This work package will analyze the present deficiencies in security management processes and systems, and will gather requirements for the PANOPTESEC system, describing user expectations of the PANOPTESEC system and how it should behave. User needs and wishes will be analyzed and considered as input to other project activities. Other sources of information, like scientific reports as well as technical data sheets, will be taken into account in the analysis.
It is important to realize that the PANOPTESEC system is an innovative information system which supports a process; an understanding of the process is essential and will be part of the gap analysis and the requirements gathering.
SUPELEC is responsible for this work package.
This task will investigate the activities performed currently in all the phases of a security management process. In particular, this task aims at providing a detailed survey of multi-source security events collecting and correlation activity as well as modelling of risks, attacks and responses. It will analyze the present effectiveness in filtering and presenting to the security administrators all the indispensable information in a concise, but complete, fashion. It will identify the current approach for evaluating the mission process dependencies on ICT services and infrastructures, and the activities most frequently implemented (risk management, mitigation and response) in order to protect the priority mission services.
The gap analysis is a starting point for the definition of the most relevant techniques for defining innovative security management process and identifying the most suitable technologies to support the process to address the capability gap. In this way it will be used as the starting point in order to enhance operational capability defined in Task 2.2 and satisfy customer expectations not covered by existing solutions.
This task will address both the specific needs of ACEA, as a representative of the general need for cyber defence in a critical infrastructure environment (involving both corporate ICT and SCADA systems), and the broader industry concerns across several sectors (banking and financial services, large enterprises, SMEs, government, service providers, cloud providers and mobile providers).
A report deliverable (D2.1.1) will capture the results of the deficiency evaluation.
Responsible: SUPELEC; Participants: all
This task will first formulate the general operational requirements for the PANOPTESEC system, i.e. answering the question: "what functionality do the users expect the system to perform?" This allows the development of the PANOPTESEC system from the user's perspective. The activity will be developed according to the following steps: identification and specification of end users; definition of the use cases describing the capabilities required of the system to be developed; and analysis of system behaviour and processes in the activity of security management of a modern network.
Operational requirements analysis will focus on the needs of ACEA as a representative of the general need for cyber defence in a critical infrastructure environment (involving both corporate ICT and SCADA systems), as well as addressing the broader industry concerns across several sectors (banking and financial services, large enterprises, SMEs, government, service providers, cloud providers and mobile providers). Analysis will target basic needs, defining the problem space to address the management of cyber incidents, as well as specific needs in terms of sensor data collection interface requirements and specific operational needs of ACEA required to support the eventual operational workshop. From these expectations, technical requirements will be derived in term of performance requirements and functional and system design specification, altogether defining the solution space addressed in the WP-specific analysis tasks (Tasks 4.1, 5.1, and 6.1) where specific software components of the PANOPTESEC system are developed.
A report deliverable (D2.2.1) will capture the operational requirements.
Responsible: SUPELEC; Participants: all