Introduction of a Novel Risk based Approach in the Multimodal Transport Cyber Security Ecosystem

By European Dynamics

Background

The world is rapidly evolving and urbanizing. As populations increase and technology brings new opportunities, multimodal transportation has become the dominant option for a smart city beneficial to improve and facilitate people’s daily lives. While multimodal transport by definition is the coordination of different modes of transport used to move materials or goods from one side to the other, through a transport contract, it can also be applied to the city transportation system to ease passengers’ lives with a unified transport network. Multimodality in the city’s transport system will lead to numerous positive outcomes for instance less polluting modes that help to decarbonize transport and reduce other negative externalities, such as air pollution and congestion. CitySCAPE innovation project puts the multi-modal transport ecosystem under the microscope while also considering its interplay with related critical Network and Information Security (NIS) Directive sectors (energy, banking). Its main goal is to systematically explore all different cybersecurity dimensions of multimodal transport. These dimensions will drive a characterization of the cyber-threats in the ICT multimodal transport, extended to the close-by power and financial sector. Innovative software tools will be introduced to estimate the threats propagation in the system. CitySCAPE will realize a modular software toolkit enabled to be seamlessly integrated into any multimodal transport system to: a)detect suspicious traffic-data values and identify persistent threats; b)evaluate an attack’s impact in technical and notably in financial terms; c)combine external knowledge and internally-observed activities to enhance the predictability of zero day attacks; d)instantiate a networked overlay to circulate informative notifications to CERT authorities and support their interplay. Therefore multimodal transport cybersecurity is the cornerstone of the CitySCAPE project.

Current practice

In this article we describe an innovative Risk Management approach which elevates the good cybersecurity practice and extends the information security framework. Risk management is the overarching umbrella and includes both risk assessment and risk analysis. Risk Management refers to the comprehensive approach to the risks faced by an organization in order to identify them, analyze them, evaluate/rank them, treat them and finally monitor them. Risk Assessment is the process of formally analyzing and mitigating the risks, by breaking down threats into identifiable categories and defining all potential impact of each risk. Risk Analysis is the process of measuring risks and their associated impact, by helping organizations identify and manage potential problems that could undermine key business initiatives.

The risks are now diverse, multidimensional and interrelated and as transportation industry continue to become more digital, their level of cyber risk will continue to rise. Managing risks provides justification for the information security activities carried out within the organization. Only when risks are managed to acceptable levels, by the organization, assurance is provided for business activities. Without proper risk management, it would not be possible to determine the potential impact(s) of particular risks or the necessary mitigation measures.

The perception of risk is highly dependent on the individual process that each human uses, involving their cognitive skills (weighing the evidence, using reasoning and logic to reach conclusions) and emotional appraisals (intuition or imagination). As a result, current risk management approaches are inaccurate and prone to human error, since they are: a) static, b) conducted manually by human operators that collect assets, vulnerabilities, threats, risk appetite, etc, and c) executed periodically leaving a big perilous time interval between assessments which in turns gives space to threat actors, to manifest their plans. Moreover, these approaches when used in the multimodal transport ecosystem do not capture asset interdependencies and cascading-effects among all the involved assets and different stakeholders.

CitySCAPE’s novel risk based approach

European Dynamics within CitySCAPE project provides a dynamic risk based approach that continuously considers all the entities, modalities and their assets, threats and their interdependencies in the multi-modal transport ecosystem. The proposed risk assessment and risk analysis tools will assist in real-time the human agent, by assessing and analysing the risks on the holistic model of the entire multi-modal ecosystem. This approach constantly aggregates in this dynamic assessment and analysis: a) information on new vulnerabilities and threats, and b) proposed countermeasures based on Return On Security Investment (ROSI). This dynamic and continuous risk assessment enables the multi-modal transport operators to evaluate and implement strategies to mitigate threats, ensuring increased security for their assets and consequently improved services for the citizens.