In the period 2019-2021, the project pursued the following objectives:
- The critical revision of 3GPP specifications for architecture, security and assurance procedures for 5G systems, with particular attention to Network Slicing;
- The definition of a methodology for the treatment of SCADA (Supervisory Control and Data Acquisition) systems in accordance with the national regulations on the cybersecurity of critical infrastructures;
- The analysis of the potential of Blockchain technology for the authentication of public keys in the IoT context.
The project’s results, produced over the three-year period 2019-2021, will be used by stakeholders in the electricity system as a contribution to:
- The assessment of the maturity of 5G systems with regard to ICT security and assurance;
- The management of SCADA systems with regard to constraints arising from national regulations on the cybersecurity of critical infrastructure;
- The assessment of the potential of Blockchain technology for the authentication of IoT devices.
The project was part of the framework of the Three-Year Plan of the Ricerca di Sistema programme for 2019-2021. In particular, the project supported the RSE’s Three-Year Implementation Plan (Project 2.3 – WP2 – Increase of system security and resilience) by carrying out the planned ICT security and assurance activities for 5G system components (2019-2021), SCADA systems (2019-2021) and Blockchain technology (2020-2021). In the three-year period, the project focused mainly on the following aspects:
- The evolution of the security architecture and procedures for 5G systems defined by 3GPP;
- The evolution of both the assurance specifications for 5G systems defined by 3GPP (SCAS – Security Assurance Specification) and the scheme (NESAS – Network Equipment Security Assurance Scheme) for the corresponding security assessments jointly defined by 3GPP and GSMA;
- The vulnerabilities of SCADA system components and related reference requirements for ICT security and assurance;
- The evolution of the national regulations relating to security and assurance for ICT components of critical infrastructure and its effects on components of SCADA system;
- The vulnerabilities of SCADA system components and their consideration in the context of the national regulations for ICT components of critical infrastructure;
- The combination of Blockchain systems and PKI systems to support the authentication of IoT devices.