![Page 1: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/1.jpg)
Dr. ing. Marco Lisi([email protected])
Master di II Livello in "Homeland Security"Università degli Studi Campus Bio-Medico di Roma, A. A. 2012-2013
SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS
![Page 2: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/2.jpg)
2
Introduction All critical infrastructures of our society rely on ICT
systems, rendering them more intelligent but more vulnerable at the same time
Cybercrime caused about US $67 billion to US companies in 2004, according to an estimate based on the Federal Bureau of Investigation’s 2005 Computer Crime Survey
A 2011 report commissioned by the UK Cabinet office estimated cybercrime’s annual cost to the UK to be to be £27bn (about 1.8% of GDP)
Information security is a “must have” option not only for “dual use” systems, but in general for all those systems constituting critical infrastructures or devoted to emergency services, disaster recovery, crisis management, homeland security, environment monitoring and control
![Page 3: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/3.jpg)
3
Projects and Systems Evolution
![Page 4: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/4.jpg)
4
Products vs. ServicesCars
Highways
Trains Railways
Stations Parking areas Aircrafts Airports Ships Etc.
![Page 5: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/5.jpg)
5
From Platforms to Service Systems
![Page 6: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/6.jpg)
How Technology Almost Lost the War: In Iraq, the Critical Networks Are Social — Not Electronic
WIRED MAGAZINE: Wired Issue 15.12
The future of war began with an act of faith. In 1991, Navy captain Arthur Cebrowski met John Garstka, a captain in the Air Force, at a McLean, Virginia, Bible-study class. The two quickly discovered they shared more than just their conservative Catholic beliefs. They both had an interest in military strategy.
(…) Over the next several years, the two men traded ideas and compared experiences. They visited businesses embracing the information revolution, ultimately becoming convinced that the changes sweeping the corporate world had applications for the military as well.
(…) In an article for the January 1998 issue of the naval journal Proceedings, "Network-Centric Warfare: Its Origin and Future“, they not only named the philosophy but laid out a new direction for how the US would think about war.
Their model was Wal-Mart. Here was a sprawling, bureaucratic monster of an organization — sound familiar? — that still managed to automatically order a new lightbulb every time it sold one. Warehouses were networked, but so were individual cash registers. So were the guys who sold Wal-Mart the bulbs. If that company could wire everyone together and become more efficient, then US forces could, too.
![Page 7: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/7.jpg)
![Page 8: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/8.jpg)
8
From Network‐Centric Warfare Systems…
![Page 9: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/9.jpg)
9
…To Network‐Centric “Welfare” Systems
![Page 10: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/10.jpg)
10
How many more disasters like these can we tolerate?
![Page 11: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/11.jpg)
11
Net‐Centric Emergency Response System
![Page 12: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/12.jpg)
12
Large and Complex Systems (1/2) A large and complex system is a system composed of
a large number of interconnected elements, often developed and deployed worldwide, which interact dynamically, giving rise to emergent properties
Examples of complex systems for civil applications include: global satellite navigation systems air traffic control systems railway control systems space systems such as the International Space Station or
space transportation and exploration vehicles surveillance, Earth observation and Homeland security
systems electric power distribution systems telecommunication systems complex computer networks, including Internet.
![Page 13: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/13.jpg)
13
Large and Complex Systems (2/2) A complex system often integrates existing systems
(or parts of them) in an overall large-scale architecture (“System of systems”) containing a large number of interfaces and implementing multiple modes of operation, in a highly dynamic environment
Large and complex systems require extensive logistics and maintenance support capabilities
Large and complex space-based systems (e.g. Galileo) are conceived to be in service for a long time; in this case the evolution of the system (up-gradings and modifications) has to be taken into account from the beginning.
![Page 14: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/14.jpg)
14
Characteristics of Service Systems Large and complex systems Software intensive (several million lines of code) Capabilities-based rather than platform-based Organization and governance (human factor) Technical performance is a prerequisite for
production and delivery of services, not a final objective
Requirements related to operations, in addition to technical ones, assume a very high relevance:
Quality of Service (QoS) FlexibilityReliability, Availability, Continuity ExpandabilityMaintainability InteroperabilitySafety ResilienceSecurity
![Page 15: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/15.jpg)
15
"Systems of Systems" and Information Security Security standards often demand that a system be
disconnected from all networks before it can be given the highest security rating
In a “system of systems”, based on an “open” architecture, trusted and untrusted domains need to co-exist and operate together
A connected machine (or system) is a vulnerable machine (or system). But a “system of systems” is inherently “network-centric”
This apparent contradiction must be resolved, finding the optimum balance between protection of information and availability of it
Need for security certification standards, encryption techniques, “air gap” and firewall technologies, secure gateways and network routers
![Page 16: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/16.jpg)
16
The Common Criteria Standard• The Common Criteria (ISO/IEC
15408-2005) define the international standard for performing and documenting the security certification of an ICT system
• The Common Criteria define a set of seven “Evaluation Assurance Levels”
• An EAL 1 Common Criteria Evaluation requires a small set of assurance activities and provides a relatively low level of confidence in the product protection, whereas an EAL 7 Common Criteria Evaluation requires a large set of activities which provide a very high level of confidence.
![Page 17: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/17.jpg)
17
Common Criteria Evaluation AssuranceLevels (EAL’s)
EAL1 - functionally testedEAL2 - structurally testedEAL3 - methodically tested
and checkedEAL4 - methodically designed,
tested and reviewedEAL5 - semiformally designed
and testedEAL6 - semiformally verified
design and testedEAL7 - formally verified
design and tested
![Page 18: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/18.jpg)
18
Common Criteria Certification: Open Issues• Long time required for the execution of the
evaluation/certification process • High cost of the evaluation/certification process• Need for “air-gap” technologies at the boundaries
between trusted and untrusted domains• Availability of jointly certified hardware and
software platforms • Severe limitations in the use of commercial off-the-
shelf (COTS) software products• Limitations in the use of commonly adopted
communications protocols (e.g. TCP/IP) • Loss of certification because of minor modifications
or obsolescence of both hardware and software• Need for “encapsulation” techniques for the
utilization of non-certified components
![Page 19: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/19.jpg)
September 13 Page 19
Conclusions In today’s world the demand for safety, security
and value-added services is increasing at a very fast pace
This implies the development of complex, integrated, highly networked systems or “systems of systems”
The “network-centric” paradigm, originally conceived for military applications, is progressively migrating towards “welfare” applications, such as safety, security, environment protection and monitoring
As technology and communications become commodities, value-added services will be provided in the future by ever more complex systems, based on network-centric architectures
![Page 20: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/20.jpg)
Dr. ing. Marco Lisi([email protected])
Master di II Livello in "Homeland Security"Università degli Studi Campus Bio-Medico di Roma, A. A. 2012-2013
SECURITY IN SATELLITE SYSTEMS
![Page 21: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/21.jpg)
26/09/2013
Summary All critical infrastructures of our society rely on ICT
systems; their confidentiality, availability, integrity, continuity and quality of service have to be guaranteed and protected
Satellite systems, integrated into world-wide ICT infrastructures, are more and more vulnerable to intentional and non-intentional threats
Satellite security is often limited to encryption and anti-jamming technologies, but satellite ground segments are exposed to the same type of threatstypically experienced by terrestrial information systems
Information security is no longer a “nice to have”,but rather a “must have” option.
![Page 22: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/22.jpg)
26/09/2013
Satellite Integration in Network‐Centric Architectures
![Page 23: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/23.jpg)
26/09/2013
Satellite Pirating
The most famous case of satellite pirating is that of John MacDougall, alias “Captain Midnight”, who was able in 1986 to superimpose his messages onto a commercial DTH TV channel.
![Page 24: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/24.jpg)
26/09/2013
Satellite System Components and Links
![Page 25: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/25.jpg)
26/09/2013
Unintentional Threats to Satellite Systems
![Page 26: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/26.jpg)
26/09/2013
Intentional Threats to Satellite Systems
![Page 27: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/27.jpg)
26/09/2013
Satellite Systems: Threats and Countermeasures
![Page 28: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/28.jpg)
26/09/2013
Spacecraft Communications Infrastructure
![Page 29: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/29.jpg)
26/09/2013
Space Communications Standards
The European Space Agency (ESA) is integratingsecurity features into its space communicationsstandards
ESA communications with its spacecrafts are basedon the CCSDS (Consultative Committee for SpaceData Systems) Packet TM/TC Protocol Family, thatdoes not presently integrate default securityfeatures
CCSDS, however, has proposed new standards (SpaceCommunication Protocol Standards, SCPS) providingbuilt-in security support functions.
![Page 30: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/30.jpg)
26/09/2013All rights reserved © 2007, Telespazio
Conclusions In a network-centric perspective, satellite systems
need to incorporate standardized and certifiable approaches to information security
So far information security has been perceived as a customized add-on, leading to a variety of security requirements and to a number of proprietary solutions, adopted by space agencies and industries
Certification standards and security solutions for network-centric military systems can be effectively applied to complex, network-centric satellite systems
Information security features, including encryption, keys management and conditional access control, will have to be designed into the network from the beginning, as an integral part of it.
![Page 31: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/31.jpg)
Navigation solutions powered by Europe
The Galileo System, Servicesand Security Accreditation
Dr. ing. Marco LisiEuropean Space Agency
Special Advisor to the European Commissionand to the European GNSS Agency
![Page 32: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/32.jpg)
Summary • EGNOS and Galileo are the key elements of the European
navigation “system of systems”, a strategic and critical infrastructure of the European Union;
• The Galileo global navigation satellite system, joint initiative by the European Union and the European Space Agency, is one of the most ambitious and technologically advanced service systems being developed in Europe, by European industries and with European resources;
• While the system procurement and deployment proceed following an incremental Implementation Plan, all steps are being taken for the delivery of Early Services;
• After a political decision of Vice-President Antonio Tajani, then included by President Manuel Barroso in the agenda of the European Commission, Galileo will start officially delivering Early Services, i.e. the guaranteed and committed delivery of capabilities to the community of potential customers/users, as from the end of 2014.
![Page 33: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/33.jpg)
Galileo Implementation Plan
![Page 34: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/34.jpg)
The Galileo Constellation
![Page 35: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/35.jpg)
Galileo IOV Spacecraft
![Page 36: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/36.jpg)
Galileo FOC Spacecraft
![Page 37: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/37.jpg)
Galileo Services
![Page 38: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/38.jpg)
From a System…
38
![Page 39: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/39.jpg)
…to a Service
39
European GNSS Agency (GSA),Prague
Galileo Service Centre, Madrid
Early Services Task Force
Galileo System Infrastructure
Galileo Security
Monitoring Centre
![Page 40: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/40.jpg)
Galileo Deployed Configuration
![Page 41: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/41.jpg)
Galileo Service Centers in Europe
![Page 42: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/42.jpg)
Galileo Stations for Early Services
![Page 43: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/43.jpg)
43
GALILEO: The System
toexternalService
Providersand otherentities
~ 40 GSS
Constellation - 30 MEO Satellites
ERIS - External Regional Integrity Systems
GCS - Galileo Control System
GMS - Galileo Mission System
GSS - Galileo Sensor Stations
MDDN - Mission Data Dissemination Network
NRS - Navigation Related Service
PRS - Public Regulated Service
SAR - Search And Rescue
SDDN - Satallite Data Dissemination Network
TT&C - Telemetry, Tracking and Telecommand
ULS - Up-Link Station
Galileo Control Centre 2 (GCC2)(geographical redundant)
Galileo Control Centre 1 (GCC1)
ERIS13 m antenna
TT&C S-band Up-linkMission C-band Up-link
(Nav/Integ/SAR/NRS/PRS)5 combined Galileo Up-links Sites
(global coverage)
Total: 5 S-band heads Total: at least 31 C-band heads
Mission C-band Up-link(Nav/Integ/SAR/NRS/PRS)
+ 4 dedicated Mission Up-linksSites
... Direct C-band Up-linksfor Integrity
SDDN MDDN/ ULS Network
MDDN/ GSS Network
Elements of GCS and GMS
Elements of GMS
Elements of GCS
Ground Control and Mission Segments Facilities
![Page 44: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/44.jpg)
44
The Galileo “System of Systems”
![Page 45: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/45.jpg)
45
Galileo Security Doctrine
![Page 46: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/46.jpg)
46
Accreditation Core ActivitiesAccreditation Authority
Security Accreditation Board (SAB)Galileo Security Accreditation Panel (GSAP)Crypto Distribution Authority (CDA)
System accreditationSystem design reviewSystem auditsVerify that all Galileo security requirements are met
Site accreditationAudits and on-site inspectionsEnsure that local security requirements are met
ComponentsReview Security TargetsFollow evaluation and certification process
PRS User SegmentPRS receiver certification, evaluation and accreditationPRS manufacturers accreditation
![Page 47: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/47.jpg)
47
Available GNSS (GPS) Jammers
![Page 48: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/48.jpg)
48
Susceptibility to Interference/Jamming
![Page 49: SECURITY IN LARGE, STRATEGIC AND COMPLEX SYSTEMS](https://reader031.vdocuments.us/reader031/viewer/2022020115/548ae74fb4795913688b4674/html5/thumbnails/49.jpg)
Conclusion
49
Galileo is readyand
eager to serve