Supported by Start 4.0 Competence Center, Sababa Security, Iren SpA and the University of Genova contribute to develop a dedicated cyber-physical SIEM for industrial enterprises by the middle of 2021.
Start 4.0 Competence Center has announced the results of the first “Call for Industrial Research Projects and Experimental Development on Enabling 4.0 Technologies”. The Call was published in early 2020 and attracted 26 applicants from all over Italy.
The project, proposed by Sababa Security alongside Iren SpA and the University of Genova, was selected among the winners, and will receive financial support from the Italian government. All chosen projects aim to develop solutions for the Energy, Transportation, Water Utility, Manufacturing, and other industrial domains facing the challenges introduced by Industry 4.0.
“With the results and the choice of the projects of this first call, Start 4.0 has positioned itself not only as a guide and aggregator of skills at the service of Italian companies, but has created value, providing an important financing tool at a time of need for the business environment. The digital transformation – comments Prof. Paola Girdinio, President of Start 4.0 – is made even more strategic and decisive by the pandemic that we are experiencing, in this difficult phase so that Start 4.0 becomes an ever more reference point solid”.
SIEM (Security Information and Event Management) solutions are widely used in enterprise cyber security. They collect event logs from software used on the network and analyse them for anomalies. Discovered correlations between the anomalies allow to detect even complex cyber-attacks at their early stages.
Unlike enterprises from other verticals, industrial organizations combine management of their IT and OT networks. Working under multiple compliance standards and safety regulations, they protect their infrastructures at different levels, including cyber- (antivirus, firewall), physical (access badges, video monitoring) and cyber-physical (sensors, drones). As a result, they must manually process multiple security-related data fragments to provide the required level of protection across the entire industrial environment.
The dedicated industrial SIEM will be able to manage security events from different sources, including cyber, physical, and cyber-physical solutions. Consolidation of the event management at multiple levels will allow industrial organizations to react faster in case of a security incident spending less efforts and human resources.
Such an ambitious project requires expertise in multiple areas. Therefore, there is a trio of organizations contributing into it: