Cyber-physical Threat Detection Platform Designed for Healthcare Systems

Hospitals are responsible for delivering healthcare services to patients in need. These services are large and complex and get affected by multiple interacting actors, such as doctors, nurses, patients, citizens, medical suppliers, health insurance providers. Lately, hospitals around the world are one of the main targets when it comes to terrorist attacks, the cyber realm being the principal source. The healthcare sector is particularly vulnerable due to heavy involvement in patient personal and health information, time constraints, and complex day-to-day operations. In addition to cyber-threats, physical threats are increasingly growing and even healthcare facilities are not immune to them. Malicious intended people created cyber threatening attacks with the purpose to systematically collect evidence against the healthcare system, to advocate for the end of such attacks, and to endanger people\u27s lives or to use the stolen personal data for bad intended actions. Henceforth it is necessary to build a platform that will get alerts and incidents at a fast pace in real-time to prevent any casualties at low cost. SAFECARE project aims to offer protection to hospitals and increase the compliance for the European regulations and security regarding ethics and privacy for health services. This paper presents a solution that will enhance security in hospitals. The primary platform will be built based on a BTMS (Building Threat Monitoring System) where events, incidents, and alerts will be transmitted by sensors from hospital rooms in real-time. Several scenarios were thought to simulate different types of attacks against hospitals and according to the scenarios, various prototypes will be built for assuring the security of the personal and patients from various hospitals.</p

A holistic review of cybersecurity and reliability perspectives in smart airports

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, it is imperative to safeguard IoT networks of smart airports and ensure reliability of services, as cyber-attacks can have tremendous consequences such as disrupting networks, cancelling travel, or stealing sensitive information. There is a need to adopt and develop new Artificial Intelligence (AI)-enabled cyber-defence techniques for smart airports, which will address the challenges brought about by the incorporation of IoT systems to the airport business processes, and the constantly evolving nature of contemporary cyber-attacks. In this study, we present a holistic review of existing smart airport applications and services enabled by IoT sensors and systems. Additionally, we investigate several types of cyber defence tools including AI and data mining techniques, and analyse their strengths and weaknesses in the context of smart airports. Furthermore, we provide a classification of smart airport sub-systems based on their purpose and criticality and address cyber threats that can affect the security of smart airport\u27s networks

A holistic review of cybersecurity and reliability perspectives in smart airports

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, it is imperative to safeguard IoT networks of smart airports and ensure reliability of services, as cyber-attacks can have tremendous consequences such as disrupting networks, cancelling travel, or stealing sensitive information. There is a need to adopt and develop new Artificial Intelligence (AI)-enabled cyber-defence techniques for smart airports, which will address the challenges brought about by the incorporation of IoT systems to the airport business processes, and the constantly evolving nature of contemporary cyber-attacks. In this study, we present a holistic review of existing smart airport applications and services enabled by IoT sensors and systems. Additionally, we investigate several types of cyber defence tools including AI and data mining techniques, and analyse their strengths and weaknesses in the context of smart airports. Furthermore, we provide a classification of smart airport sub-systems based on their purpose and criticality and address cyber threats that can affect the security of smart airport\u27s networks

A holistic review of cybersecurity and reliability perspectives in smart airports

Advances in the Internet of Things (IoT) and aviation sector have resulted in the emergence of smart airports. Services and systems powered by the IoT enable smart airports to have enhanced robustness, efficiency and control, governed by real-time monitoring and analytics. Smart sensors control the environmental conditions inside the airport, automate passenger-related actions and support airport security. However, these augmentations and automation introduce security threats to network systems of smart airports. Cyber-attackers demonstrated the susceptibility of IoT systems and networks to Advanced Persistent Threats (APT), due to hardware constraints, software flaws or IoT misconfigurations. With the increasing complexity of attacks, it is imperative to safeguard IoT networks of smart airports and ensure reliability of services, as cyber-attacks can have tremendous consequences such as disrupting networks, cancelling travel, or stealing sensitive information. There is a need to adopt and develop new Artificial Intelligence (AI)-enabled cyber-defence techniques for smart airports, which will address the challenges brought about by the incorporation of IoT systems to the airport business processes, and the constantly evolving nature of contemporary cyber-attacks. In this study, we present a holistic review of existing smart airport applications and services enabled by IoT sensors and systems. Additionally, we investigate several types of cyber defence tools including AI and data mining techniques, and analyse their strengths and weaknesses in the context of smart airports. Furthermore, we provide a classification of smart airport sub-systems based on their purpose and criticality and address cyber threats that can affect the security of smart airport\u27s networks

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

INSIDER THREAT: A CONSTANT PROBLEM WITH A CONTINUOUS APPROACH

In 2001, the Transportation Security Administration (TSA) was created to secure all modes of transportation from external threats such as terrorists and other actors with malicious intent. Currently, the most dangerous threat to aviation security is an insider threat. What TSA can do better to address insider threats is the primary focus of this thesis. This thesis utilizes a comparative analysis to examine the insider threat programs at the Department of Defense and the Federal Bureau of Investigation in the United States and the Centre for the Protection of National Infrastructure in the United Kingdom to explore insider threat mitigation options for TSA. This thesis finds that TSA should establish a more thorough vetting of applicants and an ongoing review of current aviation employees. Accomplishing this recommendation will require multiple strategies, including establishing and strengthening partnerships to leverage expertise and maximize resources.Civilian, Department of Homeland SecurityApproved for public release. Distribution is unlimited

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures can be considered as large scale Cyber Physical Systems (CPS). Therefore, when designing, implementing, and operating systems for Critical Infrastructure Protection (CIP), the boundaries between physical security and cybersecurity are blurred. Emerging systems for Critical Infrastructures Security and Protection must therefore consider integrated approaches that emphasize the interplay between cybersecurity and physical security techniques. Hence, there is a need for a new type of integrated security intelligence i.e., Cyber-Physical Threat Intelligence (CPTI). This book presents novel solutions for integrated Cyber-Physical Threat Intelligence for infrastructures in various sectors, such as Industrial Sites and Plants, Air Transport, Gas, Healthcare, and Finance. The solutions rely on novel methods and technologies, such as integrated modelling for cyber-physical systems, novel reliance indicators, and data driven approaches including BigData analytics and Artificial Intelligence (AI). Some of the presented approaches are sector agnostic i.e., applicable to different sectors with a fair customization effort. Nevertheless, the book presents also peculiar challenges of specific sectors and how they can be addressed. The presented solutions consider the European policy context for Security, Cyber security, and Critical Infrastructure protection, as laid out by the European Commission (EC) to support its Member States to protect and ensure the resilience of their critical infrastructures. Most of the co-authors and contributors are from European Research and Technology Organizations, as well as from European Critical Infrastructure Operators. Hence, the presented solutions respect the European approach to CIP, as reflected in the pillars of the European policy framework. The latter includes for example the Directive on security of network and information systems (NIS Directive), the Directive on protecting European Critical Infrastructures, the General Data Protection Regulation (GDPR), and the Cybersecurity Act Regulation. The sector specific solutions that are described in the book have been developed and validated in the scope of several European Commission (EC) co-funded projects on Critical Infrastructure Protection (CIP), which focus on the listed sectors. Overall, the book illustrates a rich set of systems, technologies, and applications that critical infrastructure operators could consult to shape their future strategies. It also provides a catalogue of CPTI case studies in different sectors, which could be useful for security consultants and practitioners as well

European Reference Network for Critical Infrastructure Protection: ERNCIP Handbook 2017 edition Version 1.0

The ERNCIP network has been established to improve the protection of critical infrastructures in the EU. The European Reference Network for Critical Infrastructure Protection (ERNCIP) therefore works in close cooperation with all types of CIP stakeholders, focusing particularly on the technical protective security solutions. This handbook aims to assist the dissemination of the activities and results of ERNCIP. It is intended that the document will be updated and issued by the ERNCIP Office in spring each year. The information provided will be up to date as of the end of the previous calendar year, i.e. in this case as at 31 December 2016. The report summarises the achievements of all the ERNCIP Thematic Groups, providing a convenient way to access information on any specific theme of interest covered by ERNCIP. The report also describes current thematic group activities, to allow subject-matter experts and critical infrastructure operators to identify ongoing areas of research they might be interested in assisting. This report is publicly available via the ERNCIP web site, and is distributed to all ERNCIP Group of EU CIP Experts for onward dissemination within their Member State.JRC.E.2-Technology Innovation in Securit

Transportation, Terrorism and Crime: Deterrence, Disruption and Resilience

Abstract: Terrorists likely have adopted vehicle ramming as a tactic because it can be carried out by an individual (or “lone wolf terrorist”), and because the skills required are minimal (e.g. the ability to drive a car and determine locations for creating maximum carnage). Studies of terrorist activities against transportation assets have been conducted to help law enforcement agencies prepare their communities, create mitigation measures, conduct effective surveillance and respond quickly to attacks. This study reviews current research on terrorist tactics against transportation assets, with an emphasis on vehicle ramming attacks. It evaluates some of the current attack strategies, and the possible mitigation or response tactics that may be effective in deterring attacks or saving lives in the event of an attack. It includes case studies that can be used as educational tools for understanding terrorist methodologies, as well as ordinary emergencies that might become a terrorist’s blueprint

The Economic Value regarding the Protection Activities of Critical Infrastructures

In the past two years, a number of European countries, members of EU, Australia and Canada have initiated substantive actions in PIC area, establishing bodies responsible, defining procedures and methodologies, allocating significant resources to protect critical infrastructure considered essential or vital. The security concept, and implicit, the economical and energetic ones have different use and defining in relation to the history and organizational culture of every nation. A decisive contribution in the process of defining those concepts is identifying the set of values and national interests, elements that usually are the result of the public opinion perception. The increased share of non-military risks and threats has determined the national security management reconsideration, becoming more obvious the necessity of &ldquo;public-private partnership&rdquo; approach. A new concept is becoming more and more present and gains maximum generality significations. This kind of process reconfigures the position and the role of social state actors: the political class, the business and scientific environment, civil society and citizens