Public Safety

Public Transport

Air Traffic Management

Maritime

Defence ICAO Cyber Security Summit and

Exhibition

Information security improvements based on structured information stream analyses

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 2

Ensuring complete visualization of vulnerable assets

• Information security is another type of risk

• Replacement of the common method of interviews

with a structured analysis

• Information stream analysis guarantees a complete picture

• Measurable improvements

• Information is the value we look at

• Only a sub-set of a normal value stream analysis is performed

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 3

TBD

TBD

TBD

TBD

Background

Duration

Methods

Summary Volker

• Common tool in mass

production

• Originally intended for

process optimization

The information stream analysis represents:

• an adaptation of a Value Stream Mapping (VSM) which

was originally developed as a method within the Toyota

Production System in the 1950s and 1960s.

• an intuitive and very effective method to gain a holistic

overview of the information streams within an organization.

Based on the analysis of a number of scenarios, flow-oriented

state maps representing the current status are created. The

following aspects are taken into account when performing a

information stream analysis:

• actors

• connections and interactions of activities

• systems to be used (dependent on information

known/available)

• documents and information to be exchanged

Value

• Structured analysis of

assets & vulnerabilities

• Assurance of mitigations

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 4

Connection to risk management process

A tool supporting the very extensive and time consuming identification of vulnerable entry

points (attack surface) in the complex environment of Air Traffic Management

Establish the context

Risk identification

Risk analysis Risk

evaluation Risk

treatment

Communication and consolidation

Monitoring

Assumptions:

• Security risk management follows a typical risk management process (ISO 31010)

• Information stream analysis can support this process

Assurance

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Classification Presentation title 5 |

Structured analysis of assets &

vulnerabilities

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 6

The information stream analysis represents a structured process to visualize

this context and build a baseline for the risk identification.

People

(Actors/

Stakeholders)

Processes/

Tasks

Technology

(Systems/

Connections)

Context of a security risk assessment

Who is involved? What are they doing? What systems are they using?

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 7

Steps of the analysis

Definition of the actors & systems, involved in

the process

• Visualize all actors who have an active role

in the process, need to be informed of some

process steps or are decision makers.

• Lists and visualize all systems or system

parts involved in the process

Collection of process steps / tasks

• Define the process steps within one

complete scenario from start to end in detail

Linking of tasks

• Define information sources, relevant

systems, responsibilities, decision makers,

other stakeholders and evaluate task-options

Visualization of systems, documents, data and

other media

Actors

Systems

Tasks

Tasks

Lin

ks

Baseline for the identification of vulnerable entry points

Business criticality KPIs

Kaiz

en fla

sh

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 8

The resulting overview from the information stream analysis could be used to start the assessment with the segregation of security zones

- Critical devices or sensitive network connections are visualized

- Input for structuring into security zones Internal, Shared and Public

Internal zone Shared zone Public zone

- under completely control of a single provider with dedicated resources usage.

- No external access is possible to the components in the internal domain.

- The interfaces are not accessible directly from the outside world.

- the most trusted zone

- in a trusted environment but not under full control of a single system provider

- resource usage is not dedicated but shared with another “trusted” network.

- External access is possible to the components that are in the shared domain.

- part of system with connection to not trusted environment e.g. public network or resources provided by 3rd party (e.g. ISP).

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 9

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 10

Information stream analysis allows the definition of

required levels of

• Confidentiality (C) - property that information is not

made available or disclosed to unauthorized

individuals, entities, or processes

• integrity - property of accuracy and completeness

• availability - property of being accessible and usable

upon demand by an authorized entity

for actors, tasks, systems and connections

C:

I:

A:

C:

I:

A:

C:

I:

A:

C:

I:

A:

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Classification Presentation title 11 |

Assurance of mitigations

Headline

Sub- headline

Content area

Footer | © 2017 Frequentis AG Volker Grantz ICAO Cyber Security Summit and Exhibition | 12

Derive Define

Check

C/I/A levels Security requirements Mitigations

Public Safety

Public Transport

Air Traffic Management

Maritime

Defence