“The CRUTIAL Way of Critical Infrastructure Protection”

From Navigators

Jump to: navigation, search

Alysson Bessani, Paulo Sousa, Miguel Correia, Nuno Ferreira Neves, Paulo Veríssimo

IEEE Security and Privacy, vol. 6, no. 6, pp. 44-51, Nov/Dec 2008., Dec. 2008.

Abstract: Today, critical infrastructures like the power grid are essentially physical processes controlled by computers connected by networks. They are usually as vulnerable as any other interconnected computer system, but their failure has a high socio-economic impact. We describe a hierarchy of variations of a novel device for the protection of these infrastructures, the CIS. These devices are used to ensure that incoming/outgoing traffic satisfies the security policy of an infrastructure in face of cyber-attacks. However, a CIS is not a common firewall but a distributed protection device based on a sophisticated access control model. Furthermore, a CIS is intrusion-tolerant and self-healing, seeking perpetual unattended correct operation. A key feature of the proposed architecture is that it does not require any modification of the SCADA/PCS software already in use today.

Download paper

Download The CRUTIAL Way of Critical Infrastructure Protection

Export citation

BibTeX

Project(s): Project:CRUTIAL

Research line(s): Fault And Intrusion Tolerance in Open Distributed Systems (FIT)

Personal tools
Navigators toolbox