Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe
Disruptions in the operation of our countries’ critical infrastructure may result from many kinds of hazards and physical and/or cyber-attacks on installations and their interconnected systems. Recent events demonstrate the increase of combined physical and cyber-attacks due to their interdependencies. A comprehensive, yet installation-specific, approach is needed to secure existing or future, public or private, connected and interdependent installations, plants and systems. Budgetary constraints on both the public and private sectors mean that new security solutions must be more accurate, efficient and cost-effective, and possibly more automated than the ones currently available.
Proposals should cover: forecast, assessment of physical and cyber risks, prevention, detection, response, and in case of failure, mitigation of consequences (including novel installation designs), and fast recovery after incidents, over the life span of the infrastructure, with a view to achieving the security and resilience of all functions performed by the installations, and of neighbouring populations and the environment.
- assess in detail all aspects of interdependent physical (e.g. bombing, sabotage and attacks with a variety of weapons against installations, buildings and ships; plane or drone overflights and crashes; spreading of fires, floods, landslides, disastrous consequences of global warming, seismic activity, space weather, combined threats, etc.) and cyber threats and incidents (e.g. malfunction of SCADA system, non-authorised access of server, electronic interference, distributed attacks), and the cascading risks resulting from such complex threats,
- demonstrate the accuracy of their risk assessment approach using specific examples and scenarios of real life and by comparing the results with other risk assessment methodologies,
- develop improved real-time, evidence-based security management of physical and cyber threats, taking account of the ageing of existing infrastructure, and
- provide scenarios and recommendations for policy planning, engagement of the civil society, and investment measures encompassing all aspects of prevention-detection-response- mitigation
Innovative methods should be proposed for sharing information with the public in the vicinity of the installations – including through social media and with the involvement of civil society organisations -, for the protection of first responders such as rescue teams, security teams and monitoring teams, and for ensuring service continuity.
In 2018 and 2019, they should focus on any type of installation belonging to one of the following critical infrastructures: water systems, energy infrastructure (power plants and distribution, oil rigs, offshore platforms), transport infrastructure (airports, ports, railways, urban multimodal nodes), communication infrastructures and ground segments of space systems, health services, e- commerce and the postal infrastructure, sensitive industrial sites and plants, and financial services.
In 2020, while keeping the coverage of the assessment of risks, prevention, detection, response and mitigation of consequences, proposals should also address the interrelations between different types of critical infrastructure with the objective of developing tools and methods to minimise cascading effects and allow rapid recovery of service performance levels after incidents.
When selecting for funding the proposals submitted in 2018 or 2019 or 2020, the Commission will take due account of similar projects financed in the previous years since 2016, with a view to cover the largest possible spectrum of installations. Each year, a list of infrastructures
- State-of-the-art analysis of physical/cyber detection technologies and risk scenarios, in the context of a specific critical infrastructure.
- Analysis of both physical and cyber vulnerabilities of a specific critical infrastructure, including the combination of both real situation awareness and cyber situation awareness within the environment of the infrastructure.
- In situ demonstrations of efficient and cost-effective solutions to the largest audience, beyond the project participants.
- Innovative (novel or improved), integrated, and incremental solutions to prevent, detect, respond and mitigate physical and cyber threats to a specific Critical Infrastructure.
- Innovative approaches to monitoring the environment, to protecting and communicating with the inhabitants in the vicinity of the critical infrastructure.
- Security risk management plans integrating systemic and both physical and cyber aspects.
- Tools, concepts, and technologies for combatting both physical and cyber threats to a specific critical infrastructure.
- Where relevant, test beds for industrial automation and control system for critical infrastructure in Europe, to measure the performance of critical infrastructure systems, when equipped with cyber and physical security protective measures, against prevailing standards and guidelines.
- Test results and validation of models for the protection of a specific critical infrastructure against physical and cyber threats.
- Establishment and dissemination throughout the relevant user communities of specific models for information sharing on incidents, threats and vulnerabilities with respect to both physical and cyber threats.
- Convergence of safety and security standards, and the pre-establishment of certification mechanisms.
- Secure, interoperable interfaces among different critical infrastructures to prevent from cascading effects.
- Contributions to relevant sectorial frameworks or regulatory initiatives.