Abstract
This work reports the human factors-related validation results of a security system for the protection of linked critical infrastructures against combined cyber-physical attacks conducted in the European Horizon 2020 project PRAETORIAN (Protection of Critical Infrastructures from advanced combined cyber and physical threats). In order to prevent or mitigate interruption of services to the public, the protection of critical infrastructures is of high importance. The PRAETORIAN toolset is specifically designed to support security managers of critical infrastructures in their decision-making processes. It enables them to anticipate, manage, and withstand potential cyber, physical, or combined security threats that could target their own infrastructures or interconnected critical infrastructures. These threats could have a substantial impact and potentially compromise the safety and security of the population residing in their vicinities. The toolset consists of four primary systems: the physical, the cyber and the hybrid situation awareness and the coordinated response system. Each system is composed of different modules. Central to the toolset is the interconnecting interoperability platform. This interconnection facilitates seamless information exchange across all systems' modules, ensures efficient data storage, prevents data duplication and inconsistencies, and replicates any changes made. The focus of the validation was put on the operators' feedback assessment. In four exercises, attack scenarios were presented to groups of operators along with demonstrations of the PRAETORIAN tools. Feedback was collected using questionnaires, debriefing, and open questions. Key validation results show that the system offers benefits for cross-infrastructure security management, but improvements to systems and human-machine interfaces, procedures, and responsibilities are required.