Periodic Reporting for period 2 - CitySCAPE (CitySCAPE: City-level Cyber-Secure Multimodal Transport Ecosystem)
Periodo di rendicontazione: 2022-03-01 al 2023-08-31
The traditional security controls and security assurance arguments are becoming increasingly inefficient in supporting the emerging needs and applications of the multimodal transport systems, allowing threats and security incidents to disturb all dimensions of transportation. Therefore, the enormous potential of the multimodal ecosystem, namely a more efficient transportation, which lies on the extent to which it globally remains cyber-secure, is becoming vulnerable. CitySCAPE puts the multi-modal transport ecosystem under the microscope while also considering its interplay with related critical NIS Directive sectors. It introduces innovative risk analysis techniques and orchestrates a number of software solutions to realize an interoperable toolkit that seamlessly integrates to any multimodal transport system. It allows the collaborative analysis of security/privacy persistent threats, forecasts cyber-security incidents, counteracts at highly-possible cyber-attack entry-points, assesses the impact in both technical and financial terms and finally, provides informative notifications to CERT/CSIRT.
Objectives:
-Enhance cybersecurity addressing users and data privacy concerns.
-Introduce risk analysis tools to identify threats and their propagation mechanism in NIS Directive critical sectors and assess the impact of a potential cyber-attack.
-Improve the proactive approach of handling cybersecurity challenges and actively contribute to the predictability of threats.
-Enhance end-user engagement towards the definition and provision of multimodal passenger transport requirements about digital security, privacy and personal data protection.
-Further strengthen the role of CERTs/CSIRTs and facilitate the collaborative investigation of incidents in line with the NIS Directive.
-Significantly contribute to multimodal transport standards and gain experimental evidence on the feasibility of security labelling in city-level multimodal transport.
-Showcase and validate the CitySCAPE solution efficiency in large scale pilot demonstrators involving all relevant entities and digital infrastructure of transport providers.
-Analyse and outreach the multimodal transport security market to maximize the CitySCAPE footprint and exploitation.
Objectives:
-Enhance cybersecurity addressing users and data privacy concerns.
-Introduce risk analysis tools to identify threats and their propagation mechanism in NIS Directive critical sectors and assess the impact of a potential cyber-attack.
-Improve the proactive approach of handling cybersecurity challenges and actively contribute to the predictability of threats.
-Enhance end-user engagement towards the definition and provision of multimodal passenger transport requirements about digital security, privacy and personal data protection.
-Further strengthen the role of CERTs/CSIRTs and facilitate the collaborative investigation of incidents in line with the NIS Directive.
-Significantly contribute to multimodal transport standards and gain experimental evidence on the feasibility of security labelling in city-level multimodal transport.
-Showcase and validate the CitySCAPE solution efficiency in large scale pilot demonstrators involving all relevant entities and digital infrastructure of transport providers.
-Analyse and outreach the multimodal transport security market to maximize the CitySCAPE footprint and exploitation.
-Definition of the Risk and Quality procedures, use cases and specifications. A relevant paper was produced.
-Approach of cascading risks in the multimodal transportation platforms based on the NIS directive. A relevant paper was produced.
-Definition the system Modelling, Risk Analysis and Management, the GDPR Compliance of the different tools, user and system requirements, security assurance methodologies, CitySCAPE system architecture.
-Description of the CPaaS platforms of both pilot sites.
-Definition of the ethics, legal and security approval methodologies.
-Provision of the final versions of CitySCAPE modules followed by the integration report of the toolkit.
-Performance of the pilot demonstrations in Tallinn and Genova and of the relevant evaluation reports. The vast majority of the technical KPIs and user acceptance objectives were met.
-Provision of the final version of the standardisation plan, the standardisation activities report, the market analysis and the relevant exploitation plan. The project actively participated in the Horizon Booster initiative and the relevant training sessions to further increase its exploitation possibilities.
-Provision of the training packages and the relevant training activities reports. All training KPIs were reached regarding number of training sessions and attendants.
-Dissemination objectives were met and the relevant reports were provided. More specifically regarding publications we had the following:
Conference papers: 2 papers have been published in conference proceedings. 1 paper has been presented and expected to be published soon.
Journal publications: 1 journal publication has been accepted and will be soon published and another journal paper has been submitted and is under review.
-Approach of cascading risks in the multimodal transportation platforms based on the NIS directive. A relevant paper was produced.
-Definition the system Modelling, Risk Analysis and Management, the GDPR Compliance of the different tools, user and system requirements, security assurance methodologies, CitySCAPE system architecture.
-Description of the CPaaS platforms of both pilot sites.
-Definition of the ethics, legal and security approval methodologies.
-Provision of the final versions of CitySCAPE modules followed by the integration report of the toolkit.
-Performance of the pilot demonstrations in Tallinn and Genova and of the relevant evaluation reports. The vast majority of the technical KPIs and user acceptance objectives were met.
-Provision of the final version of the standardisation plan, the standardisation activities report, the market analysis and the relevant exploitation plan. The project actively participated in the Horizon Booster initiative and the relevant training sessions to further increase its exploitation possibilities.
-Provision of the training packages and the relevant training activities reports. All training KPIs were reached regarding number of training sessions and attendants.
-Dissemination objectives were met and the relevant reports were provided. More specifically regarding publications we had the following:
Conference papers: 2 papers have been published in conference proceedings. 1 paper has been presented and expected to be published soon.
Journal publications: 1 journal publication has been accepted and will be soon published and another journal paper has been submitted and is under review.
A number of CitySCAPE partners developed modules and methodologies beyond the state of the art. Namely:
-UPRC:
Development of a novel risk analysis algorithm for cyber-physical systems that is based on hierarchical modelling using basic assets and basic relationships that can be used to define a new ontology applicable to all NIS directive critical domains.
Development of a dynamic risk analysis methodology that performs continuous evaluation of the risk score of an asset or platform by tracking vulnerabilities, associating them automatically with threats and weaknesses. The dynamic tool is trained to perform the association using machine learning.
Development of a new methodology for cascading threats with use of modified fault trees that can monitor the probabilistic propagation of a threat to other assets that have a relationship with the compromised asset.
-Kaspersky
KMS-SDK: Implemented a library for building online security solutions for mobile devices that run the Android and iOS operating systems.
Kaspersky threat data feeds: Kaspersky Lab offered continuously updated Threat Data Feeds to inform CitySCAPE stakeholders about risks and implications associated with cyber threats, helping them to mitigate threats more effectively and defend against attacks even before they are launched.
-Airbus
CTIP: Developed from scratch of a new tool Sherlock.
SIEM: Developed from scratch of a new tool ElasticHunter.
-Engineering
IPS/IDS engine: An additional module has been designed to identify a-normal behaviour with Machine learning techniques.
FIMCA engine: A financial impact assessment engine which was designed entirely within the CitySCAPE project. FIMCA provides an economic evaluation of the costs associated to a cyber threat that compromise the assets of an organization.
-ED/UPRC
RITA engine: Was developed entirely within CitySCAPE. ED and UPRC have followed an asset-based risk analysis approach to assess the security state of the multimodal transport. As a result a new component has been designed, developed and integrated, based on a dynamic risk analysis methodology that incorporates a new modelling approach, tailored-made for the system under test, capable to robustly and hierarchically support risk modelling of the multimodal transport ecosystem
All modules were successful developed using in many cases existing technologies but in all cases going beyond the state of the art by developing additional ones. Each one of the modules along with the combined toolkit fostered innovation and achieved the desired impact namely:
-Offer a technical basis to better facilitate collaboration between CERTs/CSIRTs and strengthened the link between them and transport stakeholders
-Provided an accurate identification of so-far under-explored/hidden privacy risks
-Introduced and validate an agile concept of a standalone interoperable solution
-Identified and tracked the potential path of a cyber-attack through the whole multimodal transport chain and the NISA directive sectors
-Estimated the attack impact on both technology and financial terms
-Provided a scheme for cybersecurity labelling
-Promoted best practices in cybersecurity management solutions through training sessions
-UPRC:
Development of a novel risk analysis algorithm for cyber-physical systems that is based on hierarchical modelling using basic assets and basic relationships that can be used to define a new ontology applicable to all NIS directive critical domains.
Development of a dynamic risk analysis methodology that performs continuous evaluation of the risk score of an asset or platform by tracking vulnerabilities, associating them automatically with threats and weaknesses. The dynamic tool is trained to perform the association using machine learning.
Development of a new methodology for cascading threats with use of modified fault trees that can monitor the probabilistic propagation of a threat to other assets that have a relationship with the compromised asset.
-Kaspersky
KMS-SDK: Implemented a library for building online security solutions for mobile devices that run the Android and iOS operating systems.
Kaspersky threat data feeds: Kaspersky Lab offered continuously updated Threat Data Feeds to inform CitySCAPE stakeholders about risks and implications associated with cyber threats, helping them to mitigate threats more effectively and defend against attacks even before they are launched.
-Airbus
CTIP: Developed from scratch of a new tool Sherlock.
SIEM: Developed from scratch of a new tool ElasticHunter.
-Engineering
IPS/IDS engine: An additional module has been designed to identify a-normal behaviour with Machine learning techniques.
FIMCA engine: A financial impact assessment engine which was designed entirely within the CitySCAPE project. FIMCA provides an economic evaluation of the costs associated to a cyber threat that compromise the assets of an organization.
-ED/UPRC
RITA engine: Was developed entirely within CitySCAPE. ED and UPRC have followed an asset-based risk analysis approach to assess the security state of the multimodal transport. As a result a new component has been designed, developed and integrated, based on a dynamic risk analysis methodology that incorporates a new modelling approach, tailored-made for the system under test, capable to robustly and hierarchically support risk modelling of the multimodal transport ecosystem
All modules were successful developed using in many cases existing technologies but in all cases going beyond the state of the art by developing additional ones. Each one of the modules along with the combined toolkit fostered innovation and achieved the desired impact namely:
-Offer a technical basis to better facilitate collaboration between CERTs/CSIRTs and strengthened the link between them and transport stakeholders
-Provided an accurate identification of so-far under-explored/hidden privacy risks
-Introduced and validate an agile concept of a standalone interoperable solution
-Identified and tracked the potential path of a cyber-attack through the whole multimodal transport chain and the NISA directive sectors
-Estimated the attack impact on both technology and financial terms
-Provided a scheme for cybersecurity labelling
-Promoted best practices in cybersecurity management solutions through training sessions