In line with the needs of Work Package 4 (Inter-sector Technology Roadmaps) of the ECHO project, Task 4.3 tries to solve the most pressing cybersecurity needs by developing a set of innovative software solutions addressing a variety of inter-sector and transversal cybersecurity challenges.
In that frame, task 4.3 “Early prototypes selection, research and development” focuses on the selection and subsequent analysis and development of early prototype tools addressing emerging cybersecurity challenges and covering several high priority areas such as healthcare, maritime, energy, space etc. The selected prototypes will not only serve as a source of technology innovation but also as a mean of cybersecurity education and training towards achieving the research goals of the ECHO project in improving the proactive cyber defence of the European Union.
MEET THE INTER-SECTOR PROTOTYPES OF ECHO
Reliability and safety assessment of modern complex systems that include thousands of electronic components becomes a tedious procedure that almost can’t be implemented manually without tool support. AXMEA tool is intended to support, simplify and make more credible the preceding assessment procedure.
Technology is continuously advancing at an increasing pace. New software and hardware needs to be created to accommodate for leaps in technology and novel ideas. CVE-Strainer aims to provide a centralized platform where any software can be onboarded and monitored for newly discovered vulnerabilities.
The ECHO Multi-sector Assessment Tool (E-MAT) goes hand-in-hand with the ECHO Multi-sector Assessment Framework (E-MAF). As the ECHO Multi-sector Assessment Framework (E-MAF) is an analysis of transversal and inter-sectoral challenges and opportunities, and it supports the development of cybersecurity technology roadmaps, the E-MAT is a complex assessment framework that incorporates multiple inputs.
For most cyberattacks, malware is the component that delivers the decisive blow to the victim. Regardless of the increased capabilities of the attackers in delivering the attack or avoiding detection, the malware plays an important role in the success (or failure) of the attack. A first time introduced malware, or a new version of known malware, can achieve its objectives while remaining undetected by the in-place detection mechanisms and cybersecurity measures.
The main scope of the Penetration Testing tool is to provide a fully automated vulnerability scanner that detects and reports vulnerabilities including (web) application vulnerabilities, network protocol vulnerabilities, operating system vulnerabilities and misconfiguration vulnerabilities. This tool not only complements the role of a penetration tester, but also automates tasks that can take hours to test manually, delivering results with the fewest possible false positives.
Healthcare organizations struggle with information exchange. They want to exchange between different hospitals in different regions and with hospitals across borders. The need is to transfer patient information, in a flexible manner and in compliance with regulations and legislation. This is becoming more and more important because of the increased mobility across the European Union, causing patients to seek medical advice in different countries and hospitals.
The SNORT module is Network Intrusion Detection System based on Snort environment. However, this tool contains extended functionality of Snort: heuristic approach to intrusion detection based on external data. We developed this prototype because we believe the joint approach to attack detection (in federation or just a group of entities in selected sector) is more effective than an individual approach.
For cyber security risk assessment, we mean the process of identifying risks, analysing them and evaluating the impacts on an organization. Without this process, an organization could waste time and money (effort) focusing for example on useless assets. One of the key points that a risk assessment tool should be to optimize investments to reduce the overall risks.