October 14-16, 2019, Critical Infrastructure Protection & Resilience Europe Conference and Exposition. Milano (Italy)  

Based on the experience of the Essence project and on the ongoing work in the context of the NARUC project on the guidelines, Ugo Finardi gave a presentation on the problem of defining  the cost connected to infrastructure protection. 

The presentation deals with a methodology for the identification and quantification of the costs of the implementation of security standards in the SCADA system networks of the critical infrastructures of power systems, presenting an analysis of costs.  Defining costs of CS implementation is vital for both firms and regulators:

-Firms need to know whether implementing CS is a sustainable operation.

-Regulators have the fundamental need of comprising and measuring the effort imposed to firms when a specific regulation is imposed, and how this should be reflected in compensations to firms.

It starts from the analysis Essence case studies. These are not definitive and offer no silver bullet to cost calculation (if any silver bullet may exist). Nevertheless ESSENCE has been able to show that a serious CS cost analysis is possible, through a clear methodology.

Ugo Finardi, Elena Ragazzi (2019). "An approach to cost definition for the implementation of cybersecurity in electricity critical infrastructures", in Critical Infrastructure Protection & Resilience Europe Conference and Exposition. Milano, October 14-16. (pdf file)

_________________________________________

March 2 and 3, 2016, Critical Infrastructure Protection & Resilience Europe Conference and Exposition. The Hague (Netherlands) Crowne Plaza Den Haag – Promenade, Van Stolkweg 1, 2585 JL Den Haag (The Hague), Netherlands

Essence has been invited to speak at the 2016 Critical Infrastructure Protection and Resilience Europe on Wednesday 2nd March 2016 in The Hague, in the closing plenary session "Cyber Security Standards and Law".

With the increasing cyber threats and changing nature of attacks, standards in cyber security and law have to develop to keep pace and operators of critical infrastructure are under increasing pressure to meet progressive challenges. With current variations of standards across the EU in reporting and handling of critical incidents, harmonising these standards would benefit the region. How can government and operators better collaborate and share information and contribute towards better standards fit for pan-European infrastructure?

Details on the conference programme may be found at www.cipre-expo.com

_________________________________________

October 20, 2015, EUCONCIP Project opening conference, Rome, UNINT – Università degli Studi Internazionali

EUCON­CIP (European Cooperation Network on Critical Infrastructure Protection) is a ECDG Home Affair funded project, under the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks programme (CIPS). The project aims at setting the ground for a European partnership between critical infrastructures’ stakeholders to strengthen public-private international cooperation, training and cross-border/cross-sector knowledge building and the exchange of public available information on Critical Infrastructure Protection.

The Opening Conference of the EUCON­CIP project, took place in Rome on October 20th 2015 at UNINT– Università degli Studi Internazionali di Roma. The Conference was conceived as a networking opportunity for the CIP community, to share experiences of ongoing and recently concluded projects related to Critical Infrastructure Protection (CIP), and to get in touch with end-users and stakeholders of the CIP field.

Essence presentation and other projects’ presentations may be consulted at http://euconcip.org/index.php/news-archive/92-euconcip-opening-conference-october-20th-2015

_________________________________________

September 28, 2015, , Smart distribution system: promozione selettiva degli investimenti nei sistemi innovativi di distribuzione di energia elettrica Milan, Politecnico di Milano

The “Direzione infrastrutture, unbundling e certificazione” of the “Autorità per l'energia elettrica il gas e il sistema idrico” has organised, with “Politecnico di Milano” a workshop on the consultation document, 255/2015/R/eel . The discussion concerned the selective support to investments in Smart Distribution Systems. During the workshop there have been a survey of European Smart Grid projects (Joint Research Center) a presentation of the “garanzie nelle comunicazioni” (Agcom) as for the communication services necessary for the Smart Distribution System (AEEG).

Essence has been invited as one of the participants to the consultation on the document.

Download the presentation.

_________________________________________

Brussels, 14 October 2014, ESSENCE PROJECT FINAL CONFERENCE
Piemonte Region representation office


A summary of the final Conference of ESSENCE

 

Kostantinos Moulinos (ENISA):The role of standards for the critical infrastructure in the present context

Fernando Garcia Guitierrez (Deloitte): The Essence approach, an introduction to the case study definition and evaluation criteria

Presentation of two case studies and of the cost of standard implementation

Clementina Bruno, (Università del Piemonte Orientale): Analysing the benefits of emerging security standards with reference to the case study scenarios

Elena Ragazzi (CNR-Ceris): The legacy of the project: further research and recommendations

 Panel discussion chaired by Tadeusz Wlodarczyk (ENTSOE).

 Planned interventions:

  • Torben Fell (European Commission, DG HOME, Unit A1 – Crisis management Terrorism): Cyber security and CIP challenges in EPCIP

 

     

 

_________________________________________

Novara, Università del Piemonte Orientale - 25/06/2013

Potential impact of security measures for power systems controls

****   Synthesis of the results of the workshop  ****

The workshop aimed at presenting the state of the art in the security for power system controls. During the workshop were discussed as well  the criteria and methods of two case-studies to be implemented to evaluate cost and benefits of security standards. Powerpoint presentations available can be downloaded

Enzo Tieghi, Servitecno,Process Control Security and SCADA System Protection: a quick survey

Elena Ragazzi, CNR-Ceris, Opportunities, challenges and likely impact of the current landscape of cyber security frameworks

Andrés Cortes, Deloitte, Most likely attack scenarios

Konstantinos Moulinos, Enisa, Minimum cyber security measures for smart grids

Andrea Zapparoli Manzoni, Security Brokers, Cyber Crime, cyber espionage and information warfare threats to critical infrastructures

Clementina Bruno, Università del Piemonte Orientale, Analysing the cost of black-outs

Antonio Diu, business consultant, Prospective terms of reference for the case studies

Tadeusz Włodarczyk, PSE, The Polish case study

Daniela Pestonesi, Enel, The Italian case study

 

Poster session: some projects on security measures

Utility Test Bed for Cyber Security of Industrial Control Systems (ICS)

PRECYSE, Project Overview

FM BIASED, Formal methods: Business impact of application to security relevant devices.

SESAME, Project

         

 

_________________________________________

Pisa kick-off internal meeting – 28/09/2012. Power point files

Deloitte: Activity 2 - Attack scenario

Enel: Benefit analysis: the cost of blackouts

Ien: Activity 5 polish case study

Ien: Institute of power engineering

Unipmn: A8 – Benefit analysis

_________________________________________

Madrid second internal meeting – 21/02/2013. Power point files

Deloitte: Activity 2 - Attack scenario

Unipmn: Benefit analysis: the cost of blackouts

_________________________________________