In this project we will develop a risk-based cyber-security architecture for cooperating organisations in complex supply chains. This help understanding the threats and prioritising the risks for the whole chain in order to develop effective measures, which will first be applied to the sustainable energy sectors.  

Objective

The project goal is a generic risk-based approach for improving the cyber resilience in supply chains and networks. This contains a security reference architecture and a framework for governance, information sharing and cooperation between partners which will be explicitly further developed for the energy sector. This approach will help organisations to balance security, costs and governance in order to comply with the NIS2 regulation.

The approach aims to develop a shared understanding of the risks and a set of security requirements for the entire chain with special attention for the joint objective of the collaboration and suitable security measures. The multi-disciplinary project team and the involvement of parties from the energy sector ensures a practical and directly applicable solution. 

Results

  • Generic security reference architecture 
  • Framework for collaboration in supply chains and other forms of cooperation 
  • Security use cases and chain-wide security measures 
  • Specific security reference architecture for the sustainable energy sector 

Approach

After an exploratory literature research on supply chains, forms of collaboration, existing security architectures for individual organisations, and legal requirements for critical sectors, we pick up input from practice partners through focus groups and develop products iteratively based on a design thinking approach. 

"An integral approach to address risks in supply chains improves the cyber resilience of entire sectors, especially in essential domains like the energy sector. "

Education impact

This project provides direct input for education within HU University of Applied Sciences, such as the Master's programme in Digital Security and ICT programmes related to cyber security. Students gain access to current cases, risk-based methodologies and new insights into supply-security. The results are integrated into lessons, minor programmes and practical assignments, ensuring that future professionals are better prepared for the growing challenges surrounding cyber resilience in supply chains. 

Projectupdates

HU researchers involved in the research

Collaboration with knowledge partners

We are collaborating with Avans University of Applied Sciences and The Hague University of Applied Sciences as research partners. In addition, private companies are involved, ranging from energy producers to end users, and from architects to developers, from multinationals to SMEs: Milence, Solventa, Sopra Steria, X‑Alert Technologies, Verum, Strategy Alliance, Bvolve and Synergy.

Co-funding

Topsector Energie 

Related research groups

Related courses

Would you like to collaborate or do you have any questions?

Christian-Alexander Bunge

  • Senior lecturer
  • Research group: Cyber Security
More projects