01/01/2016 to 31/12/2018

Detecting advanced multi-stage attacks is difficult in IT systems, but approaches towards detection and response for ICS (Industrial Control Systems) are comparatively less mature. Moreover, attacks discovered in the wild continue to evolve in sophistication. Stopping such attacks demands continual monitoring of the infrastructure and it is difficult to provide operators with targeted security status information in the face of advanced multi-stage ICS threats.
This research aims to develop and test an approach that enhances real-time cyber-security monitoring capabilities for networked ICS environments. The objective is to present information to an operator that is more closely correlated to advanced multi-stage threats, rather than individual alerts, thereby improving the ability of the operator to gauge the current security status of the system.
A threat measurement based approach will be used to investigate how the real-time cyber-security status of an ICS network environment can be measured in terms of an observable threat presence. It is hypothesised that such a status can be appraised by using suitable metrics, which may be derived by analysing, decomposing and modelling known advanced multistage threats. The analysis will target the development of threat models based on a combination of reported ICS attacks and an investigation of future potential advanced threats based on emerging trends in crimeware. A proposed solution will be implemented and tested in a test-bed environment based on a realistic factory automation environment.

Friday, 1 January, 2016 to Monday, 31 December, 2018

Project type:


Pilots for the European Cybersecurity Competence Networks: how can your SME benefit? - 6th Webinar -

The four pilot projects involved in the development of the European Cybersecurity Competence Network will present their plans and upcoming tools and services for SMEs in the webinar on the 2nd of April, 10:00 AM CEST



Future Events

Cyber Insurance and its Contribution to Cyber Risk Mitigation - Leiden March 25-29
25/03/2019 to 29/03/2019

The rise in both the scale and severity of recent cyberattacks demands new thinking about cybersecurity risk and the mitigation and transfer of that risk. Cyber insurance is one potential way to manage risk by transferring damage liability, but the cyber insurance market is immature and the understanding and actuarial knowledge of cyber-risk is currently underdeveloped.

e-SIDES workshop 2019

e-SIDES workshop: Towards Value-Centric Big Data: Connect People, Processes and Technology


2 April 2019

10am to 4pm


e-SIDES is a research project funded by European Commission H2020 Programme that deals with the ethical, legal, social and economic implications of privacy-preserving technologies in different big data context.