Christophe Ponsard, Robert Darimont, Regulation and Security Modelling of Essential Services in Network of Information Systems,
iStar 2020 : The 13th International i* Workshop, online/Zurich, September 1, 2020
In a globally connected world, cybersecurity has become a key issue for the citizen, companies but also operators of essential services such as energy, transportation, drinking water or health. The NIS European Directive requires countries to identify such operators to ensure that adequate cybesecurity measures are in place, that impacting problems are promptly notified and that an European cooperation is in place. Our work shows the benefit of a global modelling approach using i* to deploy the directive from understanding the cooperation and duties of all actors/roles through a regulation model, down to its implementation in a specific domain to support a cybersecurity risk analysis process. Our work is illustrated on the drinking water essential domain.
A more complete version of the model featuring more complex optimisation of resolution actions based on an OscaR solver is presented in the complementary FORMREQ workshop.