Projects

Call results by calendar year

Call results by funding instruments

Cooperative Research and Innovation Projects >Call 2022 >

TestCat – Automated Testbeds for the Evaluation of Intrusion Detection Capabilities

|   Call 2022

TestCat aims for the targeted creation of flexible cyber security test environments that allow for an objective and traceable evaluation of intrusion detection systems, as well as utilized configurations and indicators in specific usage scenarios.

Critical infrastructures have become main targets in geopolitical cyberwarfare as intrusions and other attacks against them are carried out by state actors and criminals almost every day. Effective defense mechanisms are thus crucial, however, their capabilities to detect cyber-attacks strongly depend on the quality of available Indicators-of-Compromise (IoC) as well as detector configurations. Unfortunately, vendors generally design intrusion detection systems towards protection of enterprise IT rather than system environments of critical infrastructures that commonly involve specialized hardware and a significant share of operational technology (OT). This causes that the risks of facing undetected attacks on critical infrastructures with large-scale adverse impacts to the population, as well as costly false alarms, remains high. Consequently, Austrian authorities are currently preparing a national early-warning system for operators of essential services, however, solutions that enable measurement and assessment of detection capabilities of deployed mechanisms, including their respective Indicators-of-Compromise and configurations, for an evidence-based validation, selection, and configuration thereof, are still missing. TestCat therefore aims to generate flexible test environments that allow objective and replicable evaluations of intrusion detection systems. Other than existing testbeds that are designed for single-use and quickly become outdated due to their rigid design, TestCat leverages model-driven techniques to automatically produce a large number of diverse test environments that collectively cover a wide area of different application domains. Thereby, TestCat’s testbed generation procedures ensure high flexibility to enable perpetual adaptation for continuously changing system landscapes and attack techniques, sophisticated simulation of user behavior, selection of relevant attack vectors, and an integration interface for OT components. Ongoing legal advisory for all developments throughout the project runtime ensures that solutions comply with statutory requirements and enables smooth transition to productive operation in real-world applications.

Project lead
Dr. Dr. Florian Skopik
AIT Austrian Institute of Technology GmbH

Project partners
• ASFINAG - Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft
• Deutsche Telekom Cyber Security Austria GmbH
• LINZ STROM GAS WÄRME GmbH für Energiedienstleistungen und Telekommunikation
• CD Security Technologies GmbH
• Salzburg AG für Energie, Verkehr und Telekommunikation
• SBA Research gemeinnützige GmbH (gGmbH)
• VERBUND AG
• Wiener Zentrum für Rechtsinformatik/Vienna Centre for Computers and Law
• Bundesministerium für Inneres
• Bundeskanzleramt

Contact
Dr. Dr. Florian Skopik
Senior Scientist
Center for Digital Safety & Security
Security & Communication Technologies
AIT Austrian Institute of Technology GmbH
Giefinggasse 4 | 1210 Wien | Austria
M +43 664 8251495 | F +43(0) 50550-2813

Back
Federal Ministry of Finance
Austrian Research Promotion Agency (FFG)