STM and Integrated Cyber Security System (ICSS) Feasibility Study Project

10 January 2014 · 14:57

STM was established in 1991 with a decree of Defence Industry Executive Committee, which is the highest decision making authority in Turkey regarding defence industry matters. The main missions given to STM are;

providing technical support, systems engineering, project management, technology transfer and logistics support services to TAF (Turkish Armed Forces) and SSM (Undersecretariat for Defence Industries),

developing necessary software technologies for defence systems, and establishing and operating national software centers for software development and maintenance/support.

Currently STM is conducting activities in line with these missions with a total of 450 employees of which more than 95% holds bachelor’s degree or higher. In 2012 STM achieved over 70 Million USD of revenue and in 2013 about 85 Million USD of revenue is expected.

One of the Cyber Security Solutions of STM to be elaborated in this article is Integrated Cyber Security System (ICSS) Feasibility Study Project.

ICSS Feasibility Study Project

Integrated Cyber Security System (ICSS) Feasibility Study Project was started in 2012 in order to meet the basic needs of Cyber Security and to implement the Cyber Security vision. Integrated Cyber Security System has been developed as a prototype and within the scope of ICSS, which is an R&D project in nature, a feasibility study has been conducted on the results obtained.

Within the scope of the development of a prototype in which more than 20 skilled engineers participated;

An ontology and a national vulnerability database covering aspects of cyber defence have been created,

A Cyber Security Risk Analysis and Evaluation System to be available to all organizational units has been realized,

The technical infrastructure of a Cyber Security Coordination Centre, which will be able to make Cyber Security vulnerability and risk assessment, which will gather instant data to perform data fusion has been created,

A system, which can create Joint Cyber Security Picture from the data fused, has been developed.

Through the ICSS Project, a system, which centralizes vulnerability, network topology and IT assets information collected from the organizational units and backbone network, has been developed. The prototype calculates the most effective cyber-attacks to be carried out by cyber-attackers and attack trees showing the ways (vulnerability, topology, etc.) through which they can perform attacks. With the help of the attack tree, ICSS users can calculate the risks inherent in systems and analyse possible remediation.

As fundamental capabilities are shown in Figure 1, ICSS can gather system and application logs and sensor alerts in real time all over the network through the central coordination unit. All collected data are correlated and cyber situational awareness is provided to users. With the help of vulnerability, assets, risks and instant status information combining feature of ICSS, consolidated cyber security picture can be obtained and with this picture decision-makers are able to make integrated risk analyses and action planning.

In ICSS project, in addition to prototype development, a feasibility study was conducted. In scope of feasibility report National Integrated Cyber Security Roadmap was presented including the requirements for approaches and procedures. National capabilities which must be acquired have been determined as a result of the comparison made between the requirements and the existing national capabilities. Finally, important areas of R&D and technology development and the possible difficulties in achieving the targeted capabilities have been indicated.

ICSS project offers our country very important gains. With ICSS, foundations of a Centre of Excellence have been laid. This will be a center where new threats and methods of Cyber Attacks that may arise in the future can be tested and measures can be developed. Thanks to the flexible and scalable technical infrastructure of the ICSS, which has been developed under an R&D project, a long term, easily extendable system has been put into practice. Moreover, a Cyber Security Ontology and National Vulnerability Database have been provided for our country. The infrastructure, which will lead to the formation of the inter-institutional and in-house Cyber Security processes and their coordination structure, has been prepared.

STM and Integrated Cyber Security System (ICSS) Feasibility Study Project

News

NAVANTIA to provide life-cycle support for the Turkish Navy amphibious ship Anadolu!

SAHA 2026 to Convene Global Defence and Aerospace Stakeholders in Istanbul as Türkiye Expands Its Strategic Industry Role

PAKISTAN NAVY CONDUCTS SUCCESSFUL SEARCH AND RESCUE OPERATION IN NORTH ARABIAN SEA

Exercise MAVİ VATAN-2026 - The Turkish Naval Forces’ Largest Joint Force at Sea

Updated İnformation about the ongoing Technical Investigation into the C-130 Crash

Exercise MAVİ VATAN-2026 Continues

Secure Access to Internet and Cloud Services

Smart and Secure: Tap-Proof Voice Calls on Smartphones

25 Years Experience of IT solutions and Criminal/Forensic Medicine Laboratories by VERISIS