Fri, 2022-09-02

The overarching objective of the ERNCIP “Detection of Indoor Airborne Chemical & Biological Agents” Thematic Group (TG) is to strengthen resilience of critical infrastructure against airborne CB threats by improvement of detection capabilities. The subsidiary aim of the research described in this technical report is to develop knowledge on the behaviour of chemical releases, given some likely attack scenarios, and to propose ways to optimally detect those inside buildings. Making use of a combined approach consisting of experiments and dispersion modelling is considered a strong endeavour towards this aim.

Tue, 2022-04-19

There is significant potential in the use of unmanned remote-controlled vehicles in sampling and measurements in radiological incidents.
To this purpose, this document summarizes the need for and the possible use of robots carrying RN measurement equipment, by defining the minimum required capabilities of radiological detection systems that use robots in a set of scenarios in real environments.
The document also specifies test methods and facilities to verify that robotic equipment, components and complete systems comply with the minimum required capabilities, pointing out standardization needs for Member States and regulatory limitations on the use of radioactive material for testing, including radiological crime scenes. Furthermore, the future possibilities for using robots are assessed as well as improvements and additional needs, potentially expanded to all CBRNE materials.

Tue, 2022-01-11

The implementation of security measures to counter hostile actions against the physical and cyber integrity of water supply systems and deliberate waterborne contamination requires an appropriate planning process incorporating risk assessment surveys, establishment of communication strategies, protocols and screening methods.This manual provides a detailed basis for the creation and implementation of a Water Security Plan for drinking water systems, supporting water utility operators with the information and tools they need to develop a plan specifically for the security of their water supply systems.

Mon, 2020-06-22

This review, developed within the framework of guidance for the production of a water security plan, aims to help water utilities, laboratories and other stakeholders improve their capacities to analyse and identify unknown contaminants in drinking water. An explanation of sampling procedures in emergency situations is given, followed by a proposed approach to the use of non-targeted technologies to determine both toxicity and adenosine triphosphate (ATP) levels. A toxicity analysis quickly detects toxic chemical contaminants, while measuring the ATP gives a first indication of any contamination by microorganisms.

Wed, 2020-01-08

Although European Directive 2008/114/EC on the protection of critical infrastructures (Council of the European Union, 2008) does not designate the water supply sector as a critical infrastructure, all governments recognise that their water supply is vital to national security. Water systems are vulnerable to unintentional and intentional threats, which can include physical acts of sabotage, cyberattack on information systems or supervisory control and data acquisition systems, and contamination.

In the event of the anomalous situation of the contamination of drinking water, it is essential that the impacts of potential health risks are minimised during and after the emergency. This document provides guidance to water utility operators on assessing the risks they face and on the factors to consider if they want to improve their detection capabilities. Guidance is also provided on the preparation of response and recovery plans in the event of a contamination event.

Fri, 2019-11-08

Mon, 2020-12-14

The webinar series on Water Security was organized by the Thematic Group on “Chemical and Biological Risks to DW” of the ERNCIP Office. The series aimed to provide the framework of security aspects in drinking water supply and to introduce the key elements of the Water Security Plan (WSecP), bringing together knowledge and experience of high-level experts from the field. The webinar series was meant for utility managers, researchers, policy experts, consultants, authorities, and operators..

Thu, 2020-09-03

All studies recently published agree that the Industrial Automation and Control Systems (IACS) increasingly constitute a target for cyber-attacks aiming at disturbing Member States’ economies, at disabling our critical infrastructures or at taking advantage from our people. Such hostile acts take place in a context of geostrategic tensions, for the satisfaction of organised crime’s purposes, or else in support of possible activist causes. In this context, the ERNCIP Thematic Group (TG) “Case studies for the cybersecurity of Industrial Automation & Control Systems” was started in January 2014 to answer the question: “Do European critical infrastructure operators need to get IACS’ components or subsystems tested and “certified” (T&C) with regards to their cybersecurity?” And should the answer have been yes, it had to answer a corollary question: “What are (roughly) the conditions of feasibility for implementing successfully a European IACS components cybersecurity Compliance & Certification Scheme?” This TG’s undertaking was a research project, not a task force seeking to deliver an immediately applicable standard. It mobilised representatives of IACS vendors, industrial operators, European Institutions and national cybersecurity authorities.

Thu, 2020-09-03

The present report on Recommendations for the Implementation of a European IACS Components Cybersecurity Certification Scheme (ICCS) has been produced with a close and consistent reference and relevance to the EU CyberSecurity Act, following a rationale that allows it to constitute the most solid basis for a future European Cybersecurity Certification Scheme dedicated to the subject of Industrial Automation & Control Systems Components. To this end, given its high quality and the completeness of its technical content, this report can be considered to be included in the Union Rolling Work Programme so as to be thereafter further developed by ENISA as a candidate European Cybersecurity Certification Scheme in the respective area.

Fri, 2019-11-08