Based on the state of the art, as well as the problems and research needs, the highly innovative and ambitious goals of the synERGY project can be summarized as follows:
- Determine and investigate the 5 most common classes of cyber attack vectors specifically in CPS (denial-of-service, man-in-the-middle eavesdropping etc.) consisting of WAN-, LAN-, and field areas, and prove/verify the feasibility of synERGY’s anomaly detection approach in 2 pilots hosted at relevant independent operational environments at CPS operator sites (LINZ, ENAG).
- Develop a smart self-learning cross-layer anomaly detection approach, capable of detecting >90% of those security incidents caused by the previously identified attacks, which cannot be detected with widely-used signature-based intrusion detection systems.
- Facilitate the interpretation of anomaly detection results by enabling synERGY to consume at least 5 exemplary organisational data sources and external threat intelligence sources and ensuring the compatibility to a wide area of state-of-the-art SIEM solutions over 2 standardized interfaces (e.g., rsyslog, REST).
- Design an architecture with a wide variety of different sensor technologies that are able to collect data from the 10 most widely used protocols and standards in the ICS domain as well as enterprise IT networks to act as a solid basis for anomaly detection in CPS.
- Improve the cost-benefit ratio by applying synERGY in CPS by at least factor 20, i.e., the yearly costs of running synERGY must not be higher than 5% of the expected negative impact when not running synERGY – perform a cost-benefit analysis in course of the project in order to determine the precise factor.
- Enable new market opportunities for CPS provider, such as exploiting energy providers’ highly developed smart grid infrastructure for telecommunication service (e.g., internet) – directly stimulate the business of 3 relevant end-users in Austria who are either part of the consortium (LINZ, ENAG) or included via LoI (Kärnten Netz KNG).