CRUTIAL: The Blueprint of a Reference Critical Information Infrastructure Architecture

  • Paulo Veríssimo
  • Nuno Ferreira Neves
  • Miguel Correia
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4347)


In the past few decades, critical infrastructures have become largely computerised and interconnected all over the world. This generated the problem of achieving resilience of critical information infrastructures against computer-borne attacks and severe faults. Governments and industry have been pushing an immense research effort in information and systems security, but we believe the complexity of the problem prevents it from being solved using classical security methods.

The paper focuses on the computer systems behind electrical utility infrastructures. It proposes the blueprint of a distributed systems architecture that we believe may come to be useful as a reference for modern critical information infrastructures in general. The architecture is instantiated with a set of classes of techniques and algorithms, based on paradigms providing resilience to faults and attacks in an automatic way.


Intrusion Detection Critical Infrastructure Access Control Model Classical Security Byzantine Fault 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ISO/IEC Standard 15408, Evaluation Criteria for IT Security, parts 1 to 3 (1999)Google Scholar
  2. 2.
    President’s Critical Infrastructure Protection Board and Office of Energy Assurance U.S. Department of Energy. 21 Steps to Improve Cyber Security of SCADA Networks. U.S. Department of Energy (2002)Google Scholar
  3. 3.
    Bondavalli, A., Chiaradonna, S., Cotroneo, D., Romano, L.: Effective fault treatment for improving the dependability of COTS and legacy-based applications. IEEE Transactions on Parallel and Distributed Systems 1(4), 223–237 (2004)Google Scholar
  4. 4.
    Byres, E., Karsch, J., Carter, J.: NISCC good practice guide on firewall deployment for SCADA and process control networks. Technical report, NISCC, Revision 1.4 (February 2005)Google Scholar
  5. 5.
    Cieslewicz, J.: Attacks and accidents: Policy to protect the power grid’s critical computing and communication needs. Senior interdisciplinary honors thesis in international security studies, Stanford University (May 2004)Google Scholar
  6. 6.
    Dondossola, G., Deconinck, G., Di Giandomenico, F., Donatelli, S., Kaaniche, M., Veríssimo, P.: Critical utiliy infrastructural resilience. In: International Workshop on Complex Network and Infrastructure Protection (March 2006)Google Scholar
  7. 7.
    US-Canada Power System Outage Task Force. Interim Report: Causes of the August 14th Blackout in the United States and Canada (November 2003)Google Scholar
  8. 8.
    Geer, D.: Security of critical control systems sparks concern. IEEE Computer, 20–23 (January 2006)Google Scholar
  9. 9.
    Gordon, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: 2006 CSI/FBI computer crime and security survey. Computer Security Institute (2006)Google Scholar
  10. 10.
    El Kalam, A.A., Elbaida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miége, A., Saurel, C., Trouessin, G.: Organization-based access control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks, June 2003, pp. 277–288 (2003)Google Scholar
  11. 11.
    Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Transactions on Programming Languages and Systems 4(3), 382–401 (1982)MATHCrossRefGoogle Scholar
  12. 12.
    Li, H., Rosenwald, G.W., Jung, J., Liu, C.: Strategic power infrastructure defense. Proceedings of the IEEE 93(5), 918–933 (2005)CrossRefGoogle Scholar
  13. 13.
    Littlewood, B., Strigini, L.: Redundancy and diversity in security. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 423–438. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Luiijf, H., Klaver, M.: The current state of threats. In: e-Security in Europe: Todays Status and The Next Step (October 2004)Google Scholar
  15. 15.
    Madani, V., Novosel, D.: Getting a grip on the grid. IEEE Spectrum 42(12), 42–47 (2005)CrossRefGoogle Scholar
  16. 16.
    Neves, N.F., Antunes, J., Correia, M., Verfssimo, P., Neves, R.: Using attack injection to discover new vulnerabilities. In: Proceedings of the International Conference on Dependable Systems and Networks (June 2006)Google Scholar
  17. 17.
    Pollet, J.: Developing a solid SCADA security strategy. In: Proceedings of the ISA/IEEE Sensors for Industry Conference, November 2002, pp. 148–156 (2002)Google Scholar
  18. 18.
    Sousa, P., Neves, N.F., Verissimo, P.: How resilient are distributed f fault/intrusion-tolerant systems? In: Proceedings of the IEEE International Conference on Dependable Systems and Networks (June 2005)Google Scholar
  19. 19.
    Sousa, P., Neves, N.F., Veríssimo, P.: Resilient state machine replication. In: Proceedings of the 11th Pacific Rim International Symposium on Dependable Computing, December 2005, pp. 305–309 (2005)Google Scholar
  20. 20.
    Stamp, J., Dillinger, J., Young, W., DePoy, J.: Common vulnerabilities in critical infrastructure control systems. Technical report, Sandia National Laboratories (May 2003)Google Scholar
  21. 21.
    Stouffer, K., Falco, J., Kent, K.: Guide to supervisory control and data acquisition (SCADA) and industrial control systems security. Recommendations of the National Institute of Standards and Technology, Special Publication 800-82, NIST (September 2006) (Initial Public Draft)Google Scholar
  22. 22.
    Turner, D., Entwisle, S., Friedrichs, O., Ahmad, D., Blackbird, J., Fossi, M., Hanson, D., Gordon, S., Cole, D., Cowlings, D., Morss, D., Bradley, B., Szor, P., Chien, E., Ward, J., Gough, J., Talbot, J.: Symantec Internet security threat report. Trends for January 05–June 05. Symantec, vol. VIII (September 2005)Google Scholar
  23. 23.
    van Eeten, M., Roe, E., Schulman, P., de Bruijne, M.: The enemy within: System complexity and organizational surprises. In: Dunn, M., Mauer, V. (eds.) International CIIP Handbook 2006, vol. II, pp. 89–110. Center for Security Studies, ETH Zurich (2006)Google Scholar
  24. 24.
    Veríssimo, P.: Lessons learned with NavTech: a framework for reliable large-scale applications. DI/FCUL TR 02–17, Department of Informatics, University of Lisbon (December 2002)Google Scholar
  25. 25.
    Veríssimo, P.: Travelling through wormholes: a new look at distributed systems models. SIGACTN: SIGACT News (ACM Special Interest Group on Automata and Computability Theory) 37(1), 66–81 (2006)Google Scholar
  26. 26.
    Veríssimo, P., Neves, N.F., Cachin, C., Poritz, J., Powell, D., Deswarte, Y., Stroud, R., Welch, I.: Intrusion-tolerant middleware: The road to automatic security. IEEE Security & Privacy 4(4), 54–62 (2006)CrossRefGoogle Scholar
  27. 27.
    Veríssimo, P., Neves, N.F., Correia, M.: Intrusion-tolerant architectures: Concepts and design. In: Lemos, R., Gacek, C., Romanovsky, A. (eds.) Architecting Dependable Systems, vol. 2677, pp. 3–36 (2003)Google Scholar
  28. 28.
    Wilson, C.: Terrorist capabilities for cyber-attack. In: Dunn, M., Mauer, V. (eds.) International CIIP Handbook 2006, vol. II, pp. 69–88. Center for Security Studies, ETH Zurich (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Paulo Veríssimo
    • 1
  • Nuno Ferreira Neves
    • 1
  • Miguel Correia
    • 1
  1. 1.Faculty of SciencesUniversity of LisboaLisboaPortugal

Personalised recommendations