Professor Chris Hankin
-
Upload
royal-united-services-institute-for-defence-and-security-studies -
Category
Government & Nonprofit
-
view
197 -
download
2
description
Transcript of Professor Chris Hankin
The Changing Cyber Security Landscape
• Recent issues: Heartbleed and ShellShock
• Worms: Stuxnet
• Remote Access Trojans: Havex
• Advanced Persistent Threats
Convergence of ICS and Enterprise IT ...
... but with major differences:
• Time critical versus high throughput
• Continuous operation
• Increased importance of edge clients
• Complex interactions with physical processes
• Resource constraints
• Legacy issues: 15-20+ years of operation
• Access to components can be difficult
A change of emphasis ...
C
I
A
Espionage
I
A
I
C
... not forgetting: Maintainability, Reliability and Safety
Espionage
Sabotage
Key Questions / Challenges
Do we understand the harm threats pose to our ICS systems and business?
Can we confidently articulate these Can we confidently articulate these threats as business risk?
What could be novel effective and efficient interventions?
Research Institute in Trustworthy Industrial Control Systems
£2.4M programme, 5 coordinated projects.
Phase 1 (Directorship) awarded 01/01/14,
Chris Hankin, Imperial College London.
Phase 2 awarded 01/10/14.
Key challenges:
1. Mapping cyber threat to physical harm: do
we understand the harm that threats pose
to ICS and business?
MUMBA: Multifaceted metrics for
ICS business risk analysis
RITICS: Novel, effective and
efficient interventions
to ICS and business?
2. Do we understand and can we confidently
articulate these threats as business risk?
3. What are the novel effective and efficient
interventions?
CAPRICA: Converged approach towards
resilient industrial control systems and
cyber assurance
CECRICS: Communicating and evaluating
cyber risk and dependencies in ICS
SCEPTICS: A systematic
evaluation process for threats to ICS
(incl. national grid and rail networks)