Full III Validation Exercise Demonstration

Slides:

Advertisements

Similar presentations

The Admissibility of Electronic Evidence at Court: fighting against high tech crime AGIS 2005 Fredesvinda Insa, PhD Strategic Development Manager CYBEX.

Advertisements

ID-06 Building a User-Driven GEOSS Essential Components of User Management for GEO Tasks.

1 Effective, secure and reliable hosted security and continuity solution.

New market instruments for RES-E to meet the 20/20/20 targets Sophie Dourlens-Quaranta, Technofi (Market4RES WP4 leader) Market4RES public kick-off Brussels,

CIRAS PROJECT OVERVIEW

Episode 3 1 Episode 3 EX-COM D Final Report and Recommendations Operational and Processes Feasibility Pablo Sánchez-Escalonilla CNS/ATM Simulation.

DESEREC, an ICT for Trust and Security project DESEREC: Dependability and Security by Enhanced Reconfigurability.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:

Y. PERREAL, THALES - Project leader SECUR-ED, FP7 – SRC’10, Ostende.

The SMARTFREIGHT project Hans Westerheim SINTEF ICT.

Project Description The project basically consists of three main components-Attacker, Defender, and Observer. Our project scenario is the following: A.

INTERNET CRITICALITIES Activation and deactivation of the emergency back-up network Fabrizio Cuccoli, Francesco Sermi RaSS CNIT UO Firenze.

D’Appolonia S.p.A. all rights reserved Advanced technologies for bomb- proof cargo containers and blast containment units for the retrofitting of passenger.

Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

THNS 2010 Open supervision platforms for smart and sustainable cities, Yves PERREAL, Strategic studies Director, THALES.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

Conducting Situated Learning in a Collaborative Virtual Environment Yongwu Miao Niels Pinkwart Ulrich Hoppe.

Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.

Computer Emergency Notification System (CENS)

LEONARDO TRANSFER OF INNOVATION PROJECT “MEDIA TECH: The future of media industry using innovative technologies ” No. LLP-LdV-ToI-11-CY Kick-off.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

PROACTIVE Newsletter The main expected results which will be presented on the Final Proactive Workshop in April include: Researching a holistic citizen-friendly.

Role Of Network IDS in Network Perimeter Defense.

M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:

1 EUCOS Fourth WMO Workshop on the Impact of Various Observing Systems on Numerical Weather Prediction May 2008, WMO, Geneva, Switzerland Stefan.

II Course on GBIF Node Management Arusha, Tanzania 31 st October and 1 st November 2008 GBIF Training Materials and Future Plans Alberto GONZÁLEZ-TALAVÁN.

We support you in finding your feet in your new country by introducing you to the network of local Europportunity interns to help you find an apartment.

IS3220 Information Technology Infrastructure Security

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

Digital Security Focus Area & Critical Infrastructure Protection in H2020 SC7 WP Aristotelis Tzafalias Trust and Security Unit DG Communications.

-Internet On Road. INTRODUCTION Driving means constantly changing location. This, in turn, means a constant demand for information on the current location.

CRITICAL INFRASTRUCTURE RISK ASSESSMENT SUPPORT CIRAS PROJECT OVERVIEW 2nd Stakeholders’ Workshop Aschaffenburg, November, 26th, 2015 Jaime Martín, Project.

NOTECHS. Objectives By the end of this workshop you will:  Understand facilitation techniques, and be able to apply them to manage a constructive debrief.

Frank Schipplick Work Package Coordinator WP1 - eSignatures.

NEXT GENERATION OF SCHOOLS

PREPARED BY G.VIJAYA KUMAR ASST.PROFESSOR

Comprehensive Security and Compliance at an Affordable Price.

What is the McAfee Compatible Solutions Center?

Agenda Control systems defined

Network Security Analysis Name : Waleed Al-Rumaih ID :

Cyber Physical Attack Detection

An ETP Studentship with University of Strathclyde and TNO (NL)

Detection and Analysis of Threats to the Energy Sector (DATES)

A New Vision for ATM Security Management

One tool to rule them all? Integration or survival of the fittest

Cyber Security coordination in Europe CERT-EU’s perspective

Instantiation of the Concept in GAMMA Prototypes

Overview of CLAS12 Calibration

Evaluating a Real-time Anomaly-based IDS

General information Organisation logo Targeted topics

John Butters Running Tiger Teams

Innovative Solutions in Alerting for Persons with Disabilities Javier Mulero Chaves (DLR) Workshop on needs of persons with disabilities throughout disaster.

Four Generations of Security Devices Putting IDS in Context

Temporary Capacity Restrictions: TCR WG & TCR tool

Vendor of Solutions and Services Integrates Office 365 in Its Management Solution Partner Logo “Our new version of iQ.Suite makes safe and flexible.

1 What is EGR? ESTP course on EGR 6-7 September 2016.

What We Do. FIA Partners relay alerts for serious events such as child abductions or the imminent threat of a tornado, tsunami, or other hazard.

Security Management Platform

Walter Boltz Chairman, CEER Gas Working Group

Matteo Merialdo RHEA Group Innovative aspects in cyber range solutions.

13th CoU Thematic Workshops - Thematic Group 3

The CYBERWISER.eu project

The Performance and Scalability of the back-end DAQ sub-system

InWEnt Blended-learning approach in perspective of DRM related Capacity Building in India 06/05/2019 An introduction course on InWEnt Blended-learning.

Topic 9: Requirements Definition and Prioritisation

International Internships

SECURITY IN THE DIGITAL AGE

OU BATTLECARD: Oracle Identity Management Training

ESTP course on EuroGroups Register

Presentation transcript:

Full III Validation Exercise Demonstration 15th November 2017

Full III Exercise Overview (1) - Setup Replicate and validate the full GAMMA architecture Several integrated security prototypes and security management entities (geo-distributed) Human operators Additional (but non-relevant) incoming messages simulated by security event generators (to achieve a more realistic workload) © GAMMA.All rights reserved

Full III Exercise Overview (2) - Threats Realistic coordinated and non-coordinated cyber attacks according to threats identified in GAMMA Hacker attack on System-Wide Information Management (SWIM) to manipulate essential aeronautical weather data Hacker attack on airplane systems via on-board network © GAMMA.All rights reserved

Full III Exercise Overview (3) - Measurements Situational Awareness (SASHA) System Usability (SUS) Trust (SATI) Reaction & Transmission times False Alerts / Missed Alerts User Acceptance + Tailor-made questions and subjective feedback from observers © GAMMA.All rights reserved

Full III Exercise Overview (4) - Runs Performed Runs: Run ID Date Internal Validation Runs (GAMMA operators from Leonardo): IV1-1 15th Mar 2017 IV1-2 IV2 22nd Mar 2017 IV3-1 11th Apr 2017 IV3-2 Final Validation Runs (external persons acting as GAMMA operators) FV-1 4th May 2017 FV-2 © GAMMA.All rights reserved

Coordinated Countermeasures European Level Correlation + Coordinated Countermeasures EGCC EGCC Attack Warning Attack Warning Sanitized Alert Sanitized Alert Sanitized Alert Sanitized Alert Attack Warning Attack Warning No correlation NGSMP 1 NGSMP 1 NGSMP 2 NGSMP 2 NGSMP 3 NGSMP 3 Alert Alert A passenger tries to hack on-board systems IMC IMC Alert Alert SWIM Node Alert Alert Hacker Attack on SWIM Target: Essential Aeronautical Weather Data 03:30 / UTC 12:28:54 Start 05:16 / UTC 12:30:40 1st SWIM Attack starts 05:25 / UTC 12:30:49 IEG 1 detects and sends report to NGSMP1 05:30 / UTC 12:30:54 IEG 1 report received at NGSMP1 05:44 / UTC 12:31:08 NGSMP1 forwards the report to EGCC 05:59 / UTC 12:31:23 EGCC receives the IEG1 alert 06:31 / UTC 12:31:55 IMC attack + report 06:44 / UTC 12:32:08 IMC attack report received 07:00 / UTC 12:32:24 IEG2 attack + report (not visible in the video) 07:14 / UTC 12:32:38 IEG2 attack report received 07:28 / UTC 12:32:52 NGSMP2 forwards the IEG 2 report to EGCC 07:39 / UTC 12:33:03 Received and Correlation at EGCC 07:49 / UTC 12:33:13 Forward to NGSMP3 07:55 / UTC 12:33:19 Forward to SWIM IEG 1 IEG 1 IEG 2 IEG 2 Weather Data SWIM Country 1 Country 2 Country 3

© GAMMA.All rights reserved Quick Facts After the second part of the coordinated attack is detected, the identification (even in a geo-distributed setup) can easily be done in less than one minute All attacks were successfully defended Very few false alerts in all exercise runs Safe and efficient handling of security information Average reaction time of human GAMMA operators (noticing the alert, understanding the alert, decision making and taking action): 23 sec Positive user acceptance and experts feedback © GAMMA.All rights reserved Trust, Usability, Situational Awareness

© GAMMA.All rights reserved Partners involved Partner Role Component Location DLR Exercise Lead / Coordination Multi-Screen Workstation Braunschweig, Germany Leonardo SMP operator NGSMP1, NGSMP2, EGCC, SEGs Chieti, Italy Airbus DS IEG operator IEG 1, IEG 2 (Stub) IEG 1: Elancourt, France, IEG 2: Chieti, Italy TRT IMC operator IMC Reading, UK 42Solutions IDS operator IDS NGSMP1, IDS NGSMP2, IDS NGSMP3, IDS EGCC Eindhoven, Netherlands Boeing RTE SWIM Node operator SWIM Node Madrid, Spain © GAMMA.All rights reserved Wer hat was wo gemacht Quick facts