12/12/2013 Cluster Workshop on Cybersecurity 1

Cluster Workshop on Cybersecurity

Michele Bezzi (SAP)Kazim Hussain (ATOS)

SecCord & CYSPA Projects

Introduction

Objective: build together a map of current projects along three dimensions:

• Cybersecurity objective (as extracted from EU Cybersecurity Strategy),

• Target sector/s

• Technology readiness

Cybersecurity dimension

Map the project according concepts extract from Strategic Priorities and Actions of EU Cybersecurity Strategy Document.

http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1667

(see details in the appendix)

04/19/23 3

04/19/23 CSP Forum Event: XXXXXX

Sector dimension

Map project to (primary) sectors impacted (use-cases, pilot, main target of the technology, partners,…)

•Provide one word description per sector

•If Sector not listed: add it under “Other”

•If “Cross-Cutting” provide one-word description of the technology

04/19/23 CSP Forum Event: XXXXXX 5

Primary Target Sectors

04/19/23 6

Project Transport

eGov Energy ICT Finance HealthOther (specify)

Cross-Cutting

ASSERT4SOACertification for services

Certified Marketplace Defense

Secure service discovery

PoSecCo ….

Technology readiness dimension

Map project to Technology readiness, based on the levels (see next slide)

Technology Readiness typically evolve during project lifetime

• Consider level per year

• Insert future years based on plan/estimation between brackets, (2014)

• Project finishing year in red

04/19/23 7

 

Technology Readiness Level (adapted from NASA level)

Description Technology Readiness Level

Basic principles observed and reported1

Technology concept and/or application formulated 2

Analytical and experimental critical function and/or proof of concept 3

Software component validation in testbed 4

Software component validation in a relevant environment (actual use case) 5

Software system/prototype validation in a relevant environment (pilot) 6

Software system/prototype validation in a real-world scenario (large scale pilot) 7

Actual software system completed & validation in a real-world scenario 8

Actual system ready for commercialization 9

Basic Technology Research

Research to Prove Feasibility

Technology Development

Technology Demonstration

System Development

Production System

Technology Readiness

04/19/23 9

Project 1 2 3 4 5 6 7 8 9

ASSERT4SOA 2011 2011 2012 2012 2013

….

PoSecCo 2011 2011 2011 2012 2013 2013

…

Basic Technology Research

Research to Prove Feasibility

Technology Development

Technology Demonstration

System Development

Production System

References• NASA Technology Readiness Level, Mankins, John C.

Technology Readiness Levels: A White Paper". NASA, Office of Space Access and Technology, Advanced Concepts Office. (also discussion in SecCord Deliverable D6.1)

• Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace - JOIN(2013) 1 final - 7/2/2013 http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1667

• Proposal for a Directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union - COM(2013) 48 final - 7/2/2013 – EN http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1666

• CSP Forum and SecCord http://www.cspforum.eu/

04/19/23 10

Appendix

Next slide provides the list of concepts extracted from EU Cybersecurity Strategy documents, and used in the map.

04/19/23 11

EU Cybersecurity Strategies Priorities and concepts

1. Cyber resilience• Information sharing & mutual assistance amongst NIS authorities

• Best practice for sharing

• Risk Management

• Incident Reporting

• Public-Private Partnership

• Cyber-incidents simulation

• Raising Awareness

• NIS Education and Training

2. Reducing cyber crime• Legal framework

• Forensic Tools

• Threat Analysis

• Other tools

• NIS Training for law enforcement

• Better internet for children

• Information sharing & mutual assistance

3. Cyberdefence policy and capabilities related to the Common Security and Defense Policy (CSDP)

• Cyberdefence tools

• Cyberdefence policy

04/19/23 12

4. Develop the industrial and technological resources for cybersecurity

• Transparency about security in ICT Products

• Security Labels (Certification)

• Security Economics

• Coordination Security Research Agendas

• Cryptography

5. Coherent international cyberspace policy for EU• Confidence Building & transparency

• Data Protection

• Preventing mass-surveillance/censorship

• International cooperation