1. Panel2-Präs.ppt/EM Slide 1 Reinhard Hutter Senior Vice President IABG mbH Division IK Einsteinstr. 20 D-85521 Ottobrunn Phone: +49 89 6088 2524 Email: hutter@iabg.de www.iabg.de www.aksis.de Presentation November, 2002 PISA Analysis, Assessment and Exercise on Critical Infratructure Protection

2. Panel2-Präs.ppt/EM Slide 2 Dependencies and Interdependencies Transportation (Air) Vital Human Services Information Government Transportation (Ship) Transportation (Rail) Banking & Finance Energy Telecommunication Critical Infrastructures

3. Panel2-Präs.ppt/EM Slide 3 Infrastructure Interdependencies Oil Electric Power Transpor- tation Natural Gas Telecom Fuels, Lubricants Fuel Transport Shipping Power for pumping Stations, Storage Control Systems Fuel for Generators,,Lubricants Fuels, Lubricants Fuel for Generators, Water Water for Production Cooling Emission reduction Power for Pump & Lift Stations Control Systems Water for Cooling, Emission reduction Water for Cooling, SCADA Communications SCADA Communications Power for Switchers Fuel Transport Shipping Power for compressors Storage, Control Systems SCADA Communications Power for Signalling, Switchers Fuel for Generators, Transportation SCADA Communications Transpor- tation Heat Source: “Critic. Infrastruct Dependencies” Rinaldi, Peerenboom,Kelly 2002

4. Panel2-Präs.ppt/EM Slide 4 Cyber Threat and Critical Infrastructures Trends of Cyber „Events“ Vulnerabilities Reported *) Defense Cyber Incidents +) Industry and nondefense Government Cyber Incidents +) Cyber Incidents Handled +) 60 50 40 30 20 10 0 Number of Events Prosecuted Cyber Criminal Case *) +) in thousands *) in hundreds

5. Panel2-Präs.ppt/EM Slide 5 Analysis & Assessment Analysis & Assessment Critical Infrastructures  Quantitative Analyses urgently Required  The Methodological Challenge - Multi-Objective - Multi-MOE - Multi-Sided - Multi-Disciplined  Compared to Military OR and Modelling & Simulation - More Complex and less Money  C Y T E X - The CyberTerrorExercise, Nov. 2001  What ist the Power of Modelling and Simulation?

6. Panel2-Präs.ppt/EM Slide 6 Cooperability Policies / Strategies Decision Support etc. Interoperability Cost-Benefit Analysis Risk and Safety Management Decision Support etc. Cost-Benefit Analysis Decision Support Risk and Safety Management Vulnerability Analysis etc. Vulnerability Sustainability Maintenability etc. Societies and Economy System of CIS- Systems Indi- vidual CIS Techn. Compo- nents Analysis Tasks M&S Support Socio-economic Models Scenario techniques Gaming etc Systems Dynamics Empirical Modelling Cost-Benefit Models etc Systems Simulation Optimization Algorithms Human Behaviour Models Cost-Benefit Models etc. Technical Simulation Experimentation LCC Models etc. Critical Infrastructure Analyses

7. Panel2-Präs.ppt/EM Slide 7 The Stairway of Knowledge about Threat, Dependencies and Risks Ignorance Intuition Generic Studies Constructive Simulation Virtual Simulation Live Exercises ( ) Reality ( ) Widely Vague Thoughts Software System Real unknown Model Components System Degree of Reality Degree of Abstraction The Threat Model Real Exercised Simulated Computer based Scenarios Reflection Models Thoughts Who nows? Approaches to the CIP Domain

8. Panel2-Präs.ppt/EM Slide 8 The Benefits of Approaches Very high Very low Ignorance Intuition Generic Constructive Virtual Live Reality -------------S i m u l a t i o n------------- The Scope of ACIP Risks & Cost of Damages Quantitative Validity Statistical Validity

9. Panel2-Präs.ppt/EM Slide 9 Critical Infrastructure Architecture

10. Panel2-Präs.ppt/EM Slide 10 Modelling & Simulation Architecture Government Economy Society Socio-Econ. Syst. “System of Systems” Compound of Critical Infrastructures Systems´ Interdependencies TelecommunicationEnergyTransportation... Individual Systems ComputerNav. SystemPower linesSwitches... Technical Components Socio-economic Models Gaming Scenario techniques etc. Syst. Dynamics Empirical Modelling Gaming Systems Sim. Optimization Algorithms Human Be- haviour Mod. Technical Simul. Experi- mentation Knowledge Management Cost Benefit Analysis Co-operation&Decision Support Policies/Strategies Risk Analysis/Safety Management Vulnerability Analysis AnalysesMethodologies

11. Panel2-Präs.ppt/EM Slide 11 The Critical Infrastructure Protection Process

12. Panel2-Präs.ppt/EM Slide 12 The Critical Infrastructure Protection Process

13. Panel2-Präs.ppt/EM Slide 13 Modelling & Simulation Support to all CIP related Processes Dependability Analysis Vulnerability Assessment Scenario Gen. Threat Assessment Protection Alert & Warning Emergency Response Counter Measures (Combat) Standard Operation Training & Exercises Monitoring & Information sharing Daily Operation Cost Effectiveness Technical Enhancement Progress Investment Priorities & Ro I E v a l u a t i o n Protection and Counter Action P l a n n i n g Assessment Tools Model based Exercises Alternatives Optimization Exercises & Decision Support Tools M & S

14. Panel2-Präs.ppt/EM Slide 14 Transportation & Logistics Banks & Finance Energy Tele-Communication Government Military Public Admin Crisis Management Year 200X City of Berlin 28 JanG8 Summit 21 JanTerror. Manifesto 22 JanIntelligence Ass. Gov’t Task Force 23 JanChancellor’s Crisis Meeting 24 JanGov’t Press Conf. 24- 28 JanReplanning of Safety & Security Forces 28 Jan 08:00 a.m.Start of Co-ordinated Cyber Attacks -an Example The Cyber Terror Exercise, Nov.12-14, 2001

15. Panel2-Präs.ppt/EM Slide 15 Game Elements and Organisations Crisis Response Teams (6) Damage Assessment Situation Analysis Reaction/Counter Measure Generation Exercise Control Staff Message Generation Media Event Generation Modelling & Simulation Technical Support Interaction Management Reporting White Cells Communications

16. Folie 16 Events, Disruptions, Consequences El. Energy 07:00 08:00 09:00 10:00 11:00 12:00 13:00 14:00 08:30 09:30 Bomb Alert E-Bomb / Elect. Breakd. Banks‘ Perf. Telecomms Disruptions Gov IT / BSI Thermal Power Plt. Rail/Air Traffic Police/Fire Brg Cash Bookings Total Down to approx. 10%: Long Distance Calls Inter-Reg. Bank Transactions Air Traffic/Surveillance Rail & Street Traffic Controls DoS Attack False Alarms Limited Signals/Controls Electricity OutageDoS Attack

17. Panel2-Präs.ppt/EM Slide 17 Conclusions Conclusions Analysis for Critical Infrastructure Protection  Increasing Complexity  Global Interdependencies Require Global Co-operation  New Threats, Vulnerabilities and Risks  Dynamic World  New Security Concepts  New Roles of Security Forces, Private Sector, and Armed Forces  Cross-Sector Co-Operation  New Analysis Challenge  Increasing Acceptance of Analytical Approaches  Learn from Existing Approaches and Methodologies

18. Panel2-Präs.ppt/EM Slide 18 Options for Co-operation Integration in DeSIRE - Integrated work - Separate subproject Work Share Model - R&D, integration, verification, testing as a standalone IP - Validation & application to defined problems inside Desire Defined Interfaces for Co-operation - Organization - Communication - Workshare - Technological and methodological standards and interfaces Stand alone - loose information sharing - Customer controlled co-ordination