In the frame of the establishment of the European Reference Network for Critical infrastructure protection (CIP) is the study, design and implemen-tation of measures (pro-action, prevention, preparation, incident response, recovery) aimed to reduce the risk that critical infrastructure fails with serious consequences and..
[Click for more information]Critical Infrastructure Protection (ERN-CIP), the European Commission, through the DG Justice, Freedom and Security (JLS), has launched a study of a European Network of SCADA Security Test Centres for Critical Energy Infrastructures (ESTEC).
On the base of similar initiatives already implemented (for instance in USA), the study will define the conceptual design and the technical, legal and financial feasibility of the project, taking into account the specific requirements of European Critical Energy Infrastructures.
In response to the need to have dedicated facilities for carrying out See critical infrastructure protection
[Click for more information]CIP-relevant security experiments, the European Network of SCADA Security Test Centers for Critical Energy Infrastructures (ESTEC) will support Europe for:
- implementation of the directive on the identification and designation of European Critical Infrastructures, requiring each European The European Council Directive 2008/114/EC defines: ‘Critical infrastructure’ (CI) means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic..
[Click for more information]Critical Infrastructure to be provided with an Operation Security Plan;
- preservation of the physical and functional integrity of SCADA systems through the understanding and measure that is modifying risk
[Click for more information]control of their vulnerabilities and the assessment of new technological solutions;
- response to the major deficit regarding the availability of measure that is modifying risk
[Click for more information]Control Systems security data, due to the difficulty in identification of vulnerabilities for complex system-of systems, the rapid technology evolution (specially in the IT sector), and the reluctance of operators to report real security events, that undermines the definition of protection requirements, practices and policies.