2. 1. What is ZONeSEC and
what are its objectives
2/10/2018 2ZONeSEC overview
3. ZONeSEC at a glance
• ZONeSEC: “Towards an EU
framework for the security of Wide
zones”
– Start date: 1 December 2014
– End date: 30 November 2018 (48
months)
http://www.zonesec.eu/
Contact points:
Dimitris Petrantonakis (Project Coordinator)
dpetr@exodussa.com
Jose Ramon Martinez (Technical coordinator)
jose.martinezs@atos.net
3ZONeSEC overview2/10/2018
6. 2. Obstacles found on the
road and how to overpass
them
2/10/2018 10ZONeSEC overview
7. 11ZONeSEC overview2/10/2018
ZONeSEC key challenges (1/2)
• Near real time: Time has to be reasonable short
between incident and notification
• No lost of any alert: Alert data should be “reliable”. It
is mandatory that alerts don’t get lost in transit
• No false alerts: Operator need real alerts, not false
alerts
• All kind of networks: All kind of networks are in use
in wide-zones simultaneously
• Flexibility: Plug and play: All the security capillaries
can enter or leave the system at any moment without
affecting the stability of the entire system
• Scalability: The resulting system or framework should
be scalable to any number of security capillaries and
any arbitrary extended area
8. 12ZONeSEC overview2/10/2018
ZONeSEC key challenges (2/2)
• Security: Security has to be taken into account in all possible layers
(including tampering the physical devices)
• Portability: The resulting framework should be portable to any
localization
• Legacy sensors: Already existing sensors (aka “legacy sensors”)
should be included in the framework as seamlessly as possible
• Lack of standards in sensor: Every sensor (new or old) has its own
ways
• Open platform: The system has to be open allowing the possible
addition of new Security capillaries and old legacy systems
• Arbitrary extensive area: Area covered can reach hundreds of km
• Arbitrary number of sensors: The number of sensor involved can be
literally any, including new and old sensors
9. 132/10/2018
13
Solutions adopted in ZONeSEC
The success of ZONeSEC is based in five main
pillars:
1. Modular architecture with the use of
micro services
2. Common data model and common
protocol for all sensors/adaptors
3. Use of a decoupled communications
framework tailored for any kind of
networks and widezones
4. Scalable automatic processing of data
(including fusion of data)
5. Security in devices and in net (including
tampering and cyber)
ZONeSEC overview
11. 17ZONeSEC overview2/10/2018
ZONeSEC sensing solutions
The technological solutions used in ZONeSEC are all in the front line of
what technology can offer for CIP
ZONeSEChas:
• Evolved these technologies
to become products in
many cases
• Used these technologies in
the field in real premises
and scenarios
• Integrated all these
heterogenous technologies
and also “legacy systems
Thesetechnologies
include:
• Sensing solutions
• Technological solutions
like UAV, video analytics,
data fusion, data
representation and cyber
attacks detection
12. 18ZONeSEC overview2/10/2018
Sensors on the technological edge (1/3)
• Distributed Acoustic Sensor (IDAS). IDAS is an optoelectronic system
monitoring the acoustic field along an optical fibre cable. Used in
detecting movement near a perimeter set.
• ULTIMA: Ultima is a heat sensor that can be user also for detection of
leakages (gas and liquid).
13. 19ZONeSEC overview2/10/2018
Sensors on the technological edge (2/3)
• Spectral Imaging System: This is a novel multi-sensor system with
thermal, hyperspectral and SWIR cameras. The processing of the huge
amount of spectral video data is locally performed.
14. 20ZONeSEC overview2/10/2018
Sensors on the technological edge (3/3)
• Mimo Radar: (Multiple Input Multiple Output RAdio Detection And
Ranging), detects intrusions of persons into a secure perimeter marked
by a virtual fence. Additionally, the Radar can provide information
about the distance, velocity and azimuth angle of a target.
15. 21ZONeSEC overview2/10/2018
Technological solutions (1/7)
• AUV: The multirotor and Helly type Mini-UAV systems are equipped with
electro-optic sensors including daylight and thermal cameras (CM100V3, UAV
Vision) as well as communication devices.
• receive Orders from the ZONeSEC System and through the Task-Based
Guidance component to prepare the flight plan using analytics
functionalities for decision making and to upload it in order to execute the
mission.
• real-time video stream including metadata (e.g. position, target)
16. 22ZONeSEC overview2/10/2018
Technological solutions (2/7)
• Visual analytics: Video footage coming life from IP cameras or the UAV
is analyzed to detect cars and people in real time.
• Position in KLV format is read and analyzed in real time. Position is
sent to central COP
• Tracking of each object is created
• Modified footage is re-streamed
17. 23ZONeSEC overview2/10/2018
Technological solutions (3/7)
• Abnormal behavior detection: Video footage coming life from IP
cameras is analyzed to detect behavior of people in real time. We
detect movements considered “suspicious” in certain areas.
18. 24ZONeSEC overview2/10/2018
Technological solutions (4/7)
• Cyber agent: Cyber agents are software agents able to detect any cyber
intrusion and to be trained to detect new threats. The multi-agent
system provides continuous analysis of security events in the cyber-
domain, aggregating data from many sources and providing the ability
to consolidate and correlate monitored data to generate reports and
alerts
19. 25ZONeSEC overview2/10/2018
Technological solutions (5/7)
• Data fusion (SDAIM): SDAIM performs data and information fusion to aid and
improve the decision making process of the Widezone operatives. This core
function is fulfilled by data and information fusion algorithms configured and
executed as event stream processing workflows. The output of the fusion
process are alerts for possible illicit situations and behaviours and also
supporting information, aimed at the Widezone operatives, and provided over a
standard messaging interface
Configurable Big Data Technologies & Scalable Cloud Computing
Infrastructure
Fusion Resources
Catalogue
Management UI
Brokered
MOM
Brokered
MOM
AMQP
Data and Information Fusion Algorithms
configured in event stream processing
workflows
Fusion Session Data
Fusion Resources
Agent
Fusion Process Configuration & Session
Instatiation
Knowledge Base
Domain Semantics
Knowledge Models
Fusion Actionable Inf.
Specialised communicaiton
AlertsAMQP
Knowledge
Federation API
Fusion Session
Agent
High Data
Volumes
Remote
Data Fusion
Algorithms
Sensor Networks
Security Clusters
Widezone Geo-data
Access/Import API DBs
20. 26ZONeSEC overview2/10/2018
Technological solutions (6/7)
• COP and simulation of sensors: Common Operational Picture. The COP
displayed a 3D cartographic view of deployed sensors and raised alerts from
subsystems. The simulation tools provided means to add geo-localized virtual
systems and simulate their inputs to ZONeSEC
21. 27ZONeSEC overview2/10/2018
Technological solutions (7/7)
• Security Clusters: The processing of sensors that are related by geographical
criteria or any other common criteria are aggregated locally and processed
locally (using same SDAIM logic). This provides scalability to the full framework.
22. 282/10/2018
One architecture to integrate all together
Use of a common data model to all ZONeSEC : Data Agreement
initiative has been followed
Modular architecture has been used for the
core components:
Core: is the data hub and
communication module
Micro services: Independent and
modular entities
Geographical
Time synchronization
Metadata
Historical alerts
Bidirectional orders
ZONeSEC overview
23. 4. Playing in the fields of CIP
(Critical infrastructures
protection)
2/10/2018 Title Presentation 29
24. 302/10/2018
ZONeSEC is an end-user driven project
End users involved from the conception of the project
• 4 End-user partners
• Advisory Board members from end-user Community
• Extended base of end users during project
Drive thorough and exhaustive pilot demonstrations and
final demonstrations
• Water Pipelines
• Gas Pipelines
• Railway networks
• Oil Pipelines
• Highways
3030ZONeSEC overview
26. 392/10/2018
Lessons learnt from Pilots
• Need to test integration in remote and “in the field”
for a long time in advance
• If the architecture works, the communications can
beat you
• Good Communication is key
•Language barrier
•Cultural barrier: companies and countries
• Team is everything
You can always have fun when the job is well done
and the team is so great!
3939ZONeSEC overview
27. 402/10/2018
40
Thank you for your time!
Q&A
ZONeSEC overview
Jose Ramon Martinez (Technical coordinator)
jose.martinezs@atos.net