Your search keyword '"Röning J"' showing total 3 results

1. Applying soft systems methodology to complex problem situations in critical infrastructures:the CS-AWARE case study

Author

Kupfersberger, V. (Veronika), Schaberreiter, T. (Thomas), Wills, C. (Chris), Quirchmayr, G. (Gerald), and Röning, J. (Juha)

Subjects

Critical Infrastructures, Cybersecurity, Soft Systems Methodology, Cyber Situational Awareness, Socio-technological Analysis, Information Sharing, System Analysis

Abstract

Modern technology, in addition to all its benefits, creates new threats and attack vectors to individuals and organisations. In the past years, the number of cyber attacks has increased drastically as has the extent of their effects. These circumstances clearly show that a different approach to cybersecurity is required: a holistic, collaborative strategy to improve the security situation for society and the economy as a whole. In the European Union, the legal framework that is currently developing (like the network and information security (NIS) directive), recognises the increasing need for cooperation and collaboration among individual actors to improve cybersecurity. Information sharing is therefore one of the key elements of the NIS directive. In this paper, we present and demonstrate a system and dependency analysis based on soft systems thinking. This approach is able to capture the relations between assets and their internal and external dependencies in the complex systems of organisations. It is applicable to critical infrastructures or other organisations that base their operations on complex systems and interactions. The analysis approach introduced is done in a socio-technological manner; the human aspect of the systems is considered as important as the technical or organisational aspects. The case study presented in this paper, covering the first steps towards the development of a holistic cybersecurity awareness solution, is based on three focus points: an initial threat assessment for local public administrations (LPAs), an analysis of external information sources and an analysis of the piloting scenarios based on the first round of soft systems analysis workshops. The results of which are essential to the development of the solutions implementation framework and further software development.

Published

2018

2. Addressing complex problem situations in critical infrastructures using soft systems analysis:the CS-AWARE approach

Author

Schaberreiter, T. (Thomas), Wills, C. (Chris), Quirchmayr, G. (Gerald), and Röning, J. (Juha)

Subjects

Critical Infrastructures, Cybersecurity, Soft Systems Methodology, Cyber Situational Awareness, Socio-technological Analysis, Information Sharing, System Analysis

Abstract

In a world in which large-scale cyber attacks are the norm rather than the exception, the need for cybersecurity gains in importance every day. Current cybersecurity solutions are often not taking the holistic approach that would be required to provide comprehensive security to their users (for example, strategic/critical infrastructure, large organizations, small and medium-sized enterprises (SMEs) or public institutions). A new way of thinking about cybersecurity is required: Cooperation and collaboration among individual actors as a way to improve the security situation for society and economy as a whole is a promising approach. In the European Union, the legal framework that is currently developing (like the network and information security (NIS) directive), recognizes the need for cooperation and collaboration among individual actors to improve cybersecurity. Information sharing is one of the key elements of the NIS directive. In this paper, we present a system and dependency analysis based on soft systems thinking that is able to capture the relations between assets and its internal and external dependencies in the complex systems of organizations like critical infrastructures or other organizations that base their operations on complex systems and interactions. The analysis is done in a socio-technological manner; the human aspect of the systems is considered as important as the technical or organizational aspects. As a use case, we present CS-AWARE, a European H2020 project which relies on the presented system and dependency analysis method as a core concept for providing a cybersecurity solution that is in line with the cooperative and collaborative efforts of the NIS directive.

Published

2017

3. A Bayesian network based on-line risk prediction framework for interdependent critical infrastructures

Author

Schaberreiter, T. (Thomas), Röning, J. (Juha), Bouvry, P. (Pascal), and Khadraoui, D. (Djamel)

Subjects

Modellierung, interdependency, monitorointi, Risikoabschätzung, modelling, riskiarviointi, risk prediction, riippuvuus, risk estimation, simulointi, mallinnus, Abhängigkeiten, dynamische Bayessche Netzwerke, sisäinen riippuvuus, critical infrastructures, dynaamiset Bayesin verkot, Risikovorhersage, Bayes-verkot, Bayessche Netzwerke, riskin ennustaminen, dynamic Bayesian networks, simulation, kritische Infrastrukturen, monitoring, Überwachung, Bayesian networks, kriittinen infrastruktuuri, dependency, gegenseitige Abhängigkeiten

Abstract

Critical Infrastructures (CIs) are an integral part of our society and economy. Services like electricity supply or telecommunication services are expected to be available at all times and a service failure may have catastrophic consequences for society or economy. Current CI protection strategies are from a time when CIs or CI sectors could be operated more or less self-sufficient and interconnections among CIs or CI sectors, which may lead to cascading service failures to other CIs or CI sectors, where not as omnipresent as today. In this PhD thesis, a cross-sector CI model for on-line risk monitoring of CI services, called CI security model, is presented. The model allows to monitor a CI service risk and to notify services that depend on it of possible risks in order to reduce and mitigate possible cascading failures. The model estimates CI service risk by observing the CI service state as measured by base measurements (e.g. sensor or software states) within the CI service components and by observing the experienced service risk of CI services it depends on (CI service dependencies). CI service risk is estimated in a probabilistic way using a Bayesian network based approach. Furthermore, the model allows CI service risk prediction in the short-term, mid-term and long-term future, given a current CI service risk and it allows to model interdependencies (a CI service risk that loops back to the originating service via dependencies), a special case that is difficult to model using Bayesian networks. The representation of a CI as a CI security model requires analysis. In this PhD thesis, a CI analysis method based on the PROTOS-MATINE dependency analysis methodology is presented in order to analyse CIs and represent them as CI services, CI service dependencies and base measurements. Additional research presented in this PhD thesis is related to a study of assurance indicators able to perform an on-line evaluation of the correctness of risk estimates within a CI service, as well as for risk estimates received from dependencies. A tool that supports all steps of establishing a CI security model was implemented during this PhD research. The research on the CI security model and the assurance indicators was validated based on a case study and the initial results suggest its applicability to CI environments. Tiivistelmä Tässä väitöskirjassa esitellään läpileikkausmalli kriittisten infrastruktuurien jatkuvaan käytön riskimallinnukseen. Tämän mallin avulla voidaan tiedottaa toisistaan riippuvaisia palveluita mahdollisista vaaroista, ja siten pysäyttää tai hidastaa toisiinsa vaikuttavat ja kumuloituvat vikaantumiset. Malli analysoi kriittisen infrastruktuurin palveluriskiä tutkimalla kriittisen infrastruktuuripalvelun tilan, joka on mitattu perusmittauksella (esimerkiksi anturi- tai ohjelmistotiloina) kriittisen infrastruktuurin palvelukomponenttien välillä ja tarkkailemalla koetun kriittisen infrastruktuurin palveluriskiä, joista palvelut riippuvat (kriittisen infrastruktuurin palveluriippuvuudet). Kriittisen infrastruktuurin palveluriski arvioidaan todennäköisyyden avulla käyttämällä Bayes-verkkoja. Lisäksi malli mahdollistaa tulevien riskien ennustamisen lyhyellä, keskipitkällä ja pitkällä aikavälillä, ja mahdollistaa niiden keskinäisten riippuvuuksien mallintamisen, joka on yleensä vaikea esittää Bayes-verkoissa. Kriittisen infrastruktuurin esittäminen kriittisen infrastruktuurin tietoturvamallina edellyttää analyysiä. Tässä väitöskirjassa esitellään kriittisen infrastruktuurin analyysimenetelmä, joka perustuu PROTOS-MATINE -riippuvuusanalyysimetodologiaan. Kriittiset infrastruktuurit esitetään kriittisen infrastruktuurin palveluina, palvelujen keskinäisinä riippuvuuksina ja perusmittauksina. Lisäksi tutkitaan varmuusindikaattoreita, joilla voidaan tutkia suoraan toiminnassa olevan kriittisen infrastruktuuripalvelun riskianalyysin oikeellisuutta, kuin myös riskiarvioita riippuvuuksista. Tutkimuksessa laadittiin työkalu, joka tukee kriittisen infrastruktuurin tietoturvamallin toteuttamisen kaikkia vaiheita. Kriittisen infrastruktuurin tietoturvamalli ja varmuusindikaattorien oikeellisuus vahvistettiin konseptitutkimuksella, ja alustavat tulokset osoittavat menetelmän toimivuuden. Kurzfassung In dieser Doktorarbeit wird ein Sektorübergreifendes Modell für die kontinuierliche Risikoabschätzung von kritische Infrastrukturen im laufenden Betrieb vorgestellt. Das Modell erlaubt es, Dienstleistungen, die in Abhängigkeit einer anderen Dienstleistung stehen, über mögliche Gefahren zu informieren und damit die Gefahr des Übergriffs von Risiken in andere Teile zu stoppen oder zu minimieren. Mit dem Modell können Gefahren in einer Dienstleistung anhand der Überwachung von kontinuierlichen Messungen (zum Beispiel Sensoren oder Softwarestatus) sowie der Überwachung von Gefahren in Dienstleistungen, die eine Abhängigkeit darstellen, analysiert werden. Die Abschätzung von Gefahren erfolgt probabilistisch mittels eines Bayessches Netzwerks. Zusätzlich erlaubt dieses Modell die Voraussage von zukünftigen Risiken in der kurzfristigen, mittelfristigen und langfristigen Zukunft und es erlaubt die Modellierung von gegenseitigen Abhängigkeiten, die im Allgemeinen schwer mit Bayesschen Netzwerken darzustellen sind. Um eine kritische Infrastruktur als ein solches Modell darzustellen, muss eine Analyse der kritischen Infrastruktur durchgeführt werden. In dieser Doktorarbeit wird diese Analyse durch die PROTOS-MATINE Methode zur Analyse von Abhängigkeiten unterstützt. Zusätzlich zu dem vorgestellten Modell wird in dieser Doktorarbeit eine Studie über Indikatoren, die das Vertrauen in die Genauigkeit einer Risikoabschätzung evaluieren können, vorgestellt. Die Studie beschäftigt sich sowohl mit der Evaluierung von Risikoabschätzungen innerhalb von Dienstleistungen als auch mit der Evaluierung von Risikoabschätzungen, die von Dienstleistungen erhalten wurden, die eine Abhängigkeiten darstellen. Eine Software, die alle Aspekte der Erstellung des vorgestellten Modells unterstützt, wurde entwickelt. Sowohl das präsentierte Modell zur Abschätzung von Risiken in kritischen Infrastrukturen als auch die Indikatoren zur Uberprüfung der Risikoabschätzungen wurden anhand einer Machbarkeitsstudie validiert. Erste Ergebnisse suggerieren die Anwendbarkeit dieser Konzepte auf kritische Infrastrukturen.

Published

2013