CyberSANE 2022

International Workshop on Cybersecurity on Critical Infrastructures Management (CyberSANE 2022)

to be held in conjunction with the 17 th International Conference on Availability, Reliability and Security
(ARES 2022 – http://www.ares-conference.eu )

August 23, 2022

CyberSANE is a security incident handling, warning and response dynamic system to protect Critical Information Infrastructures (CIIs) against different types of cyberattacks and intrusions based on knowledge and collaboration while allowing continuous learning during the whole lifecycle of an incident.

CyberSANE is composed of five main components:

  • LiveNet is the Live Security Monitoring and Analysis interface platform component for preventing and detecting threats, and capable of mitigating the effects of an intrusion by monitoring, analysing and visualising internal live network traffic in real time
  • DarkNet is the Deep and Dark Web Mining and Intelligence component which allows the exploitation and analysis of risks and threats by analysing textual and meta-data content from various electronic streams.
  • HybridNet is the Data Fusion, Risk Evaluation and Event Management component which provides intelligence to perform effective and efficient analysis of security events coming from both information derived from other system components and on information and data produced by the incident to evaluate the security situation inside critical information infrastructures.
  • ShareNet is the Intelligence and Information Sharing and Dissemination component which provides necessary threat intelligence and information sharing capabilities within CIIs to enhance trustworthiness and identify incidents in a faster way.
  • PrivacyNet: Privacy and Data Protection Orchestrator component for the application and compliance of privacy mechanisms, confidentiality and data protection for sensitive incident-related information.

To adequately validate the benefits and full set of features of the CyberSANE system, a set of pilot scenarios have been defined. Although CyberSANE will be applicable to various scenarios in a CIIs’ context, these three pilots, covering three sectors ( energy , transportation and health ) are the basis of the project.

  • Energy pilot: Solar energy production, storage and distribution service

Protection of the Smartly Integrated Distributed Energy platform and its components against threats to the back-end through unauthenticated remote access to IoT components or other entities to disrupt or change services and data and to the IoT and communication systems processing and transmitting sensitive data.

  • Transportation pilot: Container cargo transportation service

Protection of IT, OT and Port Community Systems of one of the sixth largest ports in Europe in terms of volume of traffic against complex threat scenarios disrupting port operations or facilitating illegal activities, unauthorised access to corporate network of SCADA, interference with the authorisation processes for vessels, among others

  • Health pilot: Cyber-threat identification and communication in healthcare pilot

The health pilot focuses on the detection and communication of cyber-threats within hospital in order to prevent patients from physical damage and to protect electronic patient data

AGENDA

15:45 CyberSANE project: concept, background, objectives, consortium (15 min)Jorge Manuel Martins, Project Manager, PDMFC

16:00 CyberSANE architecture: Core & 5 components (45 min)

Luis Landeiro Ribeiro, Head of PMO at PDMFC, Project Manager for the CyberSANE project

Thanos Karantjias, Chief Technology Officer, Maggioli

16:45 CyberSANE Business models (30 min)

Armend Duzha, Maggioli

17:15 coffee break

17:30 CyberSANE pilots: use cases and lessons learnt (60 min)

Pablo Giménez Salazar, CyberSANE Pilot Coordinator and CyberSANE Transport Pilot Manager at Fundacion Valenciaport

Robert Bordianu, Senior DevOps Engineer & IoT Evangelist in Lightsource Labs Limited and CyberSANE Energy pilot Manager

Andrius Patapovas, CyberSANE Health Pilot, Healthcare Information Processing at Klinikum Nuremberg

Guillermo Yuste, Cybersecurity Specialist and Data Analytics Consultant, Atos

18:30 CyberSANE Standardisation activities (15 min)

Manos Athanathos, Technical Project Manager, ICS Forth

18:45 Q&A (15 min)

Chaired by Luis Landeiro Ribeiro, Head of PMO at PDMFC, Project Manager for the CyberSANE project

19:00 End of CyberSANE wokshop

Topics of interest include, but are not limited to

Cyber threat detection
Cyber threat visualization
Cyber threat monitoring Network Intrusions
Cyber threat analytics
Cyber threat prediction
Cyber threat sharing community

End-to-End threat intelligence
Threat Intelligence sharing
Collaborative Intrusion Detection
Cyber threat sharing platforms
Cyber-crime forensics
Cyber-crime risk management
Incident response

Important Dates
ARES EU Symposium August 23, 2022
Conference August 23 – August 26, 2022
Workshop CHairs

Jorge Manuel Martins, Project Manager, PDMFC
Luis Landeiro Ribeiro, Head of PMO at PDMFC, Project Manager for the CyberSANE project

Speakers

Luis Landeiro Ribeiro, Head of PMO at PDMFC, Project Manager for the CyberSANE project
Thanos Karantjias, Chief Technology Officer, Maggioli
Armend Duzha, Maggioli
Pablo Giménez Salazar, CyberSANE Pilot Coordinator and CyberSANE Transport Pilot Manager at Fundacion Valenciaport
Robert Bordianu, Senior DevOps Engineer & IoT Evangelist in Lightsource Labs Limited and CyberSANE Energy pilot Manager
Andrius Patapovas, CyberSANE Health Pilot, Healthcare Information Processing at Klinikum Nuremberg
Guillermo Yuste, Cybersecurity Specialist and Data Analytics Consultant, Atos
Manos Athanathos, Technical Project Manager, ICS Forth