Академический Документы
Профессиональный Документы
Культура Документы
Public Research Centre Henri Tudor, Service Science and Innovation, EE-Team, Luxembourg.
christophe.feltus@tudor.lu
ABSTRACT
The huge amount of information managed by Critical
Infrastructure (CI) argues for the support of SCADA systems
which behave as very complex and sophisticated tools. These
latter support CI operators in monitoring and governing the
system security by elaborating the operational policies amongst
the architecture components. In [1] and [2] we have exploited
enterprise architecture management tool to construct an integrated
SCADA metamodel dedicated to these components artefacts and
structured according to (1) three layers of abstraction, namely:
Organization, Application, and Technical layer and (2) two
semantically consistent types of policies: the Permissive Policy
and the Cognitive Policy. The results of the SCADA modelling
and policy engineering approach constitute, as illustrated through
the CockpitCI project case study, a global analytical tool for the
SCADA operators which may rely on a rational and unified
component security based architecture to continuously monitor
and manipulate the policy attributes acknowledging their impact
on the whole CI system. In this poster, we illustrate how the
metamodel for SCADA components is used together with the
method for policy scheme identification to support automatic
reaction strategy.
General Terms
Management, Performance, Design, Reliability, Experimentation,
Security, Languages, Theory, Verification.
Keywords
ArchiMate, metamodel, SCADA, multi-agents system, trust,
critical infrastructure, reaction policy.
1. INTRODUCTION
In our previous work, we have defined a metamodel for
supporting SCADA components based on ArchiMate enterprise
architecture modeling language. This metamodel support three
functions. It allows modeling each component of the SCADA
architecture using a unified SCADA language (1st function). This
latter offers the advantage of easily and coherently define two
types of policies governing SCADA behavior and system, to
know: Cognitive and Permissive policies (2nd function). In this
poster paper, we complete the work by proposing an integrated
Permission to make digital or hard copies of all or part of this work for
personal or classroom use is granted without fee provided that copies are
not made or distributed for profit or commercial advantage and that
copies bear this notice and the full citation on the first page. To copy
otherwise, to republish, to post on servers or to redistribute to lists,
requires prior specific permission and/or a fee.
SIN'13, November 26-28, 2013, Aksaray, Turkey
Copyright 2012 ACM 978-1-4503-1668-2/12/10... $15.00.
The
Application
ARS
is
associated
with
the
Detection/correlation collaboration which facilitates the
information exchanges between the CI application modules and
realizes the application policy deployment to the CI component
application artefacts.
The Application ARS is also guaranteed by the Main CI
Investigator and is realized (see Table I.), following the reaction
architecture from Figure 1, by the Alert analysis Module, the
Detection ZW 0.1 Module and the Correlation Application 1.1.
Table I: SCADA components realization
4. CONCLUSIONS
Figure 3 summarizes the three functions necessary for the
enhancement of the SCADA architecture management with the
automatic reaction strategy proposed in this paper.
ACKNOWLEDGMENTS
The research is funded by the CockpitCI project within the 7th
framework Programme of the European Union (topic SEC2011.2.5-1 Cyber-attacks against critical infrastructures).
Figure 2. Reaction Unit
Equivalently, three main artefacts compose the application layer
(Blue part of Figure 2):
The Application Automatic Reaction Strategy, also defined by
the rule, is modelled by means of an application function. This
latter is also naturally associated to the Expected Automatization
Level and is accessed by the Main CI Investigator.
REFERENCES
[1]
[2]
[3]