The resilience of ICT infrastructures is fundamental to the functioning of supply chains. The reliability of these infrastructures increases the reliability of planning for production and supply chains, as well as for customers and demanders. The protection of such systems against threats from cyber space is central to the functioning of a "smart economy", which is based on the principle of "just in time", characterised by very short intermediate storage times and the optimization of supply routes. In the event of a cyber-attack, it is essential to be able to rely on established strategies and processes, effective early detection and adequate decision-making models in order to avoid or reduce disruptions to ICT systems as far as possible. The SOPHIE project aims at increasing awareness of cyber security issues in the supply chain and incident response, especially for technical and non-technical core staff, as well as supporting and improving relevant processes by implementing suitable tools and reference processes for building resilience.
The project has three main objectives:
- improving the understanding of impacts of cyber-attacks
- reducing the number and criticality of successful cyber-attacks
- raising the reconnaissance rate of cyber-attacks and significantly increasing the cost of attacks in a preventive manner.
SOPHIE will achieve these goals through corresponding measures, in particular: (1) the analysis of processes, cascade effects and suitable procedures to create models for exercises and simulations of cyber incidents, to (2) react promptly and effectively to IT security incidents within the framework of exercises and simulations, and ultimately to (3) minimise the impact of security incidents, remedy vulnerabilities, and enhance the robustness and resilience of systems. SOPHIE will use the analysis, modelling and simulation processes in training programmes and cyber security awareness exercises for this purpose. This shall help to reflect the behaviour of users in the case of an emergency, to analyse operational and decision-making processes and to define and validate appropriate response measures as well as to coordinate actors and their responsibilities. In addition, the simulation models also facilitate the identification of critical processes, as well as the recognition of possible resource and capacity bottlenecks, from which relevant opportunities for the tactical optimisation of processes are derived. This contributes to the proactive and reactive handling of cyber-attacks by companies along a supply chain.
Project lead
Sebastian Chlup, MSc.
Project partners
BMF – Bundesministerium für Finanzen
BMI – Bundesministerium für Inneres
BMLV – Bundesministerium für Landesverteidigung
BML – Bundesministerium für Landwirtschaft Regionen und Tourismus
BMAW – Bundesministerium für Arbeit und Wirtschaft
DFV – Digital Factory Vorarlberg GmbH
GW – Gebrüder Weiss GmbH
H2 – h2 projekt.beratung KG
IFES – Institut für empirische Sozialforschung GmbH
JKU – Johannes Kepler Universität Linz
BOKU – Universität für Bodenkultur – Institut für Produktionswirtschaft und Logistik
FH OÖ – University of Applied Sciences Upper Austria
WLC – Wiener Lokalbahnen Cargo GmbH
Contact
Sebastian Chlup, MSc.
Giefinggasse 4, 1210 Wien, Österreich
Telefon: +43 664 88390701
E-Mail: sebastian.chlup(at)ait.ac.at
Website: www.ait.ac.at
