As part of the Austrian Strategy for Cyber Security (ÖSCS), a number of activities are currently underway to implement specific measures to improve the security and resilience of critical infrastructures against cyber attacks. In addition to awareness measures and the development of expertise and skills in the area of national players, the foundations for effective preparation and response to cyber attacks have been developed in the course of several research projects. In addition, the different decision-making domains were usually treated separately in the various research projects on situational awareness, e.g. military situational awareness versus national security.

The specific problems of the cyber security domain and, above all, the interface area of information procurement for the generation of a sufficient understanding of the situation (as a basis for deriving situation pictures), as well as the control of systems based on control measures after analysing a cyber situation, have not been given sufficient focus in previous research. At an operational and technical level, work has been done on solutions for collecting and collating information on cyber threats, and at a strategic level on the assessment and handling of cyber threats on the basis of a situation picture. An important link, namely the question of how the technical information from cyberspace must be prepared and presented in a suitable form both for such a classic strategic situation picture and for all-encompassing cyber situational awareness, proved to be a challenging problem for which no sufficiently good solutions yet exist internationally.
The aim of the CISA project is therefore to develop and define the concept of "Cyber Situational Awareness", i.e. a concrete elaboration of which decisions can/must be made on the basis of a situation and how the information from the technical/operational data sources must be processed and presented so that authorities and users can act optimally.

The CISA project represents a consistent consolidation of previous research activities in order to develop a scientifically sound concept for the process of establishing all-encompassing cyber situational awareness from technical/operational information from cyberspace. In addition to the development of methods, demonstration scenarios will also be set up to test and evaluate the methodology for establishing cyber situational awareness and its usability in a real-world environment. These demonstration scenarios will be designed by security experts from research and industry and evaluated by national institutions.
Furthermore, the involvement of experts from the field of law is planned in order to shed light on the legislative aspects of the overall concept, but also on the specific demonstrators. In the course of this, the consideration of legal implications and framework conditions (data protection, privacy, liability, etc.) is of particular importance and is therefore given special attention in the project.

• Partner: AIT Austrian Institute of Technology GmbH (Koordinator), T-System Austria, Thales Austria, Secure Business Austria, REPUCO Unternehmensberatung GmbH, Infraprotect GmbH, Wiener Zentrum für Rechtsinformatik, Bundesministerium für Inneres, Bundesministerium für Landesverteidigung, Bundeskanzleramt
• Projektlaufzeit: 11/2015-04/2018
• Förderprogramm: KIRAS Sicherheitsforschung Herbstausschreibung 2014/2015