Structure of the document. The deliverable is structured as follows:
Structure of the document. After completing the introduction in this section, we continue by explaining the role of the cyber risk modelling in the WISER framework in Section 2. Next, in Section 3 we explain our rationale for selecting the three WISER risk modelling languages, which are CORAS for human-readable risk models, DEXi for qualitative risk assessment algorithms, and R for quantitative risk algorithms. In Section 4, we give a short overview of each of these languages, in order to provide some background for the rest of the document aimed at readers not familiar with the languages, as well as references for further information. We then move on to the actual guidelines. In Section 5, we present simple guidelines for modelling the target of analysis, while Section 6 presents the overall method for cyber risk modelling in WISER. This overall method is the same whether one chooses to use qualitative or quantitative assessment. Section 7 provides specific guidelines for creating CORAS models, which is the first step of the overall method and is performed independently of whether qualitative or quantitative assessment will be used. In Section 8, we give guidelines for quantitative algorithms using R, while Section 9 offers similar guidelines for defining qualitative assessment algorithms based on a CORAS diagram using DEXi. Having thus provided methodological support for developing assessment algorithms, we explain the integration of such algorithms in the Risk Assessment Engine in Section 10. Although the representation of impact assessment in the R and DEXi algorithms is included in Section 8 and Section 9, these sections do not provide thorough methodological guidelines for impact assessment. In Section 11, we present such guidelines for economic impact assessment, while societal impact assessment is addressed in Section 12. Notice that, unlike Section 8 and Section 9, the guidelines provided in Section 11 and Section 12 are meant to support users making assessments (typically in order to be able to answer business configuration questions), rather than to create algorithms to be executed by the Risk Assessment Engine. We present our conclusion in Section 13. This document also contains five appendices. Appendix I shows the naming convention used for model elements occurring in CORAS diagrams and corresponding R and DEXi algorithms. Appendix II introduces Bayesian networks for risk modelling, which play an important role in the development of the quantitative algorithms. In Appe...
Structure of the document. The remainder of this document is structured as follows: In the main part of the document, In part A (User manual), the user learns how to set up, start and perform a training session with CIPRTrainer, how to use ‘what if’ analysis, and how to modify the system settings. In part B (documentation), we provide a “Quick Start” guide for users of CIPRTrainer and an overview of the structure of CIPRTrainer’s modular user interface. We conclude by summarising the main properties of the single-trainee version of CIPRTrainer in the following figure.
Figure 1: Simplified scheme of CIPRTrainer’s main components. The design engine is represented by the rounded rectangle labelled “SyMo” and the scenario developer’s icon. All other shown components belong to CIPRTrainer’s training engine. The most important element for users of CIPRTrainer is the CIPR- Trainer Graphical User Interface (GUI), through which both trainer and trainee operate CIPRTrainer. As written in deliverables D6.3 [CIPRNetD63] and D6.4 [CIPRNetD64], two of the modelling activities for setting up the scenarios take place in the Federated Simulation part (Critical Infrastructure models) and in the Database part (definition of events, rules, and dependencies).
PART A: USER MANUAL
Structure of the document. The remainder of Section 1 presents the overall methodology adopted for this study. Otherwise, the rest of the document is divided into the following chapters:
Structure of the document. The deliverable is structured as follows: Chapter 1 gives an overview of the whole document. Chapter 2 explains how the privacy of the participants will be ensured. Chapter 3 outlines the progress, which has been done within the last 6 months regarding how to make the data FAIR, and Chapter 4 focuses on the ethical aspect of the pilot specific needs. Chapter 5 comprises of a short conclusion. The document should be understood as an extension to D1.7, i.e. there is no repetition of what was already described there.
Structure of the document. The BEACONING Project will provide interfaces for different types of users: students, teachers, parents, learning designers, game designers, as well as BEACONING administrators. The current prototype focuses on key screens of the student and teachers experience centred around starting, playing, and finishing a lesson path. The deliverable is structured as follows:
Chapter 1 presents the approach taken and how this deliverable will be used by the partners.
Chapter 2 describes the key screens of the prototype related to the student experience. Chapter 3 describes the key screens of the prototype related to the teacher experience.
Structure of the document. The document is structured as follows: • The introduction defines risk assessment and socio-economic impacts, looks at the main drivers for SME risk management, and provides a sample of sources consulted. • Section2 defines selected cyber threats and then presents a set of case studies illustrating different types of socio-economic impacts resulting from successful cyber-attacks while also showing new trends in the cyber threat landscape. It concludes with key takeaways for WISER based on key points emerging from the case studies.
Structure of the document. First, in the first section, we present the glossary of the document. Then, we present the complete and already available WISER’s Monitoring Architecture, which represents the basis for the deployment of the CyberWISER-Essential and -Plus products. Section 3 presents the Resource layer of the WISER Monitoring, i.e., the complete set of monitoring sensors used in the WISER's monitoring architecture. Moreover, this section also covers the description of the DNS Traffic Sensor, Snort Sensor, OSSEC, Vulnerability scanner and Honeypot. The Resource layer is comprised of these sensors, software that is installed on the client’s infrastructure and that has been packaged and made available to the full scale pilots in WISER. Section 4 – Monitoring Provider Layer – presents the other core components of the WISER Monitoring residing in the cloud as web services deployed at the cloud infrastructure provider. Section 5 describes the glue part between Monitoring Resource and Provider layer – the communication layer, protocols and technologies used in the communication components. Finally, the Monitoring Risk Assessment, which takes into account monitoring events and alarms, is described in section 6.
Structure of the document. This document features four chapters and an appendix. Chapter 1 is a short introduction. Chapter 2 provides a brief overview of the philosophy and process that were followed in designing the dissemination materials. Chapter 3 provides low-resolution copies of the above designs. Chapter 4 sums up the conclusions that were gleaned throughout. The Appendix contains low resolution versions of all the printed materials produced for the EAGLE events during the first year and an half of the project, complete with the outreach kits used by the project partners as well as by external users in order to disseminate them.
Structure of the document. The document is structured as follow:
