After months of training on the simulation platform, the second SATIE online demonstration event took place at the Zagreb Airport on 27th of July, 2021 (see Figure 1) as both a physical and virtual event. More than 40 participants were connected through online platform, and took part in the demonstration, watching video broadcast from on-site cameras.
Figure 1 The Zagreb Airport premises
The demonstrated scenario was the only one within the SATIE project to involve the Baggage Handling System (BHS) and the baggage registration service (see Figure 2 and Figure 3). Because of that unique aspect and, thanks to the project partner ALSTEF, the creation of an almost complete copy (digital twin) of the real BHS connected directly to the SATIE Toolkit was possible. The demonstration has been split up into four different sub-scenarios to allow more potential threats to be showcased and to take advantage of the aforementioned setup. The Zagreb demonstration took place during the night and after all flights departed, due to safety and security concerns.
Figure 2 Systems used in the Zagreb demonstration
Figure 3 Preparation of the demonstration
The Zagreb demonstration aimed to revolutionise the approach for securing airports and prevent disruptions of critical systems such as the BHS that could have an impact on provided service . The SATIE Toolkit has shown fit for purpose against complex cyber-physical threats through prevention, detection, response and mitigation, while guaranteeing the protection of critical systems, sensitive data and passengers. The interoperable toolkit developed improves the relationship between existing airport systems and enhanced security solutions, in order to ensure more efficient threat prevention, forensics investigations and dynamic impact assessment at the airports.
Four sub-scenarios of threats and attacks related to the BHS and the process of passenger baggage handling were presented with the help and involvement of all SATIE partners:
- Sub-scenario #1 “Extended Passenger Concept”
- Sub-scenario #2 “Ransomware attack”
- Sub-scenario #3 “Change destination flight”
- Sub-scenario #4 “Lost baggage”
Demonstration of all four sub-scenarios included previously recorded videos, live presentations, attack simulations, response of the SATIE Toolkit and related Q&A afterwards. SATIE Tools involved at the Zagreb demonstration scenarios were: Correlation Engine (CE), Incident Management Portal (IMP), Passenger and Baggage Anomaly Detection (PAD), Vulnerability Management System (VuMS), Business Impact Assessment (BIA) and Risk Integrated Service (RIS).
Successful demonstration would not have been achieved without the engagement of all SATIE partners and respectable guests, for which sincere gratitude was expressed. Interviews and questionnaires that followed the event presented very useful feedback, including positive reinforcement and encouragement. Ultimately, this demonstration reaffirmed hope for creating a successful solution that could find its purpose and wide usage in the future.