Protecting Crutial Things *

Today’s critical infrastructures like the Power Grid are essentially physical processes controlled by computers connected by networks. Once these systems were highly isolated and secure against most security threats. However, in recent years they evolved in several aspects that greatly increased their exposure to cyber-attacks coming from the Internet. Firstly, the computers, networks and protocols in those control systems are no longer proprietary but standard PCs and networks (e.g., wired and wireless Ethernet), and the protocols are often encapsulated on top of TCP/IP. Secondly, these networks are usually connected to the Internet indirectly through the corporate network or to other networks using modems and data links. Therefore these infrastructures have a level of vulnerability similar to other systems connected to the Internet, but the socio-economic impact of their failure can be huge. This scenario, reinforced by several recent incidents [6], is generating a great concern about the security of these infrastructures, especially at government level. Recently, we proposed a reference architecture to protect critical infrastructures, in the context of the CRUTIAL1 EUIST project [5]. The idea is to model the whole infrastructure as a WAN-of-LANs, where the typical facilities that compose it (like power transformation substations or corporate offices) are modeled as collections of LANs interconnected by a wider-area network (WAN). Given the ease of defining LANs in today’ IP architectures (e.g., through Virtual switched LANs), there is virtually no restriction to the level of granularity of our architecture’s LAN, which can go down to a single host. Using this architecture, we reduce the problem of critical infrastructures protection to the problem of protecting LANs from the WAN or other LANs. In consequence, our model and architecture allow us to deal both with outsider threats (protecting a facility from the Internet) and insider threats (protecting a critical host from other hosts in the same physical facility, by locating them in different LANs).