The protection of the national infrastructures is one of the main issues for national and international security. While FP7 MICIE project has proved that increasing cooperation among infrastructures increases their level of service and predictive capability, it is not enough to effectively counteract threats such as cyber attacks. Such attacks could be performed blocking communication from central SCADA to local equipments or inserting fake commands/measurements in the SCADA-field equipment communications (as happened with STUXNET worm). The paradox is that critical infrastructures massively rely on the newest interconnected (and vulnerable) Information and Communication Technologies
[Click for more information]ICT technologies, while the measure that is modifying risk
[Click for more information]control equipment is typically old, legacy software/hardware. Such a combination of factors may lead to very dangerous situations, exposing systems to a wide variety of attacks. To overcome such threats, the CockpitCI project aims on one hand to continue the work done in MICIE by refining and updating the on-line effect of uncertainty on objectives
[Click for more information]Risk Predictor deployed in the SCADA centre, on the other hand to provide some kind of intelligence to field equipment, allowing them to perform local decisions in order to self-identify and self-react to abnormal situations induced by cyber attacks. It is mandatory to operate both at SCADA measure that is modifying risk
[Click for more information]control centre and at field equipment because it is very dangerous to let field components operate autonomously. To address this issue an hybrid validation system will be implemented: at the measure that is modifying risk
[Click for more information]Control Centre level an Integrated On-line effect of uncertainty on objectives
[Click for more information]Risk Predictor will provide the operator with qualitative/quantitative measurements of near future level of effect of uncertainty on objectives
[Click for more information]risk integrating data coming from the field, from other infrastructures, and from smart detection agents monitoring possible cyber attacks; at field level, the system is complemented with a smart software layer for field equipment and a detection system for the TLC network. The system will be validated on real equipment and scenarios provided by Israel Electric Corp.