Based on the consortium’s experience, the ATENA tools suite should include a specific methodology and an associated support tool in order to provide reliable input to on-line tools such as Risk prediction tools and Decision Support Systems.
The main goal of the risk assessment is to provide a list of risks prioritised in order to perform the next step of risk management: the risk treatment. The management of the risk assessment results gives an essential input to assess the resilience state of an organisation especially if a new risk cannot be totally managed by risk treatment and in case the remaining risk could have a sustainable impact to the organisation’s processes (for CIs, essentially the Quality of Service).
Methodology of risk assessment
The definition of a reliable methodology of risk assessment is easily implementable in a large range of Essential Service providers such as Electrical/Gas providers and distributors. Water providers, will be based on an ISO 27005 methodology and will use all building blocks defined in the ATENA tools suite as presented in the figure below.
Risk analysis tool
Risk Analysis Tool: This block will provide a “Risk level” snapshot and sustainable inputs to CISIAPro and RAO (or other expert systems) on the real risk situation of the overall asset. It will be based on the overall inputs provided by the previous building blocks. The tool should answer the question: “What is my risk now?”
Input of risk analysis tool
Modeling CI: methodology and tools to provide an easy way to describe the functional architecture of the CI (description of CI components and networks, including functional dependencies and interdependencies).
Modeling security interdependencies of assets: methodology and to describe the risk interdependencies of the different assets from security features (availability, integrity and confidentiality) and vulnerability point of views : how the vulnerability of linked assets increases in case one of them is impacted?
Security Metrics Evaluation (Security Assurance Level, Awareness, and Risk Level): standards to qualify the CI’s status, the security management of a CI (maturity of the management) and the security level of a field distributed asset (Security Assurance Level).
Vulnerability assessment: tools to manage the vulnerability level of a CI facing a moving threats environment, the discovery of security incidents, etc.
Modeling attack scenarios: “attack patterns” according to detection inputs (it is often the most valuable and secret parameters of commercial detection tools). As ATENA project wants to provide innovative elements, this modelling will include a smart tool able to produce new patterns according to the previous ones and to incident detection.
Security Incident detection (detection framework): detection probes and logical concentrator.
Modelling CI’s Risk (Risk indicators: e.g., QoS level/asset): design of the most important indicators of risk for a CI (and they depend on the type of CI, the business models etc.). These indicators are the risk criteria to qualify, i.e., to prioritise the risks and help to manage.
Tools fed by risk analysis tool
Risk Prediction Tools (CISIA/RAO): Expert systems which allow simulating the state of the CI assets according to the Risk analysis tools but also the operational faults and the mitigation strategies (e.g., FISR).