Storm Surge Barriers (SSBs) are vital to keeping society safe and economically stable. These SSBs are complex objects that increasingly depend on Operational Technology (OT) and Information Technology (IT) to operate reliable. This growing dependency and interconnectedness via networks, introduces new risk that engineers must address. Numerous examples can be found that the risk introduced by OT and IT is real and current, both by intentional threat sources (attacks) and unintentional threat sources (human error). Keeping SSBs cybersecure therefore is an increasingly important task.

 

The Netherlands are world renowned in the field of watermanagement and this extends to SSBs and are one of the founders of I-STORM. This is an international community aimed at improving SSB operations by sharing good practices. The topics I-STORM discusses are divided into knowledge domains. Due to the importance of cybersecurity, I-STORM wants to include cybersecurity in sharing information between members as a new knowledge domain.

 

Cybersecurity process difficult to introduce, because I-STORM members mainly have an engineering background and cybersecurity is only recently part of their role. I-STORM has identified that an overview of what comprises cybersecurity and how to discuss this topic is needed. This thesis addresses this need, enabling the process of cybersecurity knowledge sharing thus fulfilling the new knowledge domain.

 

To provide the required artifacts, this thesis presents a cybersecurity information sharing process compatible with the I-STORM knowledge strategy. The presented information sharing process populates the new knowledge domain by providing a solution on what to share and how to share it. This information sharing process is therefore presented as two components; a cybersecurity vocabulary (ontology) for engineers and a model for cybersecurity information sharing.

 

To support the what, the ontology enables understanding through a shared vocabulary and enables discussions on cybersecurity at a conceptual level that does not include (too) sensitive information. To support the how, the information sharing model supports the implementation of the process by providing guidance on how to address challenges in information sharing.

 

The what and how are combined using the I-STORM knowledge strategy template to form an information process that describes how I-STORM can share cybersecurity information. This process is understandable by I-STORM members and compatible with the other knowledge domains in I-STORM.

 

This result enables I-STORM to share information on cybersecurity in a structured way thus creating the new cybersecurity knowledge domain. The knowledge sharing in this new domain leads to more international cooperation on cybersecurity, increasing the resiliency of SSBs against cyber threats and therefore supporting a safer society.

 

READ PDF

 

 

  • A cybersecurity information sharing process for Storm Su...
    Master CS/Jeroen Gaiser
    >
  • A cybersecurity info...
    Master CS/Jeroen Gaiser
    >
  • A cybersecurity information sharing process for Storm Su...
    Master CS/Jeroen Gaiser
    >
  • Can NL trust 5G?
    Master CS/Farley Wazir
    >
  • Can NL trust 5G?
    Master CS/Farley Wazir
    >
  • Can NL trust 5G?
    Master CS/Farley Wazir
    >
  • ConsensusPKI. Data driven public key ecosystem backed by...
    Master CS/Volkan Kaya
    >
  • ConsensusPKI. Data d...
    Master CS/Volkan Kaya
    >
  • ConsensusPKI. Data driven public key ecosystem backed by...
    Master CS/Volkan Kaya
    >
  • Evaluating server-side internet proxy detection methods
    Master CS/Hans Hoogstraaten
    >
  • Evaluating server-si...
    Master CS/Hans Hoogstraaten
    >
  • Evaluating server-side internet proxy detection methods
    Master CS/Hans Hoogstraaten
    >
  • Fake news, or framed news, that is the question
    Master CS/Elserike Looije
    >
  • Fake news, or framed...
    Master CS/Elserike Looije
    >
  • Fake news, or framed news, that is the question
    Master CS/Elserike Looije
    >
  • Fighting in the fifth dimension
    Master CS/John van Veenhuizen
    >
  • Fighting in the fift...
    Master CS/John van Veenhuizen
    >
  • Fighting in the fifth dimension
    Master CS/John van Veenhuizen
    >
  • Managing risks in the cyber realm: From a traditional to...
    Master CS/Emma Meines
    >
  • Managing risks in th...
    Master CS/Emma Meines
    >
  • Managing risks in the cyber realm: From a traditional to...
    Master CS/Emma Meines
    >
  • Multi-stakeholder roadmap for implementing consumer vuln...
    Master CS/Hinko Bastiaanse
    >
  • Multi-stakeholder ro...
    Master CS/Hinko Bastiaanse
    >
  • Multi-stakeholder roadmap for implementing consumer vuln...
    Master CS/Hinko Bastiaanse
    >
  • Public Private Partnership in the French National Cyber...
    Master CS/René Marchal
    >
  • Public Private Partn...
    Master CS/René Marchal
    >
  • Public Private Partnership in the French National Cyber...
    Master CS/René Marchal
    >
  • Public-Private Partnerships in Indian Industrial IoT.
    Master CS/Chandrasekhar Muppiri
    >
  • Public-Private Partn...
    Master CS/Chandrasekhar Muppiri
    >
  • Public-Private Partnerships in Indian Industrial IoT.
    Master CS/Chandrasekhar Muppiri
    >
  • The Design of a Risk Management Framework for Machine Le...
    Master CS/Antony Hibbert
    >
  • The Design of a Risk...
    Master CS/Antony Hibbert
    >
  • The Design of a Risk Management Framework for Machine Le...
    Master CS/Antony Hibbert
    >