EVENTS

Final Review

26th February 2015 - Final Review, IEC Headquarter                                  (Haïfa Il)

The final review of the project has taken place in Haïfa, on the 26 February 2015.
The project have been successfully closed. The reviewer have been impressed by the work done especially by the tools deployed on the Hybrid Test Bed. According to this reviewer feedback, the tools designed during the project should be quickly improved to be available as commercial solution in order to increase the Security awareness of Critical Infrastructures all over the European countries.

6th – 5th CockpitCI Workshops

3rd December 2014 - 5th CockpitCI Workshop, Lyse Headquarter                                  (Stavanger No)
16th December 2014 - 6th CockpitCI Workshop, ENEA Headquarter                                  (Roma It)

The 5th and 6th CockpitCI Workshops on ICS security have taken place at Stavanger (No) hosted by Lyse and Roma (It) hosted by ENEA. These events have been a very opportunity to underline the necessity of increasing the awareness for CIs Stakeholders. In that aim, the CockpitCI consortium has demonstrated to the auditors of the conferences the tools designed during the project, and deployed in the new HTVa (Hybrid Test bed) located in Israel , i.e..:

• The whole set of detection systems including HIDS, NIDS, SCADA Honeypot, Shadow RTU, Meta-Antivirus, Vulnerability Checker
• The Security Assurance Analysis System
• The Security Management system including smart correlation and IA analysis tools OCSVM.
• The Cyber-attacks modeling and CI behavior tools: RAO tools, virus spreading tools, FSIR simulation tool.
• The Prediction Tools (CISIA).

The demonstration shows how the CockpitCI provides a better view on security in case of specific cyber-attacks such as network scan, MITM (Man In The Middle) attack both operational and SCADA networks, Telecommunication network attack (switch flooding) especially regarding the operational level of FSIR (Fault Restoration process of electrical grid) in case of cyber-attack.

CockpitCI Testbed:

The meeting has meet together more than 80 peoples coming from industrial sectors and has allowed to take note of the latest technological system of protection for ICS thanks to the attendance of industrial partner as Schneider (presentation of Cyber Security for Automation Process) or as Waterfall Security Solutions (presentation of uni-directional gateway solution better than firewall).

The roundtable organized after the lecturers has allowed to response to the question on the capability of the CockpitCI tools especially regarding its capability to stop zero-day cyber-attack as Stuxnet and to draw a quick overview of the future challenge for CockpitCI system: reach the level of a real commercial product available for end-users asa smart solution to increase security.

The events has also allowed to present the CockpitCI project to the Press with a dedicated interview of the Project Manager by Stampa Newspaper and a quick WebTV interview by ENEA TV.

4th CockpitCI Workshop – Bucharest (Ro)

16th September 2014 - 4th Workshop of CockpitCI Project, "SCADA Cybersecurity", Hotel International Bucharest(Ro)

As one of the three stakeholders involved in the CockpitCI project, the C.N.T.E.E Transelectrica S.A. organisation has organized the 4th CockpitCI Workshop to present to its collaborators and partners the researches performed in the European project CockpitCI on Security on SCADA. The 8 keynotes provided by the partners of the project has allowed the participants to take the mesure of the cyber-threats on Critical Infrastructures and the necessity to increase the awareness of the operators in order to mitigate the risk and avoid critical outage and business impacts. Among the audience, we can mention the main responsible of Transelectrica, Romanian security experts for Critical Infrastructure and members of several service provider in Energy, Telecommunication and other vital services such as gaz or water. After an introduction made by the representative of Transelectrica for the project, Mrs Tania Roman, the workshop has been divided into two keynotes sessions:

First session

• CockpitCI Project Overview, Antonio Graziano (Selex ES S.p.A – Italy)
• The CockpitCI Cyber Analysis and Detection Layer, Tiago Cruz (University of Coïmbra, Portugal)
• Integrated Detection Mechanism, Leandros Malgaras (University of Surrey, England)
• Specific detection tools developed for CockpitCI: Software vulnerability and malware analysis engines, Matthieu Aubigny (itrust, Luxembourg)

Second session

• Modelling loss/false Controllability/Observability of Electrical grids under cyber attacks, Michele Minichino (ENEA, Italy)
• Integrated Risk Predictor in CockpitCI, Stefano Panzieri (University Roma TRE, Italy)
• Validation Process Peculiar Properties in the Multinational R&D CIIP Projects. The CockpitCI Project Example, Leonid Lev (IEC, Il)

Round Table : Open discussion on security issues for SCADA operators and on CockpitCI’s impacts. moderated by Stefano Panzieri (Roma TRE) and Antonio Graziano (Selex ES)

Working lunch at Restaurant Tirol, Hotel International Bucharest.

3rd CockpitCI Workshop – Luxembourg (Lu)

10th March 2014 - 3rd Workshop of CockpitCI Project, "SCADA Cybersecurity", Creos Dispatching, Heisdorf (Lu)

Within the EU project CockpitCI “Cybersecurity on SCADA: risk prediction, analysis and reaction tools for Critical Infrastructure”, itrust consulting and CREOS, under the patronage of the Ministry of Economy and Foreign Trade, Étienne Schneider, organised at Creos’ national dispatching centre on March 10^th the 3^rd CockpiCI Workshop on “SCADA Cybersecurity”. This workshop enabled the European Agency for cyber security, Luxembourgish authorities (Ministry of Economy, GOVCERT.LU, HCPN), the national electricity and gas provider CREOS and other Luxembourgish industrial invitees as well as the project partners including the security consultancy and research company itrust consulting, the CRP Henri Tudor from Luxembourg, the project coordinator Selex ES from Italy, Romanian operators, and researchers from Italy, Portugal, Great Britain, Israel, Norway and Belgium to discuss the problems and solutions concerning the security of critical infrastructures.

First Session

• Introduction of the Cybersecurity problematic, Carlo Harpes (itrust)
• Recent evolution of the CIP and CIIP for SCADA, Adrian Pauna (ENISA) by Skype
• The word of the Minister, François Thill (Ministry of Economy and Foreign Trade)
• Experience of SCADA upgrading project, Carlo Bartocci (CREOS)
• The Government as key stakeholder for CI Cybersecurity, Paul Rhein (Haut Commissariat à la Protection Nationale)
• Overview of the CockpitCI Project, Antonio Graziano (Selex ES)

Second Session

• The CockpitCI multi-layered detection framework, Paulo Simoes (FTUC)
• Modeling the loss of controllability and observability of electrical grids under SCADA cyber attacks, Michele Minichino (ENEA)
• Risk Prediction Tool of CockpitCI system, Stefano Panzieri (Roma3):
• Attributes extracted from network traces, Leandros Maglaras(Surrey)
• Presentation of specific CockpitCI tools, Matthieu Aubigny (itrust)

Round Table : Open discussion on security issues for SCADA operators and on CockpitCI’s impacts. moderated by C. Harpes (itrust)

2nd CockpitCI Workshop – Coïmbra (Po)

20th March 2013 - 2nd Workshop of CockpitCI Project, Pólo II da Universidade de Coimbra, Portugal

The objective of the workshop was to have an open confrontation on the issues addressed by the CockpitCI project with End Users and System Manufacturers in the Energy, ICT and Control Systems sectors. In the first part of the workshop, the CockpitCI concept was presented. Next, selected presentations from industry stakeholders provided an overview of current industry needs and practices. The workshop finished with a joint discussion panel.

Session I – The CockpitCI approach to Cyber Security – Moussa Ouedraogo, Public Research Center “Henri Tudor”

• CockpitCI project overview, Antonio Graziano, SELEX
• Scenario and models of SCAD and ICS under cyber attacks, Michele Minichino, ENEA
• Smart detection strategy, Tiago Cruz, University of Coimbra
• Cyber-risk prediction strategy, Stefano Panzieri, Università di Roma Tre

Session II – Industry Perspectives – Miguel Martins, itrust consulting

• Cyber security in electricity distribution, Nuno Pereira, EDP
• Uncover and manage anomalies in real-time, Paulo Marques, FeedZai
• CECRIS – CErtification of CRItical Systems, Marco Vieira, University of Coimbra
• Energy metering, Ricardo Clérigo, ISA

Panel Discussion – Towards safer critical infrastructures, Paulo Simões, University of Coimbra

The workshop gathered more than 50 attendees – mainly from national industry, graduate students and researchers from Portuguese universities and national organisations.

1st CockpitCI Workshop – Haïfa (Il)

14th December 2012 - 1st Workshop of the CockpitCI Project, IEC premises, Haifa, Israel

On the 14th December 2012, the project team organised a workshop that brought together about one hundred cybersecurity specialists. The objective of the workshop was to have an open confrontation on the issues addressed by the CockpitCI project with End Users and System Manufacturers in the Energy, ICT and Control Systems sectors. The project team had the opportunity to collect feedback via a questionnaire that was distributed to the audience.

• Building Your Security Strategy in a Vulnerable World, A. Bar Lev, Check Point President, Israel
• SCADA Systems Cyber Security Challenges of European Utilities, A. Kvinnesland, Lyse IT Security Advisor, Norway
• CockpitCI: Project overview, SELEX-SI, Italy
• Modelling Industrial Control Systems under cyber-attacks, ENEA, Italy
• The problem of detecting cyber-attacks in SCADA systems, University of Coimbra, Portugal
• Cyber-physical risk prediction, Roma3, Italy
• Hybrid test bed for Industrial Control Systems of Critical Infrastructures, IEC, Israel