ParticipantsContact Us


WWW This Site

WP6: Visual Analytics and Display

Objectives

This work package will identify, develop, and validate an innovative visual analytics environment for analyzing the system model, the attack models, and the actual and historical data network. Moreover, the visual analytics component will show the automatic decisions made by the proactive and reactive strategies together with the matching between the actual network state and the closest attack model.

The final goal of the visual analytics component is to support the network administrator in making semi-automated decisions and to analyze the automatic scenario proposed by the system, confirming or altering such choices.

CIS-UROME is responsible for this work package.

Description of Work and Role of Partners

Task 6.1 - Component Visualization Analysis (Month 4 - 13)

The goal of this task is to collect user requirements and formalize models and data structures used in the use cases. In particular, the task will investigate the static and dynamic requirements. A report deliverable (D6.1.1) will be produced to capture the visualization requirements.

Static requirements encompass the mission impact model, the attack models, the potential risks that might rise from an attack, and the available responses and proactive policies.

Dynamic requirements encompass the data collected by network sensors, as well as the correlation between the actual network state and a) the available attack models, b) the potential risks, and c) the selected proactive policies and reactive responses.

A report deliverable capturing the detailed design of the visual analytics environment will be produced (D6.1.2). Suitable visualizations and interaction strategies will be selected, according to the different tasks and requirements that had been collected.

Responsible: CIS-UROME; Participants: RHEA, EPIST, CIS-UROME, ACEA, SUPELEC

Task 6.2 - Visualization Environment Implementation (Month 12 - 22)

The identified models and data structures will be established. Visualization approaches will be created to allow operator views of the mission impact model, attack models, risk quantification and response management models. In particular, areas requiring operator intervention in system tuning, model configuration or response selection, addressing the proactive chain of treatment, will be the focus of the static requirements visualization environment. As for reactive chain of treatment, the visualization environment will support post-response system results analysis to verify that the implement response has the desired security effect without adversely affecting operations. The identified visualization techniques will be experimented and prototyped. Finally, a first version prototype of the visual analytics environment will be implemented (D6.2.1).

Responsible: CIS-UROME; Participants: RHEA, EPIST, CIS-UROME, ACEA, SUPELEC

Task 6.3 - Visualization Environment Validation and Refinement (Month 21 - 31)

The visualization environment will be tested in preparation for the operational workshop. Experiments will be conducted to validate its effectiveness, considering decision-making, technical, and usability aspects. Based on experimentation results, the visualization environment will be refined, issues will be resolved, and the prototype will be updated accordingly. The interfaces from the visualization environment to the rest of the PANOPTESEC system will be updated and finalized based on the integration tests performed on the PANOPTESEC integration framework resulting from WP7.

The outcome of the task will be a tested and validate prototype of the visualization environment (D6.3.1) and its associated report (D6.3.2).

Responsible: CIS-UROME; Participants: RHEA, EPIST, CIS-UROME, ACEA, SUPELEC