ECN Bibliography

Abstract: Critical Infrastructure Security Testing must not be overlooked

Abstract: The 11th International Conference on Critical Information Infrastructures Security (CRITIS) took place in Paris, France, on 10

Abstract: A smart approach to cybersecurity protection in critical infrastructures includes threat simulation for design validation and operator education

Abstract: As the attack surface increases and attackers are becoming increasingly aware of the possibilities in attacking the energy sector, the sector must prepare to respond to cyber incidents and to share not only data on incidents, but also knowledge

Abstract: The aim of the Horizon 2020 project EU-CIRCLE is to develop a framework and a set of tools that will enhance the resilience of interconnected Critical Infrastructure Networks to climate hazards under climate change

Abstract: The ever-increasing need for a realistic honeypot calls for a two-sided approach: IT and OT Engineers working together

Abstract: As APTs will undoubtedly target Industry 4.0 deployments, it is essential to develop detection mechanisms and architectures tailored to this context

Abstract: Looking back to our mission with CIPRNet and inspiring with some thoughts for the future

Abstract: How to exploit sophisticated simulation environment to improve the training to manage complex crisis situation: the experience of the students of the Master in Homeland Security (Italy) using the

Abstract: The EU FP7 project CIPRNet developed an application that provides a new capability for training crisis managers. Computer simulation of complex crisis scenarios allows

Abstract: We all view the world with our own lens, a factor of our experiences and perceived opportunities. Immersed in our formulae and offices it is easy to forget who benefits and who loses based on the decisions we make

Abstract: The goal of the Criminal Use of Information Hiding Initiative is to combine expertise and experience from academia, industry, law enforcement agencies and institutions to tackle the increased utilisation of information hiding techniques and prevent its wider diffusion

Abstract: A cyber-physical testbed, developed within the EU Project FACIES, has been exploited to study the interactions between the cyber and physical domains that arise due to physical faults and cyber-attacks against different components of an Industrial Control System

Abstract: An online community service by the CIPRNet Project

Abstract: CERT Polska is a division of NASK that secures the .pl domain and Polish networks. Dealing with actionable information is our bread and butter, as we handle incidents reported by users of Polish Internet and threat intelligence from our contacts from all over the world. Utilising threat data feeds in our daily operations and projects gives us unique insight on usability of threat intelligence information available in the security community

Abstract: The widely deployed open-source network monitor has evolved from a rese-arch platform to an operational capability securing large scientific environ-ments, corporations, government agencies, and non-profit organizations

Abstract: The FP7-SECURITY Programme project SAWSOC provides an advanced security solution for enhancing Critical Infrastructure protection guaranteeing the protection of citizens and assets

Abstract: The goal of the project is to create a Cyberspace Security Threats Evaluation System (SEZBC) for national security management in Poland

Abstract: The Gross Domestic Wealth (GDW) index expands the conventional GDP index to include human well-being as part of the system production dynamics

Abstract: The goal of the CI2C project is to investigate and is focused on enhancing the security and resiliency of Cloud Computing and Critical Information Infrastructures (CIIs).

Abstract: This FP7 EU project ended in November 2015 and delivered a series of recommendations to better prevent and protect rail infrastructure from intentional electromagnetic interferences.

Abstract: The increasing complexification of our society is creating and tightening interdependencies among all its component systems; it is thus crucial to understand the consequences of such evolution. We will discuss how such interdependences can lead to systemic risk, i.e. to the emergence of unforeseen behavior that could have not been predicted from the understanding of the single systems. In this chapter we will pose some examples of systemic interdependencies and introduce some tools and models that allow to understand their possible consequences in socio-technical systems; we will then revise some reference literature with particular attention to complex networks approaches.

Abstract: Increasing the resilience of European Critical Infrastructures through science requires closer collaboration of projects with similar scope, close communication with end users and links to EU policy.

Abstract: The goal of this project is to mitigate electricity theft due to attackers who hack smart meters and under-report electricity consumption. Such attacks have begun taking place in Europe and, if gone unchecked, pose a threat to the availability of power supply, a critical infrastructure resource.

Abstract: The 11th edition of CRITIS takes place in Paris, France, October 10-12, 2016.

Abstract: An online community service by the CIPRNet Project.

Abstract: There are lots of EU and national CIP projects, but rarely the projects know form each other. CIPRNet and C(I)IP Newsletter ECN support visibility and interaction.

Abstract: Regulators, governments, buyers, consumers and the ICT industry must challenge each other to drive increases in the inherent security of vendor products ahead of the product or service that they launch.

Abstract: The goal of CEDR project ROADAPT is to provide risk based methods and tools for assessing climate change risks for roads, towards an action plan for adaptation.

Abstract: The complexity of modern Power Systems requires supplementary resilience to prevent undesired consequences not only of the Power System itself but also of other Critical Infrastructures. HVDC technology has the capability to reach this goal.

Abstract: This article gives an introduction on the collaboration between R&D and emergency management organisations in the Netherlands. The collaboration is aimed to improve the assessment of CI cascading effects in emergency management.

Abstract: Summary of a PhD Study.

Abstract: The FP7 PROGRESS project focuses on the security and resilience of ground based assets of Global Navigation Satellite Systems (GNSS)

Abstract: The aim of INDUSE-2-SAFETY project is to develop a quantitative risk assessment methodology for seismic loss prevention of "special risk" petrochemical plants and components.

Abstract: The goal of the FP7 BESECURE project is to improve urban security policy making by sharing European best practices and providing visualization and assessment tools.

Abstract: About the importance to understand the background of simulation.

Abstract: Creating an Integrated Research and Innovation Agenda for Cybersecurity.

Abstract: The CYSPA Alliance is an initiative for EU stakeholders working together to articulate, embody, and deliver the concrete actions needed to reduce cyber disruption.

Abstract: An online community service by the CIPRNet Project.

Abstract: An online community service by the CIPRNet Project

Abstract: The Role of Public-Private Security Collaboration.

Abstract: Identity and access management is no exception to the digitisation of everything. The use of biometric features, behavioral aspects and physiological technologies is just around the corner, bringing new authentication and authorisation methods to the market. Another wave of technology disruption or an actual business need?

Abstract: Soon new opportunities for CIP researchers and operators are coming up. "What are the topics" and "how to build successful a consortia" in this industrial, research and innovation partnership is disclosed from first hand.

Abstract: The development of GRRASP addresses the issue of developing tools for performing analysis of complex networked infrastructure systems

Abstract: The Swedish approach to secure Critical Infrastructures' IT

Abstract: When discussing security of water supply and of waste water systems in general, we have to reflect what IT-Security means in terms of capacities, resilience, economy and surveillance. Which options should be implemented and which conditions have to be complied with? What is practicable?

Abstract: Already for the fifth time, the biennial International Disaster and Risk Conference IDRC Davos organized by the Global Risk Forum GRF Davos took place in Davos, Switzerland from 24-28 August 2014. Over 700 participants from more than 80 countries representing science, technology, policy and practice gathered in Davos.

Abstract: Assessment, selection & deployment of technological security solutions.

Abstract: Bringing together researchers and professionals from academia, industry and governmental organizations working in the field of the security of critical infrastructure systems.

Abstract: The goal of the FP7 PREDICT project is to provide a solution for dealing with cascading effects in multi-sectorial crisis situations.

Abstract: In the CIPRNet project, we explore how to design a threat scenario for CIP.

Abstract: On 1st of May 2014, a new EU project started on the Impact of Extreme Weather on Critical Infrastructures.

Abstract: Critical Infrastructures: Relations and Consequences for Life and Environment: An interactive touch table application for cascading effects analyses.

Abstract: ENISA role in protecting European Citizens.

Abstract: During last years a new community was born aimed at combining experts from the Critical Infrastructures Protection and the Complexity Science. A book reviewing the state of the art of the field has recently appeared.

Abstract: The Global Risk Forum GRF Davos promotes the worldwide exchange of know-how and expertise, creates solutions and fosters good practices in integrative risk management including climate change adaptation. The foundation aims to improve the understanding, assessment and management of disasters and risks that affect human safety, security, health, the environment, critical infrastructures, the economy and society at large.

Abstract: Severe accidents and crises are the result of the unlikely accumulation of many random hazardous events. Some would call that "black series" or "bad coincidences". But coincidences are unlikely to happen twice!

Abstract: After Snowden's disclosure we know how often systems are under control by others than the owner: is this real and what does this mean for CIP?

Abstract: On 24-25 April, in Paris, the first edition of the training course arranged inside the FP7/ NoE CIPRNet will be held, to contribute towards the CIP community in Europe and as a step towards the creation of the EISAC (European Infrastructure Simulation and Analysis Center)

Abstract: Balancing Technology and Social Issues - Book published by CRC Press.

Abstract: Close interaction between CIP researchers and CI stakeholders required.

Abstract: Modern critical infrastructures constitute highly complex systems that challenge our technical and cognitive capability to effective manage their behavior.

Abstract: New challenges need new structures and alliances. Therefore community building tools such as conferences, exchange between researchers industry and government as well as books and journals are essential.

Abstract: FACIES aims to protect water treatment systems and their control systems against accidental or intentional incidents such as failures, anomalies and cyber-attacks with a particular emphasis on stealth attacks.

Abstract: TIEMS is a global forum for education, training, certification and policy in emergency and disaster management, dedicated to developing and bringing the benefits of modern tools, techniques and good industry practices to society for a safer world.

Abstract: Since 2012, the CIP research at the Norwegian Defence Research Establishment (FFI) has focused on the digitalised society, its vulnerabilities to military information operations and the need for robust information services and information sharing between civilian and military authorities.

Abstract: When discussing Smart Cities, Smart Grid, Smart Mobility and Smart everything, we have to reflect what this means in terms of investment and return. Which options for surveillance and Big Data applications are created? What is really desirable?

Abstract: CIPRNet cooperates closely with other European projects. One of them is ERNCIP, which focuses on common test methodologies for technological security solutions.

Abstract: Resilience of Critical Infrastructures against natural hazards could be significantly increased by efficient and timely events prediction, associated to a reliable consequence analysis of the damages produced on the functioning of infrastructures, on the population and the environment.

Abstract: Evolving threats and new technologies present growing risk for Critical Information Infrastructures around the world. This article explores some of the industry best practices for protecting them.

Abstract: The EU funded project DIESIS investigates the feasibility of a new facility for joint research in Critical Infrastructures and their protection, supporting particularly modelling, federated CI simulation, and analysis.

Abstract: This is the second article in a series of three on how a good practice in software engineering, Test Driven Development (TDD), could become also a good practice for BCP writing at CFIs. First article showed how compliance with the ECIP Directive requires strong BC management at CFIs. This article focuses on how to deal with high costs of some BC crisis scenarios. Last one will show how TDD could help.

Abstract: The 3rd international workshop on CIs and their ICT from 13th to 15th of October 2008 in Rome continued the success of its predecessors and attracted researchers and professionals dealing with all kinds of large critical infrastructures.

Abstract: That was the key question discussed at the second Dutch Second Dutch Process Control Security Event at the Technical University of Delft, December 4, 2008.

Abstract: This is the first article in a series of three on how a best practice in software engineering, Test Driven Development (TDD), could become also a best practice for BCP writing at CFIs. This article shows how compliance with the ECIP Directive requires Operator Security Plans (OSP) include a BCP. Next articles will cover how to deal with high costs of some BC crisis scenarios, and how TDD could help.

Abstract: Providing assurance in ICT systems increasingly relies on ensuring consistent integrity practices across the whole supply chain, including software components.

Abstract: The European Commission has started the Coordination Action Parsifal as well as another Specific Targeted Research Project for the critical financial infrastructure (CFI).

Abstract: The goal of the FP7 STREP project CoMiFin is to create a federated, distributed and collaborative network of agents for enhancing trustworthiness and dependability of financial infrastructures.

Abstract: The Swiss Federal Office for Civil Protection organises a first International Conference on Critical Infrastructure Protection and Resilience (ICCR) in the framework of the International Disaster and Risk Conference (IDRC). The event takes place from on August 26 and 27 in Davos, Switzerland, and addresses CIP issues relevant to decision-makers and practitioners from the public and private sector as well as researchers.

Abstract: The 3rd international Workshop on CI and their ICT from 13th to 15th of October 2008 in Rome, Italy wants to continue the success of its predecessors and seeks to attract researchers and professionals from all kinds of large critical infrastructures.

Abstract: Critical Infrastructures are nowadays exposed to a new kind of threats due to the large number of new vulnerabilities and architectural weaknesses introduced by the extensive use of ICT into such complex critical systems. We present the first outcomes of an exhaustive ICT security assessment analysis, targeting a real thermal Power Plant.

Abstract: Critical infrastructures have become heavily interconnected with no complete control over them, and without high-confidence early-failure detection and modeling methodology. The solution could be Grid

Abstract: The UK Government are funding a feasibility study that explores the state-of-theart in infrastructure interdependency modelling and analysis, both in terms of research and practice, and considers market, cost and regulatory issues for a future strategy.

Abstract: C(I)IP policies, resilience and BCM misses its uniting part: The C(I)IP middleware. It communicates risk, system stability, robustness, and redundant capabilities in integrated systems containing diverse infrastructure elements from several sectors and being used across companies and borders.

Abstract: The PARSIFAL project is a Coordination Action within the European Programme for Critical Infrastructure Protection, with the ambitious objective of defining how to better protect CFI (Critical Financial Infrastructure) in Europe.

Abstract: Service orientation and event- and model-driven process management will deliver critical information infrastructure security

Abstract: Several EU studies on Critical Communication and Information Infrastructure Protection have been completed. CIP strengthening actions are planned based on the preliminary studies, the G8 principles and OECD activities.

Abstract: Data exchange between interdependent infrastructures is thought to increase the resilience of large complex critical infrastructures. Middleware Improved Technology is being developed by AIS Ltd under the FP6 project, IRRIIS, to facilitate this data exchange.

Abstract: Process control systems have become interconnected and are now threatened by a growing number of security risk. The article gives technical background information to this risk and offers a good practice example how to manage process control security.

Abstract: All those involved in control systems have a part to play in helping to meet the security challenges we face today. This article outlines the challenges and what can be done to meet these challenges with solutions.

Abstract: Service orientation and event- and model-driven process management will deliver critical information infrastructure security

Abstract: The Royal Academy of Engineering published its report Dilemmas of Privacy and Surveillance in March 2007. Two parliamentary inquiries into the state of surveillance and data security have followed in its wake, yet the UK has still suffered large-scale losses of citizens' personal data. Here, the lessons of the Academy's report are reiterated.

Abstract: After two years of project work a set of models and first prototypes of tools are available to support analysis of CI interdependencies and to manage critical events that affect the resilience of networked large complex critical infrastructures.

Abstract: EURAM developed a uniform risk assessment method for Critical Infrastructures that scales across company, sector, cross-sector and European-wide levels.

Abstract: DESEREC is an integrated project of the Sixth Framework Programme of the European Union in the thematic area "Information Society Technologies

Abstract: Critical Infrastructures

Abstract: International collaboration of four associations in the critis

Abstract: Insights in the daily business of energy management, one of the main research areas of critical infrastructures within the IRRIIS project at Siemens premises in Nürnberg and Erlangen.

Abstract: With e-government the dependency on secure public IT will extend. Some aspects are discussed.

Abstract: CISTRANA, a co-ordination action project supported by the EC, analyzes the information and communication technologies landscape to identify fields where strategic, programme-level coordination among EU countries offers significant opportunities.

Note: German Aerospace Agency and Association Nationale de la Recherche Technique and Finnish Funding Agency for Technology and Innovation and Council for the Central Laboratory of the Research Councils and National Office for Research and Technology

Abstract: How safety, severe crises management and critical infrastructure protection interrelate.

Abstract: The University of Lisboa Faculty of Sciences (FCUL) takes part in the CMU-Portugal partnership between Carnegie Mellon University and the Portuguese Government, with joint CMU-FCUL Master and PhD programs in Security and Dependability.

Abstract: SecurIST is co-ordinating the development of a Strategic Research Agenda for Security and Dependability R&D.

Abstract: ICT security challenges for citizens, organisations and states.

Abstract: Again, we present four EU funded projects in this issue. And new proposals can be prepared for the Security and Dependability call starting in September 07. The topic is now recognized at large as one of the essential issues in maintaining prosperity and welfare within EU.

Abstract: The first international conference on Information Technology for Critical Infrastructure Protection on 4-5 September 2007 at K

Abstract: IT CIP, a complexity challenge defined by network and human interaction. A new initiative tries to develop a decision support system helping the operational personnel to identify and fight critical situations.

Abstract: Societies

Abstract: The emphasis if this issue has grown and more articles are available. This fact is just a mirror of the growing activities C(I)IP activities in European Union.

Abstract: A proposal to understand CI in a holistic way: prevention, protection, response and post-crisis recovery.

Abstract: A summary of the National and International initiatives and Activities carried out by the Italian Body for the Information and Communication Technologies.

Abstract: Third GI SIG SIDAR Conference on Detection of Intrusions & Malware, and Vulnerability Assessment, Berlin, Germany, July 13

Abstract: The point of view of a generalist on an issue more and more relevant to our societies and our citizens.

Abstract: While SCADA systems that communicate through IPv4 have inherited its vulnerabilities, IPv6 appears as an open research trend and a potential candidate for improving the security of SCADA networks.

Abstract: The consultation platform is a communication forum for all issues relating to information security. The structured, hierarchical nature of the forum means that a solution can be offered for problems that are detected by utilising all the resources available.

Abstract: Together with the NESSI Technology Platform, ESFORS coordination action is bringing together different EU stakeholders from software engineering and IT security domains, with an objective to provide a unified view for European research in Secure Services Architectures and Software Infrastructures.

Abstract: Our world has become more dynamic, more complex, more dependent and more vulnerable. Strategic planning and corporate governance need new instruments like scenario management to be prepared for future challenges.

Abstract: To evaluate the threats to information security, it is essential to know the frequency and quality of breaches in companies. Such information can be derived from surveys. This article discusses the strengths and weaknesses of surveys.

Abstract: A novel threat taxonomy, a proof-of-principle of synchronised tools for multinational and cross-sector CIP exercises, recording of human behaviour in-the-loop, and shaping the Critical Infrastructure Protection research area.

Abstract: The IWCIP 2005 workshop provided a truly international forum for presenting and discussing research in a broad spectrum of critical infrastructure protection and is to be the first in an annual series of workshops.

Abstract: Executive Round Table

Abstract: In 2005, the Israeli government decided to create a governmental Computer Emergency Response Team (CERT), in order to fill an increasingly evident void in Israel's IT security sphere. There are many struggles accompanying the birth of a CERT project, but the original need overcomes them all.

Abstract: The international conference on IT Incident Management and IT Forensics (IMF) provides a common platform for the still separated communities of the security teams, aka CERTs or CSIRTs, and the IT forensic experts. The conference will take place in Stuttgart on October 18

Abstract: The activity started in the last ECN to gain an associated country editor in each EU member state is continuing successfully. We are very pleased to introduce two new members: Javier Lopez from Spain and Hannu Kari from Finland.

Abstract: 1st International Workshop on Critical Information Infrastructures Security, Samos Island, Greece, August 30

Abstract: During this worldwide economic turndown, as governments cut services in an effort to cut costs, a new model for e-government CIIP was presented at the World Summit for the Information Society (WSIS). This new model will allow the delivery of new e-government services utilizing existing infrastructures. E-Government can restore services to the citizens and even decrease socio-economic gaps.

Abstract: Most working groups dealing with critical information infrastructure protection have to follow a closed shop

Abstract: The research and development programmes have significantly contributed to raise awareness and stimulate the debate on how to meet the future security challenges of the information infrastructure. This is particularly true for the European R&D whose role would possibly become even more important because of the activities planned under the Information Society Technologies (IST) Programme and the Preparatory Action on Security Research (PASR).

Abstract: US Searching for Deeper and Closer Cooperation in the CIP S&T Domain. New forms of Cooperation Proposed.

Abstract: The newly established European Network and Information Security Agency, ENISA, has an important role to play in the securing of our electronic communication and information systems.

Abstract: The SAFEGUARD Project placed within the IST Initiative in the 5th Framework Programme of the European Commission addressed the topic of developing an Intelligent Agents Organisation to Enhance Dependability and Survivability of Large Complex Critical Infrastructures

Abstract: Security research framework for Europe - Empowering the citizen.

Abstract: An Inventory and Analysis of Protection Policies in Fourteen Countries

Abstract: Tasks like CIIP are trans-national and trans-disciplinary. Therefore the exchange of information should be fostered. ECN is a platform to communicate CIIP related activities to provide networking possibilities for CIIP experts and stakeholders. We hope it serves its purpose.

Abstract: The CyberDefense Project is an international initiative that addresses the protection of critical IT and telecommunication infrastructures against malicious threats such as worms, denial-of-service attacks, spyware and spam.

Abstract: Building an Interdisciplinary Critical Infrastructure Protection Program in Academia