Safeguarding information intensive critical infrastructures against novel types of emerging failures

The complexity of information intensive critical infrastructures, like electricity networks, telecommunication networks and public transportation networks is today augmented much more than in the past: such complexity augments the number of possible failures and anomalous working conditions and consequently decreases the survivability of the infrastructures. In this paper, the possibility is investigated to detect early anomalies and failures inside information intensive critical infrastructures by the introduction of anomaly detectors being "self-aware" about the normal working conditions of the infrastructure itself. This approach has the objective to improve the performance of the most popular signature-based algorithms for intrusion detection, and makes use of different classes of time-oriented algorithms based on artificial intelligence paradigm. It has the advantage to work also in presence of unknown and unexpected types of attacks or failures. The tests, to evaluate the performance of the utilised detectors, are executed inside an emulated supervisory control and data acquisition (SCADA) system of an electrical power transmission grid, and a proposal for the future integration inside real SCADA systems is also reported. (c) 2006 Elsevier Ltd. All rights reserved.