SafeFuture: Threat aware cybersecurity analysis in critical infrastructures

Purpose and goal

Our society is built on critical digitized infrastructures to an increasing extent. However, increased digitization leads to an increased risk of cyber attacks. Effective defense against these attacks requires, on the one hand, an understanding of the IT or cyber-physical system itself, on the other hand, we need to understand the ever-changing threat landscape. The SafeFuture project will develop a new generation of risk analysis tools by integrating cyber threat information into attack modeling and using it for static and dynamic system analysis.

Expected effects and result

The objective of this project is to develop and utilize attack modeling toolsets and the continuously changing threat information in three phases of the lifecycle of critical infrastructures: in the design phase, where the system architecture should be defined with the help of the threat-modeling and vulnerability analysis tools; under normal operation, where the existing infrastructure needs to be adapted to the changing threat landscape; and finally under ongoing attack where rapid and efficient defense actions need to be performed.

Planned approach and implementation

The project is based on the expertise of Recorded Future, a leading company in threat intelligence, and KTH with a solid background in research on attack modeling. Together with Swedavia, which contributes with the environment for the case study within critical infrastructure, the project will show that an integration of security tools is inevitable for an effective cyber defense. The project is organized into three work packages, with the close collaboration of the partners: Requirements and system design, Methodologies, and Demonstration.