases Activities 2 3
  • 15. SCADALAB PROJECT: Main activities (II) Design of the laboratory architecture LABORATORYAREA
  • 16. SCADALAB PROJECT: Main activities (III) Design of the test bed architecture TEST BED AREA
  • 17. SCADALAB PROJECT: Main activities (IV) Workflow of the security assessment SCADALAB FRONTEND SCADALAB TESTING AGENT SCADALAB SERVER SCADALAB WORKSTATION TESTBED RESULTS
  • 19.  If you are a CERT. CLOUDCERT PROJECT: Brief introduction Can be CLOUDCERT interesting for you? You can use this platform to handle with Critical Infrastructure incidents and share information.  If you have to interact with National Authorities for CIP. Depending on its national competencies you can assign within the platform the most proper role: Coordination, supervision, participation, etc.  If your constituency includes Critical infrastructure operators. You can get a customize platform to provide services and tools for your CIP constituency (forum, wiki, etc).
  • 20. CLOUDCERT PROJECT: Main objectives (I) Transport Nuclear Energy Space TIC Water Financial Chem Research FoodHealth Admin CIP Authority CERTCERT  CIP Actors.  CIP Information Exchange:  Security contents (such as Vulnerabilities, News, Notes, Advisories, etc.)  Workflows trough services such as forums, wikis, etc.  Cloud Paradigm. Content exchange in a collaborative model.  Web Access.  Secured API.  Extensible services catalog. Can be CLOUDCERT interesting for you?
  • 21. CLOUDCERT PROJECT: Main objectives (II) Workflow of the platform Entity TransportEntity Financial Entity Energy CloudCERT User Console Services Contents Private repository Supervisor CIP Authority CERT CloudCERT Admin Console Configuration Management Registration Admin Moderation Moderator Moderation Shared Repository Content Propagation Admin Permissions Users Contents Private repository Contents Private repository Public Web site PublicationAPI
  • 22. CLOUDCERT PROJECT: European Dimension and Project Roadmap (I) Long Term Roadmap CLOUDCERT Platform. CNPIC INTECO CERT CERT Hungary National CloudCERT. CLOUDCERT. CNPIC … CERT1 … CERT2 … Org1 Org2 Org1 Org2 Org1 Org2 National CloudCERT Network. National CloudCERT. CLOUDCERT. European CloudCERT Network. National CloudCERT Network. National CloudCERT. CLOUDCERT. European CloudCERT National CloudCERTs Network National CloudCERT CloudCERT Platform 2 years
  • 23. SNAPSHOTS CLOUDCERT CLOUDCERT PROJECT: European Dimension and Project Roadmap (II)
  • 24. With the financial support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme. European Commission - Directorate-General Justice, Freedom and Security Thank you!
  • 25. CONTACTS Web: http://scadalab.eu Email: info@scadalab.eu Web: http://cloudcert.european-project.eu Email: info@cloudcert.european-project.eu For further information, Collaboration, Experimentation. Issues / Questions / Discussion.