A blueprint for a Pan-European cyber incident analysis system

Giuseppe Settanni; Florian Skopik; Yegor Shovgenya; Roman Fiedler; Helmut Kaufmann; Tobias Gebhardt; Christophe Ponchel; Klaus Theuerkauf; Konstantin Boettinger; Mark Carolan; Damien Conroy; Gavin Davey; Pia Olli; Heimo Pentikäinen

doi:10.14236/ewic/ICS2015.9

A blueprint for a Pan-European cyber incident analysis system

Giuseppe Settanni, Florian Skopik, Yegor Shovgenya, Roman Fiedler, Helmut Kaufmann, Tobias Gebhardt, Christophe Ponchel, Klaus Theuerkauf, Konstantin Boettinger, Mark Carolan, Damien Conroy, Gavin Davey, Pia Olli, Heimo Pentikäinen

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific

Abstract

Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.

Original language	English
Title of host publication	Proceedings
Pages	84-88
DOIs	https://doi.org/10.14236/ewic/ICS2015.9
Publication status	Published - 2015
MoE publication type	B3 Non-refereed article in conference proceedings
Event	3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015 - Ingolstadt, Germany Duration: 17 Sept 2015 → 18 Sept 2015

Conference

Conference	3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015
Country/Territory	Germany
City	Ingolstadt
Period	17/09/15 → 18/09/15

Keywords

collaborative incident analysis
Pan-European coordination
situational awareness

Access to Document

10.14236/ewic/ICS2015.9

http://ewic.bcs.org/upload/pdf/ewic_icscsr2015_paper9.pdf

Cite this

@inproceedings{0372b29b794d4b1a9ccb6337d164dbf5,

title = "A blueprint for a Pan-European cyber incident analysis system",

abstract = "Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.",

keywords = "collaborative incident analysis, Pan-European coordination, situational awareness",

author = "Giuseppe Settanni and Florian Skopik and Yegor Shovgenya and Roman Fiedler and Helmut Kaufmann and Tobias Gebhardt and Christophe Ponchel and Klaus Theuerkauf and Konstantin Boettinger and Mark Carolan and Damien Conroy and Gavin Davey and Pia Olli and Heimo Pentik{\"a}inen",

year = "2015",

doi = "10.14236/ewic/ICS2015.9",

language = "English",

pages = "84--88",

booktitle = "Proceedings",

note = "3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015 ; Conference date: 17-09-2015 Through 18-09-2015",

}

Settanni, G, Skopik, F, Shovgenya, Y, Fiedler, R, Kaufmann, H, Gebhardt, T, Ponchel, C, Theuerkauf, K, Boettinger, K, Carolan, M, Conroy, D, Davey, G, Olli, P & Pentikäinen, H 2015, A blueprint for a Pan-European cyber incident analysis system. in Proceedings. pp. 84-88, 3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015, Ingolstadt, Germany, 17/09/15. https://doi.org/10.14236/ewic/ICS2015.9

TY - GEN

T1 - A blueprint for a Pan-European cyber incident analysis system

AU - Settanni, Giuseppe

AU - Skopik, Florian

AU - Shovgenya, Yegor

AU - Fiedler, Roman

AU - Kaufmann, Helmut

AU - Gebhardt, Tobias

AU - Ponchel, Christophe

AU - Theuerkauf, Klaus

AU - Boettinger, Konstantin

AU - Carolan, Mark

AU - Conroy, Damien

AU - Davey, Gavin

AU - Olli, Pia

AU - Pentikäinen, Heimo

PY - 2015

Y1 - 2015

N2 - Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.

AB - Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.

KW - collaborative incident analysis

KW - Pan-European coordination

KW - situational awareness

U2 - 10.14236/ewic/ICS2015.9

DO - 10.14236/ewic/ICS2015.9

M3 - Conference article in proceedings

SP - 84

EP - 88

BT - Proceedings

T2 - 3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015

Y2 - 17 September 2015 through 18 September 2015

ER -

A blueprint for a Pan-European cyber incident analysis system

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this