ActivitiesCybersecurityProjects

FCAS – Risk Assessment Framework Development

SONIA SOLERA COTANILLA

Advanced cybersituational awareness platforms should integrate all relevant information from a wide range of sources to provide comprehensive situational awareness in any given scenario. This proposal builds upon traditional cybersituational awareness systems by expanding their scope to include not only data from conventional cybersecurity tools but also from other sensors that contribute to a holistic awareness objective.

The primary goal of this proposal is to design, develop, and validate a platform capable of monitoring multiple heterogeneous information sources. By applying artificial intelligence techniques and expert systems, the platform will analyse the collected data to detect and predict advanced attack patterns, while also estimating the risk of exposure to those threats.

A key component of this platform is the dynamic risk assessment framework. This framework will utilize a real-time ontology to process environmental data and propose both preventive and reactive measures for managing risks. Through user-configurable behavioural rules, the framework will anticipate the potential effects of risks, calculate risk levels, and assess both the likelihood and consequences of incidents. The relationships and constraints defined within the ontology will also address vulnerabilities, threats, and incidents, using catalogues that model configurable risk scenarios. Additionally, the framework will classify assets within the Combat Cloud (CC) and their dependencies, establishing links between risks at the CIS and operational levels, which can be translated into mission-level impacts.

Moreover, the framework will assess the likelihood of vulnerability exploitation via attack vectors and identify correlations and patterns across incidents and other data. This analysis will map potential propagation paths for risks across the system. To achieve this, the platform will simulate various threat scenarios to study how vulnerabilities and threats spread. These simulations will help identify areas for improvement and create mitigation strategies tailored to the environment, ultimately allowing risk responses to be automated through orchestration methods.

Finally, the platform will present its findings through a series of dashboards. These dashboards will summarize the gathered intelligence, enabling analysts to make informed choices based on real-time data and insights.

Redes y Servicios de Telecomunicación e Internet
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.