CybWin – Cybersecurity Platform for Assessment and Training for Critical Infrastructures – Legacy to Digital Twin
Cyber security platform with physical, replicated and simulated components of real-world critical infrastructures
To understand the threat landscape for Critical Infrastructures (CIs), including the attack interfaces, vulnerabilities, potential threats and associated risks, it is crucial to visualize and articulate an Industrial Control Systems (ICS) in a manner that shows the interconnections between the ICS and its operational environment, the interrelations between components of the ICS and any dependencies that may be exploitable in a cyber-attack. There is also a need for processes, methods and tools for cyber security assessment of the CIs. Today it is practically impossible to perform cyber security testing or exercises on operational CIs as this could lead to unacceptable risk. Therefore, one of the best ways to address some of these issues, is to use simulation modelling for aspects ranging from cyber security testing to human performance evaluation. An important aspect of cyber security is the response capacity when an incident occurs. However, the largest investments seem to be made in tools and systems to fight cyber-attacks rather than addressing human behavior as a means of improving cyber security technologies and processes. Consequently, there is a need to gain further knowledge on human behavior in cyber security incident response and use this knowledge to strengthen the response capacity.
The core deliverable of CybWin is a cyber security platform with physical, replicated and simulated components of real-world CIs, empowered with tools for RAMS (reliability, availability, maintainability, safety) assessment, vulnerability assessment, attack simulation, incident
prediction and response. The strength of CybWin is also that it includes owners of two Norwegian CIs, research institutes and universities working in relevant research fields, a cyber security solutions provider, and international partners.
This project is funded by the Research Council of Norway. The project consortium consists of IFE, Norwegian University of Science and Technology (NTNU), Secure-NOK AS, Avinor Flysikring AS, Statnett, KraftCERT, VTT Technical Research Centre of Finland Ltd, EUROCONTROL, and Korean Advanced Institute of Science and Technology (KAIST).