TENACE is a national project funded by the Italian Ministry of Education, University and Research under the PRIN program.
The TENACE project will investigate the protection of national critical infrastructures from cyber threats following a collaborative approach whenever appropriate. TENACE will address three scenarios: financial infrastructures, power grid and transportation systems that represent three widely different settings with distinct interdepencies, threats, vulnerabilities and possible countermeasures. TENACE has the objective of defining collaborative technical and organizational methodologies to raise the protection of such CIs with the specific target of looking at the common steps in order to develop a unifying metodology and understanding the underground economics fuelling an attacker. The study of specific CI vulnerabilities and related attacks will drive the development of algorithms, models, architectures and tools as the means to enable the effective protection of critical infrastructures enhancing their degree of security and dependability by considering a continuously evolving adversary. TENACE will address cyber attacks, combination of cyber and physical attacks and cyber fraudes in the context of power grids, transportation and financial inrastructures respectively. TENACE will integrate results developed by specific research groups in order to generate solutions addressing complex attacks in each specific CI scenario. Such solutions will be validated against real data sets.
The overall goal of TENACE is to study novel methodologies, algorithms, models, architectures and tools as the means to enable the effective protection of critical infrastructures by enanching their degree of security and dependability. CI protection will be pursued fostering collaboration through correlation of cross-organizational information and resource sharing within specific critical sectors without compromising the independence of individual institutions security, privacy, and other constraints. Collaboration will be aimed at strengthening global risk management in the digital and in physical sphere and conduct coordinated targeted actions against computer-based crime and security attacks.
Project efforts will progress according to the following main directions:
Methodologies for raising the degree of protection (i.e., security and dependability) of CIs and to get shorter attack reaction time. Such methologies should clearly separate common protection procedures at different CIs and protection procedures characterizing a specific CI. Additionally such methodologies should point out appropriate software architectures and tools necessary to protect both the edge of a CI from direct attack (e.g., DDoS) and the core of a CI from indirect attacks (e.g., a-la-stuxnet) or accidental failures that could further expose the system. Additionally TENACE will also investigate the underground economics fuelling an attacker and tradeoff with the cost of security.
Algorithms for detecting specific (direct and indirect) attacks to a CIs that are able to improve the level of protection by considering a continuously evolving adversary. Novel solutions aimed at improving the dependability of CIs in order to reduce the probability of exposing software vulnerabilities to potential attackers. New protection techniques based on machine learning approaches, real time anomaly detection, data analysis will be developed. Specific high performance (e.g., cloud-based) software architectures can be designed to run such algorithms.
Distributed architectures for CIs, their components, either off-the-shelf (OTS) and legacy, and their resiliency requirements will be studied, in order to define algorithms and middleware architectures for improving protection attributes of future CIs. Strategies for on-line monitoring, diagnosis and reconfiguration will be studied and defined, specifically tailored for OTS-based CIs, according to the resiliency assurance requirements. Highly dependable software architectures will be designed in order to output reliable middleware services, reducing thus vulnerabilities exploitable by attackers.
Tools and techniques for modeling and evaluating the degree of protection of CIs will be designed. Among the others, the project will investigate CI-specific penetration testing; vulnerability injection tools will be also designed and evaluated. The design of CI-specific honeypots and methods to evaluate effectiveness of an attack will be studied. Test will be done on real data set thanks to our agreements with Symantec, EIT and CA.
For further details: http://www.dis.uniroma1.it/~tenace/