WP6 – Risk Analysis and Mitigation Strategies
This work package researches and develops a methodology for continuous risk assessment process on the ICT supply chain, such that the system is continuously analyzed for potential weaknesses, and corresponding mitigation strategies can be enacted using BIECO solutions.
This WP has the following concrete objectives:
- To identify in an automated fashion main threats, including those that could also derive in a physical hazard in a cyber-physical system.
- To compute the severity of the consequences of threats and hazards.
- To make the link between systems’ internal security causes and their possible safety hazards explicit, e.g. in failure logic models such as Component Fault Trees.
- To define mitigation strategies.
- Out of both design time risk assessment models and mitigation strategies, runtime risk management models shall be synthesized systematically that are suitable to support runtime resilience mechanisms defined in WP4.
- Design and develop security, privacy and accountability measures for all the entities involved in the supply chain.
Envisioned mitigations range from process-based to architecture-based as well as related to the introduction of new patches and error detectors. The WP will ultimately produce a methodology and supporting tools for the systematic and automated i) analysis of risks, and ii) identification of mitigations that shall be equipped in the BIECO framework.
- D6.1 Blockly4SoS model and simulator WP6 (7 – RESILTECH) Report Public M10
- D6.2 Blockly4SoS user guide WP6 (7 – RESILTECH) Report Public M12
- D6.3 Risk Assessment and additional requirements WP6 (10 – 7BULLS) Report Public M24
- D6.4 Mitigations identification and their design WP6 (2 – Fraunhofer) Report Public M16
MENTORS - Monitoring Environment for System of Systems Authors: Antonello Calabrò, Said Daoudagh, Eda Marchetti Document type: Publication in Conference proceedings Publication: Proceedings of the 17th International Conference on Web Information Systems and...
GRADUATION: A GDPR-based Mutation Methodology Authors: Said Daoudagh, Eda Marchetti Document type: Publication in Conference proceedings/Workshop Publisher: Quality of Information and Communications Technology. QUATIC 2021. Communications in Computer and Information...
Author: Said Daoudagh
Within the Smart digital Ecosystems (SES), the utilization of AI, and Machine Learning (ML) in particular, becomes increasingly prevalent scenarios designed for elevating the user experience of a system's functional performance. The BIECO approach on building trust in...
We happily announce that BIECO has been presented at @YavaConf 2022! The session entitled "BIECO Project - Methodology for Security Evaluation" has been presented on Tuesday - September 27th, by Marcin Byra, @7bulls.com. The presentation is available here....
Dis you miss the opportunity to attend to the 2nd Workshop on Accountability, Liability, and Trust for 5G and Beyond (WALT5G+)? Don't worry! You can still see the video that D. Sara Matheu presented about the BIECO work performed within WP6. Abstract: While the...