The results of a preliminary study on cyber security in 5G and SCADA (Supervisory Control And Data Acquisition) environments are reported, aimed at providing stakeholders of the electricity system with elements both to evaluate the maturity of 5G systems in terms of security specifications and corresponding checks, and to manage the constraints that the national legislation on the security of critical infrastructure sets for SCADA systems.<\/p>\n","protected":false},"author":464,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"tags":[1315],"targets":[1317],"rapporti_tipologie":[762],"class_list":["post-195463","rapporti","type-rapporti","status-publish","hentry","tag-smart-grids-en","targets-research","rapporti_tipologie-report-en"],"acf":{"dont_show_hompage":true,"projects":{"ID":191051,"post_author":"464","post_date":"2024-07-10 16:51:29","post_date_gmt":"2024-07-10 14:51:29","post_content":"","post_title":"Application of Information Technology, Internet of Things, Peer-to-peer, to the electrical system in order to improve security and resilience","post_excerpt":"The project develops methods, tools, demonstrators and experiments to evaluate the application potential of the latest information and communication technologies for the benefit of the electro-energy system.","post_status":"publish","comment_status":"open","ping_status":"closed","post_password":"","post_name":"application-of-information-technology-internet-of-things-peer-to-peer-to-the-electrical-system-in-order-to-improve-security-and-resilience","to_ping":"","pinged":"","post_modified":"2024-08-09 15:59:29","post_modified_gmt":"2024-08-09 13:59:29","post_content_filtered":"","post_parent":0,"guid":"https:\/\/www.rse-web.it\/progetti\/application-of-information-technology-internet-of-things-peer-to-peer-to-the-electrical-system-in-order-to-improve-security-and-resilience\/","menu_order":0,"post_type":"progetti","post_mime_type":"","comment_count":"0","filter":"raw"},"order_posts":"","dont_show_search":false,"related_posts":false,"show_on_slider":false,"single_post_data":{"titolo_spot":"","post_content":"
The preliminary study on cyber security in 5G and SCADA environments was performed with targeted investigations in the framework of the 3rd Generation Partnership Project (3GPP) and related activities of the Global System for Mobile communications Association (GSMA). The specifications produced within 3GPP and GSMA were also analysed based on the specialised literature on the search for security weaknesses that could generate vulnerabilities in real 5G systems. As a result, the security specification of 3GPP was found to be not only incomplete (with reference to specification plans for 5G systems) but also not final, especially due to the critical review to which it is subjected in the specialised literature (which is carefully observed and possibly appreciated by 3GPP and GSMA).<\/p>\n
Based on the accessible documents, it also emerged that the security of real 5G components seems not to have been sufficiently investigated and specified, and therefore, a critical review of the 3GPP-GSMA approach was launched. Regarding the SCADA environment, an initial investigation was carried out both on Law 133\/2019 (national security perimeter) and on the typical vulnerabilities of SCADA systems. Particular attention was paid to the PLC (Programmable Logic Controller) component, for which, in addition to the typical vulnerabilities, the security and\/or security verification requirements defined in various fields were investigated, such as, for example, IEC 62443 (Security for Industrial Automation and Control Systems) and CSPN (Certification de Securit\u00e8 de Premier Niveau).<\/p>\n
The result is not a final picture, since the investigated area is rather dynamic (e.g., additional and significant specifications are expected from the Law on the perimeter of national security). However, some aspects of the vulnerability assessment process for SCADA systems were analysed which, due to the fusion between IP (Internet Protocol) and SCADA technologies, can also count, with proper adaptations, on tools and methods already used for generic ICT components.<\/p>\n","link_estreno":false,"scarica_file":[{"download_option":"download","file_name":"Download Report","download":{"ID":105835,"id":105835,"title":"19012904-319137.pdf","filename":"19012904-319137.pdf","filesize":2024021,"url":"https:\/\/www.rse-web.it\/wp-content\/uploads\/2021\/03\/19012904-319137.pdf","link":"https:\/\/www.rse-web.it\/en\/rapporti\/19012904\/19012904-319137\/","alt":"","author":"464","description":"19012904-319137.pdf","caption":"","name":"19012904-319137","status":"inherit","uploaded_to":132890,"date":"2021-12-31 00:00:00","modified":"2021-03-17 12:50:45","menu_order":0,"mime_type":"application\/pdf","type":"application","subtype":"pdf","icon":"https:\/\/www.rse-web.it\/wp-includes\/images\/media\/document.png"}}],"button":{"text":"","link":""},"referente_group":false,"data_emissione":"2019-12-31","autori":"G. Dondossola, Carlo Majorani \u2018Fondazione Ugo Bordoni\u2019, Franco Guida \u2018Fondazione Ugo Bordoni\u2019, Gabriele Vecchia \u2018Fondazione Ugo Bordoni\u2019, Massimiliano Orazi \u2018Fondazione Ugo Bordoni\u2019, Renato Menicocci \u2018Fondazione Ugo Bordoni\u2019, Vittorio Bagini \u2018Fondazione Ugo Bordoni\u2019","rapporto":"","rif_rse":"19012904"},"satellite_post_url":""},"yoast_head":"\n