A cyber-physical based implementation of Double Virtualization approach for increased resilience and robustness against cyber-attacks
Double Virtualization intents to provide the Critical Infrastructure systems with the ability to mitigate cyber-attacks, by virtualizing functions and thus decoupling them from the physical devices. Additionally, the system is enhanced with integrative sensing and acting functionalities relying on Cyber-Physical systems and IoT technologies. The Double Virtualization functional and decision algorithms necessary to perform the mitigation actions are hosted by specific management devices. All combined, the system is enhanced to a state where, once attacks or failures occurring on a given component of the system are detected and notified, it is possible to migrate the applications from the faulty or failed device into another device, diminishing the downtime caused by the attack.
The Double Virtualization approach enables the separation of the Critical Infrastructure functionalities from the physical system while allowing the system to dynamically reconfigure or re-allocate them. The Double Virtualization system implementation provides simple integration methodologies which allow cooperation with external detection systems to notify the occurrence of incidents/accidents and consequently take the best mitigation actions upon such failures, taking advantage of the high connectivity and processing power of the most evolved computational technologies..
Giovanni di Orio