Proposals should investigate the dependencies on communication networks and ICT components (including SCADA and IACS systems) of critical infrastructures, analyze and propose mitigation strategies and methodologies for assessing criticalities of services and detecting anomalies, developing tools and processes to simulate or monitor cascading effects due to ICT incidents, and develop self-healing mechanisms. ICT should be protected or re-designed at the software level, but also at the physical level, leading to more robust, resilient and survivable ICT infrastructure.

Based on the outcome of the work described above, plans of how to retrofit state-of-the-art security into networks can also be addressed.

The investigated concepts have to be tested in a field trial. Trials will have to distinguish between generic solutions and solutions specific to the critical infrastructure (e.g. health, finance, energy, transport, …) they are applied to.

Advantage will be taken from the fact that ICT operators (e.g. telecom operators) have experience in securing information networks and this competence can be applied to new types of networks such as smart grids linking communication, energy and transport networks.

In relation to the protection of legacy IACS, SMEs are particularly encouraged to provide specific and very focused security solutions adapting current ICT security technology to IACS environments on topics such as:

  • Early anomaly detection and compliance management.
  • Patching and updating equipment without disruption of service and tools.
  • Improved forensic techniques for supporting criminal law enforcement.
  • Anti-malware solutions with special focus on managing third-parties (e.g. maintenance and support service providers, IACS vendors, etc.)
  • Proactive Security Systems able to counteract Denial of Service attacks (distributed or not) and other type of attacks aimed to the IACS network disruption.

Read more