(Click on the '+' to expand/collapse projects)
Expand all | Collapse all
ACDC - Advanced Cyber Defence Center
Building on an EU wide sharing of data consolidated in a clearing house, ACDC delivers solutions and creates a pool of knowledge to help organisations across Europe fight botnets.
ACDS provides a complete set of solutions accessible online to mitigate on-going attacks and targeted both to end-users and to network operators. It also consolidates the data provided by various stakeholders into a pool of knowledge, accessible through the ACDC central clearing house.
ACDC reaches out to users across Europe through 8 national relay centres.
ACDC started in February 2013 and currently operates as a 30 months EU-supported pilot project, ending in July 2015 and aims to continue as a self-sustained infrastructure beyond the end of the project. Initiated by 28 partners from 14 countries, ACDS is open to stakeholders from industry, public authorities and academia across Member States.
ASMONIA - Attack Analysis and Security concepts for
Mobile Network Infrastructures, supported by collaborative Information Exchange
ASMONIA is the acronym for the German name of a research project that aims to improve the resilience, reliability and security of current and future mobile telecommunication networks. Given their inherent complexity, protecting telecommunication networks from attacks requires the implementation of a multitude of technical and organizational controls. Furthermore, to be fully effective these measures call for the collaboration between different administrative domains such as network operators, manufacturers, service providers, government authorities, and users of the services.
CAIS - Cyber Attack Information System
The past years have witnessed the wide-scale integration of IT in communication, production and decision-making processes, creating an enormous level of dependence on these technologies. The CAIS project initiates the development of a “Cyber Attack Information System”. The core is to be developed in the project and is comprised of two methods and prototypic software implementations derived from them: a modelling and simulation tool for the investigation of the structure of large ICT systems with regard to their security and resistance to cyber attacks; as well as an analysis and evaluation tool for the investigation of the current level of threats in networks. During the project, the Institute of IT Security Research is developing a system to analyse, model and simulate strategic ICT infrastructures for the rapid identification of danger points and the development of countermeasures.
CIPSEC - Enhancing Critical Infrastructure Protection with innovative SECurity framework
The main aim of CIPSEC is to create a unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection in IT (information technology) and OT (operational technology) departments of CIs. As part of this framework CIPSEC will offer a complete security ecosystem of additional services that can support the proposed technical solutions to work reliably and at professional quality. These services include vulnerability tests and recommendations, key personnel training courses, public-private partnerships (PPPs) forensics analysis, standardization and protection against cascading effects. All solutions and services will be validated in three pilots performed in three different CI environments (transportation, health, environment). CIPSEC will also develop a marketing strategy for optimal positioning of its solutions in the CI security market.
CIRAS - Critical Infrastructure Risk Assessment Support
Risks emerging or occurring in Critical Infrastructures (CIs) may have various origins – natural, technical or manmade - and in case they materialize, will show a huge spectrum of threats their manifestations, effects and consequences. Therefore it appears desirable if not necessary that CI managers, providers, operators have a tool at hand which enables them to perform fast, flexible risk assessment, and assessment of how their security measures would impact on the different risks. The CIRAS project will provide a novel approach to security management in critical infrastructure protection (CIP), taking into account typical CI effects of interdependencies of systems, cascading and escalation of incident consequences. The approach provides a holistic assessment of all aspects of a security measure, including the expected risk reduction, cost and monetary benefits as well as the large numbers of socio-political factors which need to be regarded in security planning and decision making.
COCKPITCI - Cybersecurity on SCADA;
risk prediction, analysis and reaction tools for critical infrastructure
CockpitCI aims to improve the resilience and dpendability of Critical Infrastuctures (CIs) the automatic detection of cyberthreats and the sharing of real-time information about attacks among CI owners. CockpitCI aims to identify, in real time, the CI funcionalities impacted by cyber-attacks and assess the degration of CI delivered services. CockpitCI aims to classify the associated risk level, broadcast and alert at different security levels an activate a strategy of containment of the possible consiquences of cyber-attacks. CockpitCI aims to leverage the ability of field equipment to counteract cyber-attacks by deploying preservation and shielding strategies able to gurantee the required safety.
CRISALIS - Critical Infrastructure Security Analysis
The CRISALIS project aims at providing new means to secure critical infrastructure environments from targeted attacks, carried out by resourceful and motivated individuals. The discovery of malware such as Stuxnet and Duqu showed that these threats are already a reality. Their success in infiltrating Critical Infrastructure environments is calling attention on the ineffectiveness of standard security mechanisms at detecting them. Stuxnet is believed to have been operating undetected for almost one year leveraging multiple vulnerabilities that were previously unknown, and has been discovered only as a consequence to an operational anomaly that triggered the attention of the field operators. This fact clearly shows that our methods to find vulnerabilities and detect ongoing or successful attacks in critical infrastructure environments are not sufficient.
CRUTIAL - Critical Utility Infrastructural Resilience
The project will:
a) identify and describe control system scenarios;
b) provide modelling approaches for understanding and mastering the various interdependencies;
c) develop a test bed integrating the electric power system and the information infrastructure;
d) investigate fault-tolerant architectural configurations;
e) provide qualitative and quantitative support for the identification, analysis and evaluation of the scenarios identified.
The results will be validated against test beds of Electric Power Systems. The project’s results will help in designing and assessing new Electric Power systems and information infrastructures. Thus, they will enable to reduce the current (unfortunately repetitive) blackouts, in terms of frequency, duration and extent, and provide insights to Electric Power companies and standardization bodies for exploiting resilience in critical utilities infrastructures.
DEMASST - Demo for Mass Transportation Security: Road Mapping Study
To develop adequate and well accepted security for mass transportation in Europe and the citizens affected by it, is a formidable task. The malicious threats, particularly those posed by terrorists, require a comprehensive approach: if security improvements are patchy, perpetrators are likely to find the loopholes left. With their open access points and interconnections, surface mass transportation systems are highly vulnerable, while it is technically and economically, impossible for the multiple operators to employ security measures similar to those used at airports.
EMILI - Emergency Management in Large Infrastructure
The project EMILI (“Emergency Management in Large Infrastructures”) is a European project which aims at a new generation of control systems for large Critical Infrastructures (CIs) like power grids and telecommunication systems, airports, railway / metro systems, and oil and gas pipelines.These CI currently undergo substantial technical, economic, organisational, political, and legal changes. Their meaning for all aspects of human society is steadily increasing, and their dependencies from each other are growing.
GAMMA – Global ATM Security Management Project
The goal of the GAMMA project is to develop solutions to emerging air traffic management vulnerabilities backed up by practical proposals for the implementation of these solutions. The project will also consider the new scenarios created by the Single European Sky programme.
To reach these goals, GAMMA will first perform a comprehensive assessment of the full set of security threats and vulnerabilities affecting the existing ATM system, considering this as a ‘system of systems’ and covering operational as well as technological aspects. This analysis will provide the basis for GAMMA to develop a security management framework, a concrete proposal for the day-to-day operation of air traffic management security. It will also define the requirements and architecture of a security solution which will include the ability to manage incidents and crises spreading throughout the system.
The solution will then be tested in exercises using a validation platform that will include prototypes and demonstrators developed within the project.
KYBER-TEO - Improving Cyber Security for Industry
KYBER-TEO commissioning project is one part of the implementation of national cyber security strategy in Finland. The total project is mainly owned by Finnish National Emergency Support Agency, but led, coordinated and implemented by VTT. The project includes several participating industrial companies and e.g. National Cyber Security Centre (NCSC) as an advisor. The objective of the company specific subprojects is to develop and test ICS specific services for ensuring the cyber security and continuity within industrial production. The results of subprojects are confidential to each company. The more generic learnings, lessons and models etc. are to be disseminated for target groups nationally to benefit the relevant industrial companies and service providers. Some part of the results shall be even public. The results shall be developed in three work packages: WP 1 - Cyber security practices and mappings; WP 2 - Deploying the cyber security to industrial production; WP 3 - Cyber security monitoring services for automation networks.
MICIE - Model Tools for Managing Interaction between Critical Infrastructures
and Related Dependability and Vulnerabilities
The MICIE project, being in line with EU initiative to establish a Critical Infrastructure Warning Information Network (CIWIN), will design and implement a so-called "MICIE alerting system" that identifies, in real time, the level of possible threats induced on a given CI by "undesired" events happened in such CI and/or other interdependent CIs. In particular, whenever such events occur, the MICIE alerting system will support the CI operators providing them with a real time risk level (e.g. expressed in a chromatic scale such as white, green, yellow, orange, red).
MONIKA - Monitoring through Information Fusion
and Classification for Anomaly Detection
MonIKA is intended to enable detection of anomalies in network traffic on a global scale. To this end, processes and tools are being created that allow to aggregate and analyze network work data being monitored within a smaller scale to globally detect and prevent network-based anomalies and attacks.
PRECYSE - Prevention, Protection and Reaction to Cyber Attacks
to Critical Infrastructures
The strategic goal of PRECYSE is to define, develop and validate a methodology, an architecture and a set of technologies and tools to improve - by design - the security, reliability, and resilience of the information and communication technology (ICT) systems that support critical infrastructures (CIs).
PREEMPTIVE - Preventive Methodology and Tools to Protect Utilities Center
PREEMPTIVE addresses the prevention of cyber attacks against hardware and software systems such as DCS, SCADA, PLC, networked electronic sensing, and monitoring and diagnostic systems used by the utilities networks. Moreover, the research aims to implement detection tools based on a dual approach comprising low direct detection and process misbehavior detection.
SECUR-ED - Secured Urban Transportation - A European Demonstration
"SECUR-ED is not only unique in bringing together all relevant urban rail stakeholders from across Europe; it is a demonstration project, where in four major urban European cities - Madrid, Paris, Milan and Berlin – security enhancing technologies and systems will be put to practice and demonstrated.A major challenge for this will be to demonstrate the interoperability of those security solutions. Based upon a seamless integration process, this will exhibit the showcase of this unique European initiative with its major output: a global validated security enhancement package, including risk assessment tools.
SERSCIS - Semantically Enhanced Resilient
and Secure Critical Infrastructure Services
The goal of the SERSCIS project is to develop adaptive service-oriented technologies for creating, monitoring and managing secure, resilient and highly available information systems underpinning critical infrastructures such as air traffic control and airport management systems. Sich systems must be able to survive faults, mismanagement and cyberattacks. SERSCIS aims to achieve this by allowing interconnected information systems to adapt to dynamically changing requirements arising from natiral events, accidents and malicious attacks.
SESAME - Securing the European electricity supply against malicious
and accidential threats
The project objective is:
1. To develop risk assessment tools for identifying weaknesses in power distribution grids and power production plans.
2. The develop tools for protecting these critical infrastructures from cascade effects and from deliberate acts of terrorism and sabotage.
3. To perform a contigency analysis of the distibution grids and to plan the automatic smart restoration and reconfiguration in the event od a failure in parts of the grid.
SG2 - Smart Grid Security Guidance
The project (SG)^2 deals with a systematic study of smart grid technologies in terms of ICT security issues and the research of countermeasures. Based on a thorough threat and risk analysis from a state-level perspective and security analysis of Smart Grid components, (SG)^2 explores measures for power grid operators that serve to increase the security of computer systems deployed in the future critical infrastructure of "smart energy".
VALUESEC - Mastering the Value Function of Security Measures
There is today a gradual shift to the adoption of the most cost-efficient solutions and advanced technologies, which allow governments and other public authorities to achieve more benefits for less expenditure, but this emphasis on cost-benefit analysis will increase in the future. Even though the impact of e.g. counter-terrorism measures on society is very significant, current assessment methods have failed to model the social, political and ethical costs of e.g. anti-terror measures and integrate them into standard assessments. This project will work exactly in the area of very often conflicting interests between the public decision maker, the technology providers, and the impact on citizens. The VALUESEC project aims at correcting this weakness by providing public authorities with a decision support tool-set to analyze different aspects decision process and make decisions based on sound economic analysis.
VIS-SENSE - Visual Analytic Representation of Large Datasets
for Enhanced Network Security
The main goal of VIS-SENSE is the research and development of novel visual analytics technologies for the identification and prediction of very complex patterns of abnormal behaviour in various application areas ranging from network information security and attack attribution to attack prediction and BGP hijacking. The ultimate goal is the enhancement of international network security so as to stimulate proactive measures that will increase the efficiency of the resolution of cyber-crime but will also enhance the prediction of such attacks.
WISER - Wide-Impact cyber Security Risk framework
WISER is a European collaborative Innovation Action that puts cyber-risk management at the very heart of good business practice, benefitting multiple industries in particular critical infrastructure and process owners, and ICT-intensive SMEs. Started on June 1st 2015, by 2017 WISER will provide a cyber-risk management framework able to assess, monitor and mitigate the risks in real-time, in multiple industries.
WOMBAT - Worldwide Observatory of Malicious Behaviors and Attack Threats
The WOMBAT project aims at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, the proposal includes three key workpackages:
(i) real time gathering of a diverse set of security related raw data,
(ii) enrichment of this input by means of various analysis techniques, and
(iii) root cause identification and understanding of the phenomena under scrutiny. The acquired knowledge will be shared with all interested security actors (ISPs, CERTs, security vendors, etc.), enabling them to make sound security investment decisions and to focus on the most dangerous activities first. Special care will also be devoted to impact the level of confidence of the European citizens in the net economy by leveraging security awareness in Europe thanks to the gained expertise.