Increasing security and protection of SCADA systems through infrastructure resilience

Abstract

In this paper, we present the approach we have taken in the INcreasing Security and Protection through Infrastructure Resilience (INSPIRE) project to improve the protection of critical information infrastructures. The core idea of the INSPIRE project is to protect critical information infrastructures (CIIs) by appropriately configuring, managing and securing the communication network infrastructure which interconnects supervisory control and data acquisition (SCADA) systems, the key building blocks of CIIs. In order to do so, a self-reconfigurable architecture has been designed, which provides mechanisms for detecting, diagnosing, and treating faults and attacks which might compromise the correct operation of a critical infrastructure. The paper presents the overall architecture of the INSPIRE framework and provides a detailed description of some key system components, namely the subsystems in charge of the monitoring, of the diagnostic activities and of the provision of peer-to-peer (P2P) network support.