The Project

Summary

In the ever-evolving cybersecurity landscape, the ResilMesh project stands out as a pioneering initiative focused on the holistic protection of critical infrastructures. Rooted in the foundational principle that “you can’t secure what you don’t understand“, ResilMesh aims to elevate the security and resilience of digital infrastructures through the development of a Security Orchestration and Analytics Platform Architecture (SOAPA) founded on the concept of cybersecurity awareness.

Overview

ResilMesh emerges as a project poised to redefine cybersecurity practices by emphasizing awareness, collaboration, and adaptability. Through its innovative SOAPA platform and innovative toolset, ResilMesh seeks not only to address current challenges of essential business functions but also to anticipate and mitigate future cyber threats, ultimately contributing to a more resilient and secure digital landscape.

Goals

ResilMesh has outlined specific goals to empower organizations to achieve higher levels of security and resilience:

Manage Digital Infrastructure Complexity

ResilMesh focuses on developing tools that enhance visibility into assets and services, along with their dependencies, thereby reducing the attack surface impact caused by the complexity of cyber systems.

Addressing Heterogeneity: Emphasizing interoperability and extensibility, ResilMesh aims to combat heterogeneity in cyber systems, ensuring a cohesive and adaptable security framework.

Flexible Security Controls: ResilMesh facilitates the flexible placement of security controls across the cyber system infrastructure, effectively managing dispersed infrastructures.

Combat Advanced Persistent Threats (APTs)

AI-Driven Detection: ResilMesh is dedicated to developing advanced artificial intelligence (AI) algorithms and tools for early and ongoing detection and prediction of APTs, addressing the sophistication of cyber threats.

Enhanced Situation and Risk Awareness: By improving the situation and risk awareness, ResilMesh aims to empower organizations to proactively respond to evolving cyber threats.

Adapting to Evolving Security Architectures

Security Best Practices: ResilMesh highlights security best practices that are enabled by its innovative tools, helping organizations prepare for disruptions caused by APTs.

Zero Trust Ready Approaches: Acknowledging the importance of evolving security architectures, ResilMesh promotes ‘zero trust ready‘ approaches to enhance overall cybersecurity posture.

Scope & Key Objectives

To fulfill its overarching aims, ResilMesh will address the following key objectives:

End-to-End Data Aggregation: Improve end-to-end data aggregation and security control interoperability in dispersed digital infrastructures.

CSIRT Awareness: Enhance Computer Security Incident Response Teams (CSIRTs) awareness of service and asset dependencies within their network.

Build Cyber Resilience Capacity: Assist CSIRTs in building cyber resilience capacity, acknowledging the dynamic nature of cyber threats.

AI-Based Attack Detection: Develop AI-based algorithms and tools for early and ongoing attack detection and prediction, contributing to proactive cybersecurity measures.

Network Risk Assessment: Create a situation assessment system to view and forecast network-level risk, enabling preemptive actions.

Project Plan

ResilMesh‘s 10-work package project plan involves building a SOAPA platform by combining existing security controls and tools with open-source elements.

The project will develop AI-based algorithms and software tools, integrating them into the platform to create a comprehensive SOAPA system.

The system’s operation will be validated through use cases across renewable energy SCADA, smart manufacturing robotics, regional civil infrastructure, and five additional open call use cases, ensuring a broad evaluation across critical infrastructures.

Innovative Cybersecurity Empowerment

Resilmesh Defense Platform

ResilMesh transforms cybersecurity by introducing a defense platform with cutting-edge features. It creates a seamless data processing pipeline from source to the Security Operations Centre (SOC), covering endpoint, edge, and cloud.

This platform strategically places AI models for event correlation and supports federated learning for model training. It ensures compatibility between different security tools, allowing the exchange of data and control messages.

The project’s goal is to develop a security platform for automated telemetry, cyber threat intelligence processing, incident response, and playbook-based attack mitigation.

Beyond the State of the Art:

ResilMesh distinguishes itself from previous projects in three crucial aspects:

  1. Cyber Situational Awareness: Adopts cyber situational awareness as the foundational principle, ensuring a proactive and comprehensive understanding of the cybersecurity landscape.
  2. Collaborative Mesh and Anomaly Detection: Pioneers collaborative mesh and distributed anomaly detection, a systematic effort for edge-based anomaly detection at scale.
  3. Zero Trust Awareness: Demonstrates Zero Trust awareness, supporting the expected rollout of Zero Trust across both IT and OT systems, offering flexibility in defining security zones.