Precise Measurement of Technical IT Security in Critical Infrastructures BMBF-Project Security Indicators for Critical Infrastructure Analysis (SICIA)

With the project 'Security Indicators for Critical Infrastructure Analysis (SICIA)', the Chair of Computer Networks and Communication Systems lead by Prof. Hartmut König is developing a method that allows operators of power plants and power networks to determine the current state of IT security in their facilities. The project is one of ten funded by the Federal Ministry of Education and Research (BMBF) within the priority programme 'IT Security in Critical Infrastructures'. Together with INDI it is the second project that the Chair is developing in this programme.

Modern IT technologies and components are increasingly being used in critical infrastructures. Critical infrastructures have therefore become vulnerable to modern IT threats. Until now there has been no method for the precise measurement of the actual state of IT security as a prerequisite for effective protection at all system levels of these infrastructures. Because qualitative evaluation approaches do not allow sufficient differentiation of security levels, the security indicators developed in the project mainly condense technical parameters as numerical values to make the actual IT security visible for operators.

In addition to the development of a measurement method that can be applied to diverse infrastructures, another project objective is to develop a demonstrator that allows for the comparison of potential improvements by simulation. Furthermore, the project aims to gain valuable insights for national and international information security standardization bodies. The 1.2 million Euro BMBF funded SICIA project runs until October 2017. The project partners are Vattenfall Europe Generation AG and RWE AG Germany. The project proposal was developed as part of the cooperation agreement between the Department of Computer Networks and Communication Systems and Vattenfall Europe Generation AG.