![Ephraim Okonji](/uploads/images/students/2035182.jpg)
CriSysEval: A Security Evaluation Tool for Critical Systems
Project Abstract
CriSisEval is a security evaluation whihc can also be used as a threat modeller. lt was created to assist security analysts in prioritizing the security hardening of vulnerable OT assets within their critical infrastructure networks. The sensitivity of these assets demands a heightened focus on security. While similar tools exist, this solution uniquely incorporates the Exploit Prediction Scoring System (EPSS) to assess the real-time likelihood of vulnerability exploitation. ICS assets are vital components of Critical National Infrastructure. To ensure accuracy in such a sensitive context, the tool was developed using a rigorous V-Model methodology and subjected to extensive testing. Key findings reveal the top 25 most exploited software weaknesses affecting ICS and vulnerabilities with the highest probability of exploitation. This tool aims to bridge the knowledge gap between IT and OT asset security, empowering security architects to identify design-level weaknesses and proactively strengthen critical infrastructure defenses.
Keywords: Cyber Security, Industrial Control Systems, Critical Systems Threat Evaluation
Conference Details
Session: Poster Session A at Poster Stand 73
Location: Sir Stanley Clarke Auditorium at Tuesday 7th 13:30 – 17:00
Markers: Hoang Nga Nguyen, Bertie Muller
Course: BSc Computer Science FI, 3rd Year
Future Plans: I’m looking for work