Concerns for parking are becoming imminent to best support the urban core. These persistent parking problems could be turned into new opportunities, brought by current trends in meeting the globally connected continuum. This paper reveals a work-in- progress to capitalize on private land properties for parking, in order to relieve stress on public agencies, create new sources of revenue, and enlist new entities in the intermediary market. These intermediaries, labelled as Parking Service Providers (or PSPs) play a broker role through advertising parking lots on a shared cloud platform. To streamline these business collaborations and related processes, physical parking lots are augmented with Internet connectivity allowing cloud-provided applications to congregate these lots into a larger inventory. The Internet of Things (IoT) paradigm expands the scope of cloud-based intelligent car parking services in smart cities, with novel applications that better regulate car-parking related traffic. This paper presents a work-in-progress agenda that contributes to new business solutions and state-of-the-art research impacts. We reveal a multi- layered system of PSP-business model through interdisciplinary research blocks where original results are expected to be made at each layer.

Critical infrastructures (CIs) are becoming increasingly sophisticated with embedded cyber-physical systems (CPSs) that provide managerial automation and autonomic controls. Yet these advances expose CI components to new cyber-threats, leading to a chain of dysfunctionalities with catastrophic socio-economical implications. We propose a comprehensive architectural model to support the development of incident management tools that provide situation-awareness and cyber-threats intelligence for CI protection, with a special focus on smart-grid CI. The goal is to unleash forensic data from CPS-based CIs to perform some predictive analytics. In doing so, we use some AI (Artificial Intelligence) paradigms for both data collection, threat detection, and cascade-effects prediction. 

Smart grid employs ICT infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolu- tion is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the develop- ment of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for design- ing testbeds to evaluate the vulnerability of cyberphysical systems against cyberthreats. The proposed framework uses data reported from multiple components of cyberphysical system architecture layers, including physical, control, and cyber layers. At the phys- ical layer, we consider component inventory and related physi- cal flows. At the control level, we consider control data, such as SCADA data flows in industrial and critical infrastructure control systems. Finally, at the cyber layer level, we consider existing secu- rity and monitoring data from cyber-incident event management tools, which are increasingly embedded into the control fabrics of cyberphysical systems.

This document reports a technical description of ELVIRA project results obtained as part of Work- package 4.1 entitled “Multi-agent systems for power Grid monitoring”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity. This report outlines intelligent approaches that continuously analyze data flows generated by Supervisory Control And Data Acquisition (SCADA) systems, which monitor contemporary power grid infrastructures. However, cybersecurity threats and security mechanisms cannot be analyzed and tested on actual systems, and thus testbed simulators are necessary to assess vulnerabilities and evaluate the infrastructure resilience against cyberattacks. This report suggests an agent-based model to simulate SCADA- like cyber-components behaviour when facing cyber-infection in order to experiment and test intelligent mitigation mechanisms. 

This paper describes an Implementation Guide for an emerging standard for autonomic management &control of networks and services, namely the ETSI AFI GANA Reference Model for Autonomic Networking, Cognitive Networking and Self-Management (an emerging standard from ETSI). The implementation guide also takes into consideration the impact of emerging paradigms such as SDN and Virtualization. This is because as the standardized Reference Model has been published, it becomes important to provide an associated Implementation Guide that can be followed in implementing autonomic management & control in network architectures.

This standardization oriented paper describes the SDN (Software-Driven Networking) Enablers in the ETSI AFI GANA Reference Model for Autonomic Management & Control (an emerging standard from ETSI), and impact of Virtualization. This is because in this study we see that Autonomic Management & Control and SDN (Software-Driven Networking) share the same objective of enabling programmable, manageable, dynamically self-adaptable and cost-effective networks and services. SDN enablers in the AFI GANA Model are: (1) Modularization of Logically centralized Control Software (the GANA Network Level DEs in the GANA Knowledge Plane) and Reference Points Definitions; (2) Primitives for Programmability at various layers; (3) Use of Runtime Executable Behavioral Models to complement the use of Policy-Control and dynamic policies; (4) The role and value the GANA MBTS (Model Based Translation Service) brings in SDN; (5) The role and value the GANA ONIX (Overlay Network for Information eXchange) brings in SDN; (6) Interworking GANA Knowledge Plane Decision Elements and SDN Controllers; (7) GANA “Decision-Making-Elements” logics as “software” that can be loaded into nodes and network (enabling “software-empowered networks”). The study is important because it is now becoming critical to study and explore the relationships between Autonomic Management & Control and SDN paradigms, as well as Virtualization, identify complementarities between the paradigms and close the gaps by unifying SDN concepts and associated frameworks with the emerging ETSI AFI GANA Reference Model standard for Autonomic Networking, Cognitive Networking and Self-Management, a hybrid model enabling to combine both centralized and distributed control.

Cyber-physical systems (CPSs) are integrated physical, engineered, andsocial systems whose operations are monitored, coordinated, controlled, and integratedby a computing and communication core. Due to the dynamic structure ofCPSs, the security measurements are often complex. Given this fact, the objectiveof this chapter is to present the intrusion detection, prevention, and response system(IDPRS) for such a dynamic environment.

Cyber-Physical Systems (CPSs) are augmenting traditionalCritical Infrastructures (CIs) with data-rich operations. Thisintegration creates complex interdependencies that exposeCIs and their components to new threats. A systematicapproach to threat modeling is necessary to assess CIs’ vulnerabilityto cyber, physical, or social attacks. We suggest anew threat modeling approach to systematically synthesizeknowledge about the safety management of complex CIs andsituational awareness that helps understanding the nature ofa threat and its potential cascading-effects implications.

With the evolution of modern Critical Infrastructures (CI), more Cyber-Physical systems are integrated into the traditional CIs. This makes the CIs a multidimensional complex system, which is characterized by integrating cyber-physical systems into CI sectors (e.g., transportation, energy or food & agriculture). This integration creates complex interdependencies and dynamics among the system and its components. We suggest using a model with a multi-dimensional operational specification to allow detection of operational threats. Embedded (and distributed) information systems are critical parts of the CI where disruption can lead to serious consequences. Embedded information system protection is therefore crucial. As there are many different stakeholders of a CI, comprehensive protection must be viewed as a cross-sector activity to identify and monitor the critical elements, evaluate and determine the threat, and eliminate potential vulnerabilities in the CI. A systematic approach to threat modeling is necessary to support the CI threat and vulnerability assessment. We suggest a Threat Graph Model (TGM) to systematically model the complex CIs. Such modeling is expected to help the understanding of the nature of a threat and its impact on throughout the system. In order to handle threat cascading, the model must capture local vulnerabilities as well as how a threat might propagate to other components. The model can be used for improving the resilience of the CI by encouraging a design that enhances the system's ability to predict threats and mitigate their damages. This paper surveys and investigates the various threats and current approaches to threat modeling of CI. We suggest integrating both a vulnerability model and an attack model, and we incorporate the interdependencies within CI cross CI sectors. Finally, we present a multi-dimensional threat modeling approach for critical infrastructure protection.

This document reports a technical description of ELVIRA project results obtained as part of Work-package 3.1&3.2 entitled “Taxonomy of Critical Infrastructure (Taxonomy of events + Taxonomy of CI component and relationship)”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity.

Smart grid employs Information and Communication Technology (ICT) infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolution is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the development of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for designing testbeds to allow the simulation of cyberattacks in order to evaluate the vulnerability and the impact of cyber threat attacks. The proposed framework uses data reported from multiple smart grid components at different smart grid architecture layers, including physical, control, and cyber layers. The multi-agent based framework proposed in this paper would analyze the conglomeration of these data reports to assert malicious attacks.

Smart grid adopts ICT to enhance power-delivery management. However, these advanced technologies also introduce an increasing amount of cyber threats. Cyber threats occur because of vulnerabilities throughout smart-grid layers. Each layer is distinguished by typical data flows. For example, power-data stream flows along the physical layer; command data are pushed to and pulled from sensor-control devices, such as RTUs and PLCs. Vulnerabilities expose these data flows to cyber threat via communication networks, such as local control network, vendor network, corporate network and the wider internet. Thus, these data could be used to analyse vulnerabilities against cyber threats. After data collection, data analysis and modelling techniques would be used for vulnerability assessment.

Vulnerability is defined as ”weakness of an asset or control that can be exploited by a threat” according to ISO/IEC 27000:2009, and it is a vital cyber-security issue to protect cyber-physical systems (CPSs) employed in a range of critical infrastructures (CIs). However, how to quantify both individual and system vulnerability are still not clear. In our proposed poster, we suggest a new procedure to evaluate CPS vulnerability. We reveal a vulnerability-tree model to support the evaluation of CPS-wide vulnerability index, driven by a hierarchy of vulnerability-scenarios resulting synchronously or propagated by tandem vulnerabilities throughout CPS architecture, and that could be exploited by threat agents. Multiple vulnerabilities are linked by boolean operations at each level of the tree. Lower-level vulnerabilities in the tree structure can be exploited by threat agents in order to reach parent vulnerabilities with increasing CPS criticality impacts. At the asset-level, we suggest a novel fuzzy-logic based valuation of vulnerability along standard metrics. Both the procedure and fuzzy-based approach are discussed and illustrated through SCADA-based smart power-grid system as a case study in the poster, with our goal to streamline the process of vulnerability computation at both asset and CPS levels.

This document reports a technical description of ELVIRA project results obtained as part of Work-package 2.1 entitled “Complex Dependencies Analysis”. In this technical report, we review attempts in recent researches where connections are regarded as influencing factors to  IT systems monitoring critical infrastructure, based on which potential dependencies and resulting disturbances are identified and categorized. Each kind of dependence has been discussed based on our own entity based model. Among those dependencies, logical and functional connections have been analysed with more details on modelling and simulation techniques.

Power grids form the central critical infrastructure in all developed economies. Disruptions of power supply can cause major effects on the economy and the livelihood of citizens. At the same time, power grids are being targeted by sophisticated cyber attacks. To counter these threats, we propose a domain-specific language and a repository to represent power grids and related IT components that control the power grid. We apply our tool to a standard example used in the literature to assess its expressiveness.

Over the past years the use of digital devices has increased and home networks continue to grow in size and complexity. By the use of virtualized residential gateways advanced functionality can be moved away from the home by extending the customers edge network to the Internet Service Provider (ISP) and thereby decrease the administrative burden for the home user. By employing edge computing and cloud applications at the operator by virtualizing residential gateways instead of using physical devices creates new challenges. This paper is looking at how the choice of virtualization technology impacts performance by investigating operating system level virtualization in contrast to full virtualization for use in virtualized residential gateways. Results show that container based virtualization uses fewer resources in terms of disk, memory, and processor in virtualized residential gateways.