Written by Matteo Merialdo
Project Implementation Coordinator, RHEA Group

 

As part of the ECHO Demonstration Cases, a wide initiative to validate all ECHO assets via sector-specific and multisector scenarios, the team implemented a Maritime cyber range scenario, a combination of effort from RHEA and Fincantieri.
Leveraging RHEA’s cyber range platform (CITEF) the team implemented the emulation of the navigation system of a passenger ship, including an emulated GNSS satellite link providing the positioning data. A set of attack, defense and forensics variations of the scenario have been then
developed, in order to teach small groups of students to identify and react to ongoing cyberattacks targeting the navigation system and with different sources and threat vectors (malware, brute force, configuration files compromission).

See the figure from RHEA’s CITEF cyber range management dashboard, the emulated network. It is possible to notice the emulated Sat Link and
Sar Terminal, and as well different network areas of the ship.

The scenario has also been federated with other cyber ranges using the ECHO Federated Cyber Range: for example, a second cyber range could manage the attacker VMs (external attacker), or the GNSS data source.

The scenario leverages a ship positioning software, ECDIS, which is the main target of the attack scenario.

The scenario has been used, with high appreciation, during the recent ECHO Federated Autumn School! Within the end of the year, ECHO will also conclude its Healthcare and Energy cyber range scenarios (powered by RHEA’s CITEF), and the team will be able to proceed with the demonstration cases as for schedule! For more information, don’t hesitate to send an email to info@echonetwork.eu

Subscribe to ECHO’s newsletter HERE!