Cybersecurity is an increasingly relevant issue in the digital world we live in. Cyber threats are on the rise and can pose a serious threat to businesses, organizations, and individuals. For this reason, it is important for organizations to take measures to protect their information and ensure the security of their computer systems.
The Context in Which Eusoft Operates
The security of sites involved in the creation, transformation, or processing of chemical and biological substances, or those responsible for monitoring environmental quality (water, air, soil), has become a growing concern in recent years. These sites are potential terrorist targets due to the storage of hazardous materials in significant quantities or the possible presence of chemicals that can be used for the production of improvised explosive devices.
Even monitoring agencies could be targeted to prevent them from detecting the main attack being conducted in parallel, such as the poisoning of the air or water. In this scenario, it is important to consider the increasing use of automatic controls and instrumental security systems that can enable cyber intrusions. Indeed, digital transformation is emerging as a driver of radical change worldwide.
In this market context, enriching the Eusoft.Lab LIMS (Laboratory Information Management System) software product with specific features aimed at managing Cyber Physical Security by applying the logic of Detection, Response, Prevention to laboratory management processes will allow Eusoft to gain a unique competitive advantage, particularly appealing to all potential customer segments, but especially to strategically important segments. This will make Eusoft.Lab LIMS unique compared to the LIMS of large international competitors. The prototype of the integrated LIMS-SIEM solution that will be delivered as a result of the Research and Development activities of this project is truly innovative and not currently available on the market.
For Eusoft’s target laboratory clients, both in Italy and abroad, operating in highly data-sensitive sectors, having advanced tools for cybersecurity and physical security management is particularly important.
The technological innovation introduced in the product will allow for the timely prevention of incidents to avoid plant shutdowns through a real-time threat collection and detection system. Industrial research activities will define strategies for configuring correctness intervals of results through automated procedures, enabling constant value updates and thus threat prevention and management.
In addition to configuring thresholds, the SIEM (Security Information and Event Management) system will use Artificial Intelligence algorithms to assess results based on internal knowledge and external sources related to configuration, managed processes, etc., to generate correct security alerts related to out-of-spec results so that necessary actions can be taken to prevent the shutdown of treatment or production facilities.
Chemical Defense: Detection, Response, and Prevention
In this context, Eusoft specializes in adapting the Detection, Response, Prevention reference model to the specific case of Chemical Defense to ensure the security of data analysis activities of organizations involved in the production, transformation, processing, or analysis and monitoring of chemical and biological substances. Regarding Prevention, efforts will be made to integrate the Security Support Center (SOC) of the Regional Security Center with tools primarily based on Adversarial Machine Learning techniques, aiming to enable effective and secure use of Machine Learning techniques in hostile environments. For Detection, the work starts with redefining the End Point Events Collector (EPEC) to protect data from the industrial process, preventing the compromise of decision-making actions. Specifically, EPEC will be redesigned to expose Advanced Programming Interfaces, allowing the integration of all IoT devices responsible for measuring the chemical substance processing process, sending data to the data collection infrastructure. Subsequently, through the use of machine learning algorithms and artificial intelligence, it will be possible to analyze and classify offense events and, consequently, activate proactive response patterns, aiming to act promptly to resolve security issues resulting from attacks or malfunctions.
Chemical Risk Analysis
In laboratories, substances, infectious agents, flammable or explosive materials, mobile machinery, extreme temperatures, radiation, magnetic fields, or high voltage can be used or manipulated, creating hazardous situations that can cause serious harm to human health, the environment, and/or safety.
The main risks commonly encountered in a laboratory include:
- Chemical risks, stemming from the use or presence of toxins, corrosive and/or flammable materials, laboratory reagents, etc.
- Biological risks, stemming from the use or presence of microorganisms, animals, plants, and genetically modified agents, etc.
- Radiation risks, stemming from the use or presence of ionizing and non-ionizing radiation.
- Physical risks, stemming from the use or presence of heating devices, noise, projectiles, fire, cold, etc.
- Electrical risks, stemming from the use or presence of electrical energy.
- Mechanical risks, stemming from the use or presence of moving machinery.
- Airborne hazardous materials, stemming from vapors, dust, etc.
- Ergonomic factors, arising from moving activities.
In this deliverable focused on the chemical industry, the CRISP risk analysis methodology was applied to a real laboratory, identifying manipulable components, potential deviations, and the consequences of these deviations both locally and globally.
Subsequently, the methodological approaches for security by design and privacy by design were summarized.
Finally, these approaches were applied to the business process of Eusoft.Lab LIMS.
