A Universal Cyber Security Toolkit for Health-Care Industry

SPHINX aimed to introduce a health tailored Universal Cyber Security Toolkit for enhancing the cyber protection of Health and care IT Ecosystem and ensuring the patient data privacy and integrity. The SPHINX toolkit provides an automated zero-touch device and service verification toolkit that can be easily adapted or embedded on existing medical, clinical, or healthcare infrastructure, whereas a user/admin is able to choose to apply any from several security services through the SPHINX cyber security toolkit. The SPHINX toolkit enables service providers to specify complete services and sell or advertise these through a secure and easy to use interface.
SPHINX’s approach is focused on the analysis of cyber vulnerabilities of health critical infrastructures, including the combination of both real situation awareness and cyber situation awareness within the environment of the infrastructure. In order to make this feasible, a multidisciplinary group of innovators driven by start-ups, consolidated SMEs in the health domain, experts in the security domain from research institutes, international networks in cybersecurity, and key industry drivers came together to provide an innovative action and solution to protect the health critical infrastructure.

For the duration of the project, the SPHINX consortium produced a comprehensive list of use cases, user requirements and an evaluation methodology and criteria of success for its multitude of methodologies and tools. These resulted in a complete system architecture after two iterations of development. Research was performed on situational awareness standards, and techniques, tools, and technologies related to it, like Vulnerability and Risk Assessment, ML intrusion detection, including standards and automated certification. Further to these subjects, research was performed on decision support capabilities, behaviour and attack simulations, anomaly detection, sandboxed environments, blockchain as used in a threats registry, AI Honeypots, Security information and event management systems, as well as homomorphic encryption capabilities for the transfer of medical data.
The SPHINX consortium moved from theory to practice, implementing these tools, test them, integrate them with a common cyber security toolkit, including advanced visualisation dashboards and third parties enabling APIs. This process happened over two major development and testing iterations with the SPHINX Ecosystem Demo Platform deployed in all three pilot sites, and the measurements collected were validated against the KPIs set. The intensive dissemination led to the organising and taking part in multiple workshops and events, training activities, synergistic activities with other closely linked projects (PANACEA and CureX), scientific publications and participation in scientific conferences etc.

Conceptualisation, Use Cases and System Architecture
* A comprehensive awareness about the cybersecurity landscape of healthcare organisations
* The acknowledgement of a prevailing regulatory and ethical framework for SPHINX
* Identification of key performance indicators to enable the evaluation of the SPHINX’s performance and impact in the cybersecurity systems of healthcare organisations
* The identification of the SPHINX requirements and guidelines, built upon the consideration of the latest cybersecurity needs and expectations

Technology Validation Pilots and Privacy assessment
* The SPHINX Ecosystem Demo Platform was implemented by successfully deploying the SPHINX Universal Cybersecurity Toolkit to all the 3 pilot sites
* For validation and measurement purposes, a replication/emulation environment of Hospital’s legacy systems was implemented and installed
* Measurement Results of pilot activities where test scenarios for specific cyberattacks and use-cases have been evaluated using Key Performance Indicators
* Demonstrated the SPHINX toolkit efficiency to proactively and reactively mitigate risks and respond to cyber-incidents.
* Feedback from Users’ experience (largely positive) on SPHINX ecosystem environment captured and assessed

SPHINX Common Integration Platform & Incremental Strategy
* Configuration, deployment and maintenance of the tools and the infrastructure required to support SPHINX components’ deployment and testing
* Implementation and deployment of the Common Integration Platform components
* Definition and testing of well-functioning interfaces for the interconnection and operation of the SPHINX components
* Integration and testing of the SPHINX components

Cyber security risk assessment & Beyond – Sphinx Intelligence, Sphinx Toolkits, Analysis and Decision Making
* Review of existing situational awareness standards, techniques, tools, and technologies
* Components’ internal design and formal definition of their interfaces
* Setup of initial computational infrastructure to test the integration of tools to support the system release process
* Stability enhancement of the developed components and deployment on SPHINX platforms

SPHINX Toolkits
* Integration between the subcomponents and execution of demo cases to test the functionalities
* Release of the SPHINX toolkits with their interconnections and microservice architecture
* Initial MVP for each tool of the Toolkit

Analysis and Decision Making
Development, integration and testing of
* Decision Support System and Analytic Engine
* Attack & Behaviour Simulators
* Interactive Dashboards
* Knowledge Base Repository

SPHINX Dissemination, sustainability and exploitation
* Multiple far-reaching dissemination and communication activities
* Expansion of synergy activities and establishment of new ones
* Market analysis to collect relevant exploitation and sustainability related information
* Exploitation and sustainability strategy of the project, including a business plan for SPHINX Toolkit commercialisation.
* Organisation of training activities dedicated to the capacity building