- Visitas: 3263
- Analysis Activities: Desk research on risk management methodologies for ports' CIIs and identification of open issues; Categorize the physical security requirements specified in the ISPS Code for the ports' CIIs and the cyber requirements as implied by the ISO27001. Identify correlations, overlaps and interdependencies; Propose requirements for a targeted risk management methodology in the ports' CIIs considering their dual physical-cyber nature (compliant to ISP and ISO27001).
- Research Activities: Specify the CYSM-SM methodology; Categorize physical and cyber assets of ports' CIIs. Creation of the interdependency asset model and identification of key users for each asset; Define correlation factors of threats to assets, according to type of threat (environmental/technical/human/legal etc.) and type of asset (server/application/ equipment/building, etc.). Define the estimation of threat and risk level based on decision trees; Specify the CYSM collaboration system (including technical specifications and content).
- Integration Activities: Integration of the base ICT infrastructure of the system (i.e. servers, SOA, BPM); Integration of CYSM subsystems/ components; Documentation (incl. user guides and in-line audio-videos).