Probabilistic mathematical modelling for security risk assessment

This thesis presents a novel framework for security risk assessment (SRA) and identification, comprising mathematical algorithms and a family of models. Recently, due to the growing incidence of cyber-attacks and cyber-fraud, as well as terrorist attacks and other adversarial activities, qualitative and comprehensive SRA and security risk management have become increasingly important. For large-scale systems, SRA and related data processing tasks are challenging due to the large amount of available information, as well as the diversity and complexity of data sources. However, SRA relies mainly on procedures that, despite being well-formalised, are manual, which introduces the “human factor" as early as the system design stages. The existence of multiple possible threats, along with the variability of the information received from different sensors, has increased the complexity of situation awareness analysis, which often results in scenarios where security officers (operators) are overwhelmed with data and, in certain cases, a high false positive rate. The primary motivation behind this work was to develop a general mathematical approach to SRA based on statistical data processing, data fusion techniques, and game theoretic models. The proposed framework is based on a slight adjustment of the existing SRA methodology for threat modelling, augmented by additional mathematical formalisations. In general, two primary models are presented as the main contribution: • “Static Model" for SRA, which is applicable at the stage of designing the protection of the considered system. • “Dynamic Model" for the processing of generic security-related data, which is applied when the system is in operation. Both models use graph theory as a basis. The static model uses game theory for optimal protection design, while the dynamic model applies Bayesian inference techniques for “online" data processing

Engage D2.7 Annual combined thematic workshops progress report

This deliverable reports on the organisation and results obtained from the third and fourth editions of the Engage thematic challenge (TC) workshops held in 2021. Due to the Covid-19 pandemic, the third editions of the TC2 and TC3 workshops, initially scheduled to be held in 2020, were delayed to the beginning of 2021. The TC1 and TC4 workshops reached their third edition in 2021, while TC2 and TC3 closed with the fourth edition. The main lessons learned relate to data availability, collaboration opportunities, machine learning and artificial intelligence methodologies and approaches, and incentives for future ATM implementations

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well