The PRECINCT Ecosystem Platform for Critical Infrastructure Protection: Architecture, Deployment and Transferability
Authors: 
Djibrilla Amadou Kountche, Jocelyn Aubert, Manh-Dung Nguyen, Natalia Kalfa, Nicola Gregorio Durante, Cristiano Passerini, Stephane KudingAuthors Info & Claims
Djibrilla Amadou Kountche, Jocelyn Aubert, Manh-Dung Nguyen, Natalia Kalfa, Nicola Gregorio Durante, Cristiano Passerini, Stephane KudingAuthors Info & ClaimsARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security
Article No.: 167, Pages 1 - 8
Abstract
The present work was done during the PRECINCT (Preparedness and Resilience Enforcement for Critical INfrastructure Cascading Cyberphysical Threats and effects with focus on district or regional protection) project. The PRECINCT Ecosystem Platform (PEP), part of the PRECINCT approach, serves to “unify” different Critical Infrastructures (CIs) – through a cybersecurity ecosystem platform - and helps in improving facility protection against cascading effects resulting from cyber-physical attacks, in minimizing service disruptions and in managing interfaces with other CIs. In recent years, CIs have been equipped with Industrial Internet of Things (IIoT) technologies including sensors and actuators which communicate using open protocols (e.g., MQTT, AMQP, CoAP, Modbus, DNP3) or commercially licensed protocols (LoRA, IEC 6870-5-101, Profibus) to share data and commands. Furthermore, the management of these CIs is built on Information Communication Technologies (ICTs) which became Critical Information Infrastructure (CII). Therefore, this paper proposes an approach for the deployment of ICT tools used in CI Protection (CIP) projects. Indeed, the PEP’s deployment in PRECINCT’s Living Labs (LLs) was described using Topology and Orchestration Specification for Cloud Applications (TOSCA). TOSCA, in addition to the usage of reference architectures, is proposed by this paper for re-usability and transferability of CIP projects outcomes.
References
[1]
Cristina Alcaraz and Sherali Zeadally. 2015. Critical infrastructure protection: Requirements and challenges for the 21st century. International Journal of Critical Infrastructure Protection 8 (2015), 53–66. https://doi.org/10.1016/j.ijcip.2014.12.002
[2]
Samuil Angelov, Paul Grefen, and Danny Greefhorst. 2012. A framework for analysis and design of software reference architectures. Information and Software Technology 54, 4 (2012), 417–431. https://doi.org/10.1016/j.infsof.2011.11.009
[3]
Seda Balta, Sultan Zavrak, and Süleyman Eken. 2022. Real-time monitoring and scalable messaging of scada networks data: A case study on cyber-physical attack detection in water distribution system. In International Congress of Electrical and Computer Engineering. Springer, 203–215. https://doi.org/10.1007/978-3-031-01984-5_17
[4]
Carlos Blanco, David G. Rosado, Ángel Jesús Varela-Vaca, María Teresa Gómez-López, and Eduardo Fernández-Medina. 2023. Onto-CARMEN: Ontology-driven approach for Cyber–Physical System Security Requirements meta-modelling and reasoning. Internet of Things 24 (2023), 100989. https://doi.org/10.1016/j.iot.2023.100989
[5]
G. Casale, M. Artač, W.-J. Van Den Heuvel, A. Van Hoorn, P. Jakovits, F. Leymann, M. Long, V. Papanikolaou, D. Presenza, A. Russo, S. N. Srirama, D. A. Tamburri, M. Wurster, and L. Zhu. 2020. RADON: rational decomposition and orchestration for serverless computing. SICS Software-Intensive Cyber-Physical Systems 35, 1 (2020), 77–87. https://doi.org/10.1007/s00450-019-00413-w
[6]
Stephen J Collier and Andrew Lakoff. 2020. The vulnerability of vital systems: how’critical infrastructure’became a security problem. Routledge. 17–39 pages. https://www.taylorfrancis.com/chapters/edit/10.4324/9780203926529-2/vulnerability-vital-systems-collier-stephen-lackoff-andrew
[7]
James DesLauriers, Tamas Kiss, Resmi C Ariyattu, Hai-Van Dang, Amjad Ullah, James Bowden, Dagmar Krefting, Gabriele Pierantoni, and Gabor Terstyanszky. 2021. Cloud apps to-go: Cloud portability with TOSCA and MiCADO. Concurrency and Computation: Practice and Experience 33, 19 (2021), e6093.
[8]
Nicola Durante. 2023. Video Showcasing the Digital Twin Developed for PRECINCT Living Lab 4 (Bologna). https://doi.org/10.5281/ZENODO.8398859
[9]
Linux Foundation. 2024. AKRAINO Approved blueprints. Retrieved from https://wiki.akraino.org/display/AK/Approved+blueprints.
[10]
Meisam Gordan, Djibrilla Amadou Kountche, Daniel McCrum, Stefan Schauer, Sandra König, Shirley Delannoy, Lorcan Connolly, Mircea Iacob, Nicola Gregorio Durante, Yash Shekhawat, Carlos Carrasco, Takis Katsoulakos, and Páraic Carroll. 2024. Protecting critical infrastructure against cascading effects: The PRECINCT approach. Resilient Cities and Structures 3, 3 (2024), 1–19. https://doi.org/10.1016/j.rcns.2024.04.001
[11]
Meisam Gordan, Mona Soroudi, Ili Ko, Páraic Carroll, Daniel McCrum, Sandra König, Stefan Schauer, and Lorcan Connolly. 2023. A Serious Game Conceptual Approach to Protect Critical Infrastructure Resilience in Smart Cities. (2023). https://icasp14.com/ 14th International Conference on Applications of Statistics and Probability in Civil Engineering ; Conference date: 09-07-2023 Through 13-07-2023.
[12]
Badis Hammi, Sherali Zeadally, and Jamel Nebhen. 2023. Security Threats, Countermeasures, and Challenges of Digital Supply Chains. 55, 14 (2023), 1–40. https://doi.org/10.1145/3588999
[13]
Elisabeth Krausmann, Serkan Girgin, and Amos Necci. 2019. Natural hazard impacts on industry and critical infrastructure: Natech risk drivers and risk management performance indicators. 40 (2019), 101163. https://doi.org/10.1016/j.ijdrr.2019.101163
[14]
Kyriakos Kritikos, Tom Kirkham, Bartosz Kryza, and Philippe Massonet. 2017. Towards a security-enhanced PaaS platform for multi-cloud applications. 67 (2017), 206–226. https://doi.org/10.1016/j.future.2016.10.008
[15]
Indika Kumara, Paul Mundt, Kamil Tokmakov, Dragan Radolović, Alexander Maslennikov, Román Sosa González, Jorge Fernández Fabeiro, Giovanni Quattrocchi, Kalman Meth, Elisabetta Di Nitto, 2021. Sodalite@ rt: orchestrating applications on cloud-edge infrastructures. Journal of Grid Computing 19 (2021), 1–23. https://doi.org/10.1007/s10723-021-09572-0
[16]
Sandra König, Lorcan Connolly, Stefan Schauer, Alan O’Connor, Páraic Carroll, and Daniel McCrum. 2023. Combining Cascading Effects Simulation and Resilience Management for Protecting CIs from Cyber-Physical Threats. In Proceedings of the 32nd European Safety and Reliability Conference (ESREL 2022). 2741–2748. https://doi.org/10.3850/978-981-18-5183-4_S20-03-343-cd
[17]
Adrien Ledeul, Alexandru Savulescu, G Segura Millan, and Bartlomiej Styczen. 2019. Data streaming with apache kafka for cern supervision, control and data acquisition system for radiation and environmental protection. In Proc. 17th Int. Conf. Accel. Large Exp. Phys. Contr. Syst.(ICALEPCS). 1–5. https://doi.org/10.18429/JACoW-ICALEPCS2019-MOMPL010
[18]
Paul Lipton, Derek Palma, Matt Rutkowski, and Damian Andrew Tamburri. 2018. TOSCA Solves Big Problems in the Cloud and Beyond! (2018), 1–1. https://doi.org/10.1109/MCC.2018.111121612
[19]
Róbert Lovas, Attila Farkas, Attila Csaba Marosi, Sándor Ács, József Kovács, Ádám Szalóki, and Botond Kádár. 2018. Orchestrated Platform for Cyber-Physical Systems. 2018 (2018), 1–16. https://doi.org/10.1155/2018/8281079
[20]
Welder Pinheiro Luz, Gustavo Pinto, and Rodrigo Bonifácio. 2019. Adopting DevOps in the real world: A theory, a model, and a case study. 157 (2019), 110384. https://doi.org/10.1016/j.jss.2019.07.083
[21]
Anže Luzar, Sašo Stanovnik, and Matija Cankar. 2020. Examination and comparison of tosca orchestration tools. In Software Architecture: 14th European Conference, ECSA 2020 Tracks and Workshops, L’Aquila, Italy, September 14–18, 2020, Proceedings 14. Springer, 247–259. https://doi.org/10.1007/978-3-030-59155-7_19
[22]
Masike Malatji, Annlizé L. Marnewick, and Suné Von Solms. 2022. Cybersecurity capabilities for critical infrastructure resilience. 30, 2 (2022), 255–279. https://doi.org/10.1108/ICS-06-2021-0091
[23]
Vincenzo Masucci, Francesco Adinolfi, Paolo Servillo, Giovanni Dipoppa, and Alberto Tofani. 2009. Ontology-Based Critical Infrastructure Modeling and Simulation. In Critical Infrastructure Protection III, Charles Palmer and Sujeet Shenoi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 229–242. https://doi.org/10.1007/978-3-642-04798-5_16
[24]
Robert K McNally, Seok-Won Lee, Deepak Yavagal, and Wei-Ning Xiang. 2007. Learning the Critical Infrastructure Interdependencies through an Ontology-Based Information System. Environment and Planning B: Planning and Design 34, 6 (2007), 1103–1124. https://doi.org/10.1068/b32078
[25]
Thomas Miller, Alexander Staves, Sam Maesschalck, Miriam Sturdee, and Benjamin Green. 2021. Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems. 35 (2021), 100464. https://doi.org/10.1016/j.ijcip.2021.100464
[26]
The European Parliament and The European Council. 2008. COUNCIL DIRECTIVE 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
[27]
The European Parliament and The European Council. 2022. Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC. http://data.europa.eu/eli/dir/2022/2557/oj
[28]
Cristiano Passerini and Djibrilla Amadou Kountche. 2024. Blueprinting Critical Infrastructure Coordination Center. In 2024 IEEE World Forum on Public Safety Technology (WF-PST). 192–196.
[29]
Platon Patlakas, Ioannis Chaniotis, Maria Hatzaki, John Kouroutzoglou, and Helena A. Flocas. 2024. The eastern Mediterranean extreme snowfall of January 2022: synoptic analysis and impact of sea‐surface temperature. 79, 1 (2024), 25–33. https://doi.org/10.1002/wea.4397
[30]
Maria Nadia Postorino, Luca Mantecchini, Caterina Malandri, and Filippo Paganelli. 2020. A methodological framework to evaluate the impact of disruptions on airport turnaround operations: A case study. 8, 2 (2020), 429–439. https://doi.org/10.1016/j.cstp.2020.03.007
[31]
Erkuden Rios, Eider Iturbe, and Maria Carmen Palacios. 2017. Self-healing Multi-Cloud Application Modelling. In Proceedings of the 12th International Conference on Availability, Reliability and Security (Reggio Calabria Italy). ACM, 1–9. https://doi.org/10.1145/3098954.3104059
[32]
Risa Savold, Natalie Dagher, Preston Frazier, and Dennis McCallam. 2017. Architecting Cyber Defense: A Survey of the Leading Cyber Reference Architectures and Frameworks. In 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud) (New York, NY, USA). IEEE, 127–138. https://doi.org/10.1109/CSCloud.2017.37
[33]
Stefan Schauer, Thomas Grafenauer, Sandra König, Manuel Warum, and Stefan Rass. 2020. Estimating Cascading Effects in Cyber-Physical Critical Infrastructures. In Critical Information Infrastructures Security, Simin Nadjm-Tehrani (Ed.). Vol. 11777. Springer International Publishing, 43–56. https://doi.org/10.1007/978-3-030-37670-3_4 Series Title: Lecture Notes in Computer Science.
[34]
John Soldatos, Isabel Praça, and Aleksandar Jovanović. 2021. Cyber-Physical Threat Intelligence for Critical Infrastructures Security: Securing Critical Infrastructures in Air Transport, Water, Gas, Healthcare, Finance and Industry. Now Publishers. https://doi.org/10.1561/9781680838237
[35]
Bruno Sousa, Miguel Arieiro, Vasco Pereira, João Correia, Nuno Lourenço, and Tiago Cruz. 2021. ELEGANT: Security of Critical Infrastructures With Digital Twins. IEEE Access 9 (2021), 107574–107588. https://doi.org/htts://doi.org/10.1109/ACCESS.2021.3100708
Index Terms
- The PRECINCT Ecosystem Platform for Critical Infrastructure Protection: Architecture, Deployment and Transferability
Recommendations
Decentralized Translator of Trust: Supporting Heterogeneous TEE for Critical Infrastructure Protection
BSCI '23: Proceedings of the 5th ACM International Symposium on Blockchain and Secure Critical InfrastructureTrusted execution environment (TEE) technology has found many applications in mitigating various security risks in an efficient manner, which is attractive for critical infrastructure protection. First, the natural of critical infrastructure requires it ...
Automating the Deployment of Multi-Cloud Applications in Federated Cloud Environments
VALUETOOLS'16: proceedings of the 10th EAI International Conference on Performance Evaluation Methodologies and Tools on 10th EAI International Conference on Performance Evaluation Methodologies and ToolsCloud federation allows cloud providers to dynamically use resources of other federated providers in order to fulfil the requirements of customer requests.
This concept enables the federated cloud providers to use external resources for increasing their ...
Critical infrastructure protection
Critical infrastructures play a vital role in supporting modern society. The reliability, performance, continuous operation, safety, maintenance and protection of critical infrastructures are national priorities for countries around the world. This ...
Comments
Information & Contributors
Information
Published In
July 2024
2032 pages
ISBN:9798400717185
DOI:10.1145/3664476
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 July 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- European Union
Conference
ARES 2024
ARES 2024: The 19th International Conference on Availability, Reliability and Security
July 30 - August 2, 2024
Vienna, Austria
Acceptance Rates
Overall Acceptance Rate 228 of 451 submissions, 51%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 25Total Downloads
- Downloads (Last 12 months)25
- Downloads (Last 6 weeks)4
Reflects downloads up to 25 Dec 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format