Continuous ICS Security Evaluation Framework

Continuous Automated Risk Management (CARM) is a non-intrusive industrial network security monitoring framework designed to assist Asset Owners of operational industrial systems in managing risks and developing the IEC 62443-mandated security architecture. CARM automates system information collection, assesses security posture, and measures descriptive security metrics using machine learning and graph theory-based analyses. It also helps select the optimal set of technical countermeasures while considering constraints such as budget limitations.

Contributing Scientists
Name E-Mail
Birnstill, Pascal pascal birnstill does-not-exist.iosb fraunhofer de
Beyerer, Jürgen juergen beyerer does-not-exist.iosb fraunhofer de
Canbolat Kaya, Sine sine canbolat does-not-exist.kit edu
Elbez, Ghada ghada elbez does-not-exist.kit edu
Haas, Christian christian haas does-not-exist.iosb fraunhofer de
Hagenmeyer, Veit veit hagenmeyer does-not-exist.kit edu
Mayer, Peter peter mayer does-not-exist.kit edu
Matheis, Philipp philipp matheis does-not-exist.kit edu
Meshram, Ankush ankush meshram does-not-exist.kit edu
Volkamer, Melanie melanie volkamer does-not-exist.kit edu
Wiens, Marcus marcus wiens does-not-exist.partner kit edu
3 additional persons visible within KIT only.