Marinos Tsantekidis
01 September 2018
31 August 2021
THREAT-ARREST aims to develop an advanced training platform incorporating emulation, simulation, serious gaming and visualization capabilities to adequately prepare stakeholders with different types of responsibility and levels of expertise in defending high-risk cyber systems and organizations to counter advanced, known and new cyber-attacks. The THREAT-ARREST platform will deliver security training, based on a model driven approach where cyber threat and training preparation (CTTP) models, specifying the potential attacks, the security controls of cyber systems against them, and the tools that may be used to assess the effectiveness of these controls, will drive the training process, and align it (where possible) with operational cyber system security assurance mechanisms to ensure the relevance of training. The platform will also support trainee performance evaluation and training programme evaluation and adapt training programmes based on them. The effectiveness of the framework will be validated using a prototype implementation interconnected with real cyber systems pilots in the areas of smart energy, healthcare and shipping, and from technical, legal and business perspectives.
Visualization |
Advancements by THREAT-ARREST to Jasima simulator: (a): Extension by visualization layers (Web, Mobile Device, Windows Client) based on existing technology, as required for presenting the outcomes of simulation/emulation of cyber-system components in the project. (b): Leveraging serious gaming elements in order to increase learning motivation for small and medium groups. |
Serious gaming |
Advancements by THREAT-ARREST to Serious Games tools: Enhancement of the various serious games with (i) advanced scenarios of cyber threats’ mitigation and (ii) new visualisation components. |
Simulation |
Advancements by THREAT-ARREST to Jasima simulator: Configuration and adoption of the simulator in order to meet the needs of the THREAT-ARREST training platform (i.e., simulation of different layers in the cyber systems implementation stack. |
Training |
Advancements by THREAT-ARREST to Data Fabrication Platform: Translation of simulation specifications in CTTP models and statistical profiles into DFP rules to enable synthetic event generation for the purposes of THREAT-ASSERT. |
Emulation |
Advancements by THREAT-ARREST: Combination and expansion of the capabilities of the emulation and penetration testing software/frameworks in order to achieve the automated generation and interconnection of emulated cyber system components. Enabling of trainees to perform security mitigation tasks. Selection of cyber-system components and attacks based on CTTP models. |
Assurance |
Advancements by THREAT-ARREST: (a): Offering customizable security data analytics applied to data-at-rest and live, streaming data. Off-the-shelf hardware components coupled with a custom software engine to provide a clear upgrade path, without vendor-specific lock-in. (b): Development of mechanisms to support the connectivity and use of the platform as part of a cyber threat training framework. Mechanisms supporting the implementation of continuous assurance by executing the assurance sub model of CTTP models, APIs for monitoring/testing evidence and checks reporting etc. |
Foundation for Research and Technology – Hellas |
Bird & Bird LLP – Belgium |
SimPlan AG – Germany |
Technical University Braunschweig – Germany |
Sphynx Technology Solutions AG – Switzerland |
CZ.NIC Association – Czech Republic |
Università degli Studi di Milano – Italy |
DANAOS – Cyprus |
Atos S.A – Spain |
TÜV HELLAS (TÜV NORD) SA – Hellas |
IBM - SCIENCE AND TECHNOLOGY LTD – ISRAEL |
Lightsource Labs Limited – Ireland |
Social Engineering Academy – Germany |
Agenzia Regionale Sanitaria - Puglia – Italy |
INFORMATION TECHNOLOGY FOR MARKET LEADERSHIP – Hellas |
Who is the project designed for?
Public Sector Organizations, IT SMEs, Researchers, Security Software Industry, End User Organizations, Cyber insurance companies.
How will your project benefit the end-user?
Advanced security training framework
On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.
Cyberwatching.eu has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740129. The content of this website does not represent the opinion of the European Commission, and the European Commission is not responsible for any use that might be made of such content. Privacy Policy | Disclaimer / Terms and Conditions of Use