Periodic Reporting for period 2 - SAFECARE (SAFEguard of Critical heAlth infrastructure)
Berichtszeitraum: 2019-09-01 bis 2021-11-30
Health services are among the most critical infrastructures and the most vulnerable ones . They are relying on information systems to optimize organization and costs, whereas ethics and privacy constraints restrict security controls and thus increase vulnerability. The aim of the project is to provide solutions that improve physical and cyber security in a seamless and cost-effective way. It promotes new technologies and novel approaches to enhance threat prevention, threat detection, incident response and mitigation of impacts. The project also participates in increasing the compliance between security tools and European regulations about ethics and privacy for health services. Project pilots took place in the hospitals of Marseille, Turin and Amsterdam, involving security and health practitioners, in order to simulate attack scenarios in near-real conditions. These pilot sites will serve as reference examples to disseminate the results and find customers across Europe.
SAFECARE conceived an integrated cyber-physical security approach and designed an architecture that combines together different monitoring and management tools, each considering a specific aspect of the global solution. Assets, vulnerabilities, threats, incidents, and impacts are all considered together with their dependencies, forming a shared intelligence that greatly enhances the value of each single data.
SAFECARE conceived an integrated cyber-physical security approach and designed an architecture that combines together different monitoring and management tools, each considering a specific aspect of the global solution. Assets, vulnerabilities, threats, incidents, and impacts are all considered together with their dependencies, forming a shared intelligence that greatly enhances the value of each single data.
WP1 (Ethics) and WP2 (Management) helped with a smooth realisation of all the tasks and the use of the modules in compliance with ethical principles.
WP3 aimed to improve the risk prevention capabilities. The state-of-the art has been updated with new vulnerabilities and new categories of attacks, combining physical and cyber threats. In addition, an identification of critical assets and a requirement analysis were performed. This permits to highlight several cascading attacks scenarios against health facilities. They have been classified by incident likelihood and impact severity. A methodology combining both EBIOS and BowTie has been defined and used for a detailed analysis of risks and related cyber and physical controls.
The Consortium could rely on an analysis of EU legal framework relevant to SAFECARE with specific sections dedicated to applicable laws and regulations in MS where pilot demonstrations took place.
WP4 concerned the physical security of the overall cyber-physical approach of SAFECARE. Five major modules are delivered: the suspicious behavior detection system, the intrusion detection system, the sensor data collection system, the mobile alerting system, the building threat monitoring system.
The specifications of four modules are available as public deliverables on the website. Three patents have been filed.
WP5 was dedicated to cyber security solutions. Five main modules and prototypes are delivered: the IT threat detection system, the BMS threat detection system, the advanced file analysis system, the E-health devices security analytics, the cyber threat monitoring system. The specifications of three modules are available as public deliverables on the website.
WP6 was about the definition of the global architecture of SAFECARE and the design and development of integrated cyber-physical security solutions. WP6 activities have been successfully completed and developed tools have been deployed several times and on different platforms/facilities, according to the test and demonstrations phase: the Data Exchange Layer, the Central Database, the prototype of Impact Propagation and Detection System Model (ready and capable to exchange data with the central database), the Threat response and alert system (TRAS), the Hospital availability management system (HAMS) and the E-health security risk management model.
The WP7 had the general objective of testing the full prototype on a test platform, training security and health practitioners to use the prototypes, deploying test beds and demonstrating the full prototype in an operational environment and evaluating the security impact of the prototype on risk assessment. All these objectives have been successfully reached.
Tests and demonstrations have been conducted in three different hospital sites (Turin, Marseille and Amsterdam) and on a virtual hospital. The feedbacks from these experimentations were dispatched among all the partners in order to perfect the solution promoted by SAFECARE.
The WP8 was dedicated to the dissemination, exploitation and standardization. SAFECARE held its first public project event in M13, which attracted a wide audience and was a valuable opportunity for discussion with stakeholders external to the project. Collaboration within the research community has increased via participation in the European Cluster for Securing Critical Infrastructure (ECSCI) and its respective dissemination activities, but also through coorganization of a big clustering event with two other INFRA projects (SecureGas and SATIE). Further, SAFECARE Commercial Event took place at M39 as a hybrid event (online and in the CNAM premises in Paris) and offered participants the opportunity to learn about the project’s main achievements and to be shown the SAFECARE solutions developed.
The cyber and physical security standards in the healthcare sector, their importance, best practices, as well as the gaps, recommendations, the cyber and physical security certification related issues, were identified and presented (based on the normative literature, SAFECARE partners’ and external stakeholders’ knowledge and experience).
An analysis of all items of knowledge involved in the project has been carried out and innovative aspects of results have been identified, while paying particular attention to the related IP rights and the measures that have been applied for their protection.
WP3 aimed to improve the risk prevention capabilities. The state-of-the art has been updated with new vulnerabilities and new categories of attacks, combining physical and cyber threats. In addition, an identification of critical assets and a requirement analysis were performed. This permits to highlight several cascading attacks scenarios against health facilities. They have been classified by incident likelihood and impact severity. A methodology combining both EBIOS and BowTie has been defined and used for a detailed analysis of risks and related cyber and physical controls.
The Consortium could rely on an analysis of EU legal framework relevant to SAFECARE with specific sections dedicated to applicable laws and regulations in MS where pilot demonstrations took place.
WP4 concerned the physical security of the overall cyber-physical approach of SAFECARE. Five major modules are delivered: the suspicious behavior detection system, the intrusion detection system, the sensor data collection system, the mobile alerting system, the building threat monitoring system.
The specifications of four modules are available as public deliverables on the website. Three patents have been filed.
WP5 was dedicated to cyber security solutions. Five main modules and prototypes are delivered: the IT threat detection system, the BMS threat detection system, the advanced file analysis system, the E-health devices security analytics, the cyber threat monitoring system. The specifications of three modules are available as public deliverables on the website.
WP6 was about the definition of the global architecture of SAFECARE and the design and development of integrated cyber-physical security solutions. WP6 activities have been successfully completed and developed tools have been deployed several times and on different platforms/facilities, according to the test and demonstrations phase: the Data Exchange Layer, the Central Database, the prototype of Impact Propagation and Detection System Model (ready and capable to exchange data with the central database), the Threat response and alert system (TRAS), the Hospital availability management system (HAMS) and the E-health security risk management model.
The WP7 had the general objective of testing the full prototype on a test platform, training security and health practitioners to use the prototypes, deploying test beds and demonstrating the full prototype in an operational environment and evaluating the security impact of the prototype on risk assessment. All these objectives have been successfully reached.
Tests and demonstrations have been conducted in three different hospital sites (Turin, Marseille and Amsterdam) and on a virtual hospital. The feedbacks from these experimentations were dispatched among all the partners in order to perfect the solution promoted by SAFECARE.
The WP8 was dedicated to the dissemination, exploitation and standardization. SAFECARE held its first public project event in M13, which attracted a wide audience and was a valuable opportunity for discussion with stakeholders external to the project. Collaboration within the research community has increased via participation in the European Cluster for Securing Critical Infrastructure (ECSCI) and its respective dissemination activities, but also through coorganization of a big clustering event with two other INFRA projects (SecureGas and SATIE). Further, SAFECARE Commercial Event took place at M39 as a hybrid event (online and in the CNAM premises in Paris) and offered participants the opportunity to learn about the project’s main achievements and to be shown the SAFECARE solutions developed.
The cyber and physical security standards in the healthcare sector, their importance, best practices, as well as the gaps, recommendations, the cyber and physical security certification related issues, were identified and presented (based on the normative literature, SAFECARE partners’ and external stakeholders’ knowledge and experience).
An analysis of all items of knowledge involved in the project has been carried out and innovative aspects of results have been identified, while paying particular attention to the related IP rights and the measures that have been applied for their protection.
SAFECARE allows for the first time to have in one solution all facets of security specific to healthcare infrastructure. The “classic” components are shown together with the more specific components (probes, E-health devices) permitting to manage security in a global way.
The definition of critical assets, requirements and scenarios of threat was done as the basis for the specifications and work that has been carried out. This allowed the development of a framework that has a real impact in the hospital’s security. Twelve scenarios have been modelised. One scenario was updated due to the covid-19 situation and another one to take into account non malveillant incidents. A new methodology, combining both EBIOS RM and Bowtie, has been designed to describe risks.
The estimation of impacts and cascading effects, the visualization of impacted assets and the integration with physical and cyber detection systems (impacts are visualized and considered by BTMS, MAS, CTMS, TRAS and HAMS) is a key feature of SAFECARE and has positive effects on the management of incidents as it improves the awareness of security staff and provides automatic decision support.
The approach to a cyber-physical integrated security constitutes the most relevant added value of SAFECARE solution, as recognized by SAFECARE experts’ boards. This stood out also from demonstrations survey results. The provisioning of a unique solution for both cyber and physical security, and the innovative functionalities provided, could be adopted by European hospitals, with a positive impact on the protection and safety of these critical infrastructures of patients and staff.
The definition of critical assets, requirements and scenarios of threat was done as the basis for the specifications and work that has been carried out. This allowed the development of a framework that has a real impact in the hospital’s security. Twelve scenarios have been modelised. One scenario was updated due to the covid-19 situation and another one to take into account non malveillant incidents. A new methodology, combining both EBIOS RM and Bowtie, has been designed to describe risks.
The estimation of impacts and cascading effects, the visualization of impacted assets and the integration with physical and cyber detection systems (impacts are visualized and considered by BTMS, MAS, CTMS, TRAS and HAMS) is a key feature of SAFECARE and has positive effects on the management of incidents as it improves the awareness of security staff and provides automatic decision support.
The approach to a cyber-physical integrated security constitutes the most relevant added value of SAFECARE solution, as recognized by SAFECARE experts’ boards. This stood out also from demonstrations survey results. The provisioning of a unique solution for both cyber and physical security, and the innovative functionalities provided, could be adopted by European hospitals, with a positive impact on the protection and safety of these critical infrastructures of patients and staff.