"Muu" projekt FP7-318003
FP7-318003 (FP7-318003) "Tehnoloogiline tugi riskide arvutamiseks sotsio-tehnilise turvalisuse ennetava hindamise kaudu (1.11.2012−31.10.2016)", Jan Villemson, Cybernetica AS.
FP7-318003
FP7-318003
Tehnoloogiline tugi riskide arvutamiseks sotsio-tehnilise turvalisuse ennetava hindamise kaudu
Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security (TREsPASS)
Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security
1.11.2012
31.10.2016
Teadus- ja arendusprojekt
Muu
ETIS klassifikaatorAlamvaldkondCERCS klassifikaatorFrascati Manual’i klassifikaatorProtsent
4. Loodusteadused ja tehnika4.6. ArvutiteadusedP170 Arvutiteadus, arvutusmeetodid, süsteemid, juhtimine (automaatjuhtimisteooria)1.1. Matemaatika ja arvutiteadus (matemaatika ja teised sellega seotud teadused: arvutiteadus ja sellega seotud teadused (ainult tarkvaraarendus, riistvara arendus kuulub tehnikavaldkonda)100,0
AsutusRollPeriood
Cybernetica ASpartner01.11.2012−31.10.2016
AsutusRiikTüüp
Euroopa Komisjon
PerioodSumma
01.11.2012−31.10.2016508 000,00 EUR
508 000,00 EUR
FP7-ICT

Information security threats to organisations have changed completely over the last decade, due to the complexity and dynamic nature of infrastructures and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, using infected USB sticks to sabotage nuclear plants, and the DigiNotar attack, using fake digital certificates to spy on website traffic. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can conceive them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project will make this possible, by building an “attack navigator”. This navigator makes it possible to say which attack opportunities are possible, which of them are the most urgent, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (how vulnerable are protocols and software), social sciences (how likely are people to succumb to social engineering), and state-of-the-art industry processes and tools. By integrating European expertise on socio-technical security into a widely applicable and standardised framework, TREsPASS will reduce security incidents in Europe, and allow organisations and their customers to make informed decisions about security investments. This increased resilience of European businesses both large and small is vital to safeguarding the social and economic prospects of Europe.
Information security threats to organisations have changed completely over the last decade, due to the complexity and dynamic nature of infrastructures and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, using infected USB sticks to sabotage nuclear plants, and the DigiNotar attack, using fake digital certificates to spy on website traffic. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can conceive them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project will make this possible, by building an “attack navigator”. This navigator makes it possible to say which attack opportunities are possible, which of them are the most urgent, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (how vulnerable are protocols and software), social sciences (how likely are people to succumb to social engineering), and state-of-the-art industry processes and tools. By integrating European expertise on socio-technical security into a widely applicable and standardised framework, TREsPASS will reduce security incidents in Europe, and allow organisations and their customers to make informed decisions about security investments. This increased resilience of European businesses both large and small is vital to safeguarding the social and economic prospects of Europe.
KirjeldusProtsent
Alusuuring50,0
Rakendusuuring50,0