A blueprint for a Pan-European cyber incident analysis system

Giuseppe Settanni, Florian Skopik, Yegor Shovgenya, Roman Fiedler, Helmut Kaufmann, Tobias Gebhardt, Christophe Ponchel, Klaus Theuerkauf, Konstantin Boettinger, Mark Carolan, Damien Conroy, Gavin Davey, Pia Olli, Heimo Pentikäinen

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientific

    Abstract

    Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.
    Original languageEnglish
    Title of host publicationProceedings
    Pages84-88
    DOIs
    Publication statusPublished - 2015
    MoE publication typeB3 Non-refereed article in conference proceedings
    Event3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015 - Ingolstadt, Germany
    Duration: 17 Sep 201518 Sep 2015

    Conference

    Conference3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015
    CountryGermany
    CityIngolstadt
    Period17/09/1518/09/15

    Fingerprint

    Blueprints
    Control systems
    Information analysis
    Critical infrastructures
    Network security
    Information systems
    Monitoring

    Keywords

    • collaborative incident analysis
    • Pan-European coordination
    • situational awareness

    Cite this

    Settanni, G., Skopik, F., Shovgenya, Y., Fiedler, R., Kaufmann, H., Gebhardt, T., ... Pentikäinen, H. (2015). A blueprint for a Pan-European cyber incident analysis system. In Proceedings (pp. 84-88) https://doi.org/10.14236/ewic/ICS2015.9
    Settanni, Giuseppe ; Skopik, Florian ; Shovgenya, Yegor ; Fiedler, Roman ; Kaufmann, Helmut ; Gebhardt, Tobias ; Ponchel, Christophe ; Theuerkauf, Klaus ; Boettinger, Konstantin ; Carolan, Mark ; Conroy, Damien ; Davey, Gavin ; Olli, Pia ; Pentikäinen, Heimo. / A blueprint for a Pan-European cyber incident analysis system. Proceedings. 2015. pp. 84-88
    @inproceedings{0372b29b794d4b1a9ccb6337d164dbf5,
    title = "A blueprint for a Pan-European cyber incident analysis system",
    abstract = "Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.",
    keywords = "collaborative incident analysis, Pan-European coordination, situational awareness",
    author = "Giuseppe Settanni and Florian Skopik and Yegor Shovgenya and Roman Fiedler and Helmut Kaufmann and Tobias Gebhardt and Christophe Ponchel and Klaus Theuerkauf and Konstantin Boettinger and Mark Carolan and Damien Conroy and Gavin Davey and Pia Olli and Heimo Pentik{\"a}inen",
    year = "2015",
    doi = "10.14236/ewic/ICS2015.9",
    language = "English",
    pages = "84--88",
    booktitle = "Proceedings",

    }

    Settanni, G, Skopik, F, Shovgenya, Y, Fiedler, R, Kaufmann, H, Gebhardt, T, Ponchel, C, Theuerkauf, K, Boettinger, K, Carolan, M, Conroy, D, Davey, G, Olli, P & Pentikäinen, H 2015, A blueprint for a Pan-European cyber incident analysis system. in Proceedings. pp. 84-88, 3rd International Symposium for ICS & SCADA Cyber Security Research, ICS-CSR 2015, Ingolstadt, Germany, 17/09/15. https://doi.org/10.14236/ewic/ICS2015.9

    A blueprint for a Pan-European cyber incident analysis system. / Settanni, Giuseppe; Skopik, Florian; Shovgenya, Yegor; Fiedler, Roman; Kaufmann, Helmut; Gebhardt, Tobias; Ponchel, Christophe; Theuerkauf, Klaus; Boettinger, Konstantin; Carolan, Mark; Conroy, Damien; Davey, Gavin; Olli, Pia; Pentikäinen, Heimo.

    Proceedings. 2015. p. 84-88.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientific

    TY - GEN

    T1 - A blueprint for a Pan-European cyber incident analysis system

    AU - Settanni, Giuseppe

    AU - Skopik, Florian

    AU - Shovgenya, Yegor

    AU - Fiedler, Roman

    AU - Kaufmann, Helmut

    AU - Gebhardt, Tobias

    AU - Ponchel, Christophe

    AU - Theuerkauf, Klaus

    AU - Boettinger, Konstantin

    AU - Carolan, Mark

    AU - Conroy, Damien

    AU - Davey, Gavin

    AU - Olli, Pia

    AU - Pentikäinen, Heimo

    PY - 2015

    Y1 - 2015

    N2 - Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.

    AB - Today's Industrial Control Systems (ICSs) operating in critical infrastructures (CIs) are becoming more and more complex, moreover they are extensively interconnected with corporate information systems for monitoring, management and maintenance. This increasingly exposes ICSs to modern advanced cyber threats. Existing security solutions try to prevent, detect, and react to cyber threats by employing security measures that typically do not cross the organization's boundaries. However, novel targeted multistage attacks take advantage of interdependencies between organizations and sequentially affect different infrastructures. A coordinated effort to timely reveal such attacks, and promptly outline mitigation strategies is therefore required. In this positioning paper we introduce a collaborative approach to cyber incident information analysis for gaining situational awareness in a European control system security network.

    KW - collaborative incident analysis

    KW - Pan-European coordination

    KW - situational awareness

    U2 - 10.14236/ewic/ICS2015.9

    DO - 10.14236/ewic/ICS2015.9

    M3 - Conference article in proceedings

    SP - 84

    EP - 88

    BT - Proceedings

    ER -

    Settanni G, Skopik F, Shovgenya Y, Fiedler R, Kaufmann H, Gebhardt T et al. A blueprint for a Pan-European cyber incident analysis system. In Proceedings. 2015. p. 84-88 https://doi.org/10.14236/ewic/ICS2015.9