Date post: | 03-Jun-2018 |
Category: |
Documents |
Upload: | christophe-feltus |
View: | 223 times |
Download: | 0 times |
of 23
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
1/23
1
Towards Cyber-Security Protection of
Critical Infrastructures by GeneratingSecurity Policy for SCADA Systems
Djamel Khadraoui, Christophe Feltus
Public Research Centre Henri Tudor, Luxembourg-Kirchberg, Luxembourg
March, 2014
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
2/23
2
Table of contents
Introduction and ArchiMate theory
State of the art
Policy Concept and Metamodel Core
Agent System Metamodel
Organizational Layer
Application Layer Technical Layer
Inter-Layer Link
Policy modelling
Organizational Policy
Application policy Case study in Financial CI
Conclusions
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
3/23
Introduction
- Critical infrastructure monitored and protected by SCADA
system
- SCADA operate at different abstraction levels of the CI
- SCADA based on 3 functions:
data acquisition
alert correlation
policy instanciation and deployment
- SCADA based on agents and agent systems (MAS)
NO INTEGRATED MODELING APPROACH TO INTEGRATE ALL
DIMENSIONS.
3
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
4/23
ArchiMate theory
- http://pubs.opengroup.org/architecture/archimate2-doc/
- 3 abstraction layers (business, application and technical)
- ArchiMate core concepts:
- ArchiMate objective is to model enterprise architecture
4
http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/http://pubs.opengroup.org/architecture/archimate2-doc/8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
5/23
State of the art
Gaia: is a framework for the development of agent architectures basedon a lifecycle approach
AUML andMAS-ML: are extensions of the UML language for the
modelling of MAS
Prometheus: defines a metamodel of the application layer and allowsto generate organizational diagrams, roles diagrams, classes
diagrams, sequences diagrams and so forth
CARBA: provides a dynamic architecture for MAS similar to the
middleware CORBA
Observation: No solution for modelling, in a common model, the
different abstractions layer of an SCADA system
5
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
6/23
Policy Concept and Metamodel Core
.the policy semantic :
Our goal is to introduce the Agents po l icy as a Core metamodel
concept as a intermediairy to handle passive and active structures
for realization of a behaviour
6
Event Context Responsibilities
Event: something done by a Structure
Element that generates an execution of
a Policy.
Context: configuration of Passive
Structure that allows the Policy to beexecuted
Responsibility: a state assigned to an
Agent (human or software) to signify him
its obligations and rights in a specific
context..
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
7/23
Agent System Metamodel
Organizational layer
7
Organizational Policies are
behavioural components ofthe organization whose
goals are to achieve an
Organizational Service to a
role depending on Events
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
8/23
Agent System Metamodel Application
layer
8
The Application layer is
used to represent theApplication Components
and their interactions with
the Application Service
derived from the
Organizational Policy of theOrganizational layer
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
9/23
Agent System Metamodel Technical
layer
9
Technical layer is used to
represent the structuralaspect of the system and
highlights the links
between the Technical
layer and the Application
layer and how physicalpieces of information called
Artifacts are produced or
used.
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
10/23
Agent System Metamodel Interlayer
links
10
Artefact of the TechnicalLayer realizes Data Object
of the Application Layer
which realizes
Organizational Object of
the Organizational layer
Application Service uses
the Organizational Policy to
determine the services it
proposes
Technical layer bases his
Infrastructure Service on
theApplication Policy of
the Application layer
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
11/23
ArchiMate
metamodel
for MAS
Allows defining:
1. Organizational policy
2. Application policy
11
1
2
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
12/23
Organizational policy
Organizational Policycan be represented as an UML Use Case
- Roles represent theActors which haverespon sibi l i t iesin theUse
Case
- Collaborat ion concepts show the connections between them.
- Products, Valueand Organizat ional Serviceprovide the Goalof the
Use Case.
- Preand Post cond i t ionsmodel the context of the Use Caseand are
symbol izedin the Metamodel as the Eventconcept (Precondition) and
the Organizat ional Object (Pre/Post condition).
12
The set of rules that defines the organizational Responsibilities andgoverns the execution, by the Organization domain, of behaviours that
serve the Product domain in response to a Process domain occurred in a
specific context, symbolized by a configuration of the Information
domain.
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
13/23
Application policy
UML provides support for modelling the behaviour performed by
the App l icat ion domainas Sequence Diagram.
Configuration of the Data domaincan be expressed asPrecondi t ionsof the Sequence Diagramand symbolized by the
execution of a test-method on the lifeline of the diagram.
13
The set of rules that defines the application Responsibilities and governs
the execution, by the Application domain, of behaviours that serve the
Data domain to achieve the application strategy
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
14/23
Petroleum distribution case study
14
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
15/23
ACE, PIE et RDP
15
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
16/23
Architecturescomponents
TheACE Agents collects, aggregates and analyses networkinformation and confirms alerts are sent to the PIE
The PIE Agentsreceives a confirmed alert from the ACE, set
the severity level and the extent of the network response
(depending on the alert layer). The high level alert messagesare transferred to the RDP.
The RDP Agentsis composed of two modules
The Cryptography Analysis (CA) is in charge of analysing
the keys previously instantiated by the PIE.
The Component Configuration Mapper, selects the
appropriate communication channel.
16
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
17/23
Focus on the alerte
correlation
Instantiation of the metamodel
to engineer the 3 layers policies
At the application layer :
Sequences diagrams:
17
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
18/23
Example of
ArchiMate
Instanciation of the ACE agent
18
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
19/23
Example of
ArchiMate
Instantiation of all agents
19
Policies
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
20/23
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
21/23
Conclusions (2/2)
- ArchiMateadaptation allowed:
Structuringof the policy concept,
Synchronizingthe behaviour between many types of
agents, spread over different types of critical architecture
management components such as the alert correlationengine, the intrusion detection tools, and so forth.
- Acquiring Issuing financial validation by case study
Clarificationof the connection between the
synchronization of the event that is generated at the levelof one component policy and the one that triggers
policies to another component.
21
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
22/23
22
Acknowledgment
The research described in this paper is funded by the
CockpitCI research project within the 7th frameworkProgramme (FP7) of the European Union (EU) (topic SEC-
2011.2.5-1 Cyber-attacks against critical infrastructures
Capability Project).
8/12/2019 ICTDM2014 _ Towards Cyber-Security Protection of Critical Infrastructures by Generating Security Policy for SCADA Systems
23/23
Thank you for your attention !
Any questions ?
23