ECOSSIAN

European Control System Security Incident Analysis Network

Duration: 2014 – 2017
Call/Grant: EU large-scale integrated project. FP7 Security Call; Grant agreement no: 607577
Website: https://ecossian-project.technikon.com/
Role: Contributor

Abstract: The protection of critical infrastructures increasingly demands solutions which support incident detection and management at the levels of individual CI, across CIs which are depending on each other, and across borders. An approach is required which really integrates functionalities across all these levels. Cooperation of privately operated CIs and public bodies (governments and EU) is difficult but mandatory. After about 10 years of analysis and research on partial effects in CIP and for individual infrastructure sectors, ECOSSIAN is supposed to be the first attempt to develop this holistic system in the sense portrayed above. A prototype system will be developed which facilitates preventive functions like threat monitoring, early indicator and real threat detection, alerting, support of threat mitigation and disaster management. In the technical architecture with an operations centre and the interfaces to legacy systems (e.g., SCADA), advanced technologies need to be integrated, including fast data aggregation and fusion, visualization of the situation, planning and decision support, and flexible networks for information sharing and coordination support, and the connection of local operations centres. This system will only be successful, if the technical solutions will be complemented by an effective and agreed organizational concept and the implementation of novel rules and regulations. And finally, the large spectrum of economically intangible factors will have significant influence on the quality and acceptance of the system. These factors of societal perception and appreciation, the existing and required legal framework, questions of information security and implications on privacy will be analyzed, assessed and regarded in the concept. The system will be tested, demonstrated and evaluated in realistic use cases. They will be developed with the community of stakeholders and cover the sectors energy, transportation and finance, and the ubiquitous sector of ICT.