Security Considerations in M2M Communications

Similar documents
Cyber Attack Information System CAIS. DI Thomas Bleier, MSc, CISSP, CEH

Smart Grid Security: Current and Future Issues

IOT FLAGSHIP PROJECT. Dr. Mario Drobics, AIT

Security Challenges in Smart Distribution

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser. CSP2015 Brussels /

H2020 & THE FRENCH SECURITY RESEARCH

Discussion on MS contribution to the WP2018

Development, Analysis and Evaluation of Cyber Resilience Strategies

Securing Europe s IoT Devices and Services

Competence Centre for Digital Assistance Systems

INtelligent solutions 2ward the Development of Railway Energy and Asset Management Systems in Europe.

The SPARKS Project Motivation, Objectives and Results

Smart Data and its impact for Germany

European Cybersecurity PPP European Cyber Security Organisation - ECSO November 2016

The Challenges of Risk Assessment for Smart Grid

Thomas Bleier, Zhendong Ma, Christian Wagner AIT Austrian Insitute of Technology

Joint Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG2016)

Resilient Smart Grids

Upcoming EC Systems Research Perspectives

AEGIS Advanced Big Data Value Chains for Public Safety and Personal Security

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

OVERVIEW OF AUTOMATED DRIVING RESEARCH IN EUROPE. Dr. Angelos Amditis Research Director, ICCS

Secure Societies in 2015

Committed to connecting the world

NIS-Directive and Smart Grids

The Research Centre on Zero Energy Neighbourhoods in Smart Cities - ZEN

5G for Connected Autonomous Vehicles

1. Publishable Summary

DIGITAL SAFETY & AIT

Unlock the potential Digitalize your building and plant infrastructure Hannover Fair Hannover, April 2018

Sichere Intelligente Mobilität - Testfeld Deutschland. Safe Intelligent Mobility Field Test Germany

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Media (NEM) Initiative

European Union Agency for Network and Information Security

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

EU funded research is keeping up trust in digital society

Securing Europe's Information Society

Trustworthy ICT. FP7-ICT Objective 1.5 WP 2013

Third public workshop of the Amsterdam Group and CODECS European Framework for C-ITS Deployment

An Integrated Pan-European Research Infrastructure for Validating Smart Grid Systems

In Accountable IoT We Trust

Assessments Audits CERTIFICATION

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Michael Hübner. Co-Chair SET-Plan MS Working Group on SET-Plan Action 4- Energy Systems and Networks (SET-Plan Steering Group)

ENISA EU Threat Landscape

Cybercrime what is the hidden nature of digital criminal activities nowadays?

The NIST Cybersecurity Framework

ICT Security AIT

Bontempiorgel. Mar7n LATZENHOFER

The Digitising European Industry strategy & H2020 calls related to Cyber-Physical Systems

Pioneer in the economic and ecological facility management

Call for Expressions of Interest

The FIRST Project and the Future Internet National Research Programme

Cyber Security. Activities of an national insurance association based on the example of VVO

Smart Grids Model Region Salzburg

locuz.com SOC Services

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

The Berlin Center for Digital Transformation Jürgen Diller Berlin, 31st January 2018

Quality Assurance in 5G SME Engagement

IoT privacy risk management in ANASTACIA project

to Address Cyber Physical Systems Security (CPSSEC)

Measurement Challenges and Opportunities for Developing Smart Grid Testbeds

MASP Chapter on Safety and Security

Sichere Intelligente Mobilität - Testfeld Deutschland. Safe Intelligent Mobility Field Test Germany

FORTIKA - Cyber Security Accelerator for trusted SMEs IT Ecosystems THE PROJECT

Hannover Declaration

The Role of ENISA in the Implementation of the NIS Directive Anna Sarri Officer in NIS CIP Workshop Vienna 19 th September 2017

Joining forces to fight botnets. Dan Tofan Head of the Technical Division CERT-RO 17/02/2014

Security for smart Electricity GRIDs

Orange Smart Cities. the ICT partner for innovators in the urban space

AUTOMOTIVE FUNCTIONAL SAFETY: ACCELERATING INNOVATION THROUGH COOPERATION AND CONSENSUS IN STANDARDS

NIS Standardisation ENISA view

ENISA S WORK ON ICS AND SMART GRID SECURITY

The NIS Directive and Cybersecurity in

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

IST FP6 Co-ordination Action Project: CI 2 RCO

Legal Regulations and Vulnerability Analysis

H2020 Opportunities in the Area of Security and Critical Infrastructure Protection

IRRIIS - Integrated Risk Reduction of Information-based Infrastructure Systems

ERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford

Secure Societies Work Programme Call

accelerate your ambition Chris Jenkins

PIPELINE SECURITY An Overview of TSA Programs

Cymsoft Information Technologies

COMPANION FINAL EVENT 14 TH & 15 TH September 2016

Continuous protection to reduce risk and maintain production availability

The German IT Security Certification Scheme. Joachim Weber

INTEGRATING AUTOMOTIVE HAZARD AND THREAT ANALYSIS METHODS: HOW DOES THIS FIT WITH ASSUMPTIONS OF THE SAE J3061

SYMBIO-TIC Project. Lihui Wang Project Coordinator Professor, Chair of Sustainable Manufacturing KTH, Stockholm, Sweden

Integrating Distributed Resources into Distribution Planning and Operations R&D Priorities

Bachelor of Information Technology (Network Security)

Cloud-Security: Show-Stopper or Enabling Technology?

CYBER SECURITY OF SMART GRID - CHALLENGES AND POTENTIAL SOLUTIONS FOR TRANSMISSION SYSTEM OPERATORS

Horizon 2020 Security

European Cybersecurity cppp and ECSO. org.eu

2017 Company Profile

Smart & Sustainable Cities India Fraunhofer India Office

Transcription:

Security Considerations in M2M Communications Applied Research Issues & Projects in the Austrian Institute of Technology (AIT) Dr. Markus Tauber Project Manager, ICT Security, Future Networks and Services, Safety & Security Department markus.tauber@ait.ac.at +43 664 8251011 www.ait.ac.at/it-security

Overview Who we are and what we do Organisation Department Research topics How we address research topics in projects Running Coming Planned Get involved: User and Advisory Board 2

Federal Ministry for Transport, Innovation and Technology Federation of Austrian Industries 50,46% 49,54% ~ 1.100 Employees Budget: 120 Mio. Business Model 40:30:30 3

AIT R&D Program Safety & Security Department Model based testing system safety System Safety System Safety Highly Reliable Software Highly and Reliable Systems Software (HRS) and System Safety Highly Secure Reliable and Softand Hardware reliable Systems ICT Security ICT Security Future Future Networks Networks and and Services Services (FNS) egovernment secure Cybercrime smart grids & secure Cyberwar cloud computing critical infrastructure Data Safety Data Safety Infrastructure Security Security information safety Digital Digital Memory Memory Engineering (DME) Safety management of large and Archive komplex & Data egovernment,.. Availability Intelligent Intelligent Vision Vision Systems Security Systems (IVS) 3D vision high Surveillance performance& vision multi-camera Protection networks public safety 4 pillars for Safety & Security in the Electronic Universe 4

Research Programme ICT Security Research goals: Development of methodologies and tools for Secure System Design Application-oriented research in the areas embedded Systems, M2M, egovernment, Critical Infrastructures, Smart Grids, ehealth, etc. Examples: Evaluation of MS SDL or other standard RAM in a M2M context Development of new CC Protection Profiles and automation of its evaluation (tool chains) We are working on tools for managing the complexity of implementing efficient security mechanisms! 5

Techn. (Application) Topics Traffic Control Cloud Governmental Telecommunication Critical Infrastructure CCTV E-health M2M Smart-* E-Government Automotive WLAN Automatisation 6

The Cloud A Method to abstract over physical hardware #include <cloudstdio.h> #define Nbr of CPUs dynamic main() { cloudprintf("hello World "); } cloudstdio.h Flexibility Scalability Redundancy Uniform Security Measures Single Point of Failure Origin of Failure is hard to isolate (per Definition) 7

M2M and the Cloud Application domains: ATM CCTV Smart-Meter Limited local compute capacities Smart-Home Smart-Health Global view required Smart-Cities ILNP. source: smekal.at 8

Example: CCTV @ ATM & Cloud Search performance e.g. Man with red ski mask Techn. challenges due to modular architecture (Outsourcing) Legal challenges reg. data protection & SLA Bank CitySec TelCom TenSys CloudCorp ATM Operator Security Service Provider Telecom Operator Tenant System Mgmt Cloud Mgmt Provider 9

AIT ICT Security Projects National and international research project examples: Architectural security analysis Risk-Management Data protection M2M, Smart-*, Cloud, CI 11

Overview 10 Partner from Austria, Finland, Germany, Greece, Spain and the UK Project budget 4.8 Mio, partially funded by EC FP7 Project runtime 1.1.2013 31.12.2015 User driven Topics Combination of technical and legal aspects regarding log gathering (SLA management, data protection) Novel risk assessment methods regarding CI & Cloud Understand Cloud behaviour ( monitoring, forensic analysis, anomaly detection, root cause analysis, resilience ) Guidelines for secure operation of CI in the Cloud & Service Assurance Real life evaluation scenarios SECCRIT Consortium 12

Smart Grid Security Guidance (SG)² KIRAS Project runtime 2 years, 11/2012 11/2014 Smart Grid security aspects in an Austrian context Partner: AIT Austrian Institute of Technology Technische Universität Wien SECConsult Unternehmensberatung GmbH Siemens AG, Corporate Technology Österreich LINZ STROM GmbH Energie AG Oberösterreich Data GmbH Innsbrucker Kommunalbetriebe AG Energieinstitut an der JKU Linz GmbH Bundesministerium für Inneres Bundesministerium für Landesverteidigung und Sport 13

Arrowhead Arrowhead Improvement of efficience and flexibility and sustainability in the industrial context via in smart-* and e-mobility and virtual energy markets. AIT s Focus: Architectural Security Analysis Runtime 4 years, 78 Partner (Austrians: TU Graz, Campus 02 FH Graz, AIT, Evolaris, AVL, Invineon) Secure? 14

HyRiM: Hybrid Risk Management for Utility Providers Development and evaluation of Hybrid Risk Metrics for coupled complex critical infrastructure networks Development of tools and methods for risk assessment for utility providers in the face of novel threads (e.g.: Advanced Persistent Threats) Definition of security architectures for utility providers for e.g. BYOD scenarios Partners Elective Cooperative of Alginet 15

SPARKS Smart Grid Protection Against Cyber Attacks EU FP7 Research Topics Analysing, Modelling and Simulating Smart Grid Cyber security Vulnerabilities and Threats Developing a Reference Security Architecture for Smart Grids Research and Development of Security Mechanisms and Tools Economic Analysis and Quantification Legal and Privacy Related Aspects and Policy Recommendations Demonstration of Project Results in Simulated and Real Testbed Environments Partner AIT, Energie-Institut Linz GmbH (AT) EVB - EVB Energy Solutions, a Diehl company, AISEC - Fraunhofer AISEC, IABG, SWW Stadtwerke Wunsiedel (DE) KTH Kungliga Tekniska högskolan (SE) L+G - Landis + Gyr (CH), RSA, the Security Division of EMC (CH/IE) CSIT - Queen s University Belfast, Centre for Secure IT (UK) UTRC United Technologies Research Center (IE) 16

User and Advisory Board (UAB) Most AIT projects include opportunities to get involved via a UAB, which provide: Information in annual workshops Proactive information regarding research outputs Direct channel to researches to steer research direction Dr. Markus Tauber Project Manager, ICT Security, Future Networks and Services, Safety & Security Department markus.tauber@ait.ac.at +43 664 8251011 www.ait.ac.at/it-security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback