SPEAR aims at a) detecting and responding to cyber-attacks using new technologies and capabilities, b) detecting threat and anomalies timely, c) developing all-in-one security detection solutions, d) leveraging advanced forensics subject to privacy preserving, e) confronting Advanced Persistent Threat (APT) and targeted attacks in smart grids, f) increasing the resilience of the smart grid innovation, g) alleviating the lack of trust in smart grid operators and h) empowering EU-wide consensus. ED is responsible to specify a privacy-preserving framework and a set of privacy-by-design guidelines, to ensure that necessary forensic information can be collected to provide a detailed forensic report that can used as legal evidence in court, towards the attribution of cyber attackers.
The FORESIGHT project aims to develop a federated cyber-range solution to enhance the preparedness of cybersecurity professionals at all levels and advance their skills towards preventing, detecting, reacting and mitigating sophisticated cyber-attacks. This is achieved by delivering an ecosystem of networked realistic training and simulation platforms that collaboratively bring unique cyber-security aspects from the aviation, smart grid and naval domains. The proposed platform will extend the capabilities of existing cyber-ranges and will allow the creation of complex cross-domain/hybrid scenarios to be built jointly with the IoT domain.
Emphasis is given on the design and implementation of realistic and dynamic scenarios, that are based on identified and forecasted trends of cyberattacks and vulnerabilities extracted from cyber-threat intelligence gathered from the dark web. This will enable cybersecurity professionals to rapidly adapt to an evolving threat landscape. ED has undertaken the system architecture design and to provide the integrated Federated User Interface.
CitySCAPE project explores all different cybersecurity dimensions in the ICT multimodal transport, extended to the close-by power and financial sector. It will realize a modular software toolkit enabled to be seamlessly integrated into any multimodal transport system to:
- detect suspicious traffic-data values and identify persistent threats
- evaluate an attack’s impact in technical and notably in financial terms
- combine external knowledge and internally-observed activities to enhance the predictability of zeroday attacks
- instantiate a networked overlay to circulate informative notifications to CERT authorities and support their interplay
The CitySCAPE solution will be tested over a timely set of use-cases involving ticketing applications, cyber-fraud and location data in the regional transport system of two European cities, where extensive experiments will showcase its effectiveness. The findings will steer training sessions of expert/non-expert audience and shape a strong standardization contribution to security (labelling) protocols. ED is responsible to design the system architecture and provide the Risk analysis and impact assessment engine to estimate the threats propagation in the system.