Pilots page

Contact

CIPSEC is coordinated by Atos. The project coordinator is Fernando Carmona: fernando.carmona@atos.net

You can also contact us by submitting the following form

Tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem

Lorem ipsum dolor sit amet, neque at pharetra. Phasellus ornare congue velit, id feugiat ligula facilisis tempus. Vivamus tellus tortor, ornare viverra porta eu, gravida elementum felis. Cras eget justo at arcu fermentum malesuada. Nunc quis ultrices purus. Integer in mollis libero. Etiam a ante sit amet sem fermentum dapibus nec eu metus.

Tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem

Lorem ipsum dolor sit amet, neque at pharetra. Phasellus ornare congue velit, id feugiat ligula facilisis tempus. Vivamus tellus tortor, ornare viverra porta eu, gravida elementum felis. Cras eget justo at arcu fermentum malesuada. Nunc quis ultrices purus. Integer in mollis libero. Etiam a ante sit amet sem fermentum dapibus nec eu metus.

Approach

CIPSEC is an Innovation Project lasting 36 Months (May 2016 - April 2019), as necessary to achieve its ambitious objectives regarding development, integration, pilot implementation and validation. The workplan is structured into three areas:

Workprogramme

Starting in May 2016, the CIPSEC partners are enrolled in a challenging workplan to make a big impact regarding the protection of critical infrastructures. The CIPSEC Project starts by studying in depth what needs to be protected in critical infrastructures, differentiating between what is domain-specific and the commonalities within a wide plethora of sectors. This yields a valuable input to identify security and privacy threats, and elicit the requirements that the CIPSEC platform must fulfil.

Comsec Global LTD

  • Profile:

    For three decades our unique talent base, professional excellence, deep technical capabilities and access to cutting edge technologies, has enabled us to assist a wide range of leading organizations overcome their security challenges. As an industry leader, we constantly expand the scope of our services and cultivate the unique skills and expertise of our talented experts who are graduates of elite Israel’s Cyber Intelligence & Defence Units.

BITDEFENDER SRL

  • Profile:

    Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software. The company is an industry pioneer, introducing and developing award-winning protection since 2001. Today, Bitdefender technology secures the digital experience of around 500 million home and corporate users across the globe.

EMPELOR GmbH

  • Profile:

    Empelor with its development sites in Switzerland, in Germany and in Crete is operating successfully in highly sensitive IT Security markets since many years. The company develops products and solutions that make mobile communication and transaction processes safer in a way which provides the best user experience.

AEGIS IT RESEARCH LTD

  • Profile:

    The creation of AEGIS IT RESEARCH LTD was motivated by the realisation that innovation in computer science is driven by gifted individuals who are allowed to pursue their vision. A lot of effort is wasted supporting antiquated structures and paradigms with little relevance to the needs of the citizens and industry.

CIPSEC project launch

Today it is our birthday. The H2020 project CIPSEC (Enhancing Critical Infrastructure Protection with innovative SECurity framework) begins its run. Our main aim is to create a unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection in IT (information technology) and OT (operational technology) departments of CIs. We have 30 months ahead to complete these challenge. Come and meet us in our journey!

CIPSEC Kick-Off meeting

CIPSEC held its Kick-Off meeting (KOM) in Barcelona on Jule 6-7th. The meeting was chaired by Atos, as project coordinator, and hosted by UPC. The agenda covered not only a review of the project workplan and insights of the seven work packages, but it was also intended to discuss the approaches to the three project scenarios, CI base security characteristics, existing solutions in the market, and a taxonomy of the CI environments.

The KOM was also an opportunity for bringing the team together and building up.

D1.2 Report on Functionality Building Blocks

Joaquin's picture Submitted by Joaquin on

  • Summary:
    This deliverable is focused on the elicitation and analysis of the requirements associated to CIPSEC pilots. The
    elicitation and analysis process comprises the following steps:

    - STEP 1: Detailed description of the characteristics of project’s pilot domains: health, transport, and environment.
    - STEP 2: Elicitation of the requirements associated with every domain based on the characteristics identified in step 1.
    - STEP 3: Analysis of the security aspects associated with the elicited requirements.

D1.3 Report on taxonomy of the CI environments

Joaquin's picture Submitted by Joaquin on

  • Summary:

    CIPSEC proposes a security framework for Critical Infrastructures (CI). Partners contributing security solutions will demonstrate the added value of their solutions when applied on the Critical Infrastructures that are provided by the respective pilot partners. Pilot partners include the Health, Transportation, and Environment CI domains. Deliverable D1.3 “Report on taxonomy of the CI environments”, presents a taxonomy on Critical Infrastructures in general as well as their major cyber security related issues. Specifically, the report:

D5.1 Dissemination plan and market analysis

Joaquin's picture Submitted by Joaquin on

  • Summary:

    This deliverable describes the initial planning of CIPSEC consortium in relation to dissemination, impact creation, and exploitation activities in the frame of the project. As far as dissemination is concerned, all results of CIPSEC will be used to raise the citizens’ awareness about CIPSEC results, paying special attention to target groups and the research community as a whole, with the active involvement of all the partners.

D1.1 CI base security characteristics and market analysis

Joaquin's picture Submitted by Joaquin on

  • Summary:

    Critical infrastructure (CI) are defined as systems and assets whether physical or virtual, extremely vital to the country that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, loss of life or adversely affect the national morale or any combination of these matters.

20160901 CIPSEC Press release (WOS)

Worldsensing is working at the forefront of IoT security
Within the CIPSEC project Worldsensing is responsible for identifying, preventing and detecting cyber attacks to wireless networks. The insight acquired over many years of engineering and consulting in the IoT industry puts Worldsensing in a unique position to contribute to the consortium.

ESORICS 2016


The 21st European Symposium on Research in Computer Security (ESORICS) was held in the city of Heraklion, Crete, Greece on September 28-30, 2016. Along with the symposium, five workshops were held:

CIPSEC 1st newsletter - Xmas 2016

We are very happy to welcome you all to the first issue of the CIPSEC newsletter. Next issues will be periodically published for all the project life, with the aim to disseminate the project results and advances thus widening project outcome impact and easing its potential adoption.

CIPSEC: “Enhancing Critical Infrastructure Protection with innovative SECurity framework”

20161215 CIPSEC Press release (EMPELOR)

The Expertise Making Our Infrastructure Safe
Security has not kept pace with the internet. Hacking and malware, which are headaches for individuals and companies, can be devastating for critical public infrastructure. A new Horizon 2020 project, “CIPSEC” (Enhancing Critical Infrastructure Protection with Innovative Security Framework), aims to seal off this vulnerability with a unified approach. Swiss security company Empelor GmbH brings its expertise in access security to the 13-member project consortium.

Scientific Railway Signaling Symposium (SRSS) (Apr. 19, 2017)

The “Scientific Railway Signaling Symposium (SRSS)” will be co-hosted by TU Darmstadt with DB Netz AG over April 19, 2017. The symposium will discuss research approaches to control and safety/security engineering, and specifically for the new generation of interlocking technology under the theme "The Management of the Railways of the Future". More info in the link below.

CIPSEC - ResiStand collaboration

CIPSEC will collaborate with ResiStand EU project.

One of our common objectives would be to seek how CIPSEC results can contribute to standarization. In the other hand ResiStand should give CIPSEC concrete inputs on what end users and customers demand and also share the global vision that must be taken from the standardization bodies' point of view.


20170124 CIPSEC Press release (WOS)

CIPSEC project was represented at the Smart City Expo World Congress 2016

Worldsensing exposes the importance of IoT security with the CIPSEC Project at the Smart City Expo World Congress held in Barcelona from 15 to 17 November 2016.
Apart from the commercial novelties, the company´s innovation team presented updates on prestigious projects such as the CIPSEC initiative which aims to create and offer the most advanced solution to protect critical infrastructures from cyber attacks.

20160930 CIPSEC Press release (CSI)

Critical infrastructures will be more secure thanks to CIPSEC project CSI Piedmont presents the frame of reference in which it is born CIPSEC enhancing Critical Infrastructure Protection with innovative SECurity framework, a three-year project co-funded by the European Commission under the Horizon 2020 program Launched in May 2016 and coordinated by Atos Spain, CIPSEC has thirteen partners , between which the CSI Piedmont. Other participants come from Spain, Germany, Greece, UK, Israel, Romania and Switzerland.

D2.1 CIPSEC System Design

Joaquin's picture Submitted by Joaquin on

Summary:

This document reports the work carried out to deliver the first inputs and guideline for the design of the CIPSEC Framework. This work is accomplished in the context of the design task (T2.1). It takes as a starting point the pilot providers’ security requirements and the security blocks definition, both delivered in M6 - October 2016 in deliverable D1.2. Moreover, the preliminary business study, conducted in D5.1 (M6 – October 2016) has influenced the contributions of this deliverable.

The main takeaways of the document are enumerated below:

ResiStand

Standardization is a powerful tool with the potential to maximize technical, procedural, operational and semantic interoperability.
ResiStand is a two-year Coordination and Support Action (CSA) that aims to identify new ways to improve crisis management and disaster resilience capabilities across the European Union through standardization.

ECOSSIAN

The mission of ECOSSIAN is to improve the detection and management of highly sophisticated cyber security incidents and attacks against critical infrastructures by implementing a pan-European early warning and situational awareness framework with command and control facilities.

WISER

WISER is a European collaborative Innovation Action that puts cyber-risk management at the very heart of good business practice, benefitting multiple industries in particular critical infrastructure and process owners, and ICT-intensive SMEs. Started on June 1st 2015, by 2017 WISER will provide a cyber-risk management framework able to assess, monitor and mitigate the risks in real-time, in multiple industries.

CIPSEC will be at S4CIP’17

CIPSEC will be at S4CIP’17 represented by DB Netz AG and TU Darmstadt.

S4CIP’17 is the 2nd Workshop on Safety & Security aSSurance for Critical Infrastructures Protection co-located with the 2nd International Symposium on Security and Privacy.

CIPEC stakeholders Christian Schlehuber, Markus Heinrich, Stefan Katzenbeisser, and Neeraj Suri are authors of the paper "Challenges and Approaches in Securing Safety-Relevant Railway Signalling" accepted to be presented at this workshop.

CIPSEC will be at CrossCloud'17

CIPSEC will be at CrossCloud'17 represented by UPC and Atos.

CrossCloud’17 is the 4th CrossCloud Infrastructures & Platforms Colocated with EuroSys'17, 23rd-26th April 2017, Belgrade, Serbia.

CrossCloud is an international workshop series that aims to bring to light several issues related to cross-cloud systems: cloud federation, multi-cloud architectures, cross-cloud applications, and hybrid clouds.

KONFIDO

The 36-month KONFIDO project will advance the state of the art of eHealth technology with respect to all the aforementioned dimensions, by providing a holistic approach – i.e. targeting all architectural layers of an IT infrastructure, namely: storage, dissemination, processing, and presentation – to address challenges of secure storage and exchange of eHealth data, protection and control over personal data, and security of health related data gathered by mobile devices.

CIPSEC will be at FTC 2017

CIPSEC will be at FTC 2017 (Future Technologies Conference) represented by CIPSEC partners, UPC and ATOS.

FTC attracts researchers, scientists and technologists from some of the top companies, universities, research firms and government agencies from around the world. Join us for FTC 2017, the pre-eminent forum for reporting technological breakthroughs in the areas of Computing, Electronics, AI, Robotics, Security & Communications. It is technically sponsored by IEEE.

Patras Innovaton Quest – PatrasIQ 2017

PatrasIQ 2017

On the 7th-8th and 9th of April 2017, the biggest technology and innovation exhibition in Western Greece “Patras Innovation Quest – PatrasIQ” was held in Patras.

Exhibition Patras Innovaton Quest – PatrasIQ, is know-how transfer event aimed to develop and strengthen cooperation among the research community and the productive sector, benefiting the citizens of the area in several ways:

CIPSEC will be at SafeComp 2017

CIPSEC will be at SafeComp 2017 (Intl. Conference on Computer Safety, Reliability and Security) represented by Deutsche Bahn AG and Technische Universität Darmstadt.

SAFECOMP was established in 1979 by the European Workshop on Industrial Computer Systems, Technical Committee 7 on Reliability, Safety and Security (EWICS TC7). Since then, it has contributed to the progress of the state-of-the-art in dependable application of computers in safety-related and safety-critical systems.

UoP paper was accepted for publication in the MDPI Electronics Open Access Journal 2017

Researches from UoP ( Fournaris, Apostolos P.; Pocero Fraile, Lidia; Koufopavlou, Odysseas) are authors of the paper "Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks." accepted to be included in the MDPI Electronics Open Access Journal 6, no. 3: 52, 2017.

CIPSEC - Cyberwatching.eu Collaboration

CIPSEC will collaborate with Cyberwatching.eu project.

Between our common objectives would be to study how KONFIDO makes an enhancement of the trust and security of interoperable eHealth services and how CIPSEC protects interconnected medical devices.

Cyberwatching.eu can really support CIPSEC in terms of reaching dissemination and communications targets.
This is how CIPSEC project can benefit from its synergy with Cyberwatching.eu:

CIPSEC will be at DSD 2017

CIPSEC will be at DSD 2017 (Euromicro Conference on Digital System Design ) represented by University of Patras

The Euromicro Conference on Digital System Design (DSD) addresses all aspects of (embedded, pervasive and high-performance) digital and mixed HW/SW system engineering, covering the whole design trajectory from specification down to micro-architectures, digital circuits and VLSI implementations. It is a forum for researchers and engineers from academia and industry working on advanced investigations, developments and applications.

CIPSEC 2nd Newsletter

The first year of the CIPSEC project is over and major work milestones have been successfully achieved. A brief report of the main achievements is included next, split into two domains, technical and dissemination.

From a technical perspective the main activities have gathered main project efforts:

CIPSEC 2nd Newsletter

Joaquin's picture Submitted by Joaquin on

Dear Colleague and Friend,

You are receiving this newsletter because you have previously shown interest by subscribing in our CIPSEC website. Thank you !!

Please view our new online H2020 CIPSEC project newsletter, with the latest information about the project.

/content/cipsec-2nd-newsletter

Best Regards,

CIPSEC Project

D3.1 Preliminary Pilot I integration Incident Discovery and Response for Railway Use Case

Joaquin's picture Submitted by Joaquin on

Summary:

In the CIPSEC project D3.1 aims at a preliminary integration of the CIPSEC framework to a CI of the railway domain. DB and the according solution and service providers do this implementation. The preliminary integration will be shown in this deliverable.

D3.2 Preliminary Pilot II Integration Hospital Operational Technology Management System Use Case

Joaquin's picture Submitted by Joaquin on

Summary:

WP3 deals with the adaptation of the CIPSEC security framework into the pilots proposed in the project. In particular, it deals with the adaptation of the reference architecture defined in Task 2.1 within WP2 WP3 aims at defining three robust and specific solutions with capabilities to improve the resilience of the respective critical infrastructures. The outcomes of WP3 are to be tested in the context of WP4 in a clear interplay between the two WPs.

D3.3 Preliminary Pilot III Integration Air Quality Monitoring System Use Case

Joaquin's picture Submitted by Joaquin on

Summary:

In the CIPSEC project the Task 3.3 aims to integrate the CIPSEC framework into an air quality domain CI. The implementation will take place through the close collaboration between CSI and ARPA and the solution providers and related services that are part of the CIPSEC consortium. This report will describe the steps needed to get the preliminary integration.

D3.4 CIPSEC Intra Inter dependencies Analysis. Preliminary Report

Joaquin's picture Submitted by Joaquin on

Summary:

In this deliverable we consider the specific analysis of the three individual Pilots, Environmental, Railway and Health, which have different characteristics both in the areas in which they operate and in the safety aspects that must be taken into account, also in relation to the possible Cascading Effects that can be generated as a result of computer incidents.

First CIPSEC Technical Review

The first CIPSEC review meeting, covering months 1-18 of the project , will take place tomorrow, November 22, at Hospital Clínic de Barcelona (HCB) in Barcelona. The review meeting will be lead by Cristina Longo.

The consortium will present the progress and the results on the first project phase to the EC, including a Early prototype and demo of the CIPSEC framework, as well as on-site demo of the health pilot.

[CIPSEC] First successful Technical Review

The first CIPSEC review meeting, covering months 1-18 of the project, has taken place on November 22nd, at the Hospital Clínic de Barcelona (HCB) in Barcelona. The review meeting has been led by our Project Officer Cristina Longo, assisted by Jose Araujo (from the French Network and Information Security Agency) and Filipe Caldeira (from the Escola Superior de Tecnologia de Viseu).


Sotiris Ioannidis from FORTH setting the grounds of CIPSEC.

CIPSEC will be at IEEE HOST 2018

CIPSEC will be at IEEE HOST 2018 (IEEE International Symposium on Hardware Oriented Security and Trust ) represented by University of Patras

IEEE International Symposium on Hardware Oriented Security and Trust (HOST) aims to facilitate the rapid growth of hardware-based security research and development. HOST highlights new results in the area of hardware and system security. Relevant research topics include techniques, tools, design/test methods, architectures, circuits, and applications of secure hardware.

CIPSEC 3rd Newsletter

The second year of the CIPSEC project is coming to an end on April 30 and with many new milestones to have been successfully achieved. A brief report of the main achievements since our last newsletter published in September 2017 is presented here split into two main sections, dissemination activities and technical advances.

DISSEMINATION PERSPECTIVE Blog

6 new CIPSEC blog entries have been released with monthly periodicity:

CIPSEC 3rd newsletter

Joaquin's picture Submitted by Joaquin on

Dear Colleague and Friend,

You are receiving this newsletter because you have previously shown interest by subscribing in our CIPSEC website. Thank you !!

Please view our new online H2020 CIPSEC project newsletter, with the latest information about the project.

/content/cipsec-3rd-newsletter

Best Regards,

CIPSEC Project

D2.5 Final Version of the CIPSEC Unified Architecture and Initial Version of the CIPSEC Framework Prototype

Joaquin's picture Submitted by Joaquin on

The deliverable documents the final version of the CIPSEC reference architecture; offers technical details regarding the first software release of the CIPSEC platform; addresses the guidelines to follow to integrate the components and the criteria for the extension of the framework, taking the architecture as a starting point.

Third CIPSEC Workshop

Third CIPSEC Workshop

Third CIPSEC Workshop International workshop on Information & Operational Technology (IT & OT) security systems Collocated with the 21st International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2018) https://www.raid2018.org/cipsecworkshop.html

Associated EU H2020 Project: CIPSEC: Enhancing Critical Infrastructure Protection with innovative SECurity framework (CIPSEC)

D2.6 CIPSEC Evaluation plan

Joaquin's picture Submitted by Joaquin on

This deliverable presents a methodology and tests to evaluate the security level of critical infrastructures. In addition, this deliverable presents the CIPSEC solution deployment and the prototype building phases that has been designed to demonstrate the CIPSEC Framework.

D3.6 Pilot II Integration: Hospital´s Operational Technology Management System use case

Submitted by admin on

In this document the final elements displayed in the tests by both the Hospital and the solution providers are detailed in depth, specifying where and how every appliance is implemented, not only presenting the functionalities offered by each solution but highlighting what are the security needs demanded by the HCPB that in each case have been covered.

D3.8 CIPSEC Intra / Inter dependencies Analysis Report

Submitted by admin on

Starting with the definition of the cascading effect concept, what the inter and intra dependencies inside the three pilots used in the CIPSEC project are, and the collection of pilot information and CIPSEC partner applications, this deliverable tries to identify some non-secondary aspects of critical infrastructure functions such as dependability. The use of the agent-based model or ABM investigation tool is also proposed, deploying realistic scenarios of events that can intervene on critical infrastructures seen as a Complex Adaptative System. Finally, with the use of Netlogo application, a programmable agent-based modelling environment, a cyberattack using virus is simulated using different initial conditions. The simulation can be traced back to the principle of securing critical infrastructures that the CIPSEC Framework wants to make more reliable and secure.

D4.1 Trial scenario definitions and evaluation methodology specification

Submitted by admin on

Trial scenario definitions and evaluation methodology specification: This deliverable focuses on the detailed description and definition of test scenarios that show the performance and the capabilities of the CIPSEC framework as well as on a methodology for the evaluation and validation of the results

A Composite Malicious Peer Eviction Mechanism for Super-P2P Systems" IEEE TrustComm'18 (accepted for publication)

Abstract

Large-scale P2P applications that host millions of users increasingly rely upon semi-structured super-P2P systems to provide efficient services in dynamic environments. Given the critical role of 'super peers' in such topologies, attackers specifically target super peers due to the resultant high damage on P2P services.

CIPSEC Fifth General Assembly in Athens

Hosted by AEGIS the CIPSEC Consortium was holding a general assembly in the city of Athens (Greece) on February 21st-22nd 2018.
After planning the procedure to develop the CIPSEC components in the pilots? infrastructure, the meeting has focused on the execution of such deployments, and several technical discussions took place to clear up all the doubts before actually starting the deployments. In addition, another important topic of discussion has been the strategy to adopt for the testing activities, which are the core of the recently started WP4

Summary of CIPSEC Clustering Workshop

As part of the activities programmed with Advisory Board members, on May 8th 2018 the CIPSEC project organized a clustering workshop where a series of innovation projects addressing topics relevant for CIPSEC were invited. The representatives of such projects offered illustrative talks about the ambition and outcomes of their projects, leading to a fruitful exchange of ideas within the audience, who showed high interest and actively participated during the whole session. The projects presented during the event were the following:

New deliverables

The CIPSEC Consortium has released 10 new Deliverables, corresponding to the April 2018 milestone, upon conclusion of the second year of the project. These deliverables have been added to the CIPSEC website. A brief description of each deliverable is provided below:

CIPSEC Project presented at the 54th TF-CSIRT meeting

The 54th TF-CSIRT meeting took place on 24th and 25th May in Warsaw, Poland, kindly hosted by CERT-OPL and CERT.PL. During this meeting, and in the context of a presentation of the involvement of FORTH in different cooperation projects, Panos Chatziadam provided a quick overview of the CIPSEC project, presenting what the project is about, the main challenges and goals and the outcomes obtained for the time being. The presentation raised big interest in the audience, what permitted to increase the impact of CIPSEC outside the Consortium.

1. Transportation

CIPSEC solutions on this pilot will focus on the monitoring of the communication between field elements and the core interlocking system and will include hardware security, anomaly detection, cyber-security, DDoS protection etc. In particular, CIPSEC aims to provide a solution which monitors the communication between field elements and the core interlocking systems and takes actions to prevent any damage.

2. Health

For this pilot CIPSEC will provide solutions to secure the overall OT system which is consisted of a large variety of devices and subsystems like RFID readers and antennas used for example to locate people and hospital inventory sets, RF sensors and readers embedded in warning systems for fridges, medical electronic systems, patients monitoring systems, etc. For the health pilot CIPSEC will validate security aspects related to DDoS protection, anomaly detection, OT networks protection and devices communication security.

3. Environmental monitoring

For this pilot CIPSEC will provide solutions to secure the infrastructure (stations and equipment) and communications. Also it will setup and execute a scenario designed to examine cascading effects. For the environmental pilot, CIPSEC will focus on security aspects related to peripheral station security, antimalware and antivirus protection, DDoS protection, anomaly detection, OT networks protection and devices communication security. 

CIPSEC presented at the SAINT Workshop

The SAINT workshop gathered representatives of several EU projects in the fields of cybersecurity and privacy. It took place in Athens, at the premises of NCSR Demokritos. CIPSEC was presented by Manos Athanatos (FORTH) in a nice talk that attracted the interest of the audience. The workshop was a good opportunity for the exchange of knowledge and ideas and boost synergies among projects.
The details of the presentation given can be found in the link below

New deliverable

The CIPSEC Consortium has released deliverable D4.2, entitled "System ready for validation activities". This document reports the efforts done to make sure that everything works correctly in the three deployments done in the respective pilots. In addition, the list of tests to perform in the pilots is updated and enlarged. Finally, the three pilots provide some feedback regarding the deployment process pointing out some suggestions for improvement, with the solution providers eventually providing answers on how to achieve such improvements

CIPSEC motivation, explained with cartoons!

Any project has a motivation. The CIPSEC partners are engaged in an exciting adventure to solve a major and complex challenge. To raise more awareness about the project, the CIPSEC Consortium has produced a new video, explaining in a friendly and understandable way the cybersecurity challenge critical infrastructure operators are facing and presenting CIPSEC as a proposed solution to bridge the existing gaps.

3rd CIPSEC workshop

The recent advancements of ICT have given the opportunity to companies, public administrations and various Critical Infrastructures to offer new and innovative services and at the same time lower their operational costs. These advancements however, were quickly adopted without proper evaluation of their impact on security, leaving current IT (Information Technology) and OT (Operation Technology) systems vulnerable to various kinds of cyberattacks.

CIPSEC presented at the EU-Rail ISAC Meeting in Frankfurt

The CIPSEC project was invited to give a presentation in the context of the EU-Rail ISAC Meeting held at Deutsche Bahn premises in Frankfurt. This meeting counted on the participation of representatives from DB Netz AG, Bane Danmark, EIM Rail, Infrabel, SBB, the Swiss Rail Administration, European Commission, ENISA, ERA, Hit Rail, BaneNOR, Finish Railways, Slovenia Railways and ProRail.

Cyber-security in Healthcare

What does it come to your mind when you hear talking about hackers? Probably your first thoughts focus on breaking passwords and damaging a webpage or a computer. Maybe you think about the idea of stealing bank details in order to make money. You are right, but it is not common to relate cyber-security to healthcare when, actually, it is one of the most important targets of hackers.

CIPSEC 4th Newsletter – Christmas 2018

From our last Newsletter, on March 2018, new milestones and new dissemination actions have been successfully achieved. At this stage of the project we have accomplished most of the objectives and goals proposed at the beginning of the project. A brief report of the main achievements of CIPSEC emphasizing into the dissemination and the technical aspects of the work that has been performed.

DISSEMINATION ACTIVITIES

 

Blog

IOSec 2018

We are glad to announce the publication of the postconference book proceedings of the First International Workshop, IOSec 2018, sponsored by CIPSEC, held in Heraklion, Crete, Greece, in September 2018.

CIPSEC present at Cybertech 2019 in Tel Aviv

Cybertech2019

Cybertech is the cyber industry’s foremost B2B networking platform conducting industry-related events all around the globe. From Tel Aviv and Rome, to Tokyo, Singapore, Panama, and more. This is a good place to learn all about the latest technological innovations, threats, and solutions to combating threats within the global cyber arena.

The Conference took place on the 28-30.1.2019. There were 15000 attendees, 170 speakers, 210 companies, 90 startups, 160 delegation.

Anonymizing Cybersecurity Data in Critical Infrastructures: The CIPSEC Approach

Cybersecurity logs are permanently generated by network devices to describe security incidents. With modern computing technology, such logs can be exploited to counter threats in real time or before they gain a foothold. To improve these capabilities, logs are usually shared with external entities. However, since cybersecurity logs might contain sensitive data, serious privacy concerns arise, even more when critical infrastructures (CI), handling strategic data, are involved.

New book on cybersecurity and privacy published containing a chapter about CIPSEC

The CIPSEC Project has contributed with a chapter to the book entitled "Challenges in Cybersecurity and Privacy - The European Research Landscape". This book has been coordinated by Antonio Skarmeta and Jorge Bernal, from the University of Murcia, and the chapter about CIPSEC has counted on the contributions of up to 17 people in the Consortium.

Balancing Security Guarantees vs QoS Provisioning in Combined Fog-to-cloud systems

Several efforts are currently active in dealing with scenarios combining fog, cloud computing, out of which significant proportion is devoted to control and manage the resulting scenario. Certainly, although many challenging aspects must be considered towards the design of an efficient management solution, it is with no doubt that whatever the solution is, the quality delivered to the users when executing services and the security guarantees provided to the users are two key aspects to be considered in the whole design.

Shift2Rail

Shift2Rail is the first European rail initiative to seek focused research and innovation (R&I) and market-driven solutions by accelerating the integration of new and advanced technologies into innovative rail product solutions. Shift2Rail promotes the competitiveness of the European rail industry and meets changing EU transport needs. R&I carried out under this Horizon 2020 initiative develops the necessary technology to complete the Single European Railway Area (SERA).

MF2C

Fog computing brings cloud computing capabilities closer to the end-device and users, while enabling location-dependent resource allocation, low latency services, and extending significantly the IoT services portfolio as well as market and business opportunities in the cloud sector.
With the number of devices exponentially growing globally, new cloud and fog models are expected to emerge, paving the way for shared, collaborative, extensible mobile, volatile and dynamic compute, storage and network infrastructure.

ReCRED

The objective of the ReCRED project is to design and implement mechanisms that anchor all access control (AC) needs to mobile devices that users habitually use and carry. It aims to build integrated next generation access control (AC) solution that satisfies the following properties:

SMESEC

Small and Medium size Enterprises (SMEs) are an important driver for innovation and growth in the EU. At the same time, SMEs also stand to gain the most from innovative technologies that promise convenient deployment and economical operation of ICT. Taking into account cyber-security, SMEs do not always understand all the risks and business consequences for the development of technologies without the adequate level of protection against cyber crime.

Saint

SAINT proposes to analyse and identify incentives to improve levels of collaboration between cooperative and regulatory approaches to information sharing. Analysis of the ecosystems of cybercriminal activity, associated markets and revenues will drive the development of a framework of business models appropriate for the fighting of cybercrime. The role of regulatory approaches as a cost benefit in cybercrime reduction will be explored within a concept of greater collaboration in order to gain optimal attrition of cybercriminal activities.

COMPACT

COMPACT is a EU-funded project, that aims to strengthen the cyber-resilience of local public administrations (LPAs). The tools, COMPACT will offer to achieve this encompass risk assessment tools, educations services, monitoring services and knowledge sharing services.
The COMPACT solution will be made abvailable via an integrated platform, which will offer a high degree of usability and automation

CONCORDIA

Europe needs to step up its efforts and strengthen its very own security capacities to secure its digital society, economy, and democracy. It is time to reconquer Europe's digital sovereignty. The vision for Europe can only be to join forces across Europe's research, industry and public sector and to include all talents not just those that have representation in the EU mainstream or are within big organizations. Diversity and inclusion are keys for success. Europe has incredible coverage and talent in the area of IT and cybersecurity.