KIRAS Security Research

Call results by calendar year

Call results by funding instruments

Projects of the joint German-Austrian call

R&D- Support Actions >Call 2018 >

CURSOR - Cyber security exercise concept and framework

The aim of the CURSOR project is the conception of a national cyber exercise program for the analysis of (program) cyber exercises. This exercise program is supported by the specification of a cyber exercise platform and implementation of a proof-of-concept exercise calendar to exchange information about past and future state-wide cyber exercises. The platform is intended to integrate program and non-program exercises, making it possible for the first time to measure and compare them. The results of the CURSOR project strengthen the strategic coordination of cyber exercises and thereby indirectly contribute to Austria's resilience against the consequences of attacks from cyber space.

The CURSOR project aims to study the possibilities for and develop a nationwide exercise program that takes into account both nationwide and sector-specific (program) exercises. Several methodological steps are needed to achieve this. In the first step, a comprehensive analysis of current state of practice and research in the field of cyber-exercises will be carried out. Furthermore, actors and organizers in the field of cyber-exercises will be interviewed to obtain a comprehensive overview of technology, content and organization. Based on this study, the next step will be to derive the requirements for a national cyber exercise program and to identify possible goals and measurement criteria with relevant stakeholders. On this basis, a cyber exercise program will be specified and strategic as well as operational aspects will be highlighted.

A further goal of the project is the development and specification of a cyber exercise platform, which processes exercise results of program exercises and enables an exercise history. A challenge is, for example, how to design the integration of non-program cyber exercises in this context. A proof-of-concept cyber exercise calendar will be designed and implemented to discuss a part of the exercise platform and its facets, together with relevant stakeholders, incorporating this feedback directly. In addition, recommendations and support measures for cyber-exercises will be defined, in particular to support operators of essential services and organizations in carrying out cyber-exercises based on the cyber-exercise program.

The result of this project is a study that will provide a concept for a nationwide cyber exercise program and cyber exercise platform as well as the implementation of a proof-of-concept exercise calendar. These findings can be used as a basis for a discussion for further development of a national exercise program and can thus indirectly contribute to the resilience of Austria against the impacts of attacks stemming from Cyber space.

Project leader

Dr. Maria Leitner / AIT Austrian Institut of Technology
Dr. Maria LEITNER
Scientist

Security & Communication Technologies
Center for Digital Safety & Security
AIT Austrian Institute of Technology GmbH
Giefinggasse 4 | 1210 Vienna | Austria
T +43 50550-2839 | M +43 664 88390639 | F +43 50550-4150
maria.leitner@ait.ac.at | http://www.ait.ac.at 

Further project partners
FH St. Pölten (FHSTP): Dr. Peter KIESEBERG
Bundeskanzleramt (BKA): Andreas REICHARD
Bundesministerium für Inneres (BMI) (via LoI)
Bundesministerium für Landesverteidigung (BMLV) (via LoI)
nic.at/CERT.at (via LoI)