Marco Lisi, profile picture
Uploaded byMarco Lisi
756 views

Security in Large, Strategic and Complex Systems: Challenges and Solutions_Lisi_2015

The presentation discusses the security challenges faced by large, complex systems that underpin critical infrastructures, which are vulnerable to cyber-attacks and require robust information security measures. It emphasizes the interdependency of critical infrastructures and outlines essential solutions for enhancing security through resilient system architecture and effective design principles. The conclusion highlights the necessity of integrating security features from the onset of system design to address the growing demand for safety and security in increasingly networked environments.

Technology
Related topics:
Information Security

Embed presentation

Downloaded 24 times
Dr. ing. Marco Lisi European Space Agency (marco.lisi@ieee.org) Security in Large, Strategic and Complex Systems: Challenges and Solutions All views expressed in this presentation are those of the author and do not necessarily represent the views of, and should not be attributed to, the European Space Agency
2 Summary  All critical infrastructures of our society are supported by large and complex systems, largely based on ICT technologies;  Large and complex systems are essentially network- centric, thus vulnerable to cyber-attacks and other security threads;  Information security is a “must have” option not only for “dual use” systems, but in general for all those systems constituting critical infrastructures or devoted to emergency services, disaster recovery, crisis management, homeland security, environment monitoring and control.
3 Critical Infrastructures • Critical infrastructures are “so vital (…) that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety.” [U.S. Homeland Security Presidential Directive on Critical Infrastructure Identification, Prioritization, and Protection, December 17, 2003]; • An EU critical infrastructure is an “asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State as a result of the failure to maintain those functions” [Council Directive 2008/114/EC of 8 December 2008].
4 Electric Power Grids
5 Oil Pipeline Transport Networks
6 Water Pipeline Distribution Networks
7 Nuclear Power Generation Plants
8 Dams and Water Reservoirs
9 Telecommunications Networks
10 Railways Transportation Systems
11 Maritime Transportation Systems
12 Air Traffic Control Systems
13 Global Navigation Satellite Systems (PNT Infrastructure)
14 Large and Complex Systems (1/2)  A large and complex system is a system composed of a large number of interconnected elements, often developed and deployed worldwide, which interact dynamically, giving rise to emergent properties  Examples of complex systems for civil applications include:  global satellite navigation systems  air traffic control systems  railway control systems  space systems such as the International Space Station or space transportation and exploration vehicles  surveillance, Earth observation and Homeland security systems  electric power distribution systems  telecommunication systems  complex computer networks, including Internet.
15 Large and Complex Systems (2/2)  A complex system often integrates existing systems (or parts of them) in an overall large-scale architecture (“System of systems”) containing a large number of interfaces and implementing multiple modes of operation, in a highly dynamic environment  Large and complex systems require extensive logistics and maintenance support capabilities  Large and complex systems are conceived to be in service for a long time; in this case the evolution of the system (upgrades and modifications) has to be taken into account from the beginning.
16 Characteristics of Large and Complex Systems  Service oriented  Software intensive (several million lines of code)  Capabilities-based rather than platform-based  Organization and governance (human factor)  Technical performance is a prerequisite for production and delivery of services, not a final objective  Requirements related to operations, in addition to technical ones, assume a very high relevance: Quality of Service (QoS) Flexibility Reliability, Availability, Continuity Expandability Maintainability Interoperability Safety Resilience Security
17 11 September 201?
18 A future scenario to avoid…
19 An Escalating Threat • In 2012 nearly 200 cyber-attacks against critical infrastructure targets were reported to the U.S. Department of Homeland Security – an increase of more than 50% vs. the previous year; • Growing evidence indicates that many of these attacks originated from military and/or government institutions in foreign countries.
20
21 Critical Infrastructures are Interdependent
22 The break-down of one critical infrastructure might cause a “domino effect” on all the others
23 Critical Infrastructures Dependency on Time
24 The main characteristics of our society also constitute its main vulnerabilities Connectivity Complexity Inter-dependency
25 “Large and Complex Systems" and Information Security: Challenges  Security standards would ideally demand that a system be disconnected from all networks before it can be given the highest security rating;  In a large and complex system (or “system of systems”), service oriented and based on an “open” architecture, trusted and untrusted domains need to co-exist and operate together;  The “Security Paradox”: a connected machine (or system) is a vulnerable machine (or system). But most of today’s systems are inherently “network- centric”;  This apparent contradiction must be resolved, finding the optimum balance between protection of information and availability of it.
26 “Large and Complex Systems" and Information Security: Solutions  Concurrent system architecture design, with early definition of security requirements (“Design for Security”);  Resilient system and network architectures (“Design for Resiliency”);  Maximum exploitation of internal and external (“systems of systems”) redundancies and of alternative back-up technologies;  Need for flexible security certification standards;  Robust and flexible encryption techniques;  Soft and hard “air gap” and firewall technologies;  Secure gateways and network routers.
27 Trusted and Untrusted Networks/Domains
28 Multiple Independent Levels of Security (MILS) and Safety
29 Information Security Certification: Open Issues • Long time required for the execution of the evaluation/certification process; • High cost of the evaluation/certification process; • Need for “air-gap” technologies at the boundaries between trusted and untrusted domains; • Availability of jointly certified hardware and software platforms; • Severe limitations in the use of commercial off-the- shelf (COTS) software products; • Limitations in the use of commonly adopted communications protocols (e.g. TCP/IP); • Loss of certification because of minor modifications or obsolescence of both hardware and software; • Need for “encapsulation” techniques for the utilization of non-certified components.
30 Cyber-attacks are not the only threat: Electro Magnetic Pulse (EMP)
31 Effects of an EMP Attack
Future PNT System of Systems Infrastructure 32 Non-GNSS PNT Systems Autonomous PNT Platforms GNSSs eLoran Wi-Fi GSM SOPs
The Global Systems of Systems Infrastructure 33 GEOSSTelecomms
Conclusions  In today’s world the demand for safety, security and value-added services is increasing at a very fast pace, leading to the development of large, complex, integrated, highly networked systems or “systems of systems”;  Such large and complex systems often become the backbone of critical infrastructures of our society;  Information security features, including encryption, keys management, soft and hard “air-gaps” and conditional access control, will have to be designed into the system architecture from the beginning, as integral parts of it;  The ultimate answer to our demand for security might come from global “systems of systems” infrastructures, with highly resilient and internally redundant architectures. 34
Korean Thank YouEnglish Russian Danke German Grazie Italian Gracias Spanish Obrigado Brazilian Portuguese Arabic Simplified Chinese Traditional Chinese Thai Merci French Japanese

More Related Content

PDF
Critical Infrastructure and Cybersecurity
byEuropean Services Institute
 
PDF
Ijcatr04061002
byEditor IJCATR
 
PPT
22 need-for-security
byAl Balqa Applied University
 
PDF
Securing Nuclear Facilities
byOPSWAT
 
PDF
Cyber war scenario what are the defenses
byA. V. Rajabahadur
 
PPT
Lesson 2
byMLG College of Learning, Inc
 
PDF
Security challengesasa factor affectingthe
byIJNSA Journal
 
PDF
Cyber Security for Critical Infrastrucutre-ppt
byMohit Rampal
 
Critical Infrastructure and Cybersecurity
byEuropean Services Institute
 
Ijcatr04061002
byEditor IJCATR
 
22 need-for-security
byAl Balqa Applied University
 
Securing Nuclear Facilities
byOPSWAT
 
Cyber war scenario what are the defenses
byA. V. Rajabahadur
 
Lesson 2
byMLG College of Learning, Inc
 
Security challengesasa factor affectingthe
byIJNSA Journal
 
Cyber Security for Critical Infrastrucutre-ppt
byMohit Rampal
 

What's hot

PPTX
Abwicmo 130525203917-phpapp02
byjda1292
 
PPT
Lesson 4
byMLG College of Learning, Inc
 
PPTX
What every executive needs to know about information technology security
byLegal Services National Technology Assistance Project (LSNTAP)
 
PDF
Airport security 2013 cyber security panel discussion
byRussell Publishing
 
PDF
Telecom security issues (Raoul Chiesa, day 1 )
byClubHack
 
PPT
Information Technology Security A Brief Overview 2001
byDonald E. Hester
 
ODP
John Yessis - Telecom and Security
byJohn Yessis
 
PDF
I0516064
byIOSR Journals
 
PPTX
Cybersecurity 3 cybersecurity costs and causes
bysommerville-videos
 
PDF
Honey Pot Intrusion Detection System
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
DOCX
Cat21:Development Mangement Information Systems
bySimeon Ogao
 
PPTX
information security technology
bygarimasagar
 
PPTX
Cyber terrorism
byNihal Jani
 
PPTX
Cybersecurity of Physical Systems
byErin Hillier
 
PPTX
Group 13
byagyare2015
 
PPTX
Symantec government technology summit abstract
byCarahsoft
 
PPT
Computer Security Policy D
byguest34b014
 
PPT
The need for security
byDhani Ahmad
 
PPTX
Introduction to information security
byKATHEESKUMAR S
 
PPT
Ia 124 1621324143 ia_124_lecture_01
byITNet
 
Abwicmo 130525203917-phpapp02
byjda1292
 
Lesson 4
byMLG College of Learning, Inc
 
What every executive needs to know about information technology security
byLegal Services National Technology Assistance Project (LSNTAP)
 
Airport security 2013 cyber security panel discussion
byRussell Publishing
 
Telecom security issues (Raoul Chiesa, day 1 )
byClubHack
 
Information Technology Security A Brief Overview 2001
byDonald E. Hester
 
John Yessis - Telecom and Security
byJohn Yessis
 
I0516064
byIOSR Journals
 
Cybersecurity 3 cybersecurity costs and causes
bysommerville-videos
 
Honey Pot Intrusion Detection System
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
Cat21:Development Mangement Information Systems
bySimeon Ogao
 
information security technology
bygarimasagar
 
Cyber terrorism
byNihal Jani
 
Cybersecurity of Physical Systems
byErin Hillier
 
Group 13
byagyare2015
 
Symantec government technology summit abstract
byCarahsoft
 
Computer Security Policy D
byguest34b014
 
The need for security
byDhani Ahmad
 
Introduction to information security
byKATHEESKUMAR S
 
Ia 124 1621324143 ia_124_lecture_01
byITNet
 

Viewers also liked

PDF
modelo de comunicación de maletzke
byGivemethatgrape
 
PDF
Tic (2)
byleidy rivero
 
DOC
21.STRIVE.1995
byC. Marie Trapp
 
PDF
espiralbien
byGivemethatgrape
 
PPTX
環境即時通(2.0)新版上線,提供更多環境即時訊息
byepaslideshare
 
DOCX
Elaboracion de un plan de desarrollo
bysushi matdaly tuni pacuri
 
PPTX
愛環境資訊網上線啟用
byepaslideshare
 
PDF
Federated Systems of Pico-Satellites for Future Space-Based Service Infrastru...
byMarco Lisi
 
PDF
Ueda2016 symposium -the novelty in assessing the patient’s needs - hanan gawish
byueda2015
 
PDF
Astrit Sahiti CV 2016
byAstrit Sahiti
 
DOC
CV-Miholesc Camelia Diana. 17.04.2015
byDiana Miholesc
 
DOC
Davila_Bryan_resume
byBryan Davila
 
DOCX
resume anys
byanys farizawati
 
PDF
Egnos galileo uasd-santo_domingo_2016_lisi_v02
byMarco Lisi
 
PDF
Ejemplo de textos explicativos
byMARCELA MELGAREJO
 
ODP
buena la banda z1
bybuenalabandaz1
 
modelo de comunicación de maletzke
byGivemethatgrape
 
Tic (2)
byleidy rivero
 
21.STRIVE.1995
byC. Marie Trapp
 
espiralbien
byGivemethatgrape
 
環境即時通(2.0)新版上線,提供更多環境即時訊息
byepaslideshare
 
Elaboracion de un plan de desarrollo
bysushi matdaly tuni pacuri
 
愛環境資訊網上線啟用
byepaslideshare
 
Federated Systems of Pico-Satellites for Future Space-Based Service Infrastru...
byMarco Lisi
 
Ueda2016 symposium -the novelty in assessing the patient’s needs - hanan gawish
byueda2015
 
Astrit Sahiti CV 2016
byAstrit Sahiti
 
CV-Miholesc Camelia Diana. 17.04.2015
byDiana Miholesc
 
Davila_Bryan_resume
byBryan Davila
 
resume anys
byanys farizawati
 
Egnos galileo uasd-santo_domingo_2016_lisi_v02
byMarco Lisi
 
Ejemplo de textos explicativos
byMARCELA MELGAREJO
 
buena la banda z1
bybuenalabandaz1
 

Similar to Security in Large, Strategic and Complex Systems: Challenges and Solutions_Lisi_2015

PDF
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
byMarco Lisi
 
PPTX
Securing Critical Infrastructures with a cybersecurity digital twin
byMassimiliano Masi
 
PPTX
The importance of cie in the digital era
byRicardo de Almeida
 
PPT
A Network of Networks
byGovernment Technology Exhibition and Conference
 
PDF
Potential Impact of Cyber Attacks on Critical Infrastructure
byUnisys Corporation
 
PPTX
Introduction to Critical Systems Engineering (CS 5032 2012)
byIan Sommerville
 
PDF
Critical infrastructure Protection and Cyber Attack Modeling
byBlaz Ivanc
 
PDF
Cyber Security: Protecting Today's Mission Critical Public Safety Networks
byLRKimball
 
PPTX
Critical Infrastructure Security by Subodh Belgi
byClubHack
 
PPTX
CS 5032 L1 critical socio-technical systems 2013
byIan Sommerville
 
PDF
Critical Infrastructure and Cyber Security: trends and challenges
byCommunity Protection Forum
 
PPTX
CS5032 Lecture 20: Dependable infrastructure 2
byJohn Rooksby
 
PDF
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
byitnewsafrica
 
PDF
American Bar Assoc. ISC 2009
byinfracritical
 
PDF
Addressing Cybersecurity Challenges in Critical Infrastructure Protection.pdf
byInsider Market Research
 
PDF
Dsd int 2014 - open mi symposium -cipr-net and openmi, erick rome, fraunhofer
byDeltares
 
PDF
Strengthening Critical Infrastructure Security.pdf
byssuserc1c354
 
PDF
critical-infrastructure-protection-Growth.pdf
bydigimarknitin
 
PDF
Ghioni Fabio The Importance of System Availability in Corporate Critical Infr...
byFabio Ghioni
 
PDF
Risks and Security of Internet and Systems Nora Cuppens
bykragh8grotaof
 
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
byMarco Lisi
 
Securing Critical Infrastructures with a cybersecurity digital twin
byMassimiliano Masi
 
The importance of cie in the digital era
byRicardo de Almeida
 
A Network of Networks
byGovernment Technology Exhibition and Conference
 
Potential Impact of Cyber Attacks on Critical Infrastructure
byUnisys Corporation
 
Introduction to Critical Systems Engineering (CS 5032 2012)
byIan Sommerville
 
Critical infrastructure Protection and Cyber Attack Modeling
byBlaz Ivanc
 
Cyber Security: Protecting Today's Mission Critical Public Safety Networks
byLRKimball
 
Critical Infrastructure Security by Subodh Belgi
byClubHack
 
CS 5032 L1 critical socio-technical systems 2013
byIan Sommerville
 
Critical Infrastructure and Cyber Security: trends and challenges
byCommunity Protection Forum
 
CS5032 Lecture 20: Dependable infrastructure 2
byJohn Rooksby
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
byitnewsafrica
 
American Bar Assoc. ISC 2009
byinfracritical
 
Addressing Cybersecurity Challenges in Critical Infrastructure Protection.pdf
byInsider Market Research
 
Dsd int 2014 - open mi symposium -cipr-net and openmi, erick rome, fraunhofer
byDeltares
 
Strengthening Critical Infrastructure Security.pdf
byssuserc1c354
 
critical-infrastructure-protection-Growth.pdf
bydigimarknitin
 
Ghioni Fabio The Importance of System Availability in Corporate Critical Infr...
byFabio Ghioni
 
Risks and Security of Internet and Systems Nora Cuppens
bykragh8grotaof
 

More from Marco Lisi

PPTX
Presentation on Malicious Hardware_Lisi_2020
byMarco Lisi
 
PDF
"High positioning accuracy and precise time transfer with PPP GNSS receivers"
byMarco Lisi
 
PDF
A Through-life, Integrated and Concurrent Engineering Methodology for the Res...
byMarco Lisi
 
PDF
"Performance Specification of Active Antenna Systems"
byMarco Lisi
 
PDF
Antenna estec presentation_lisi_v01
byMarco Lisi
 
PDF
Egnos galileo unphu-santo_domingo_2018_lisi
byMarco Lisi
 
PDF
Isncc conference 2018_lisi_v02
byMarco Lisi
 
PDF
Galileo: System and Applications
byMarco Lisi
 
PDF
An Introduction to Service Systems Engineering (SSE)
byMarco Lisi
 
PDF
"Integration and Fusion of Space and Ground Technologies and Infrastructures"
byMarco Lisi
 
PDF
Satellite Link Budget_Course_Sofia_2017_Lisi
byMarco Lisi
 
PDF
"Galileo Initial Services: paving the way for the GNSS of the future"
byMarco Lisi
 
PDF
"Initial Services", the new phase of the Galileo program
byMarco Lisi
 
PDF
Galileo_Initial_Services_Lisi_Geomedia_1_2017
byMarco Lisi
 
PDF
Economia dei servizi: una visione sistemica
byMarco Lisi
 
PDF
2017 Ka-band and AIAA ICSSC Joint Conference -Trieste
byMarco Lisi
 
PDF
A COMMUNICATIONS AND PNT INTEGRATED NETWORK INFRASTRUCTURE FOR THE MOON VILLAGE
byMarco Lisi
 
PDF
Navigating in a Digital "New World"
byMarco Lisi
 
PDF
"GNSS-based Timing for Power Grids and other Critical Infrastructures"
byMarco Lisi
 
PDF
Throughlife integrated concurrent_engineering_skoltech_2016_lisi_v01
byMarco Lisi
 
Presentation on Malicious Hardware_Lisi_2020
byMarco Lisi
 
"High positioning accuracy and precise time transfer with PPP GNSS receivers"
byMarco Lisi
 
A Through-life, Integrated and Concurrent Engineering Methodology for the Res...
byMarco Lisi
 
"Performance Specification of Active Antenna Systems"
byMarco Lisi
 
Antenna estec presentation_lisi_v01
byMarco Lisi
 
Egnos galileo unphu-santo_domingo_2018_lisi
byMarco Lisi
 
Isncc conference 2018_lisi_v02
byMarco Lisi
 
Galileo: System and Applications
byMarco Lisi
 
An Introduction to Service Systems Engineering (SSE)
byMarco Lisi
 
"Integration and Fusion of Space and Ground Technologies and Infrastructures"
byMarco Lisi
 
Satellite Link Budget_Course_Sofia_2017_Lisi
byMarco Lisi
 
"Galileo Initial Services: paving the way for the GNSS of the future"
byMarco Lisi
 
"Initial Services", the new phase of the Galileo program
byMarco Lisi
 
Galileo_Initial_Services_Lisi_Geomedia_1_2017
byMarco Lisi
 
Economia dei servizi: una visione sistemica
byMarco Lisi
 
2017 Ka-band and AIAA ICSSC Joint Conference -Trieste
byMarco Lisi
 
A COMMUNICATIONS AND PNT INTEGRATED NETWORK INFRASTRUCTURE FOR THE MOON VILLAGE
byMarco Lisi
 
Navigating in a Digital "New World"
byMarco Lisi
 
"GNSS-based Timing for Power Grids and other Critical Infrastructures"
byMarco Lisi
 
Throughlife integrated concurrent_engineering_skoltech_2016_lisi_v01
byMarco Lisi
 

Recently uploaded

PDF
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
PPTX
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
PDF
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
 
PDF
Mount File Systems using UUID and Label - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 2
byDianaGray10
 
PPTX
Introduction-------- to-------ARM Cortex
byPujaSengupta6
 
PDF
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
PDF
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
Understanding Foldable 3-Wheel Electric Scooters for Everyday Use
byTopmate
 
PPTX
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
 
PDF
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
PDF
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
PDF
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
PPTX
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
PDF
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
 
Mount File Systems using UUID and Label - RHCSA (RH134).pdf
byLinuxCert Guru
 
UiPath Automation Developer Associate Training Series 2026 - Session 2
byDianaGray10
 
Introduction-------- to-------ARM Cortex
byPujaSengupta6
 
Python Automation in Action: Real-World Use Cases and Practical Implementation
byDenys Smirnov
 
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
Understanding Foldable 3-Wheel Electric Scooters for Everyday Use
byTopmate
 
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
Designing a Blog Using Wordpress
bymarkzubi50
 
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
 
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
GenerationAI Paris 2025 | City of Light (COL)
byapidays
 

Security in Large, Strategic and Complex Systems: Challenges and Solutions_Lisi_2015

  • 1.
    Dr. ing. MarcoLisi European Space Agency (marco.lisi@ieee.org) Security in Large, Strategic and Complex Systems: Challenges and Solutions All views expressed in this presentation are those of the author and do not necessarily represent the views of, and should not be attributed to, the European Space Agency
  • 2.
    2 Summary  All criticalinfrastructures of our society are supported by large and complex systems, largely based on ICT technologies;  Large and complex systems are essentially network- centric, thus vulnerable to cyber-attacks and other security threads;  Information security is a “must have” option not only for “dual use” systems, but in general for all those systems constituting critical infrastructures or devoted to emergency services, disaster recovery, crisis management, homeland security, environment monitoring and control.
  • 3.
    3 Critical Infrastructures • Criticalinfrastructures are “so vital (…) that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety.” [U.S. Homeland Security Presidential Directive on Critical Infrastructure Identification, Prioritization, and Protection, December 17, 2003]; • An EU critical infrastructure is an “asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State as a result of the failure to maintain those functions” [Council Directive 2008/114/EC of 8 December 2008].
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
    8 Dams and WaterReservoirs
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
    13 Global Navigation SatelliteSystems (PNT Infrastructure)
  • 14.
    14 Large and ComplexSystems (1/2)  A large and complex system is a system composed of a large number of interconnected elements, often developed and deployed worldwide, which interact dynamically, giving rise to emergent properties  Examples of complex systems for civil applications include:  global satellite navigation systems  air traffic control systems  railway control systems  space systems such as the International Space Station or space transportation and exploration vehicles  surveillance, Earth observation and Homeland security systems  electric power distribution systems  telecommunication systems  complex computer networks, including Internet.
  • 15.
    15 Large and ComplexSystems (2/2)  A complex system often integrates existing systems (or parts of them) in an overall large-scale architecture (“System of systems”) containing a large number of interfaces and implementing multiple modes of operation, in a highly dynamic environment  Large and complex systems require extensive logistics and maintenance support capabilities  Large and complex systems are conceived to be in service for a long time; in this case the evolution of the system (upgrades and modifications) has to be taken into account from the beginning.
  • 16.
    16 Characteristics of Largeand Complex Systems  Service oriented  Software intensive (several million lines of code)  Capabilities-based rather than platform-based  Organization and governance (human factor)  Technical performance is a prerequisite for production and delivery of services, not a final objective  Requirements related to operations, in addition to technical ones, assume a very high relevance: Quality of Service (QoS) Flexibility Reliability, Availability, Continuity Expandability Maintainability Interoperability Safety Resilience Security
  • 17.
  • 18.
  • 19.
    19 An Escalating Threat •In 2012 nearly 200 cyber-attacks against critical infrastructure targets were reported to the U.S. Department of Homeland Security – an increase of more than 50% vs. the previous year; • Growing evidence indicates that many of these attacks originated from military and/or government institutions in foreign countries.
  • 20.
  • 21.
  • 22.
    22 The break-down ofone critical infrastructure might cause a “domino effect” on all the others
  • 23.
  • 24.
    24 The main characteristicsof our society also constitute its main vulnerabilities Connectivity Complexity Inter-dependency
  • 25.
    25 “Large and ComplexSystems" and Information Security: Challenges  Security standards would ideally demand that a system be disconnected from all networks before it can be given the highest security rating;  In a large and complex system (or “system of systems”), service oriented and based on an “open” architecture, trusted and untrusted domains need to co-exist and operate together;  The “Security Paradox”: a connected machine (or system) is a vulnerable machine (or system). But most of today’s systems are inherently “network- centric”;  This apparent contradiction must be resolved, finding the optimum balance between protection of information and availability of it.
  • 26.
    26 “Large and ComplexSystems" and Information Security: Solutions  Concurrent system architecture design, with early definition of security requirements (“Design for Security”);  Resilient system and network architectures (“Design for Resiliency”);  Maximum exploitation of internal and external (“systems of systems”) redundancies and of alternative back-up technologies;  Need for flexible security certification standards;  Robust and flexible encryption techniques;  Soft and hard “air gap” and firewall technologies;  Secure gateways and network routers.
  • 27.
    27 Trusted and UntrustedNetworks/Domains
  • 28.
    28 Multiple Independent Levelsof Security (MILS) and Safety
  • 29.
    29 Information Security Certification:Open Issues • Long time required for the execution of the evaluation/certification process; • High cost of the evaluation/certification process; • Need for “air-gap” technologies at the boundaries between trusted and untrusted domains; • Availability of jointly certified hardware and software platforms; • Severe limitations in the use of commercial off-the- shelf (COTS) software products; • Limitations in the use of commonly adopted communications protocols (e.g. TCP/IP); • Loss of certification because of minor modifications or obsolescence of both hardware and software; • Need for “encapsulation” techniques for the utilization of non-certified components.
  • 30.
    30 Cyber-attacks are notthe only threat: Electro Magnetic Pulse (EMP)
  • 31.
    31 Effects of anEMP Attack
  • 32.
    Future PNT Systemof Systems Infrastructure 32 Non-GNSS PNT Systems Autonomous PNT Platforms GNSSs eLoran Wi-Fi GSM SOPs
  • 33.
    The Global Systemsof Systems Infrastructure 33 GEOSSTelecomms
  • 34.
    Conclusions  In today’sworld the demand for safety, security and value-added services is increasing at a very fast pace, leading to the development of large, complex, integrated, highly networked systems or “systems of systems”;  Such large and complex systems often become the backbone of critical infrastructures of our society;  Information security features, including encryption, keys management, soft and hard “air-gaps” and conditional access control, will have to be designed into the system architecture from the beginning, as integral parts of it;  The ultimate answer to our demand for security might come from global “systems of systems” infrastructures, with highly resilient and internally redundant architectures. 34
  • 35.