Given the logging of the system and traffic network analysers, the behaviour of a system can be seen. With AI, even in the early stages of an attack, non-usual behaviour can be detected and compared to existing blueprints.
2. Privacy protection
According to European law, the toolchain in IDUNN will focus on privacy-preserving techniques when the tools are applied. The toolchain will clearly distinguish between behaviour surveillance and anonymized data to find out why the system is behaving differently from the normal operations. This will be taken into account at design and operations time with AMORA. AMORA will provide a testing environment for the interfaces and compliance towards defined profiles. Besides, AMORA will feature the documentation of misuse cases in IEC 62559 compliance4, as well as acknowledge base of attacks to test for with STIX 2.05.
3. Distributed Ledger:
A distributed ledger (also called a shared ledger or Distributed Ledger Technology or DLT)6 is a consensus of replicated, shared, and synchronized digital data geographically spread across multiple sites, countries, or institutions. There is no central administrator or centralized data storage which e.g. fends single point of failures. In IDUNN, we will evaluate if the DLT technologies can be applied to ensure forensics for analysis and training the AI in the project. Real-time capabilities will be assured by the distribution mechanism.
4. Supply traceability:
With the traceability in place, better analysis and documentation of blueprints can be done. The chain of cause is identified and can be put into knowledge which will be put into action. This will be both used for the internal knowledge base for the AI as well as the certification processes as well as for dissemination purposes and fed back to vendors and users of the systems under test.