CONTAIN

The resilience of ICT infrastructures is crucial to the functioning of supply chains. The more reliable these critical infrastructures are, the easier it is to plan production and supply chains, but also for end customers. Protecting these systems against cyber threats is therefore central to the functioning of a “smart economy” that is based on the “just-in-time” principle and aims to optimize transport routes and minimize intermediate storage. In the event of cyber attacks, it is therefore essential to be able to rely on proven incident handling, adequate early detection, and appropriate decision-making models in order to minimize the impact on ICT systems.

The CONTAIN project therefore aims to raise awareness of incident response issues and the subsequent processes, and to define software engineering tools and corresponding reference processes. It focuses on the following three main aspects: (1) reducing the impact of cyber attacks, (2) reducing the number and criticality of successful cyber attacks, and (3) increasing the efficiency of the detection rate and the effort required for cyber attacks. CONTAIN focuses on the processes and procedures necessary to respond resiliently to IT security incidents, minimize their impact, remedy vulnerabilities, and increase the robustness and sovereignty of systems. To this end, CONTAIN plans to use serious games to question user behavior, analyze, define, and validate processes (operational and decision-making processes), define and validate crisis management, and coordinate actors and their responsibilities. The resulting simulation model ultimately serves to identify critical processes and any resource and capacity bottlenecks, from which relevant opportunities for process optimization can be derived, particularly for small and medium-sized enterprises.