Conceptual Framework for Hybrid Situational Awareness in Critical Port Infrastructures

  • Stefan SchauerEmail author
  • Benjamin Rainer
  • Nicolas Museux
  • David Faure
  • Javier Hingant
  • Federico Jesús Carvajal Rodrigo
  • Stefan Beyer
  • Rafael Company Peris
  • Sergio Zamarripa Lopez
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11260)


Over the last years, critical infrastructures have become the target of highly sophisticated attacks causing severe damage to economic and social life. In most cases, such attacks are utilizing combined attack vectors from both the physical and the cyber domain. The magnitude of the consequences is often increased by cascading effects in both domains, even further amplifying each other. In this article, we present a framework implementing a holistic approach towards situational awareness for critical infrastructures. This Hybrid Situational Awareness (HSA) combines information coming from the physical as well as from the cyber domain and is able to identify potential cascading effects of an incident. In this context, the hybrid approach particularly focuses on the inter-domain propagation of a failure, i.e., the effects of a physical incident on the cyber domain and vice versa. We will show how such a Hybrid Situational Awareness can be implemented and illustrate its functionality based on a complex attack scenario.


Physical situational awareness Cyber situational awareness Incident propagation Cascading effects Markov chains 



This work was supported in part by the EC in the context of the SAURON under the HORIZON 2020 Framework (Grant No. 740477).


  1. 1.
    Allen, J.F.: An interval-based representation of temporal knowledge. IJCAI 81, 221–226 (1981)Google Scholar
  2. 2.
    Allen, J.F.: Maintaining knowledge about temporal intervals. Commun. ACM 26(11), 832–843 (1983)CrossRefGoogle Scholar
  3. 3.
    Allianz Global Corporate & Specialty SE: Allianz Global Risk Barometer Top. Business Risks (2017).
  4. 4.
    Andritsos, F.: Port security and access control: a systemic approach. In: IISA 2013, Piraeus, Greece, pp. 1–8 (2013)Google Scholar
  5. 5.
    Andritsos, F., Mosconi, M.: Port security in EU: a systemic approach. In: 2010 International WaterSide Security Conference, Carrara, Italy, pp. 1–8 (2010)Google Scholar
  6. 6.
    Bateman, T.: Police warning after drug traffickers’ cyber-attack (2013).
  7. 7.
    Bañuls, V.A., Turoff, M.: Scenario construction via Delphi and cross-impact analysis. Technol. Forecast. Soc. Change 78(9), 1579–1602 (2011)CrossRefGoogle Scholar
  8. 8.
    BBC News: NHS cyber-attack: GPs and hospitals hit by ransomware (2017).
  9. 9.
    CBS News: Global cyberattack strikes dozens of countries, cripples U.K. hospitals (2017).
  10. 10.
    Condliffe, J.: Ukraine Power Grid Gets Hacked Again, a Worrying Sign for Infrastructure Attacks (2016).
  11. 11.
    Endsley, M.R.: Design and evaluation for situation awareness enhancement. Proc. Hum. Factors Soc. Ann. Meet. 32(2), 97–101 (1988)CrossRefGoogle Scholar
  12. 12.
    Etzion, O., Niblett, P., Luckham, D.C.: Event Processing in Action. Manning, Greenwich (2011)Google Scholar
  13. 13.
    Gordon, T.J., Hayward, H.: Initial experiments with the cross impact matrix method of forecasting. Futures 1(2), 100–116 (1968)CrossRefGoogle Scholar
  14. 14.
    Guo, H., Zheng, C., Iu, H.H.C., Fernando, T.: A critical review of cascading failure analysis and modeling of power system. Renew. Sustain. Energy Rev. 80, 9–22 (2017)CrossRefGoogle Scholar
  15. 15.
    Hern, A.: Wannacry, petya, notpetya: how ransomware hit the big time in 2017 (2017).
  16. 16.
    ICS-CERT: Cyber-Attack Against Ukrainian Critical Infrastructure (2016).
  17. 17.
    Koch, D.B.: PortSim-A port security simulation and visualization tool. In: 2007 41st Annual IEEE International Carnahan Conference on Security Technology, Ottawa, Canada, pp. 109–116 (2007)Google Scholar
  18. 18.
    König, S., Rass, S.: Stochastic dependencies between critical infrastructures, Rome, Italy, pp. 106–110 (2017)Google Scholar
  19. 19.
    König, S., Schauer, S., Rass, S.: A stochastic framework for prediction of malware spreading in heterogeneous networks. In: Brumley, B.B., Röning, J. (eds.) NordSec 2016. LNCS, vol. 10014, pp. 67–81. Springer, Cham (2016). Scholar
  20. 20.
    Lechner, K., Gähler, M.: Earth observation based crisis information - emergency mapping services and recent operational developments. In: 4th International Conference on Information and Communication Technologies for Disaster Management (ICT-DM), pp. 1–7 (2017)Google Scholar
  21. 21.
    Luckham, D.: The Power of Events, vol. 204. Addison-Wesley, Reading (2002)Google Scholar
  22. 22.
    Orosz, M., Chen, J., Maya, I., Salazar, D., Chatterjee, S., Wei, D.: Protecting our Nation’s ports with the port security risk analysis and resource allocation system (PortSec 3.0). In: 2013 IEEE International Conference on Technologies for Homeland Security (HST), Waltham, USA, pp. 38–42 (2013)Google Scholar
  23. 23.
    Papastergiou, S., Polemi, N.: Harmonizing commercial port security practices & procedures in Mediterranean Basin. In: IISA 2014, the 5th International Conference on Information, Intelligence, Systems and Applications, Chania, Greece, pp. 292–297 (2014)Google Scholar
  24. 24.
    Proctor, M.: Drools: a rule engine for complex event processing. In: Schürr, A., Varró, D., Varró, G. (eds.) AGTIVE 2011. LNCS, vol. 7233, p. 2. Springer, Heidelberg (2012). Scholar
  25. 25.
    PTI: New malware hits JNPT operations as APM Terminals hacked globally\(|\)The Indian Express (2017).
  26. 26.
    Rahnamay-Naeini, M., Hayat, M.M.: Cascading failures in interdependent infrastructures: an interdependent markov-chain approach. IEEE Trans. Smart Grid 7(4), 1997–2006 (2016)CrossRefGoogle Scholar
  27. 27.
    Rahnamay-Naeini, M., Wang, Z., Ghani, N., Mammoli, A., Hayat, M.M.: Stochastic analysis of cascading-failure dynamics in power grids. IEEE Trans. Power Syst. 29(4), 1767–1779 (2014)CrossRefGoogle Scholar
  28. 28.
    Salath, M., Jones, J.H.: Dynamics and control of diseases in networks with community structure. PLOS Comput. Biol. 6(4), e1000736 (2010)MathSciNetCrossRefGoogle Scholar
  29. 29.
    Sander, L.M., Warren, C.P., Sokolov, I.M., Simon, C., Koopman, J.: Percolation on heterogeneous networks as a model for epidemics. Math. Biosci. 180(1), 293–305 (2002)MathSciNetCrossRefGoogle Scholar
  30. 30.
    Turoff, M.: An alternative approach to cross impact analysis. Technol. Forecast. Soc. Change 3, 309–339 (1971)CrossRefGoogle Scholar
  31. 31.
    Turoff, M., Bañuls, V.A., Plotnick, L., Hiltz, S.R., Ramrez de la Huerga, M.: A collaborative dynamic scenario model for the interaction of critical infrastructures. Futures 84, 23–42 (2016)CrossRefGoogle Scholar
  32. 32.
    Wang, Z., Scaglione, A., Thomas, R.J.: A Markov-transition model for cascading failures in power grids. In: 45th International Conference on System Sciences, pp. 2115–2124 (2012)Google Scholar
  33. 33.
    Zetter, K.: Everything We Know About Ukraine Power Plant Hack\(|\)WIRED (2016).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Stefan Schauer
    • 1
    Email author
  • Benjamin Rainer
    • 1
  • Nicolas Museux
    • 2
  • David Faure
    • 2
  • Javier Hingant
    • 3
  • Federico Jesús Carvajal Rodrigo
    • 3
  • Stefan Beyer
    • 4
  • Rafael Company Peris
    • 5
  • Sergio Zamarripa Lopez
    • 4
  1. 1.Austrian Institute of TechnologyViennaAustria
  2. 2.ThalesPalaiseau cedexFrance
  3. 3.Universitat Politècnica de ValènciaValenciaSpain
  4. 4.S2 GrupoValenciaSpain
  5. 5.Fundación ValenciaportValenciaSpain

Personalised recommendations