Project CRITISEC

Abstract

Our society increasingly relies on digitalization of critical infrastructures in order to achieve significant gains in effectivity, safety and better access to societal services for citizens and industries. An important part of the digitalization process is to connect critical infrastructures to the Internet. This creates a wide range of opportunities for security attacks with a huge potential impact, and thus makes our society vulnerable and unsafe.

The core idea of the CRITISEC project is to develop novel security products, services and standards for edge networks in critical infrastructures, where the edge networks are a heterogeneous set of networks connected to the edge of a core production network. These services will make it possible to connect edge networks to control systems in a secure and robust way, and to secure the edge network itself when it is the critical infrastructure that requires protection (e.g. the 5G network).

The challenges that CRITISEC will be addressing are:

1. the heterogeneity of the edge networks and of the systems they are connected to;
2. the resource-constrained nature of devices (e.g. battery power) and even of networks as a whole (packet loss, low bandwidth);
3. the scale of the edge networks, that can be composed of huge numbers of (resource-constrained) devices, so requiring efficient and highly scalable security solutions;
4. the predominant presence of open/shared platforms, where multiple applications share access to a common network of edge devices;
5. the presence of legacy devices and platforms, for which secure update procedures are often scarce, if any.

The main results of this project will be novel security standards, solutions, products and services that can be used by providers of critical infrastructures to secure edge networks connected to their production systems. This will reduce the risk of malicious service disruption and preserve availability, reliability and safety in provisioning of societal services.