Architecture for Community-scale Critical Infrastructure Coordination for Security and Resilience

TL;DR

This paper proposes a community-wide architecture for coordinating critical infrastructure systems, enhancing their security and resilience by addressing interdependencies and process-awareness beyond traditional network monitoring solutions.

Contribution

It introduces a novel architecture that integrates community-scale critical infrastructure, focusing on process-awareness, interdependency management, and operator acceptance to improve security and resilience.

Findings

Architecture improves coordination among CI systems

Enhances resilience to cyber-attacks and failures

Supports community-scale infrastructure integration

Abstract

Our Critical Infrastructure (CI) systems are, by definition, critical to the safe and proper functioning of society. Nearly all of these systems utilize industrial Process Control Systems (PCS) to provide clean water, reliable electricity, critical manufacturing, and many other services within our communities - yet most of these PCS incorporate very little cyber-security countermeasures. Cyber-attacks on CI are becoming an attractive target. While many vendor solutions are starting to be deployed at CI sites, these solutions are largely based on network monitoring for intrusion detection. As such, they are not process-aware, nor do they account for inter dependencies among other CI sites in their community. What is proposed is an architecture for coordinating all CI within a community, which defines characteristics to enhance its integration, its resilience to failure and attack, and its ultimate acceptance by CI operators.