Protecting the UK’s critical national infrastructure
At its annual public seminar on 8th July, City’s Centre for Software Reliability (CSR) presented its innovative research into the protection of critical national infrastructure and provided a fitting setting for professionals across different industries to network with each other.
The keynote speech, “The Research Institute in Trustworthy Industrial Control Systems” (RITICS), was delivered by Professor Chris Hankin, a Professor of Computer Science at Imperial College London and the Director of the Institute for Security Science and Technology. He reviewed the motivation behind the creation of the new Institute by the Centre for the Protection of National Infrastructure (CPNI) and outlined its key research challenges.
He said that it was vital that we understand the harm that threats in the cyber domain pose to our industrial control systems (ICS) and business, the need to confidently articulate these threats as a business risk and to devise novel, effective and efficient interventions. Professor Hankin gave details of the interlocking and coordinated RITICS projects taking place at City (CEDRICS: Communicating and evaluating cyber risk and dependencies in ICS), Lancaster University (MUMBA: Multifaceted metrics for ICS business risk analysis), Birmingham University (SCEPTICS: A systematic evaluation process for threats to ICS, including national grid and rail networks), Queen’s University Belfast (CAPRICA: Converged approach towards resilient industrial control systems and cyber assurance). Reader in Computer Science, Dr Peter Popov, presented a research talk titled, “Modelling Critical Infrastructures (CIs) Resilience”.
His talk encompassed recent advances in the probabilistic modelling of cyber attacks and their impact on critical infrastructures, illustrated with examples of attacks on power transmission networks. He introduced the audience to an analytical tool developed at CSR, known as Preliminary Interdependency Analysis, which is used for quickly building complex models. Dr Popov also mentioned the difference between the prioritisation of concerns in enterprise systems and industrial control systems.
Dr Popov, a co-investigator on the £400k Engineering and Physical Sciences Research Council (EPSRC) research study titled “Communicating and Evaluating Cyber Risk and Dependencies (CEDRICS)”, is a Reader in Computer Science and is an expert in software dependability.
CSR Director and Professor of Systems Engineering, Professor Lorenzo Strigini, said:
“We were delighted to welcome so many professionals and prospective students to our annual research seminar this year. Several participants told us how interesting and informative the talks were and they raised awareness of the pressing and relevant issues around critical national infrastructure protection, cybersecurity, and safety. We look forward to welcoming them to similar events in future, and of course, for them to study on our degree and CPD courses in the management of information security and risk, software reliability, cyber security".
Industrial Control Systems are command and control networks and systems designed to support industrial processes. The largest subgroup of ICS is SCADA (Supervisory Control and Data Acquisition) systems.