Periodic Reporting for period 2 - SATIE (Security of Air Transport Infrastructure of Europe)
Período documentado: 2020-05-01 hasta 2021-10-31
Critical assets are usually protected against individual physical or cyber threats, but not against complex scenarios combining both categories. SATIE developed an interoperable toolkit which improves cyber-physical correlations, forensic investigations and dynamic impact assessment at airports, by not only protecting cyber and physical assets, but also the business processes that utilise those assets. Security practitioners and airport managers collaborate more efficiently to achieve the resolution of a crisis, when having a shared situational awareness like provided by SATIE. Emergency procedures can be triggered simultaneously through an alerting system in order to reschedule airside/landside operations, notify first responders, cybersecurity and maintenance teams towards a fast recovery.
SATIE achieved interoperability of innovative solutions and validated their efficiency in three demonstrations at different locations in Europe (Croatia, Italy and Greece) under operational conditions. SATIE improved risk assessment methods to address complex attack scenarios and improved the cyber and physical threat prevention and detection as well as the correlation of cyber and physical threats to facilitate human analysis and decision-making. Also, the incident response and impact mitigation for a unified and fast response was fostered. Finally, dynamic airport security standards were developed and emergency and security-incident related approaches were harmonised. This was completed by operational demonstrations. SATIE provides efficient and cost-effective solutions while ensuring compliance with ethics, privacy and regulations. SATIE paves the way to a new generation of Security Operation Centres that can be included in a comprehensive airport security policy.
SATIE also provides training material on the full-scale SATIE Toolbox for airport security practitioners and best practices for updating airport security policy (this was highly appreciated, reviewed and updated by several European standardisation and regulation institutions). The methodology and tools utilised for establishing the exploitation plan of SATIE include market analysis, the competition matrix, the Lean Business Model Canvas, a SWOT analysis, and the Innovation Roadmap. Partners have recorded their Key Exploitable Results (KER), defined the IPR model, recognized risks and constraints and focused on the key success factors of the SATIE Solution. The Lean Business Model Canvas was concluded for SATIE and reported in D7.4 - Exploitation plan.
Some partners developed their innovation even further than expected.
The simulation set up provided for and by SATIE includes a remarkable number of detailed copies of real systems utilised in the airport cyber-physical environment. These digital twins of real systems can be attacked with a bunch of cyber-attacks ranging from Denial of Service (DoS) over Brute Force Attacks to very specific small but harmful attacks like exchange of baggage tags on the conveyor belt of a Baggage Handling System (BHS).
The airports have replicated their Information Technology (IT) and Operational Technology (OT) networks for the simulation purposes and the partners have deployed their security systems on the simulation platform. The Security Operation Centre (SOC), which was included in the simulation, supervises all systems, the network, the servers, databases, the access control, etc. The SOC correlates the received information to detect cyber physical threats and warns the different stakeholders. The system therefore proved its capacity to respond to airport threats in a secure (simulated) environment.
The recommendations based on the Privacy by Design principles have allowed improving the methodology used for the assessment of data protection of end-users and travellers within the complex security systems. This is achieved and maintained through integrating new conceptual tools contributing to minimization of social and economic impact while assuring compliance with active regulations where the use of personal data is involved. This in turn, translated significant findings into dissemination activities and materials, including scientific papers with relevant recommendations for future research and innovation projects.