DS-03-2015 - The role of ICT in Critical Infrastructure Protection
Communication and computing networks are not only critical infrastructures on their own, but underpin many other critical networks (e.g. energy, transport, finance, health …). In addition they are critically dependent on ICT technology. Therefore, the malfunctioning or disruption of the communication channel or of an IT system will have a cascading effect, on several other infrastructures or services that depend on it, potentially across all Europe.
This includes Industrial and Automation Control Systems (IACS). They are no longer isolated siloes but are fully integrated with corporate IT infrastructures. Despite this strong connection between the two infrastructures, there is only little awareness regarding IT risks that can affect IACS. An attack to IT assets can spread to the OT environment jumping to SCADA and Control Centres.
Many vulnerabilities of critical infrastructures, including the communication networks, stem from the fact that ICT systems are deployed in an environment or for an application that was not designed with security in mind. The deployment of ICT in new critical systems, including new generation ICT system, is exacerbating the problem by constantly introducing new risks and vulnerabilities, in particular for an interconnected system.
Proposals should investigate the dependencies on communication networks and ICT components (including SCADA and IACS systems) of critical infrastructures, analyze and propose mitigation strategies and methodologies for assessing criticalities of services and detecting anomalies, developing tools and processes to simulate or monitor cascading effects due to ICT incidents, and develop self-healing mechanisms. ICT should be protected or re-designed at the software level, but also at the physical level, leading to more robust, resilient and survivable ICT infrastructure.
Based on the outcome of the work described above, plans of how to retrofit state-of-the-art security into networks can also be addressed.
The investigated concepts have to be tested in a field trial. Trials will have to distinguish between generic solutions and solutions specific to the critical infrastructure (e.g. health, finance, energy, transport, …) they are applied to.
Advantage will be taken from the fact that ICT operators (e.g. telecom operators) have experience in securing information networks and this competence can be applied to new types of networks such as smart grids linking communication, energy and transport networks.
In relation to the protection of legacy IACS, SMEs are particularly encouraged to provide specific and very focused security solutions adapting current ICT security technology to IACS environments on topics such as:
- Early anomaly detection and compliance management.
- Patching and updating equipment without disruption of service and tools.
- Improved forensic techniques for supporting criminal law enforcement.
- Anti-malware solutions with special focus on managing third-parties (e.g. maintenance and support service providers, IACS vendors, etc.)
- Proactive Security Systems able to counteract Denial of Service attacks (distributed or not) and other type of attacks aimed to the IACS network disruption.
The Commission considers that proposals requesting a contribution from the EU of between €3m and €8m EURO would allow this topic to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.
Resilient and robust communication networks offering a reduced attack surface to the supported critical infrastructures. Reduced criticality of ICT components installed in critical infrastructures. Increased preparedness, reduced response time and coordinated response in case of a cyber-incident affecting communication and information networks. Reduced possibilities to misuse ICT as a vehicle to commit cybercrime or cyber-terrorism. Where relevant, the supported activities should support the work of the European Program for Critical Infrastructure Protection (EPCIP).
The outcome of the proposal is expected to lead to developments up to Technology Readiness Level (TRL 7) or above; please see part G of the General Annexes. (Innovation Actions may include prototyping, testing, demonstrating, piloting, large-scale product validation and market replication (see Annex D).)"
Type of action: Innovation actions