Skip to content

Use Case: CES 21 MMATRS project

Jump to bottom Edit New page
John-Mark Gurney edited this page Oct 24, 2015 · 2 revisions

Use Case: CES-21 / MMATRS project

Pre-1.2.1 Use Case (True/False): False

Relevant to which SCs (STIX/TAXII/CybOX): STIX/Cybox

Abstraction Level (High, Medium or Low): Medium

Related Use Cases: either Specifying Indicator Patterns for Cyber Threats or Cyber Threat Detection

Description: The objective is to be able to detect malicious activities in an ICS/SCADA environment. This happens through correlation between log information, network traffic and possibly other event information.

One key part of this is correlation in time. For example, if there is an event sent to a SCADA device that does not have a proper log entry on the HMI, this could possibly be malicious traffic.

Stakeholders/Goals:

  • Stakeholder: ICS/SCADA deployments, such as energy companies
  • Goal: The final goal is to be able to protect ICS/SCADA systems from attack so that they can continue to function correctly.

Preconditions:

  1. Precondition description (replace with your content)

Dependencies:

  1. Dependency description (replace with your content)

Main Success Scenario:

  1. Scenario description (replace with your content)
Add a custom footer
Add a custom sidebar
Clone this wiki locally