1 / 13

Irene Fiorucci Cesidio Bianchi Istituto Nazionale di Geofisica e Vulcanologia Rome , Italy

Identification of Critical Infrastructures in the Mediterranean Sea context and communications’ criticalities. Irene Fiorucci Cesidio Bianchi Istituto Nazionale di Geofisica e Vulcanologia Rome , Italy. Outline. Motivation (European Directive)

meara
Télécharger la présentation

Irene Fiorucci Cesidio Bianchi Istituto Nazionale di Geofisica e Vulcanologia Rome , Italy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identification of Critical Infrastructures in the Mediterranean Sea context and communications’ criticalities Irene Fiorucci Cesidio Bianchi Istituto Nazionale di Geofisica e Vulcanologia Rome, Italy

  2. Outline • Motivation (European Directive) • Selecting criteria and identification of ECIs • Minimum amount of information for the ECIs management and control • Internet criticalities and the need of a backup network • Conclusions SWING Final Meeting | CNIT - Pisa, Italy

  3. Motivation In the framework of the European Program for Critical Infrastructure Protection (EPCIP),the Council of the European Union has established, by means of the promulgation of the Directive 2008/114/EC, a procedure for the identification and designation of European Critical Infrastructures (ECIs) and the assessment of the need to improve their protection. “Critical Infrastructure means an asset, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, economic or social well-being of people, and the disruption or destruction of which would have a significant impact in a Member State.” CouncilDirective 2008/114/EC Reducing the vulnerabilities of critical infrastructure and increasing their resilience is one of the major objectives of the EU. This protection process should be based on an all-hazards approach (technological threats, natural disasters, etc.) but the threat of terrorism should be given priority. SWING Final Meeting | CNIT - Pisa, Italy

  4. Directive 2008/114/EC The 2008 Directive applies only to the Energy and Transport sectors. SWING Final Meeting | CNIT - Pisa, Italy

  5. Directive 2008/114/EC The 2008 Directive applies only to the Energy and Transport sectors. SWING Final Meeting | CNIT - Pisa, Italy

  6. ECIs and CGAsidentification • Ports are sensitive points: • sea entrance gates for goods and passengers transfer • relevant cross-border mutual exchange of information • SWING project is focused on the Mediterranean region where several relevant ports are operative. SWING Final Meeting | CNIT - Pisa, Italy

  7. ECIs and CGAsidentification • Ports are sensitive points: • sea entrance gates for goods and passengers transfer • relevant cross-border mutual exchange of information • SWING project is focused on the Mediterranean region where several relevant ports are operative. • SWING project simulated scenario: • European Critical Infrastructures (ECIs) : • Coast Guards of three Mediterranean ports • (Piraeus-Athens,Gibilmanna- Palermo, • Roquetes-Barcelona) • Controlling Governmental Agency (CGA): • General Command of the Coast Guards • (located in Rome) SWING Final Meeting | CNIT - Pisa, Italy

  8. AIS-VTS system Coast Guards have many functions (search and rescue at sea, safety of navigation, protection of the marine environment etc.). We consider only maritime traffic control. Data concerning the vessels traffic are collected by means of an AIS-VTS system: • AIS (Automatic Identification System): electronic transponder installed on a vessel transmitting a VHF signal. • VTS (Vessel Traffic Services): • stations onshore to monitor the local maritime traffic (using radar and VHF radio links with the passing ships). SWING Final Meeting | CNIT - Pisa, Italy

  9. Minimum amount of information each vessel exchanges with the nearest AIS-VTS station: SWING Final Meeting | CNIT - Pisa, Italy

  10. Minimum amountof information • Minimum amount of information for each vessel: ≈1 kbit • Normal vessels traffic in the sector of competence of a Coast Guard: a hundred of vessels SWING Final Meeting | CNIT - Pisa, Italy

  11. Minimum amountof information • Minimum amount of information for each vessel: ≈1 kbit • Normal vessels traffic in the sector of competence of a Coast Guard: a hundred of vessels Minimum amount of information for each Coast Guard: ≈ 100 kbit This information is exchanged between the Coast Guards and the General Command using the broadband Internet connection. SWING Final Meeting | CNIT - Pisa, Italy

  12. Internet Criticalities of ECIs and CGAs • Numerous kind of security threats and intrusions to the web services: • Malware • Leakage of personal information • Phishing • Denial-of-services (DoS) and Distributed Denial of Services (DDoS). • DOS • A Denial-of-Service attack is designed to hinder or stop the normal functioning of a web site or server flooding it by sending more requests than it is able to handle. This will make the server run slower than usual or crash completely. • DDOS • A Distributed-Denial-of-Service attack differs only in the fact that it is conducted using multiple machines. The hacker typically uses one compromised machine as the ‘master’ and co-ordinates the attack across other, so-called ‘zombie’, machines. SWING Final Meeting | CNIT - Pisa, Italy

  13. Conclusions • Due to internet vulnerabilities in case of terrorist threat or attack, sensitive and confidential information regarding maritime traffic should be shared in a supplementary network. The SWING high survival HF radio network has been designed for this aim. • However, due to the relatively low data throughput of the SWING network, only the minimum flux of essential information for the ECIs management and control should be maintained (≈ 100 kbit). • In spite of its scarce efficiency, the HF network is the only way to communicate relatively short messages, necessary for infrastructures awareness, preparedness and protection, at long distances, at any time any condition. SWING Final Meeting | CNIT - Pisa, Italy

More Related