CyberSANE 2022

International Workshop on Cybersecurity on Critical Infrastructures Management (CyberSANE 2022)

to be held in conjunction with the 17th International Conference on Availability, Reliability and Security
(ARES 2022 – http://www.ares-conference.eu)

August 23, 2022

CyberSANE is a security incident handling, warning and response dynamic system to protect Critical Information Infrastructures (CIIs) against different types of cyberattacks and intrusions based on knowledge and collaboration while allowing continuous learning during the whole lifecycle of an incident.

CyberSANE is composed of five main components:

  • LiveNet is the Live Security Monitoring and Analysis interface platform component for preventing and detecting threats, and capable of mitigating the effects of an intrusion by monitoring, analysing and visualising internal live network traffic in real time
  • DarkNet is the Deep and Dark Web Mining and Intelligence component which allows the exploitation and analysis of risks and threats by analysing textual and meta-data content from various electronic streams.
  • HybridNet is the Data Fusion, Risk Evaluation and Event Management component which provides intelligence to perform effective and efficient analysis of security events coming from both information derived from other system components and on information and data produced by the incident to evaluate the security situation inside critical information infrastructures.
  • ShareNet is the Intelligence and Information Sharing and Dissemination component which provides necessary threat intelligence and information sharing capabilities within CIIs to enhance trustworthiness and identify incidents in a faster way.
  • PrivacyNet: Privacy and Data Protection Orchestrator component for the application and compliance of privacy mechanisms, confidentiality and data protection for sensitive incident-related information.

 

To adequately validate the benefits and full set of features of the CyberSANE system, a set of pilot scenarios have been defined. Although CyberSANE will be applicable to various scenarios in a CIIs’ context, these three pilots, covering three sectors (energytransportation and health) are the basis of the project.

  • Energy pilot: Solar energy production, storage and distribution service

Protection of the Smartly Integrated Distributed Energy platform and its components against threats to the back-end through unauthenticated remote access to IoT components or other entities to disrupt or change services and data and to the IoT and communication systems processing and transmitting sensitive data.

  • Transportation pilot: Container cargo transportation service

Protection of IT, OT and Port Community Systems of one of the sixth largest ports in Europe in terms of volume of traffic against complex threat scenarios disrupting port operations or facilitating illegal activities, unauthorised access to corporate network of SCADA, interference with the authorisation processes for vessels, among others

  • Health pilot: Real-time patient monitoring and treatment services

Protection of Electronic Health Record (HER) and Electronic Medical Record (EM) IT and file systems targeted for ransomware attacks and against vulnerable wireless communications attacking the medical service and even physical damage to a patient.

The agenda for this workshop will be (3 hours)

  • CyberSANE project: concept, background, objectives, consortium (15 min)
  • CyberSANE architecture: Core and 5 components (45 min)
  • CyberSANE pilots: use cases and lessons learnt (1 hour)
  • Standardisation activities (15 min)
  • CyberSANE Business models (30 min)
  • Q&A (15 min)

Topics of interest include, but are not limited to

Cyber threat detection
Cyber threat visualization
Cyber threat monitoring Network Intrusions
Cyber threat analytics
Cyber threat prediction
Cyber threat sharing community

End-to-End threat intelligence
Threat Intelligence sharing
Collaborative Intrusion Detection
Cyber threat sharing platforms
Cyber-crime forensics
Cyber-crime risk management
Incident response

Important Dates
ARES EU Symposium August 23, 2022
 Conference August 23 – August 26, 2022
Workshop CHairs

Jorge Manuel Martins, Project Manager, PDMFC
Luis Landeiro Ribeiro, Head of PMO at PDMFC, Project Manager for the CyberSANE project
Thanos Karantjias, Chief Technology Officer, Maggioli
Pablo Giménez Salazar, CyberSANE Pilot Coordinator and CyberSANE Transport Pilot Manager at Fundacion Valenciaport
Robert Bordianu, Senior DevOps Engineer & IoT Evangelist in Lightsource Labs Limited and CyberSANE Energy pilot Manager
Manfred Criegee-Rieck, CyberSANE Health Pilot, Healthcare Information Processing at Klinikum Nuremberg
Manos Athanathos, Technical Project Manager, ICS Forth

Speakers

will be announced soon