1. CYSM Collaborative Cyber/Physical Security Management System Assistant Professor Nineta Polemi University of Piraeus, dpolemi@unipi.gr “PREVENTION, PREPAREDENESS AND CONSEQUENCE MANAGEMENT OF TERRORISM AND OTHER SECURITYRELATED RISKS (CIPS)”

2. Consortium PartnerRole PORT INSTITUTE FOUNDATION OF STUDIES AND COOPERATION OF THE VALENCIA REGION (FEPORTS) Project Coordinator UNIVERSITY OF PIRAEUS RESEARCH CENTRE (UPRC) Technical Manager SINGULARLOGIC ANONYMOS ETAIRIA PLIROFORIAKON SYSTIMATON & EFARMOGON PLIROFORIKIS (SiLo) Technical Partner Università degli Studi di Genova (DITEN)Technical Partner Piraeus Port Authority S.A. (PPA)Pilot Valenciaport Foundation for Research, Promotion and Commercial Studies of the Valencian region (VPF) Pilot Port-of-Mykonos (POM) (subcontractor of SiLo) Pilot

3. Ships Banks Shipping companies Ναυπηγεία Port Authorities Ministries ICT Providers Customs Offices Providers CIIs Ports Maritime Environment 3

4. e/m-Services (vessel, cargo, inland logistics,..) Information/data (marine, coastal, trade,..) Telecom (networks, routers, optical fibers,..) Infrastructure (buildings, terminals, gates, data centers) IT equipment / Software (servers, navigation, RFIDs, cameras, ERPs, …) Users/ Procedures(internal, external, cargo, vessels)

5. Security: (cyber security): Ensure the Confidentiality, Integrity, Access Control, Availability of all assets in all layers of the IT system. Safety (physical security): Ensure the access control and availability of the assets in the two layers (1 st, 6 th ).

6. International Maritime Organization (IMO) published: MARPOL (e.g. MEPC.: 189(60), 190(60), Annex VI) for the sea protection SOLAS (e.g. MSc.: 286(86), 256(84), 46(66), 291(87), 216(82), 282(86), 291(87), 290(87)) for the safety of the ships, passengers and cargo and the ISPS addressing: audit, secure access/handling of cargo, availability of telecommunication infrastructure, incident reporting, creation of security team and training. Existing Maritime Legislation

7. MSRAM and its extended version MSRAM- PLUS/FORETELL address only physical security and they are compatible with the ISPS. MARISA concentrate on the safe navigation of ships during their presence in the port. CMA detects abnormal behavior of ships and identifies respecting threats. National methodologies (Estonia, Jordan, Russia) also concentrate only on the safety of ports. Existing Maritime SM methodologies and tools

8. e/m-Services (vessel, cargo, inland logistics,..) Information/data (marine, coastal, trade,..) Telecom (networks, routers, optical fibers,..) Infrastructure (buildings, terminals, gates, data centers) IT equipment / Software (servers, navigation, RFIDs, cameras, ERPs, …) Users/ Procedures(internal, external, cargo, vessels)

9. Critical Information Infrastructure Protection (CIIP) : Commercial ports are large- scale infrastructures hosting information systems that their degradation/interruption/impairment has serious consequences on national security, economy, health, safety or welfare of citizens. -Commercial Ports are transportation critical infrastructures [Dept. of Homeland Security, USA, 2007] -31 March 2011 on CIIP – "Achievements and next steps: towards global cyber-security" - COM(2011) 163

10. Examples of Cyber threats AssetsThreatsVulnerabilitiesImpacts e- reservation service Loss of integrity No PKI enable service Disruption of reservations, economic +cascading effects Navigation system Unauthorised Data Access Lack of logical access control and audit Alteration of itineries ERPMalicious Code Irregular update of Antivirus Economic loses RFIDs Eavesdropping on RFID readers The server does not share a private key with each tag Commercial espionage

11. Risk Management Risk Analysis Risk Level Vulnerability Level Threat LevelAsset Countermeasures Risk Level

12. 12 ISO / IEC 27001:2005 ISO / IEC 27002:2005 ISO / IEC 27005:2008 AS / NZS 4360 NIST SP 800- 30 Security Management Identification of Target Threat Analysis Risk Analysis Risk management Audit ICT-security management

13. Agent-based simulation model of the U.S. economy(COMM- ASPEN) Electricity market complex adaptive system (EMCAS) Hazardous operations (HAZOP) Multi-network interdependent CI for analysis of lifelines (MUNICIPAL) National agent-based laboratory for economics (N-ABLE) Transportation routing analysis geographic IT system (TRAGIS) Urban infrastructure suite (UIS) Virtual Interacting Network Community (VINCI) They cover energy, economy and transport sectors CIIP methodologies

14. P ORT S ECURITY M ANAGEMENT CIIPP methodology CIIPISPSISO

15. The degradation, interruption or impairment of ports’ ICT Systems has serious impacts on economy, national security, health, safety, and the welfare of citizens and nations. Ports’ CIIs feature a dual “cyber”/“physical” nature: the physical nature is related with the establishments of the port (e.g., buildings, platforms, gates, marinas, data centers, personnel and users), the cyber nature is related to their ICT infrastructure, systems and services. Existing maritime security standards (e.g. International Ships and Port Facilities Security Code –ISPS-) and maritime risk assessment methodologies (e.g. MSRAM, MARISA) concentrate on the protection of the physical nature of the ports’ CII (physical security) thereby ignoring their cyber-nature (ENISA report on maritime security). CYSM aims at alleviating this gap on the basis of a holistic approach that addresses the dual nature of ports’ CII.

16. Main Questions What are the main gaps of on-going security efforts on the maritime community? How should existing CIIs security management standards and methodologies be adapted in order to become applicable to port CIIs?

17. Objectives O1: To introduce a targeted risk management methodology for port CIIs, taking into account the protection of physical and cyber assets. The methodology will be aligned to relevant standards and legislation. O2: To implement, deploy and evaluate an integrated security management system (for CII operators) enabling asset modeling, risk analysis, anticipation/management of attacks, as well as stakeholders’ collaboration. O3: To increase the collaboration between European port stakeholders towards improved management of the physical and cyber nature of CIIs in a harmonized manner. O4: To document best practices for integrated security management of port CIIs. Accordingly, to disseminate them to maritime policy-shaping groups (e.g., ECSA, ICS-ISF) and contribute towards an acceptable, applicable Integrated Maritime Policy (IMP).

18. Results A Holistic/Targeted Risk Management Methodology for Port CIIs. A Collaborative Security Management System for Port CIIs (CYSM system). A repository/digital library of distinct and structured security related information digital assets (best practices, legislations, regulations, guides, standards etc. ) accessible via the CYSM. An open trial where external Port operators (>=48) and other stakeholders (>=60) will be invited to evaluate the CYSM system. Dissemination of the project innovative aspects to targeted groups such as Port operators and other Maritime Stakeholders (i.e. ship companies, port authorities, maritime/insurance companies etc.). At least 5 Workshops will be organized during the project (200 participants per workshop) Contributions / influences to standardization bodies and maritime interest groups.

19. WorkPackages Work Package 1 T1.1: Administrative and Financial Management T1.2: Consortium Administration and Quality Control T1.3: Dissemination Activities T1.4: Exploitation and Sustainability Activities Work Package 2 T2.1: Desk Research T2.2: Stakeholders Requirements T2.3: CYSM Approach and Methodologies Specification T2.4: CYSM System Architecture Work Package 3 T3.1: Cyber and Physical Assets Modeling T3.2: Risk Management Models T3.3: CYSM Risk Assessment Toolkit Work Package 4 T4.1: Port CIIs Security Management Functionalities T4.2: Management and Production of Document and Artifacts T4.3: Web2.0 Collaboration Functionalities Work Package 5 T5.1: Integration of the Platform T5.2: Testing, Validation and Fine Tuning T5.3:Evaluation (Technical, Usability, Financial, Wider Impact) T5.4: Best Practices, Blueprints and Policy Development Guidelines 19

20. Gantt Diagram

21. Work Packages A/AA/ALeaderStartEnd WP 1FEPORTSΜ1Μ24 WP 2PPAΜ1Μ1Μ7 WP 3UPRCΜ3Μ12 WP 4DITENΜ6Μ6Μ18 WP 5SiLoΜ12Μ24

22. Deliverables A/AA/AWPNameInvolved Partners D1.1WP 1Project Handbook, Risk Management and Quality PlanFEPORTSΜ?Μ? D1.2WP 1Period ReportsFEPORTSΜ?Μ? D1.3WP 1Final Project ReportFEPORTSΜ?Μ? D1.4WP 1Report on Dissemination Activities and PlansFEPORTS/DITTEN/SiLo/UPRC /VPF/PPA Μ?Μ? D1.5WP 1Report on Sustainability Activities and PlansFEPORTS/DITTEN/SiLo/UPRC /VPF/PPA Μ?Μ? D2.1WP 2Desk Research and State-of-the-ArtFEPORTS/DITTEN/SiLo/UPRC /VPF/PPA Μ2Μ2 D2.2WP 2Report on Stakeholders RequirementsDITTEN/SiLo/UPRC/VPF/PPAΜ5Μ5 D2.3WP 2Specifications of CYSM Approach and System ArchitectureDITTEN/SiLo/UPRC/VPF/PPAΜ7Μ7

23. A/AA/AWPNameInvolved Partners D3.1WP 3CYSM Risk Management MethodologyDITTEN/UPRC/VPF/PPAΜ5Μ5 D3.2WP 3CYSM Risk Management ToolkitDITTEN/UPRC/VPFΜ12 D4.1WP 4Report on Security Management FunctionalitiesDITTEN/UPRC/VPF/PPAΜ15 D4.2WP 4Collaborative Security Management PrototypeDITTEN/UPRC/VPFΜ18 D5.1WP 5Integrated Proof-of-Concept PrototypeDITTEN/SiLoΜ22 D5.2WP 5(Business, Usability, Financial, Technical) Evaluation ReportFEPORTS/DITTEN/SiLo/UPRC /VPF/PPA Μ24 D5.3WP 5Best Practices and Policy Development GuidelinesFEPORTS/DITTEN/SiLo/UPRC /VPF/PPA Μ24

24. Work Package 1 Leader: FEPORTS Duration: Μ1-Μ24 Objectives : Coordinate the Activities of the Co-Beneficiaries and perform the financial management of the project Report the progress of the project and the achievement of the partners Implement the dissemination strategy of the project (through publications, participation in conferences/workshops, organization of stakeholders workshops, development of the project's web site) Implement the project's exploitation and sustainability strategy Tasks : T1.1 Administrative and Financial Management (FEPORTS, M1-M24) T1.2 Consortium Administration and Quality Control (FEPORTS, M1-M24) T1.3 Dissemination Activities (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M1-M24) T1.4 Exploitation and Sustainability Activities (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M1-M24) Deliverables : D1.1 Project Handbook, Risk Management and Quality Plan (FEPORTS, M?) D1.2 Period Reports (FEPORTS, M?) D1.3 Final Project Report (FEPORTS, M?) D1.4 Report on Dissemination Activities and Plans (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M?) D1.5 Report on Sustainability Activities and Plans (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M?)

25. Work Package 2 Leader: PPA Duration: Μ1-Μ7 Objectives : Review and Document the state-of-the-art in maritime security in the area of maritime security (including risk management, risk assessment and confronting cyber attacks) Collect, Understand, Analyze Requirements of all stakeholders associated with the physical and cyber aspects of maritime security Specification of the CYSM Collaborative Approach to Maritime Security Management Specification of the CYSM System Architecture Tasks : T2.1 Desk Research (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M1-M2) T2.2 Stakeholders Requirements (DITTEN/SiLo/UPRC/VPF/PPA, M2-M5) T2.3 CYSM Approach and Methodologies Specification (DITTEN/SiLo/UPRC/VPF/PPA, M3-M6) T2.4 CYSM System Architecture (DITTEN/SiLo/UPRC/VPF/PPA, M4-M7) Deliverables : D2.1 Desk Research and State-of-the-Art (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M2) D2.2 Report on Stakeholders Requirements (DITTEN/SiLo/UPRC/VPF/PPA, M5) D2.3 Specifications of CYSM Approach and System Architecture (DITTEN/SiLo/UPRC/VPF/PPA, M7)

26. Work Package 3 Leader: UPRC Duration: Μ3-Μ12 Objectives: Specify Models for all the critical assets comprising port CIIs with emphasis on both their physical and cyber nature Specify Risk Management Models Comprising the CYSM Risk Management Methodology (CYSM- RM) Specification and implementation of a toolkit for supporting CYSM-RM (e.g., support risk analysis) Tasks: T3.1 Cyber and Physical Assets Modeling (UPRC/PPA/DITTEN, M3-M9) T3.2 Risk Management Models (DITTEN/UPRC/VPF, M3-M9) T3.3 CYSM Risk Assessment Toolkit (DITTEN/UPRC/VPF, M5-M12) Deliverables: D3.1 CYSM Risk Management Methodology (DITTEN/UPRC/VPF/PPA, M5) D3.2 CYSM Risk Management Toolkit (DITTEN/UPRC/VPF, M12)

27. Work Package 4 Leader: DITEN Duration: Μ6-Μ18 Objectives: Specify and Implement Security Management Functionalities in the scope of an ICT System (CYSM System) Implement a subsystem for the management of documents and artifacts (e.g., security policies, risk assessments etc.) Implement a range of collaborative functionalities for the synergetic discussion and resolution of security incidents/attacks Tasks: T4.1 Port CIIs Security Management Functionalities (DITTEN/UPRC/SiLo, M6-M15) T4.2 Management and Production of Document and Artifacts (DITTEN/UPRC/SiLo, M7-M15) T4.3 Web2.0 Collaboration Functionalities (DITTEN/UPRC/SiLo, M9-M18) Deliverables: D4.1 Report on Security Management Functionalities (DITTEN/UPRC/VPF/PPA, M15) D4.2 Collaborative Security Management Prototype (DITTEN/UPRC/VPF, M18)

28. Work Package 5 Leader: SiLo Duration: Μ12-Μ24 Objectives : Produce an integrated version of the CYSM System according to an iterative evolutonary approach Test and Validate the CYSM System and contribute to its improvements and fine-tuning Evaluate the CYSM System from multiple perspectives including technical, usability, financial and wider impact Produce best practices and blueprints for collaborative security management of portCIIs - Also produce guidelines for policy development Tasks : T5.1 Integration of the Platform (DITTEN/SiLo, M12-M22) T5.2 Testing, Validation and Fine Tuning (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M15-M24) T5.3 Evaluation (Technical, Usability, Financial, Wider Impact) (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M17-M24) T5.4 Best Practices, Blueprints and Policy Development Guidelines (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M18-M24) Deliverables : D5.1 Integrated Proof-of-Concept Prototype (DITTEN/SiLo, M22) D5.2 (Business, Usability, Financial, Technical) Evaluation Repor t (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M24) D5.3 Best Practices and Policy Development Guidelines (FEPORTS/DITTEN/SiLo/UPRC/VPF/PPA, M24)

29. THANK YOU!