Large scale Complex Critical Infrastructures (LCCIs), such as water and power supply plants, and transport infrastructures (e.g., airports and seaports), play a key role into several fundamental human activities.
It is easy to think about their economic and social impact: the consequences of an outage can be catastrophic in terms of efficiency, economical losses, consumer dissatisfaction, and even indirect harm to people and deaths.
Currently, LCCIs make extensive usage of Information and Communications Technology (ICT) (e.g., computing systems, communication networks, and sensing hardware), and especially software systems for LCCI interconnection, control, and management, in charge of providing support for advanced monitoring and control facilities. These systems have to be highly resilient in order to reduce the risk of LCCI catastrophic failures.
Nevertheless, the resiliency of future LCCI is compromised by several factors. First, these systems are more and more conceived as the composition of several Off-The-Shelf (OTS) items and/or legacy subsystems, which increase the probability of failures occurrences, due to unexpected or erroneous modes of operation. Second, they have been designed without considering that their size would have significantly grown, crossing national boundaries, and that their operational environment, originally planned to be "closed", would become "open" to the world to allow interoperability among LCCIs and remote accesses and control. This implies that the both accidental events and malicious attacks should be taken into account.