Use Case: CES 21 MMATRS project - STIXProject/use-cases GitHub Wiki
Use Case: CES-21 / MMATRS project
Pre-1.2.1 Use Case (True/False): False
Relevant to which SCs (STIX/TAXII/CybOX): STIX/Cybox
Abstraction Level (High, Medium or Low): Medium
Related Use Cases: either Specifying Indicator Patterns for Cyber Threats or Cyber Threat Detection
Description: The objective is to be able to detect malicious activities in an ICS/SCADA environment. This happens through correlation between log information, network traffic and possibly other event information.
One key part of this is correlation in time. For example, if there is an event sent to a SCADA device that does not have a proper log entry on the HMI, this could possibly be malicious traffic.
Stakeholders/Goals:
- Stakeholder: ICS/SCADA deployments, such as energy companies
- Goal: The final goal is to be able to protect ICS/SCADA systems from attack so that they can continue to function correctly.
Preconditions:
- Precondition description (replace with your content)
Dependencies:
- Dependency description (replace with your content)
Main Success Scenario:
- Scenario description (replace with your content)