Environment for Cybersecurity Interoperability and Integration
In collaboration with the French Agency for Information System Security (l’Agence Nationale pour la Sécurité des Systèmes d’Information – ANSSI).
Labelled by the Committee for industrial security (Comité de la Filière industrielle de sécurité – CoFIS).
The protection of information systems and the data they transmit (Smart City, SmartGrids, Connected and Autonomous Vehicles, Connected Health, Internet of Things, BigData, Cloud, etc.) requires complex choices to be made between ease of use, the cost of security, safety of operation, the respect of constantly evolving digital rights and understanding and forecasting the market and its players. The development of the cybersecurity market, one of the plans selected by the New Industrial France Committee (NFI), needs progress to be made in systems of systems engineering.
The EIC project therefore aims to create an experimental and technical cybersecurity platform called CHESS (Cybersecurity Hardening Environment for Systems of Systems) which will allow assessments to be made of the combination of cybersecurity technologies through innovative use cases in the field of SmartGrids, the Factory of the Future, Connected and Autonomous Transport and the new services of the Internet of Things.
The human, political and economic elements cannot be dissociated from the technologies designed to protect these new interconnected information systems. The EIC project also conducts concerted and coherent research in the economic and legal fields. This involves, for example, anticipating the ergonomics that will be accepted in the security functions of the new smart systems.
The project aims to:
- Ensure awareness and anticipate the threat by providing the platform with coordinated tools and automated analysis capabilities;
- Assess the robustness of the protective measures implemented in realistic use cases;
- Meet the requirements of overseeing attacks through an integrated operational management system which will offer innovative monitoring capabilities;
- Understand and model the cybersecurity risk;
- Put forward legal and regulatory cybersecurity strategies and solutions.
A new typology of threats will be studied using a Systems of Systems approach:
- Resilient architecture;
- Understanding of emerging threats;
- Protection of sensitive and/or personal data.
New concepts and methods will be developed for the operational management of cybersecurity:
- Integrated processing for the SOCs (Security Operation Center) of the future;
- The redesign of security monitoring in the SOCs;
- Actions to take before, during and after a cyber-attack;
- Assistance with decision-making through advances in data visualisation.
Tools will be developed and evaluated:
- Intra and extra SOC interoperability;
- Digital autopsies and assistance with understanding attacks;
- Alerts and assistance for automating countermeasures;
- Analysis of weak signals and machine learning;
- Capture, mass analytical processing and usable reporting of the security data.
New avenues will be explored:
- Formally proven security for insulating critical embedded functions;
- Homomorphic cryptography for sharing security analyses without disclosure;
- Optimising cyber-protection aided by modelling and game theory.
Innovative modelling work on the economics of cyber-security will be carried out according to two complementary focus areas:
- The costs of protection given the costs of cyber-attacks;
- Calculations of the amounts of insurance covering the residual risks
The legal and regulatory work will focus on essential operators in six complementary fields:
- The concept of territory in cyberspace;
- Damage in cyberspace and deriving from cyberspace;
- Actors and responsibilities in cyberspace;
- The role of the State;
- The role of Europe;
- Levers of action.
Doctoral thesis supported by the project
- Simulation d’activités et d’attaques : application à la cyberdéfense (Télécom SudParis – Université Paris-Saclay / SAMOVAR)
SMEs and integrators: cyber-security solutions and integrated packages; innovative security products and software
Large users / Essential operators: evaluation of choice of architecture and security solutions; new-generation operational security centres; new services linked to cyber-security (insurance, etc.)