ResilMesh: Situation Aware enabled Cyber Resilience for Dispersed, Heterogenous Cyber Systems

ResilMesh will develop a cybersituational awareness based Security Orchestration and Analytics Platform Architecture (SOAPA) toolset to improve digital infrastructure resilience through fulfilling these objectives: 1: Improving end-to-end data aggregation and security control interoperability in dispersed digital infrastructures 2: Giving CSIRTs better awareness of the service and asset dependencies of their network 3: Helping CSIRTs to build cyber resilience capacity 4:Developing AI based algorithms and tools for early and ongoing attack detection and prediction 5:Developing a situation assessment system to view and forecast network level risk These objectives are achieved through a 10 work package project plan. ResilMesh will build a SOAPA platform by combining existing security controls and other tools from consortium participant with readily available open source elements. It will develop algorithms and software tools in the project and will integrate these with the platform to form a complete SOAPA system. It will validate the operation of the ResilMesh system through use cases in three different infrastructure categories (i.e. renewable energy SCADA; smart manufacturing robotics and regional civil infrastructure) and five open call use cases. These 8 pilots will ensure that the platform is evaluated across a wide range of critical infrastructures. ReilMesh develops AI based algorithms to improve attack detection and prediction for endpoint and network traffic; it help CSIRTs deal digital infrastructure complexity and heterogeneity by providing tools to give them better awareness of environment dependencies, threats and risk while preserving privacy. It increases the reliability and granularity of shared threat intelligence to improve context for threat hunting and cyber forensics incident response leading to more robust decision making. Finally it provides a suite of best practices to build cyber capacity to improve resilience preparation.