Network of services, processes, and systems (NISPI)

"What if..." is a question that key service operators can ask the system to offset the risks of negative service impacts in a complex chain of dependencies. What kind of system is it?

Page image
Project logo

Challenge

Key service operators have statutory obligations related to, among other things, collecting information on cybersecurity threats, estimating the risk of an incident, or applying measures to prevent and mitigate the security impact of incidents. Conducting a reliable assessment of threats to services requires precise identification and description of all relevant elements of an operator’s cyberspace and their impacts. Even a small change in the state of a single element can cause a significant threat to an operator’s key processes. Identifying the interrelationships of cyberspace elements makes it possible to detect entire chains of internal dependencies, but also to identify the most critical elements and implement effective mechanisms to improve security. The solution we have created effectively supports the operator in building awareness of the security of its key services.

Section image
Page description secondary image
Project leader
Prof. Marek Amanowicz

What we did

We have developed an original methodology for modeling the cyberspace of key service providers and developed an application to support the construction and management of a network of interconnected IT/OT services, processes, and infrastructure for the purposes of security management and building situational awareness of cyber threats. It enables dynamic visualization of the current state of security of the operator’s cyber facilities and conducting analyses oriented to detect entire chains of internal dependencies, as well as to determine the most critical elements and implement effective mechanisms for improving security. Thanks to the project, the operator also has the opportunity to conduct “what if” analyses oriented toward the search for such technical and procedural solutions that will lead to a reduction in the risk of threat propagation between the objects of the network of relationships. The results of the project, which we demonstrated to key service operators from the energy, transportation, and digital infrastructure sectors, were received with great interest, which formed the basis for us to start work on the execution of a comprehensive cyber threat awareness management system dedicated to National Cybersecurity System entities.

Marek Amanowicz, the PI of the project, summarizes its achievements:

Maintaining a close working relationship with potential users of the solution being developed from the start of the research project is a key success factor.

You can learn more about the system from an article in MDPI.