RiskViz - Development of a search engine for finding industrial control systems (ICS) and assessing risks

Project Description:

The project will initially develop a search engine that finds ICS and gathers information about them and their threat situation without interfering with the operation of this ICS. This search engine should be usable both on the Internet and internally in corporate networks.

In addition, tools should be developed to evaluate the collected information algorithmically and visually and to effectively communicate the resulting findings on IT security protection requirements. For this purpose, the results of the RiskViz search engine should also be linked to other data. These data include economic and industry data, which are examined in the project for their relevance to IT security.

One aim of the analysis is to assign vulnerable ICSs to appropriate operators (local or business) so that they can be warned and protect their own network. In addition, the project results help insurance companies assess the damage potential of cyber risks. Since sensitive data is collected by means of the RiskViz search engine, it must also be clarified in the project who is authorized to access which position, whereby data protection comes first.