A blueprint for a Pan-European cyber incident analysis system

Giuseppe Settanni, Florian Skopik, Yegor Shovgenya, Roman Fiedler, Helmut Kaufmann, Tobias Gebhardt, Christophe Ponchel, Klaus Theuerkauf, Konstantin Boettinger, Mark Carolan, Damien Conroy, Gavin Davey, Pia Olli, Heimo Pentikäinen

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientific

Abstract

Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.
Original languageEnglish
Title of host publicationProceedings
Pages84-88
DOIs
Publication statusPublished - 2015
MoE publication typeB3 Non-refereed article in conference proceedings
Event3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015 - Ingolstadt, Germany
Duration: 17 Sep 201518 Sep 2015

Conference

Conference3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015
CountryGermany
CityIngolstadt
Period17/09/1518/09/15

Fingerprint

Blueprints
Control systems
Information analysis
Critical infrastructures
Network security
Information systems
Monitoring

Keywords

  • collaborative incident analysis
  • Pan-European coordination
  • situational awareness

Cite this

Settanni, G., Skopik, F., Shovgenya, Y., Fiedler, R., Kaufmann, H., Gebhardt, T., ... Pentikäinen, H. (2015). A blueprint for a Pan-European cyber incident analysis system. In Proceedings (pp. 84-88) https://doi.org/10.14236/ewic/ICS2015.9
Settanni, Giuseppe ; Skopik, Florian ; Shovgenya, Yegor ; Fiedler, Roman ; Kaufmann, Helmut ; Gebhardt, Tobias ; Ponchel, Christophe ; Theuerkauf, Klaus ; Boettinger, Konstantin ; Carolan, Mark ; Conroy, Damien ; Davey, Gavin ; Olli, Pia ; Pentikäinen, Heimo. / A blueprint for a Pan-European cyber incident analysis system. Proceedings. 2015. pp. 84-88
@inproceedings{0372b29b794d4b1a9ccb6337d164dbf5,
title = "A blueprint for a Pan-European cyber incident analysis system",
abstract = "Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.",
keywords = "collaborative incident analysis, Pan-European coordination, situational awareness",
author = "Giuseppe Settanni and Florian Skopik and Yegor Shovgenya and Roman Fiedler and Helmut Kaufmann and Tobias Gebhardt and Christophe Ponchel and Klaus Theuerkauf and Konstantin Boettinger and Mark Carolan and Damien Conroy and Gavin Davey and Pia Olli and Heimo Pentik{\"a}inen",
year = "2015",
doi = "10.14236/ewic/ICS2015.9",
language = "English",
pages = "84--88",
booktitle = "Proceedings",

}

Settanni, G, Skopik, F, Shovgenya, Y, Fiedler, R, Kaufmann, H, Gebhardt, T, Ponchel, C, Theuerkauf, K, Boettinger, K, Carolan, M, Conroy, D, Davey, G, Olli, P & Pentikäinen, H 2015, A blueprint for a Pan-European cyber incident analysis system. in Proceedings. pp. 84-88, 3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015, Ingolstadt, Germany, 17/09/15. https://doi.org/10.14236/ewic/ICS2015.9

A blueprint for a Pan-European cyber incident analysis system. / Settanni, Giuseppe; Skopik, Florian; Shovgenya, Yegor; Fiedler, Roman; Kaufmann, Helmut; Gebhardt, Tobias; Ponchel, Christophe; Theuerkauf, Klaus; Boettinger, Konstantin; Carolan, Mark; Conroy, Damien; Davey, Gavin; Olli, Pia; Pentikäinen, Heimo.

Proceedings. 2015. p. 84-88.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientific

TY - GEN

T1 - A blueprint for a Pan-European cyber incident analysis system

AU - Settanni, Giuseppe

AU - Skopik, Florian

AU - Shovgenya, Yegor

AU - Fiedler, Roman

AU - Kaufmann, Helmut

AU - Gebhardt, Tobias

AU - Ponchel, Christophe

AU - Theuerkauf, Klaus

AU - Boettinger, Konstantin

AU - Carolan, Mark

AU - Conroy, Damien

AU - Davey, Gavin

AU - Olli, Pia

AU - Pentikäinen, Heimo

PY - 2015

Y1 - 2015

N2 - Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.

AB - Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.

KW - collaborative incident analysis

KW - Pan-European coordination

KW - situational awareness

U2 - 10.14236/ewic/ICS2015.9

DO - 10.14236/ewic/ICS2015.9

M3 - Conference article in proceedings

SP - 84

EP - 88

BT - Proceedings

ER -

Settanni G, Skopik F, Shovgenya Y, Fiedler R, Kaufmann H, Gebhardt T et al. A blueprint for a Pan-European cyber incident analysis system. In Proceedings. 2015. p. 84-88 https://doi.org/10.14236/ewic/ICS2015.9