Design of an IOC-based early warning system
The protection of critical infrastructures increasingly demands solutions which support incident detection and management at the levels of individual CI, across CIs which are depending on each other, and across borders. An approach is required which really integrates functionalities across all these levels. Cooperation of privately operated CIs and public bodies (governments and EU) is difficult but mandatory. After about 10 years of analysis and research on partial effects in CIP and for individual infrastructure sectors, ECOSSIAN is supposed to be the first attempt to develop this holistic system in the sense portrayed above. A prototype system will be developed which facilitates preventive functions like threat monitoring, early indicator and real threat detection, alerting, support of threat mitigation and disaster management. In the technical architecture with an operations centre and the interfaces to legacy systems (e.g., SCADA), advanced technologies need to be integrated, including fast data aggregation and fusion, visualization of the situation, planning and decision support, and flexible networks for information sharing and coordination support, and the connection of local operations centres. This system will only be successful, if the technical solutions will be complemented by an effective and agreed organizational concept and the implementation of novel rules and regulations. And finally, the large spectrum of economically intangible factors will have significant influence on the quality and acceptance of the system. These factors of societal perception and appreciation, the existing and required legal framework, questions of information security and implications on privacy will be analyzed, assessed and regarded in the concept. The system will be tested, demonstrated and evaluated in realistic use cases. They will be developed with the community of stakeholders and cover the sectors energy, transportation and finance, and the ubiquitous sector of ICT.
- Partner: Technikon Forschungs- und Planungsgesellschaft mbH (Coordinator), EADS Deutschland GmbH, Bord Gais, AIT Austrian Institute of Technology GmbH, Fraunhofer AISEC for the Fraunhofer Gesellschaft e.V., Cambrensis Ltd., Cassidian CyberSecurity SAS, INOV INESC INOVAÇÂO, Rede Ferroviária Nacional, Polícia Judiciária, Espion, VTT Technical Research Centre of Finland, Katholieke Universiteit Leuven, Bertin Technologies, ifak Institut für Automation und Kommunikation e.V., Poste Italiane SpA, Cassidian Cybersecurity GmbH, Police Academy Szczytno, Centre for European Security Strategies
- Project duration: 06/2014 – 05/2017
- Funding: FP7-SEC-2013.2.5-3 – Pan European detection and management of incidents/attacks on critical infrastructures in sectors other than the ICT sector (i.e., energy, transport, finance, etc.)…