The SATIE Simulation Validations took place between Friday, April 23rd and Wednesday, April 28th 2021, as a remote event. The purpose of the event was to validate and verify the SATIE Toolkit on the simulation platform, using five cyber-physical threat scenarios. These threat scenarios were fine-tuned to be feasible, realistic, and complex as well as to include both physical and cyber-attacks. Such attacks could be performed by an attacker to cause serious damage to the airport operations and human lives. The complex attacks developed had to be feasible based on the involved airport systems as well as any technical constraints from the included tools. Therefore, tailoring of the attacks was done throughout the project before the validation could take place. In the end, these cyber-physical threat scenarios were customized for the simulation platform in order to simulate such attacks at airports while airport operators use the SATIE Toolkit to determine how well it meets their security needs and expectations.
The event was attended by 15 airport professionals – including those with experience in the Security Operation Centre (SOC), Airport Operation Centre (AOC) and as police officers – from three European airports (Athens, Zagreb, and Milan). In Human-in-the-Loop (HITL) simulations, the participants were confronted with the threat scenarios, during which they had to use the SATIE Toolkit to combat the attacks. The toolkit was instructed to be used just like a common airport security system in order to understand what attacks are happening, which assets are impacted, and for practicing the initiation of necessary mitigation procedures as well as informing first responders.
Kelly Burke from DGS leading feedback gathering session during simulation validations
The event was preceded by training sessions where the airport practitioners were provided with adequate training materials and were taught how to use the SATIE Toolkit through full-day remote trainings with the tool developers. In the time leading up to the Simulation Validations, security practitioners were given free access to the simulation platform through a user-friendly web portal. This allowed them to practice using the toolkit and to become proficient with it before the validation.
During the event, the SATIE Toolkit was validated regarding its acceptance, usability, usefulness, and trust aspects to meet the needs of physical and cyber-security operators through a comprehensive questionnaire. The preliminary analysis of the practitioners’ feedback shows a very positive reaction to the unified SATIE Toolkit as well as the individual tools, therefore indicating that all tools were fit for purpose. The participants especially perceive the toolkit as a significant improvement compared to their current system, enabling a faster detection of and response to both physical and cyber threats. They also find the correlated cyber-physical alerts generated by the Correlation Engine to be of added value and highly relevant. At the same time, areas for improvement – like a better integration with existing airport systems – were highlighted. Additionally, performance data are currently analyzed to calculate objective values for detection and reaction times.
The Simulation Validations were an important step towards the final SATIE demonstrations which will take place in airport environments. The feedback gathered from the Simulation Validations will be used to further refine the SATIE Toolkit for the upcoming demonstrations at the three airports that will be carried out in near-real environments.
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 832969. This output reflects the views only of the author(s), and the European Union cannot be held responsible for any use which may be made of the information contained therein.