diff --git a/data/ridb.xlsx b/data/ridb.xlsx
index dbcfe7d..59244b7 100755
Binary files a/data/ridb.xlsx and b/data/ridb.xlsx differ
diff --git a/data/rrmd.xlsx b/data/rrmd.xlsx
index 97cadaa..9cf374a 100755
Binary files a/data/rrmd.xlsx and b/data/rrmd.xlsx differ
diff --git a/public/resources/measures.json b/public/resources/measures.json
index 0e2222a..fd57e2c 100644
--- a/public/resources/measures.json
+++ b/public/resources/measures.json
@@ -1 +1 @@
-[{"id": "M01", "short_name": "FencesAndWalls", "description": "Construction of fences or walls around sensitive sites. By the construction of such physical barriers the entrance to sensitive sites is impeded. The aim is to ensure that no unauthorized personnel gets access to sensitive buidlings, assets or infrastructures.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Manipulation of the data"], "specific_asset": ["Sensors", "Early warning system \nfor safe water reuse"], "type_of_asset": ["Irrigation water"], "consequence": ["Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Which kind of fence and/or wall is chosen depends inter alia on the protection needs of the respective infrastructure/asset/building. Thus, before a fence or wall is built, a security concept (e.g. defining different security zones) could be set up to define which needs for perimeter protection exist in the respective cases. ", "details": null}, {"id": "M02", "short_name": "MotionDetectors", "description": "Implementation of motion detectors. Thus the intrusion of unauthorized personnel to sensitive sites is automatically detected. The aim is to be able to react quickly to occuring intrusions.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Action and Crisis Management Plans and Training"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Pressure Boosting Station", "Pump", "Server", "Transmission Devices", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "Different reactions are possible if a motion detector is triggered by an intruder. A silent alarm could be sent to the staff (thus the probability that the intruder is caught by the police could be increased) or a loud alarm sound could be started (this could lead to a flight of the intruder before he/she causes any more serious consequences).", "details": null}, {"id": "M03", "short_name": "CameraSurveillance", "description": "Surveillance of sensitive sites, buildings or assets with camera systems. Thus intruders are detected by the staff that is surveilling the monitors. The aim is to be able to react quickly to occuring intrusions or intrusion attempts and to be able to identify the attacker after an occuring attack.", "type_of_measure": [], "type_of_source": ["Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Destruction", "Manipulation of the data", "Denial of service"], "specific_asset": ["Sensors", "Ds11 flow forecast", "Early warning system \nfor safe water reuse"], "type_of_asset": ["Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Not serious", "Quality"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M04", "short_name": "Patrols", "description": "Organization of regular or irregular patrols at sensitive sites, buildings and assets. Thus intruders shall be noticed and the investigated sites, buildings and assets are checked for any obvious damages or similar. The aim is to prevent malicious attacks and to ensure the functionality of the water supply system.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Server", "Spring Water", "Surface Water", "Transmission Devices", "Treatment Unit Process", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Bodies", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "A positive side-effect of patrols might be the deterrent effect on potential attackers decreasing the likelihood of malicious attacks.", "details": null}, {"id": "M05", "short_name": "FloodProtection", "description": "Implementation of flood protection measures. By the building of dams or object protection measures against floods the intrusion of flood water to sensitive sites shall be prevented. The aim is to prevent any assets or buildings from being damaged by flood water and to ensure an ongoing high water quality.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["Natural phenomena"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Spring Water", "Transmission Devices", "Treatment Unit Process", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Pressure Boosting Station", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M06", "short_name": "BarredWindows", "description": "Protection of windows with bars. Thus intruders cannot enter a building by destroying a window. The aim is to ensure that only authorized personnel can enter sensitive objects or sites. ", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Control Center", "Drinking Water Tanks", "Pressure Boosting Station", "Water under treatment"], "type_of_asset": ["Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "It might be sufficient to implement bars at windows below the second floor as the height of all other windows could be a sufficient physical barrier.", "details": null}, {"id": "M07", "short_name": "BinaryContacts", "description": "Implementation of binary contacts as alarm system at doors, windows or storage tanks. Thus the intrusion of unauthorized personnel to sensitive site is automatically detected. The aim is to be able to react quickly to occuring intrusions.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["Internal attacker", "External attacker"], "type_of_threat": ["Physical"], "type_of_event": ["Destruction"], "specific_asset": ["Sensors", "Ds11 flow forecast"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Not serious"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Different reactions are possible if a binary contact is triggered by an intruder. A silent alarm could be sent to the staff (thus the probability that the intruder is caught by the police could be increased) or a loud alarm sound could be started (this could lead to a flight of the intruder before he/she causes any more serious consequences).", "details": null}, {"id": "M08", "short_name": "SecureDoorsAndWindows", "description": "Construction of doors and windows with a sufficient resistance class. Thus the time and effort that an attacker needs to overcome the respective barrier is increased. The aim is to gain more time to detect an attack and to react on the attack, furthermore the attractivity for an attack is reduced.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Control Center", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "An appropriate resistance class for doors and windows of specific buildings depends on the security zone that the building is assigned to.", "details": "DIN EN 1627 T\u00fcren, Fenster, Vorhangfassaden, Gitterelemente und Abschl\u00fcsse - Einbruchhemmung - Anforderung und Klassifizierung; Deutsche Fassung EN 1627:2011. Deutsche Norm. Berlin: Beuth Verlag GmbH."}, {"id": "M09", "short_name": "EntranceAccessControl", "description": "Implementation of an access control system for entrances to sensitive sites. Thus it shall be avoided that unauthorized people get access to the sensitive sites. The aim is to protect the infrastructures of the water utility from damages.", "type_of_measure": ["Physical Barriers", "Control System"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Control Center", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Water under treatment", "Well"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The physical access control can be implemented in different forms. The most common way of access control is the distribution of keys or access cards for sensitive sites only to authorized personnel. Another way of access control would be the implementation of regularly changing codes that are necessary to open doors. Also the access permission via biometric data like fingerprints is possible. In case of biometric entrance systems special attention has to be paid to data protection issues. \nAccess control can also be realized by personnel that is positioned at entrances to check access permissions manually. \nThe principle of minimum access permissions should be applied, that means that as few access authorizations as possible should be distributed.", "details": null}, {"id": "M10", "short_name": "SecureLocks", "description": "Installation of secure locks. Thus the picking of locks is substantially complicated. The aim is to prevent that attackers can easily enter sensitive sites by picking locks. ", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker"], "type_of_threat": ["Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Dosing System", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M11", "short_name": "DiscreetAppearance", "description": "If possible, sensitive sites and buildings should be designed in a discreet appearance. Thus it shall be avoided that the sites or areas raise awareness of potential attackers. The aim is to lower the probability of attacks.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Physical"], "type_of_event": ["Destruction", "Discharge of pollutants"], "specific_asset": ["Sensors", "Alert system", "Ds11 flow forecast"], "type_of_asset": ["Raw water bodies", "Sewers or wastewater treatment plant"], "consequence": ["Not serious", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "An example for a discreet design could be pumping stations. The building in which the pumps are located should not directly indicate that this is a pumping station for drinking water so that potential attackers are directly aware of a potential attack point. \nAlso areas on a water utility's properties where for example servers or the control center are located should not be directly recognisable. This would quickly indicate an attractive attack point for a potential intruder. ", "details": null}, {"id": "M12", "short_name": "SupervisionOfExternals", "description": "Supervision of any external people entering the water utility or sensitive sites. Any people who enter sites and who are not part of the utility's staff are supervised and not left alone at any time. Thus any data thefts, manipulations or similar shall be prevented.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "External supplier"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve", "Water under treatment", "Well"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": "Federal Office for Information \nSecurity:  ORP.1: Organisation. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 4"}, {"id": "M13", "short_name": "SmokeDetectors", "description": "Installation of smoke detectors. Thus fires are immediately noticed by the present staff. The aim is to protect all employees and infrastructures from serious injuries or damages caused by fire.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction"], "specific_asset": ["Additives", "Control Center", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M14", "short_name": "ContainmentStructures", "description": "Construction of containment structures at sensitive locations like roads or airports. Thus raw water contaminations due to traffic accidents, leakages or similar are kept away from raw water sources for drinking water production. The aim is to ensure the constant and sufficient availability of raw water of a sufficient quality for drinking water production.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water"], "type_of_asset": ["Catchment Area", "Raw Water Bodies"], "consequence": ["Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M15", "short_name": "RawWaterPipelineProtection", "description": "Physical protection of raw water transmission pipeline and equipment (pumps, valves,\u2026). The aim is to protect the water transmission pipes against corrosion, intrusion, failure, etc.", "type_of_measure": ["Physical Barriers", "Redundancy", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Pump", "Transmission Pipes and Equipment"], "type_of_asset": ["Raw Water Pipeline", "Water Abstraction Points"], "consequence": ["Quality", "Quantity ", "Reputation", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive & Reactive", "comments": "This measure includes for example regular inspections of the raw water pipelines.", "details": null}, {"id": "M16", "short_name": "SourceWaterQualityControl", "description": "Control of raw water quality. The aim is to control the raw water quality in order to select the best treatment process and operation.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water", "Well"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Treatment Plants"], "consequence": ["Quality"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M17", "short_name": "WatershedProtection", "description": "Pollution sources in the watershed may affect raw water quality. The aim is to control the activities within the watershed affecting raw water quality.", "type_of_measure": ["Physical Barriers", "Control System", "Consequence Mitigation", "Economic Policy"], "type_of_source": ["Human fault", "Natural phenomena", "External attacker"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water", "Well"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "One of the objectives of the Water framework directive is to protect the drinking water sources. Part of this measures could be inspections of the watersheds and regulations of human activities in the watershed (especially regulations of traffic, industry, agriculture, residential areas).", "details": null}, {"id": "M18", "short_name": "InflowAndBackflowPrevention", "description": "Implementation of inflow and backflow prevention devices at relevant points of the network (e.g. house connections, fire hydrants). Thus the contamination of the drinking water network via these sources is prevented. The aim is to prevent intentional and unintentional contaminations so that a high water quality is ensured.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Drinking Water Taps", "Fire Hydrants"], "type_of_asset": ["Drinking Water Network"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M19", "short_name": "FiltersInAerationProcesses", "description": "All air for aeration purposes in water treatment plants and water storage tanks should be filtered. Thus it is aimed to prevent contaminations induced by entering air by the provision of physical barriers. The aim is to ensure an ongoing high quality of the supplied water.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Drinking Water Tanks", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Water Treatment Plants"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Filters should be installed at every air intake for aeration purposes. Furthermore, no openings for aeration purposes should be built directly over the water surface to prevent that attackers can easily induce dangerous substances or that dangerous substances are induced in a natural way. ", "details": null}, {"id": "M20", "short_name": "PressureAndFlowSensors", "description": "Installation of pressure and flow sensors at different positions in the water distribution network. Thus it can be checked if the network is operated in the desired conditions. The aim is to ensure a water supply in sufficient quantity and pressure.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Control System", "Drinking Water Pipes", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Transferred Information", "Transmission Pipes and Equipment", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Raw Water Pipeline", "Water Abstraction Points"], "consequence": ["Quantity ", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "With this measure failures in the distribution network due to intended attacks like destructions of pumps or pipes might be detected. Furthermore, also failures due to naturally occuring damages like pipe breakages are detected (induced by natural phenomena or by wrong operation/human fault).", "details": null}, {"id": "M21", "short_name": "OscillationSensors", "description": "Installation of oscillation sensors at pumps. Thus any imminent damages of the pump or manipulations of the pump operation or settings are detected by changed oscillation patterns. The aim is to ensure an ongoing proper pump functionality and to detect any manipulations.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Pump"], "type_of_asset": ["Pressure Boosting Station"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "This measure might indicate imminent pump failures due to wear or intended pump manipulations which are not detected in another way because the signal of the pump status to the control center was manipulated to show the desired values. ", "details": null}, {"id": "M22", "short_name": "ValvePositionSensors", "description": "Installation of sensors indicating the position of valves. Thus it can be checked if all valves are are in the position that they are obliged to. The aim is to check if the operating parameters are performed as they should or if any malfunctions or manipulations of the valves exist.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Transferred Information", "Transmission Devices", "Valve"], "type_of_asset": ["Drinking Water Network", "Raw Water Pipeline", "Water Treatment Plants"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M23", "short_name": "LevelSensors", "description": "Installation of sensors indicating the filling level of storage tanks or additive reservoirs. Thus it can be supervised if any storage tanks or reservoirs are running dry or overflow. The aim is to ensure a desired filling level in all reservoirs and storage tanks.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Additives", "Control System", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Transferred Information", "Transmission Pipes and Equipment", "Valve"], "type_of_asset": ["Drinking Water Tanks", "Water Treatment Plants"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M24", "short_name": "AutomatedValveControl", "description": "Automated control of valves to regulate required pressures and flows. Thus human errors e.g. leading to pressure shocks are avoided. The aim is to ensure ongoing desired conditions in the network and to protect the infrastructure from damages.", "type_of_measure": ["Control System"], "type_of_source": ["Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Destruction"], "specific_asset": ["Drinking Water Pipes", "Transmission Pipes and Equipment", "Valve"], "type_of_asset": ["Drinking Water Network", "Raw Water Pipeline"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Although the control of valves is automated, the possibility of a manual control should be given at every point of time.", "details": null}, {"id": "M25", "short_name": "OperatingParameterSurveillance", "description": "Surveillance of operating parameters from the catchment to the final distribution point. Thus any damages, malfunctions or manipulations in the supply chain are directly detected. The aim is to enable fast reactions to damages, malfunctions or manipulations. ", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Control System", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Server", "Transferred Information", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Potential parameters to be supvervised are volume flows and pressures of water at different positions in the system, pressure losses (e.g. at filters), membrane permeabilities or volume flows and pressures of air at aerations. The surveillance can be realized manually or automatically by the definition of certain allowed operating ranges.", "details": null}, {"id": "M26", "short_name": "ProcedureForPersonnelChanges", "description": "Following of a structured procedure in case of new employees entering the company or employees leaving the company. Thus new employees directly learn about all important information security issues and leaving employees are informed about their duty of confidentiality. By this measure, data losses due to leaving employees and faults due to unawareness of new employees shall be prevented.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation", "Denial of service", "Discharge of pollutants", "Spoofing"], "specific_asset": ["Server", "Serious game", "Ds 13 interface\u00a0", "Web application", "Early warning system \nfor bathing water quality", "Sensors", "Alert system", "Ds11 flow forecast", "Web server", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "For new employees checklists should be used to ensure that no important issues about information security are forgotten. If possible, the leaving employee should train the new employee. All access rights have to be taken from the leaving employee. ", "details": "Federal Office for Information \nSecurity:  ORP.2: Personal. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 3"}, {"id": "M27", "short_name": "EmployeesTrainings", "description": "Regular trainings, seminars, updates and informations on security issues should be implemented for all employees. Thus the staff is always kept up to date about any security relevant developments, behavioural rules and acute risks, both in the cyber and in the physical sector. The aim is to prevent hazards occuring due to unawareness and human faults.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation", "Denial of service", "Discharge of pollutants", "Spoofing"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Early warning system \nfor safe water reuse", "Web server", "Serious game", "Ds 13 interface\u00a0", "Web application", "Early warning system \nfor bathing water quality", "Sensors", "Alert system", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": "Federal Office for Information \nSecurity:  ORP.2: Personal. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 4"}, {"id": "M28", "short_name": "SecurityCheckOfEmployees", "description": "Security check of new employees. By checking relevant data of new employees like the completeness of the CV and the criminal record, the confidentiality and reliability of the potential employee is checked. The aim is to employ trustworthy and reliable employees to ensure a safe operation.", "type_of_measure": ["Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation of the data", "Destruction", "Manipulation", "Denial of service", "Discharge of pollutants", "Spoofing"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Serious game", "Ds 13 interface\u00a0", "Web application", "Early warning system \nfor bathing water quality", "Sensors", "Alert system", "Ds11 flow forecast", "Web server", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Information leak", "False information", "Not serious", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The possibilities for security checks are significantly limited by different laws and regulations in the field of data protection. Therefore it has to be ensured that all information gaining processes are lying in the frame of legally allowed and ethically justifiable investigations.", "details": null}, {"id": "M29", "short_name": "EmergencyPlans", "description": "Setting up of emergency plans. Thus clear responsabilities, courses of action, procedures and contacts are defined and documented for emergency cases. The aim is to reduce the consequences after serious cyber, physical or cyber-physical incidents.", "type_of_measure": ["Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["Human fault", "External attacker"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Denial of service", "Manipulation of the data", "Discharge of pollutants"], "specific_asset": ["Server", "Early warning system \nfor bathing water quality", "Sensors", "Alert system", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users"], "consequence": ["Reputation", "Health issues", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "A complete crisis plan should exist including responsabilities, pending tasks, important contacts etc. \nAll tasks from the evaluation of the situation over the determination of appopriate reactions to the crisis until the final realization of the actions and their effectiveness check have to be defined. Therefore also an emergency service must exist. ", "details": "DIN EN 15975-1: Sicherheit der Trinkwasserversorgung - Leitlinien f\u00fcr das Risiko- und Krisenmanagement - Teil 1: Krisenmanagement; Deutsche Fassung EN 15975-1:2011+A1:2015. Deutsche Norm. Berlin: Beuth Verlag GmbH."}, {"id": "M30", "short_name": "RedundantAssetsAndInfrastructures", "description": "Constructions of redundant infrastructures and assets along the whole water supply chain. Thus the failure of one component can, at least partially, be compensated by the respective redundant asset. The aim is to ensure a constant supply of water with adequate quantity, quality and pressure.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["External supplier", "Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation of the data", "Destruction", "Denial of service", "Discharge of pollutants", "Spoofing"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Ds 12 decision support system", "Early warning system \nfor safe water reuse", "Alert system", "Web server", "Serious game", "Ds 13 interface\u00a0", "Early warning system \nfor bathing water quality", "Sensors", "Web application", "Ds11 flow forecast", "Match-making tool"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Financial", "Information leak", "False information", "Not serious", "Quality"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Redundant infrastructures could exist in the water extraction (wells, river extractions, reservoir extractions, spring water), water treatment infrastructures (filtration, adsorption, aeration, sedimentation, softening), water storage (tanks), water distribution (main pipes, distribution pipes, pressure boosting station) or similar infrastructures. Another kind of redundancy implementation that might make sense is the cooperation with other suppliers e.g. with neighbouring municipalities in supply networks.", "details": null}, {"id": "M31", "short_name": "DistributedEnergySupply", "description": "Supply of energy from more than one supplier. Thus a potential supply failure of one electrical energy supplier can quickly be replaced by the supply of the redundant supplier. The aim is to prevent downtimes due to a lack of electrical energy.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["Interdependent CI"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Interruption"], "specific_asset": ["Control Center", "Control System", "Dosing System", "Pressure Boosting Station", "Media Channels", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M32", "short_name": "EmergencyGenerators", "description": "Installation of emergency generators. Thus a complete failure of external energy supply can be compensated by the emergency generators. The aim is to prevent downtimes due to a lack of electrical energy.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena", "Interdependent CI"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Interruption"], "specific_asset": ["Control Center", "Control System", "Dosing System", "Pressure Boosting Station", "Media Channels", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M33", "short_name": "AdditionalStorageCapacity", "description": "Construction of additional storage tanks. Thus periods of water scarcity can be bridged easier due to a higher amount of stored water. The aim is to ensure a constant supply with drinking water also in times of reduced raw water avilability or attacks on water treatment or supply elements.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Spoofing"], "specific_asset": ["Web application", "Ds 13 interface\u00a0"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Quantity"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M34", "short_name": "WaterIntakeAdaption", "description": "Re-designing of water intakes for periods of raw water scarcities. Thus the usual sources for raw water can also be used in case of low water levels e.g. by the construction of pumps, modified water intakes or additional wells. The aim is to ensure a constant supply with raw water.", "type_of_measure": ["Consequence Mitigation"], "type_of_source": ["Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Interruption"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water", "Well"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Abstraction Points"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M35", "short_name": "WaterQualityOnlineSurveillance", "description": "Surveillance of the water composition along the supply chain by online sensors. Thus degradations of water quality (from raw water to the point of supply) are early detected. The aim is to enable fast reactions and the potential isolation of affected network parts or infrastructures.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Additives", "Control System", "Dosing System", "Drinking Water Tanks", "Fire Hydrants", "Groundwater", "Spring Water", "Surface Water", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Drinking Water Network", "Drinking Water Tanks", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Reactive", "comments": "The quality should be checked with respect to chemical, microbiological and physical parameters. Potential parameters can for example be taken from existing laws or guidelines defining the required drinking water quality, examples are temperatures, pH values, conductivities, oxygen concentrations, turbidities, UV absorption or redox potential. ", "details": null}, {"id": "M36", "short_name": "WaterTreatmentControl", "description": "Implementation of monitoring, treatment and disinfection processes in order to comply with the water quality  standards under all circumstances.", "type_of_measure": ["Redundancy", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier", "Interdependent CI"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control System", "Dosing System", "Drinking Water Tanks", "Pump", "Sensor", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "This is a measure for process control & optimization.", "details": null}, {"id": "M37", "short_name": "WaterQualityOfflineSurveillance", "description": "Offline monitoring of water quality parameters in the distribution systems to comply with the water quality standards under all circumstances.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Drinking Water Pipes", "Drinking Water Tanks"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M38", "short_name": "MonitoringAndControlOfDistributionSystem", "description": "Monitoring and controlling the distribution system for biofilms, deposits and corrosion. ", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["Natural phenomena", "Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Interruption", "Pollution"], "specific_asset": ["Additives", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Drinking Water Taps"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M39", "short_name": "WaterNetworkInterventionsForWaterSupplyRecovery", "description": "There are many events that potentially may lead to anomalies affecting the physical elements of the water network (i.e. pipe breakdown). When this occurs, a segment of the network containing the faulty element is isolated for its repair. This isolation may affect the supply of certain demand nodes in terms of quantity and pressure. Then, a set of network interventions must be enabled in order to recover the water supply service in the affected area during this emergency period. In general, this interventions aims to enable new water pathways to the affected area and/or adapting PRVs and pumping strategies to recover pressure assuring enough autonomy in the water tanks.", "type_of_measure": ["Physical Barriers", "Redundancy", "Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier", "Interdependent CI"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Drinking Water Pipes", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station"], "consequence": ["Quantity ", "Quality", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Reactive", "comments": null, "details": null}, {"id": "M40", "short_name": "AdditivesQualityCheck", "description": "Supervision of quality of delivered additives. Thus the use of  additives produced with substandard quality or the use of subsequently (intentionally or unintentionally) polluted additives is prevented. The aim is to prevent the pollution of drinking water caused by the use of polluted additives.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "External supplier"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Additives"], "type_of_asset": ["Water Treatment Plants"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M41", "short_name": "InfrastructureAndAssetInspections", "description": "Regular and/or continuous inspections of existing infrastructure and assets by trained and professional personnel. Thus existing or impending damages, failures or manipulations are early detected. The aim is to undo damages, failures or manipulations to prevent more serious consequences on existing infrastructures.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve", "Well"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Reactive", "comments": "The inspections shall detect intended manipulations of the assets and infrastructure by attackers as well as existing and imminent damages or failures due to wrong operation or wear.", "details": null}, {"id": "M42", "short_name": "InformationSecurityGuidelines", "description": "Establishment of a guideline for information security. This guideline contains all relevant aspects about the company's information security aims and underlying processes. Thus the employees are aware of the importance of information security procedures and know how to behave to ensure information security.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "External supplier"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Media Channels", "Sensor", "Server", "Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The guideline(s) should contain information about the importance of information security, the security objectives, the most important aspects of the security strategy as well as the organisational structure established for information security. A clear scope must be defined. All employees must be informed about the guideline on information security. The guideline should regularly be updated.", "details": "Federal Office for Information \nSecurity:  ISMS.1: Sicherheitsmanagement. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 5"}, {"id": "M43", "short_name": "InformationSecurityManagementSystem", "description": "Implementation of an Information Security Management System (ISMS). The ISMS enables the implementation and continuous application of a thought out and effective information security process. The aim is to provide a general concept for a continuosly updated information security in a water utility.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Spoofing"], "specific_asset": ["Web application", "Ds 13 interface\u00a0"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Quantity"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "An ISMS should be tailored to the existing management structures of the specific water utility. Due to different conditions existing in each site and utility, there cannot be one ISMS fitting as general system for all utilites. Thus there is a need of customization in each case.", "details": "Federal Office for Information \nSecurity:  ISMS.1: Sicherheitsmanagement. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-8"}, {"id": "M44", "short_name": "PasswordSecurity", "description": "Access to sensitive and critical cyber applications, databases, control tools or similar should be protected by secure passwords. Thus only authorized people get access to the respective cyber space. The aim is to prevent attacker's access by hacking and to ensure the cyber system's integrity.", "type_of_measure": ["Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Server", "Alert system", "Mobile apps to communicate bathing water quality", "Web server", "Serious game", "Web applicaton", "Web application", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "For the access to any application, database or similar a different password has to be used. Passwords should not be too short (at least 8 symbols) and contain symbols of different kinds (e.g. capital and small letters, special symbols, numbers). Passwords should be changed regularly.", "details": "Federal Office for Information Security: Passwords. \nLink: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/Passwoerter/passwoerter_node.html\nLast access: 21.01.2019"}, {"id": "M45", "short_name": "TwoFactorAuthentification", "description": "Implementation of two-factor authentification for especially sensitive applications. Thus the possibility of unauthorized access to sensitive applications is significantly reduced. The aim is to ensure a special protection for especially sensitive applications. Try not using SMS but dedicated apps instead (or dongles).", "type_of_measure": ["Cyber Barriers", "Control System"], "type_of_source": ["Human fault", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data"], "specific_asset": ["Server", "Mobile apps to communicate bathing water quality", "Web applicaton", "Web application", "Ds11 flow forecast", "Match-making tool"], "type_of_asset": ["Digital solution users", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Possible realizations for a two-factor authentification could for example be individual codes that are sent via SMS or TAN generators. ", "details": "Federal Office for Information Security: Passwords. \nLink: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/Passwoerter/passwoerter_node.html\nLast access: 21.01.2019"}, {"id": "M46", "short_name": "RestrictedAccesToITSystem", "description": "The company must to restrict the network control actions and information accesibility to particular actors inside the company using a particular protocol acces (double factor). A security  level of accessibility should be defined according to the person or group in charge of specific tasks in the company. ", "type_of_measure": ["Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker", "External supplier", "Human fault", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Manipulation of the data", "Spoofing", "Manipulation"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Early warning system \nfor safe water reuse", "Mobile apps to communicate bathing water quality", "Web server", "Serious game", "Ds 13 interface\u00a0", "Temperature sensor web-platform", "Web application", "Web applicaton", "Sensors", "Alert system", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M47", "short_name": "NonManipulationConnectionTool", "description": "The company must forbid the network connection to not authorized mobile devices (PC, laptop, etc.).", "type_of_measure": ["Physical Barriers", "Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Spoofing"], "specific_asset": ["Web application", "Ds 13 interface\u00a0"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Quantity"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M48", "short_name": "CryptographicProcesses", "description": "Implementation of cryptographic processes. Thus any relevant data is encrypted and therfore unreadable for an attacker. The aim is to ensure that any attacker getting access to sensitive data cannot read the data due to its encryption.", "type_of_measure": ["Cyber Barriers", "Consequence Mitigation"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Early warning system \nfor safe water reuse", "Mobile apps to communicate bathing water quality", "Web server", "Serious game", "Temperature sensor web-platform", "Web application", "Early warning system \nfor bathing water quality", "Web applicaton", "Sensors", "Alert system", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Additionally to the data encryption, the possibility of encrypting also communication connections should be checked in dependence on the necessary effort for encryption and its practicability. The source and integrity of used cryptographic keys should also be checked. The keys should be changed in a sufficient frequency. \nEncryptions can be realized for transferred data (wireless connections, wires, mobile storage devices) and for data stored on servers, clients, mobile devices or similar. ", "details": "Federal Office for Information \nSecurity:  CON.1: Kryptokonzept. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-6"}, {"id": "M49", "short_name": "DataBackups", "description": "All relevant data should be saved in a data backup regularly. Due to redundant data storages the loss of one data set can be compensated by using the backup data. Thus the ongoing operability of the utility is ensured.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "All relevant factors of influence on the process of data backup generation must be documented, e.g. the amount and time of changed data, availability requirements or similar. If applied, the requirements for online data backups, e.g. in clouds, must be determined (e.g. location of storage, methods of authentification, etc.). The backup data should be encrypted, furthermore the location of the backup data should not be the same as the location of the original data.", "details": "Federal Office for Information \nSecurity:  CON.3: Datensicherungskonzept. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 2-4"}, {"id": "M50", "short_name": "NetworkSeparation", "description": "Secure installation and operation of different network security zones. Thus unauthorized entries into sensitive networks can be complicated. The aim is to ensure the integrity, authenticity and confidentiality of all data in the network.", "type_of_measure": ["Physical Barriers", "Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker", "External supplier", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Spoofing", "Manipulation"], "specific_asset": ["Server", "Early warning system \nfor safe water reuse", "Ds 13 interface\u00a0", "Web application", "Ds11 flow forecast", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "This measure is dealing with the IT networks. The complete network setup, structure, changes or similar must be documented in detail. The network must be separated into different security zones (e.g. internal network, demilitarized zone [DMZ], external connections [including untrustworthy networks like the internet]). Different security zones should also be physically separated. Firewalls must separate the security zones. Clients and server must be located in different segments of the network. Sensitive information must be transferred by using state-of-the-art secure protocols. ", "details": null}, {"id": "M51", "short_name": "AppropriateLayingOfWires", "description": "Information transmitting wires should be laid in a security conform way. Thus the probability of data thieveries and damages of wires is reduced by preventing unauthorized access to the data transmission wire. The aim is to protect sensitive data.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker"], "type_of_threat": ["Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "It should be made difficult to get access to wires e.g. by underground laying of wires, the protection of wires by mantles or similar. ", "details": null}, {"id": "M52", "short_name": "ServerRoomSetup", "description": "Appropriate setup of server rooms. Thus the lifetime of servers is extended and its ongoing functionality is ensured. The aim is to ensure the continuous operability of all servers under appropriate conditions.", "type_of_measure": ["Physical Barriers", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "Interdependent CI"], "type_of_threat": ["Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation"], "specific_asset": ["Server"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "The server room should be located apart from office rooms and ensure appropriate conditions (temperature, air humidity, constant electrical energy supply, etc.). \nThe room should be secured by doors with an appropriate resistance class and with an appropriate access control system. Furthermore it should be protected against physical hazards like fire, water intrusion etc. \nA constant supply with electrical energy must be ensured, if necessary an Uninterruptable Power Supply (UPS) must be implemented.", "details": "Federal Office for Information \nSecurity:  APP.3.3 Fileserver. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-5"}, {"id": "M53", "short_name": "MirroredSCADA", "description": "Implementation of a mirrored SCADA system. Thus in case of a failure of the SCADA system, this failure can be compensated by activating the mirrored SCADA system. The aim is to ensure an ongoing operability of the water utility. ", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Control Center", "Control System"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "The mirrored SCADA system should be not be located at the same position as the acutally used SCADA system. ", "details": null}, {"id": "M54", "short_name": "DataIntegrityCheck", "description": "The integrity of important data should be checked e.g. by blockchain technology. Thus falsified signals are immediately detected. The aim is to ensure that any decision of the utility is based on data with ensured integrity.", "type_of_measure": ["Control System"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Early warning system \nfor safe water reuse", "Mobile apps to communicate bathing water quality", "Web server", "Serious game", "Temperature sensor web-platform", "Web application", "Early warning system \nfor bathing water quality", "Web applicaton", "Sensors", "Alert system", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M55", "short_name": "MalwareProtectionGuidelines", "description": "Implementation of guidelines for a correct behaviour to protect the IT systems from malware. Thus all employees know how to handle hard- and software to ensure a secure IT environment. The aim is to prevent any damages resulting from the malware and to ensure the integrity, authenticity and confidentiality of all data and assets in the IT infrastructure. ", "type_of_measure": ["Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Media Channels", "Sensor", "Server", "Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The guidelines should define the handling of potentially harmful soft- and hardware. It should e.g. be defined when and which storage devices may be connected to the IT infrastructure, how annexes of e-mails have to be handled and how executable files have to be treated.", "details": null}, {"id": "M56", "short_name": "MalwareProtectionSoftware", "description": "Installation of suitable software to protect the IT systems against malware. By this measure malware reaching the IT system shall be blocked, deleted or at least directly noticed. Thus any damages resulting from the malware shall be avoided to ensure the integrity, authenticity and confidentiality of all data and assets in the IT infrastructure.", "type_of_measure": ["Cyber Barriers", "Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Media Channels", "Sensor", "Server", "Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Used applications and software for defense against malware should be tailored for the use in enterprises, solutions for home use are not sufficiently safe. Furthermore, the chosen solution should be updated and checked on its effectiveness regularly. The employees should be trained on handling possibly dangerous contents in a sensitive way. Any detections of malware should be reported directly by both, the user detecting the malware and automatically by the system.\nAll relevant data emerging in the IT system should be logged for a fast detection of incidents and for an easier understanding of past attacks. ", "details": "Federal Office for Information \nSecurity:  OPS.1.1.4: Schutz vor Schadprogrammen. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-5"}, {"id": "M57", "short_name": "PatchAndChangeManagement", "description": "Implementation of a concept for the patch and change management in the IT environment. By following this concept, emerging security holes can be closed quickly and any (e.g. software) changes are monitored with regard to security issues. Thus the security of the IT systems of the company is ensured in general.", "type_of_measure": ["Cyber Barriers", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The concept should clearly define all responsabilites and procedures of the patch and changes management process. Furthermore, the handling of auto-updates that might be implemented in the used software should be regulated. ", "details": "Federal Office for Information \nSecurity:  OPS.1.1.3: Patch- und \u00c4nderungsmanagement. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-5"}, {"id": "M58", "short_name": "NetworkTrafficAnalysis", "description": "Surveillance of all network traffic on suspicious patterns. Thus hacker attacks shall be recognized and negative consequences shall be prevented. The aim is to ensure the integrity, authenticity, confidentiality and operability of the network and all connected devices.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External supplier", "Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Manipulation of the data", "Spoofing", "Manipulation"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Ds 12 decision support system", "Early warning system \nfor safe water reuse", "Ds 13 interface\u00a0", "Web application", "Early warning system \nfor bathing water quality", "Sensors", "Alert system", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M59", "short_name": "SecurityOfWirelessNetworks", "description": "Defitinition of security measures for the implementation and use of wireless network connections. Thus attacks on wireless connections shall be prevented. The aim is to ensure the integrity, autenticity, confidentiality and operability of the wireless network and all connected devices.", "type_of_measure": ["Cyber Barriers", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Manipulation of the data"], "specific_asset": ["Sensors", "Early warning system \nfor safe water reuse", "Match-making tool"], "type_of_asset": ["Digital solution users", "Irrigation water"], "consequence": ["Quantity", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Before the implementation of wireless networks it must be checked if any other wireless networks exist in the same area with similar configurations that could disturb the implemented network. Generally accepted standards for authentification and encryption have to be used. All information transferred via wireless networks has to be encrypted with up-to-date encryption technologies. Access points must be located at positions where no unauthorized personnel can reach them. Access points may not be operated in default configurations. A security barrier should exist between wireless and wired connections. Regular checks for security wholes should be ensured. ", "details": "Federal Office for Information \nSecurity: NET.2.1: WLAN-Betrieb. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-6"}, {"id": "M60", "short_name": "SoftwareManagement", "description": "The software management should be organized and carried out by responsible IT experts. Thus only credible software is installed correctly, furthermore an appropriate use of the software is teached to the staff. The aim is to avoid cyber security issues due to the installation of untrustful software, wrong installation of trustful software or inappropriate software uses.", "type_of_measure": ["Cyber Barriers", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Spoofing"], "specific_asset": ["Serious game", "Web application", "Ds 13 interface\u00a0", "Web server"], "type_of_asset": ["Digital solution users", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": "Federal Office for Information \nSecurity:  CON.4: Auswahl und Einsatz von Standardsoftware. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-4"}, {"id": "M61", "short_name": "MobileDeviceUsageRules", "description": "Setting up of clear rules for the use of mobile devices. Thus the staff knows how to use mobile devices outside the utility in a secure way. The aim is to ensure data and cyber security also outside of the utility area.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "Examples for rules could be the mandatory use of privacy films for monitors or automatic screen locks after a certain time of inactivity. Losses of IT equipment should be reported as soon as possible to the utility. Portable devices should be encrypted. Connections to the utility's network should only be allowed via Virtual Private Network (VPN) connections.\nA list of mobile devices should exist in the company. ", "details": "Federal Office for Information \nSecurity:  CON.7: Informationssicherheit auf Auslandsreisen. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 5-8"}, {"id": "M62", "short_name": "DeletionAndDestructionOfDataCarriers", "description": "Ensuring of proper deletion of data and destruction of data carriers. By a proper deletion or destruction, the data shall be irreversibly wiped out. Thus the loss of any sensitive data shall be prevented.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Server", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The data deletion mechanisms should ensure that no data can be restored and that no residual data exist. All employees should be trained how to delete data and destroy data carriers correctly. If data carriers are collected and stored before destruction, the location of collection has to be protected against any possible intruders. ", "details": "Federal Office for Information \nSecurity:  CON.6: L\u00f6schen und Vernichten. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-4"}, {"id": "M63", "short_name": "SecureOutsourcing", "description": "Assurance of IT security in case of outsourcing by setting-up appropriate agreements with the respective companies. By these agreements it is guaranteed that also the respective external companies comply with the relevant security guidelines. Thereby it is ensured that emerging risks due to the outsourcing process are minimized. ", "type_of_measure": ["Cyber Barriers", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Spoofing"], "specific_asset": ["Serious game", "Web application", "Ds 13 interface\u00a0", "Web server"], "type_of_asset": ["Digital solution users", "Sewers or wastewater treatment plant"], "consequence": ["Reputation", "Quality"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "The agreement should ensure that the commissioned company complies with a sufficiently acknowledged security standard (e.g. the German IT-Grundschutz [IT-Basic Protection]). ", "details": "Federal Office for Information \nSecurity:  OPS.2.1: Outsourcing f\u00fcr Kunden. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-6"}, {"id": "M64", "short_name": "Documentation", "description": "A complete documentation of all relevant assets and processes in the physical and digital infrastructure of the water utility must be ensured. Thus a full overview of the utility and potential risks is available at any point of time. The aim is to be able to recognize any weak points that have to be treated by different risk redcution measures.", "type_of_measure": ["Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M65", "short_name": "IdentificationClassificationAndRiskAssessmentTool", "description": "The Company must select a particular approach and methodology for risk assessment and analysis that incidents and prioritizes risks based on threats, vulnerabilities and consequences of security.", "type_of_measure": ["Physical Barriers", "Cyber Barriers", "Redundancy", "Control System", "Consequence Mitigation", "Economic Policy", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier", "Interdependent CI"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Drinking Water Taps", "Fire Hydrants", "Groundwater", "Media Channels", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Spring Water", "Surface Water", "Transferred Information", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Bodies", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M66", "short_name": "DDoS Protection", "description": "DDoS (Distributed Denial of Service) protection or mitigation is the process of protecting a target from a DDoS attack by using specialized network equipment or cloud based services. By using such a protection, the targeted company is able to mitigate the threat.", "type_of_measure": ["Cyber Barriers", "Redundancy"], "type_of_source": ["External supplier", "Internal attacker", "Human fault", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Ds 12 decision support system", "Web server", "Serious game", "Ds 13 interface\u00a0", "Web application", "Sensors", "Alert system", "Match-making tool"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Sewers or wastewater treatment plant"], "consequence": ["Reputation", "Quantity", "Financial", "Quality"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M67", "short_name": "Authenticity check", "description": "Implementing authenticity checks on the data provenance and applications (by using certificates for instance) allows to ensure that the data is indeed coming from the source it seems to come from.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Server", "Temperature sensor web-platform ", "Early warning system \nfor safe water reuse", "Web server", "Serious game", "Temperature sensor web-platform", "Web application", "Early warning system \nfor bathing water quality", "Sensors", "Alert system", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M68", "short_name": "Access Control", "description": "Ensuring that only authorized users have access to specified resources. Can be both physical (fences, locked doors, \u2026) and cyber. ", "type_of_measure": ["Physical Barriers", "Cyber Barriers"], "type_of_source": ["Internal attacker", "External supplier", "Human fault", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Manipulation of the data", "Manipulation"], "specific_asset": ["Server", "Early warning system \nfor safe water reuse", "Mobile apps to communicate bathing water quality", "Web server", "Serious game", "Temperature sensor web-platform", "Web application", "Early warning system \nfor bathing water quality", "Web applicaton", "Sensors", "Alert system", "Ds11 flow forecast", "Match-making tool", "Ml based early warning system for bathing water"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Reputation", "Health issues", "Financial", "Damage to stakeholder activtiy", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M69", "short_name": "Jammer Detector", "description": "Specific measure for detecting the presence of a jammer device that prevents wireless communication.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Sensors", "Alert system", "Early warning system \nfor safe water reuse", "Temperature sensor web-platform "], "type_of_asset": ["Raw water bodies", "Csos data quality", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Financial", "Quality"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M70", "short_name": "Setting up Web Application Firewall (WAF)", "description": "Setting up a Web Application Firewal (WAF) helps protecting against different attacks such as Cross Site Scripting (XSS), SQL injection or cookie poisining for instance. Having a WAF in front of web applications can help with common and auomated attacks.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Manipulation of the data"], "specific_asset": ["Serious game", "Mobile apps to communicate bathing water quality", "Web server", "Web applicaton"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation", "Health issues", "False information"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M71", "short_name": "Server side monitoring of the sensors", "description": "Sensors can be monitored from the server, for instance by sending a heartbeat. This ensures that the sensor is not physically tampered with. In addition, GPS data can be monitored to also ensure that the sensor is at the right position.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Sensors", "Alert system", "Early warning system \nfor safe water reuse"], "type_of_asset": ["Raw water bodies", "Irrigation water", "Sewers or wastewater treatment plant"], "consequence": ["Quality"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M72", "short_name": "Proper device management", "description": "Device management means having the ability to enroll devices but also to revoke their access to the system (for instance in case one sensor gets stolen). Being able to update the firmware and apply secruity patches is also part of the device management.", "type_of_measure": ["Cyber Barriers", "Consequence Mitigation"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data"], "specific_asset": ["Sensors", "Alert system", "Match-making tool"], "type_of_asset": ["Raw water bodies", "Digital solution users", "Sewers or wastewater treatment plant"], "consequence": ["Quantity", "Information leak", "False information", "Quality"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M73", "short_name": "Software security assessment", "description": "Performing software security assessment allows to discover security vulnerabilities before they are found and exploited by attackers.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}]
\ No newline at end of file
+[{"id": "M01", "short_name": "FencesAndWalls", "description": "Construction of fences or walls around sensitive sites. By the construction of such physical barriers the entrance to sensitive sites is impeded. The aim is to ensure that no unauthorized personnel gets access to sensitive buidlings, assets or infrastructures.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Denial of service"], "specific_asset": ["Sensors", "Early warning system \nfor safe water reuse"], "type_of_asset": ["Irrigation water"], "consequence": ["Quality"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Which kind of fence and/or wall is chosen depends inter alia on the protection needs of the respective infrastructure/asset/building. Thus, before a fence or wall is built, a security concept (e.g. defining different security zones) could be set up to define which needs for perimeter protection exist in the respective cases. ", "details": null}, {"id": "M02", "short_name": "MotionDetectors", "description": "Implementation of motion detectors. Thus the intrusion of unauthorized personnel to sensitive sites is automatically detected. The aim is to be able to react quickly to occuring intrusions.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Action and Crisis Management Plans and Training"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Pressure Boosting Station", "Pump", "Server", "Transmission Devices", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "Different reactions are possible if a motion detector is triggered by an intruder. A silent alarm could be sent to the staff (thus the probability that the intruder is caught by the police could be increased) or a loud alarm sound could be started (this could lead to a flight of the intruder before he/she causes any more serious consequences).", "details": null}, {"id": "M03", "short_name": "CameraSurveillance", "description": "Surveillance of sensitive sites, buildings or assets with camera systems. Thus intruders are detected by the staff that is surveilling the monitors. The aim is to be able to react quickly to occuring intrusions or intrusion attempts and to be able to identify the attacker after an occuring attack.", "type_of_measure": [], "type_of_source": ["Internal attacker", "External attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation of the data", "Denial of service", "Destruction"], "specific_asset": ["Sensors", "Ds11 flow forecast", "Early warning system \nfor safe water reuse"], "type_of_asset": ["Sewers or wastewater treatment plant", "Irrigation water"], "consequence": ["Not serious", "Quality"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M04", "short_name": "Patrols", "description": "Organization of regular or irregular patrols at sensitive sites, buildings and assets. Thus intruders shall be noticed and the investigated sites, buildings and assets are checked for any obvious damages or similar. The aim is to prevent malicious attacks and to ensure the functionality of the water supply system.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Server", "Spring Water", "Surface Water", "Transmission Devices", "Treatment Unit Process", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Bodies", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "A positive side-effect of patrols might be the deterrent effect on potential attackers decreasing the likelihood of malicious attacks.", "details": null}, {"id": "M05", "short_name": "FloodProtection", "description": "Implementation of flood protection measures. By the building of dams or object protection measures against floods the intrusion of flood water to sensitive sites shall be prevented. The aim is to prevent any assets or buildings from being damaged by flood water and to ensure an ongoing high water quality.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["Natural phenomena"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Spring Water", "Transmission Devices", "Treatment Unit Process", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Pressure Boosting Station", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M06", "short_name": "BarredWindows", "description": "Protection of windows with bars. Thus intruders cannot enter a building by destroying a window. The aim is to ensure that only authorized personnel can enter sensitive objects or sites. ", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Control Center", "Drinking Water Tanks", "Pressure Boosting Station", "Water under treatment"], "type_of_asset": ["Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "It might be sufficient to implement bars at windows below the second floor as the height of all other windows could be a sufficient physical barrier.", "details": null}, {"id": "M07", "short_name": "BinaryContacts", "description": "Implementation of binary contacts as alarm system at doors, windows or storage tanks. Thus the intrusion of unauthorized personnel to sensitive site is automatically detected. The aim is to be able to react quickly to occuring intrusions.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["Internal attacker", "External attacker"], "type_of_threat": ["Physical"], "type_of_event": ["Destruction"], "specific_asset": ["Sensors", "Ds11 flow forecast"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Not serious"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Different reactions are possible if a binary contact is triggered by an intruder. A silent alarm could be sent to the staff (thus the probability that the intruder is caught by the police could be increased) or a loud alarm sound could be started (this could lead to a flight of the intruder before he/she causes any more serious consequences).", "details": null}, {"id": "M08", "short_name": "SecureDoorsAndWindows", "description": "Construction of doors and windows with a sufficient resistance class. Thus the time and effort that an attacker needs to overcome the respective barrier is increased. The aim is to gain more time to detect an attack and to react on the attack, furthermore the attractivity for an attack is reduced.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Control Center", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "An appropriate resistance class for doors and windows of specific buildings depends on the security zone that the building is assigned to.", "details": "DIN EN 1627 T\u00fcren, Fenster, Vorhangfassaden, Gitterelemente und Abschl\u00fcsse - Einbruchhemmung - Anforderung und Klassifizierung; Deutsche Fassung EN 1627:2011. Deutsche Norm. Berlin: Beuth Verlag GmbH."}, {"id": "M09", "short_name": "EntranceAccessControl", "description": "Implementation of an access control system for entrances to sensitive sites. Thus it shall be avoided that unauthorized people get access to the sensitive sites. The aim is to protect the infrastructures of the water utility from damages.", "type_of_measure": ["Physical Barriers", "Control System"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Control Center", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Water under treatment", "Well"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The physical access control can be implemented in different forms. The most common way of access control is the distribution of keys or access cards for sensitive sites only to authorized personnel. Another way of access control would be the implementation of regularly changing codes that are necessary to open doors. Also the access permission via biometric data like fingerprints is possible. In case of biometric entrance systems special attention has to be paid to data protection issues. \nAccess control can also be realized by personnel that is positioned at entrances to check access permissions manually. \nThe principle of minimum access permissions should be applied, that means that as few access authorizations as possible should be distributed.", "details": null}, {"id": "M10", "short_name": "SecureLocks", "description": "Installation of secure locks. Thus the picking of locks is substantially complicated. The aim is to prevent that attackers can easily enter sensitive sites by picking locks. ", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker"], "type_of_threat": ["Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Dosing System", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M11", "short_name": "DiscreetAppearance", "description": "If possible, sensitive sites and buildings should be designed in a discreet appearance. Thus it shall be avoided that the sites or areas raise awareness of potential attackers. The aim is to lower the probability of attacks.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["Internal attacker", "External attacker", "Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Discharge of pollutants", "Destruction"], "specific_asset": ["Sensors", "Ds11 flow forecast", "Alert system"], "type_of_asset": ["Sewers or wastewater treatment plant", "Raw water bodies"], "consequence": ["Quality", "Not serious"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "An example for a discreet design could be pumping stations. The building in which the pumps are located should not directly indicate that this is a pumping station for drinking water so that potential attackers are directly aware of a potential attack point. \nAlso areas on a water utility's properties where for example servers or the control center are located should not be directly recognisable. This would quickly indicate an attractive attack point for a potential intruder. ", "details": null}, {"id": "M12", "short_name": "SupervisionOfExternals", "description": "Supervision of any external people entering the water utility or sensitive sites. Any people who enter sites and who are not part of the utility's staff are supervised and not left alone at any time. Thus any data thefts, manipulations or similar shall be prevented.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "External supplier"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve", "Water under treatment", "Well"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": "Federal Office for Information \nSecurity:  ORP.1: Organisation. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 4"}, {"id": "M13", "short_name": "SmokeDetectors", "description": "Installation of smoke detectors. Thus fires are immediately noticed by the present staff. The aim is to protect all employees and infrastructures from serious injuries or damages caused by fire.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction"], "specific_asset": ["Additives", "Control Center", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process"], "type_of_asset": ["Drinking Water Tanks", "Pressure Boosting Station", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M14", "short_name": "ContainmentStructures", "description": "Construction of containment structures at sensitive locations like roads or airports. Thus raw water contaminations due to traffic accidents, leakages or similar are kept away from raw water sources for drinking water production. The aim is to ensure the constant and sufficient availability of raw water of a sufficient quality for drinking water production.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water"], "type_of_asset": ["Catchment Area", "Raw Water Bodies"], "consequence": ["Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M15", "short_name": "RawWaterPipelineProtection", "description": "Physical protection of raw water transmission pipeline and equipment (pumps, valves,\u2026). The aim is to protect the water transmission pipes against corrosion, intrusion, failure, etc.", "type_of_measure": ["Physical Barriers", "Redundancy", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation", "Pollution"], "specific_asset": ["Pump", "Transmission Pipes and Equipment"], "type_of_asset": ["Raw Water Pipeline", "Water Abstraction Points"], "consequence": ["Quality", "Quantity ", "Reputation", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive & Reactive", "comments": "This measure includes for example regular inspections of the raw water pipelines.", "details": null}, {"id": "M16", "short_name": "SourceWaterQualityControl", "description": "Control of raw water quality. The aim is to control the raw water quality in order to select the best treatment process and operation.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water", "Well"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Treatment Plants"], "consequence": ["Quality"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M17", "short_name": "WatershedProtection", "description": "Pollution sources in the watershed may affect raw water quality. The aim is to control the activities within the watershed affecting raw water quality.", "type_of_measure": ["Physical Barriers", "Control System", "Consequence Mitigation", "Economic Policy"], "type_of_source": ["Human fault", "Natural phenomena", "External attacker"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water", "Well"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "One of the objectives of the Water framework directive is to protect the drinking water sources. Part of this measures could be inspections of the watersheds and regulations of human activities in the watershed (especially regulations of traffic, industry, agriculture, residential areas).", "details": null}, {"id": "M18", "short_name": "InflowAndBackflowPrevention", "description": "Implementation of inflow and backflow prevention devices at relevant points of the network (e.g. house connections, fire hydrants). Thus the contamination of the drinking water network via these sources is prevented. The aim is to prevent intentional and unintentional contaminations so that a high water quality is ensured.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Drinking Water Taps", "Fire Hydrants"], "type_of_asset": ["Drinking Water Network"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M19", "short_name": "FiltersInAerationProcesses", "description": "All air for aeration purposes in water treatment plants and water storage tanks should be filtered. Thus it is aimed to prevent contaminations induced by entering air by the provision of physical barriers. The aim is to ensure an ongoing high quality of the supplied water.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Drinking Water Tanks", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Drinking Water Tanks", "Water Treatment Plants"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Filters should be installed at every air intake for aeration purposes. Furthermore, no openings for aeration purposes should be built directly over the water surface to prevent that attackers can easily induce dangerous substances or that dangerous substances are induced in a natural way. ", "details": null}, {"id": "M20", "short_name": "PressureAndFlowSensors", "description": "Installation of pressure and flow sensors at different positions in the water distribution network. Thus it can be checked if the network is operated in the desired conditions. The aim is to ensure a water supply in sufficient quantity and pressure.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Control System", "Drinking Water Pipes", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Transferred Information", "Transmission Pipes and Equipment", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Raw Water Pipeline", "Water Abstraction Points"], "consequence": ["Quantity ", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "With this measure failures in the distribution network due to intended attacks like destructions of pumps or pipes might be detected. Furthermore, also failures due to naturally occuring damages like pipe breakages are detected (induced by natural phenomena or by wrong operation/human fault).", "details": null}, {"id": "M21", "short_name": "OscillationSensors", "description": "Installation of oscillation sensors at pumps. Thus any imminent damages of the pump or manipulations of the pump operation or settings are detected by changed oscillation patterns. The aim is to ensure an ongoing proper pump functionality and to detect any manipulations.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Pump"], "type_of_asset": ["Pressure Boosting Station"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "This measure might indicate imminent pump failures due to wear or intended pump manipulations which are not detected in another way because the signal of the pump status to the control center was manipulated to show the desired values. ", "details": null}, {"id": "M22", "short_name": "ValvePositionSensors", "description": "Installation of sensors indicating the position of valves. Thus it can be checked if all valves are are in the position that they are obliged to. The aim is to check if the operating parameters are performed as they should or if any malfunctions or manipulations of the valves exist.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Transferred Information", "Transmission Devices", "Valve"], "type_of_asset": ["Drinking Water Network", "Raw Water Pipeline", "Water Treatment Plants"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M23", "short_name": "LevelSensors", "description": "Installation of sensors indicating the filling level of storage tanks or additive reservoirs. Thus it can be supervised if any storage tanks or reservoirs are running dry or overflow. The aim is to ensure a desired filling level in all reservoirs and storage tanks.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Additives", "Control System", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Transferred Information", "Transmission Pipes and Equipment", "Valve"], "type_of_asset": ["Drinking Water Tanks", "Water Treatment Plants"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M24", "short_name": "AutomatedValveControl", "description": "Automated control of valves to regulate required pressures and flows. Thus human errors e.g. leading to pressure shocks are avoided. The aim is to ensure ongoing desired conditions in the network and to protect the infrastructure from damages.", "type_of_measure": ["Control System"], "type_of_source": ["Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Destruction"], "specific_asset": ["Drinking Water Pipes", "Transmission Pipes and Equipment", "Valve"], "type_of_asset": ["Drinking Water Network", "Raw Water Pipeline"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Although the control of valves is automated, the possibility of a manual control should be given at every point of time.", "details": null}, {"id": "M25", "short_name": "OperatingParameterSurveillance", "description": "Surveillance of operating parameters from the catchment to the final distribution point. Thus any damages, malfunctions or manipulations in the supply chain are directly detected. The aim is to enable fast reactions to damages, malfunctions or manipulations. ", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Control System", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Server", "Transferred Information", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Potential parameters to be supvervised are volume flows and pressures of water at different positions in the system, pressure losses (e.g. at filters), membrane permeabilities or volume flows and pressures of air at aerations. The surveillance can be realized manually or automatically by the definition of certain allowed operating ranges.", "details": null}, {"id": "M26", "short_name": "ProcedureForPersonnelChanges", "description": "Following of a structured procedure in case of new employees entering the company or employees leaving the company. Thus new employees directly learn about all important information security issues and leaving employees are informed about their duty of confidentiality. By this measure, data losses due to leaving employees and faults due to unawareness of new employees shall be prevented.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation", "Denial of service", "Spoofing", "Manipulation of the data", "Discharge of pollutants"], "specific_asset": ["Sensors", "Ds 13 interface\u00a0", "Early warning system \nfor bathing water quality", "Web application", "Alert system", "Server", "Ml based early warning system for bathing water", "Serious game", "Web server", "Ds11 flow forecast"], "type_of_asset": ["Sewers or wastewater treatment plant", "Raw water bodies", "Digital solution users"], "consequence": ["Quality", "Information leak", "Quantity", "False information", "Reputation", "Health issues"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "For new employees checklists should be used to ensure that no important issues about information security are forgotten. If possible, the leaving employee should train the new employee. All access rights have to be taken from the leaving employee. ", "details": "Federal Office for Information \nSecurity:  ORP.2: Personal. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 3"}, {"id": "M27", "short_name": "EmployeesTrainings", "description": "Regular trainings, seminars, updates and informations on security issues should be implemented for all employees. Thus the staff is always kept up to date about any security relevant developments, behavioural rules and acute risks, both in the cyber and in the physical sector. The aim is to prevent hazards occuring due to unawareness and human faults.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation", "Denial of service", "Spoofing", "Manipulation of the data", "Discharge of pollutants"], "specific_asset": ["Sensors", "Ds 13 interface\u00a0", "Early warning system \nfor bathing water quality", "Web application", "Match-making tool", "Alert system", "Server", "Ml based early warning system for bathing water", "Serious game", "Web server", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": "Federal Office for Information \nSecurity:  ORP.2: Personal. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 4"}, {"id": "M28", "short_name": "SecurityCheckOfEmployees", "description": "Security check of new employees. By checking relevant data of new employees like the completeness of the CV and the criminal record, the confidentiality and reliability of the potential employee is checked. The aim is to employ trustworthy and reliable employees to ensure a safe operation.", "type_of_measure": ["Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation", "Denial of service", "Spoofing", "Manipulation of the data", "Discharge of pollutants", "Destruction"], "specific_asset": ["Sensors", "Ds 13 interface\u00a0", "Early warning system \nfor bathing water quality", "Web application", "Alert system", "Server", "Ml based early warning system for bathing water", "Serious game", "Web server", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Csos data quality", "Raw water bodies", "Digital solution users"], "consequence": ["Quality", "Not serious", "Information leak", "Quantity", "False information", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The possibilities for security checks are significantly limited by different laws and regulations in the field of data protection. Therefore it has to be ensured that all information gaining processes are lying in the frame of legally allowed and ethically justifiable investigations.", "details": null}, {"id": "M29", "short_name": "EmergencyPlans", "description": "Setting up of emergency plans. Thus clear responsabilities, courses of action, procedures and contacts are defined and documented for emergency cases. The aim is to reduce the consequences after serious cyber, physical or cyber-physical incidents.", "type_of_measure": ["Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Manipulation of the data", "Discharge of pollutants", "Denial of service"], "specific_asset": ["Sensors", "Early warning system \nfor bathing water quality", "Alert system", "Ml based early warning system for bathing water", "Server"], "type_of_asset": ["Raw water bodies", "Digital solution users"], "consequence": ["Quality", "Information leak", "False information", "Reputation", "Health issues"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "A complete crisis plan should exist including responsabilities, pending tasks, important contacts etc. \nAll tasks from the evaluation of the situation over the determination of appopriate reactions to the crisis until the final realization of the actions and their effectiveness check have to be defined. Therefore also an emergency service must exist. ", "details": "DIN EN 15975-1: Sicherheit der Trinkwasserversorgung - Leitlinien f\u00fcr das Risiko- und Krisenmanagement - Teil 1: Krisenmanagement; Deutsche Fassung EN 15975-1:2011+A1:2015. Deutsche Norm. Berlin: Beuth Verlag GmbH."}, {"id": "M30", "short_name": "RedundantAssetsAndInfrastructures", "description": "Constructions of redundant infrastructures and assets along the whole water supply chain. Thus the failure of one component can, at least partially, be compensated by the respective redundant asset. The aim is to ensure a constant supply of water with adequate quantity, quality and pressure.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["Internal attacker", "External supplier", "External attacker", "Human fault"], "type_of_threat": ["Physical", "Cyber"], "type_of_event": ["Denial of service", "Spoofing", "Manipulation of the data", "Discharge of pollutants", "Destruction"], "specific_asset": ["Sensors", "Ds 13 interface\u00a0", "Early warning system \nfor bathing water quality", "Web application", "Ds 12 decision support system", "Match-making tool", "Alert system", "Server", "Serious game", "Web server", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Not serious", "Information leak", "False information", "Quantity", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Redundant infrastructures could exist in the water extraction (wells, river extractions, reservoir extractions, spring water), water treatment infrastructures (filtration, adsorption, aeration, sedimentation, softening), water storage (tanks), water distribution (main pipes, distribution pipes, pressure boosting station) or similar infrastructures. Another kind of redundancy implementation that might make sense is the cooperation with other suppliers e.g. with neighbouring municipalities in supply networks.", "details": null}, {"id": "M31", "short_name": "DistributedEnergySupply", "description": "Supply of energy from more than one supplier. Thus a potential supply failure of one electrical energy supplier can quickly be replaced by the supply of the redundant supplier. The aim is to prevent downtimes due to a lack of electrical energy.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["Interdependent CI"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Interruption"], "specific_asset": ["Control Center", "Control System", "Dosing System", "Pressure Boosting Station", "Media Channels", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M32", "short_name": "EmergencyGenerators", "description": "Installation of emergency generators. Thus a complete failure of external energy supply can be compensated by the emergency generators. The aim is to prevent downtimes due to a lack of electrical energy.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Natural phenomena", "Interdependent CI"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Interruption"], "specific_asset": ["Control Center", "Control System", "Dosing System", "Pressure Boosting Station", "Media Channels", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M33", "short_name": "AdditionalStorageCapacity", "description": "Construction of additional storage tanks. Thus periods of water scarcity can be bridged easier due to a higher amount of stored water. The aim is to ensure a constant supply with drinking water also in times of reduced raw water avilability or attacks on water treatment or supply elements.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Spoofing"], "specific_asset": ["Ds 13 interface\u00a0", "Web application"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Quantity"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M34", "short_name": "WaterIntakeAdaption", "description": "Re-designing of water intakes for periods of raw water scarcities. Thus the usual sources for raw water can also be used in case of low water levels e.g. by the construction of pumps, modified water intakes or additional wells. The aim is to ensure a constant supply with raw water.", "type_of_measure": ["Consequence Mitigation"], "type_of_source": ["Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Interruption"], "specific_asset": ["Groundwater", "Spring Water", "Surface Water", "Well"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Abstraction Points"], "consequence": ["Quantity ", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M35", "short_name": "WaterQualityOnlineSurveillance", "description": "Surveillance of the water composition along the supply chain by online sensors. Thus degradations of water quality (from raw water to the point of supply) are early detected. The aim is to enable fast reactions and the potential isolation of affected network parts or infrastructures.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Additives", "Control System", "Dosing System", "Drinking Water Tanks", "Fire Hydrants", "Groundwater", "Spring Water", "Surface Water", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Drinking Water Network", "Drinking Water Tanks", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Reactive", "comments": "The quality should be checked with respect to chemical, microbiological and physical parameters. Potential parameters can for example be taken from existing laws or guidelines defining the required drinking water quality, examples are temperatures, pH values, conductivities, oxygen concentrations, turbidities, UV absorption or redox potential. ", "details": null}, {"id": "M36", "short_name": "WaterTreatmentControl", "description": "Implementation of monitoring, treatment and disinfection processes in order to comply with the water quality  standards under all circumstances.", "type_of_measure": ["Redundancy", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier", "Interdependent CI"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control System", "Dosing System", "Drinking Water Tanks", "Pump", "Sensor", "Treatment Unit Process", "Water under treatment"], "type_of_asset": ["Catchment Area", "Raw Water Bodies", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": "This is a measure for process control & optimization.", "details": null}, {"id": "M37", "short_name": "WaterQualityOfflineSurveillance", "description": "Offline monitoring of water quality parameters in the distribution systems to comply with the water quality standards under all circumstances.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Drinking Water Pipes", "Drinking Water Tanks"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M38", "short_name": "MonitoringAndControlOfDistributionSystem", "description": "Monitoring and controlling the distribution system for biofilms, deposits and corrosion. ", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["Natural phenomena", "Human fault"], "type_of_threat": ["Physical"], "type_of_event": ["Interruption", "Pollution"], "specific_asset": ["Additives", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Drinking Water Taps"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M39", "short_name": "WaterNetworkInterventionsForWaterSupplyRecovery", "description": "There are many events that potentially may lead to anomalies affecting the physical elements of the water network (i.e. pipe breakdown). When this occurs, a segment of the network containing the faulty element is isolated for its repair. This isolation may affect the supply of certain demand nodes in terms of quantity and pressure. Then, a set of network interventions must be enabled in order to recover the water supply service in the affected area during this emergency period. In general, this interventions aims to enable new water pathways to the affected area and/or adapting PRVs and pumping strategies to recover pressure assuring enough autonomy in the water tanks.", "type_of_measure": ["Physical Barriers", "Redundancy", "Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier", "Interdependent CI"], "type_of_threat": ["Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Drinking Water Pipes", "Drinking Water Tanks", "Pressure Boosting Station", "Pump", "Valve"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station"], "consequence": ["Quantity ", "Quality", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Reactive", "comments": null, "details": null}, {"id": "M40", "short_name": "AdditivesQualityCheck", "description": "Supervision of quality of delivered additives. Thus the use of  additives produced with substandard quality or the use of subsequently (intentionally or unintentionally) polluted additives is prevented. The aim is to prevent the pollution of drinking water caused by the use of polluted additives.", "type_of_measure": ["Control System"], "type_of_source": ["External attacker", "External supplier"], "type_of_threat": ["Physical"], "type_of_event": ["Pollution"], "specific_asset": ["Additives"], "type_of_asset": ["Water Treatment Plants"], "consequence": ["Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M41", "short_name": "InfrastructureAndAssetInspections", "description": "Regular and/or continuous inspections of existing infrastructure and assets by trained and professional personnel. Thus existing or impending damages, failures or manipulations are early detected. The aim is to undo damages, failures or manipulations to prevent more serious consequences on existing infrastructures.", "type_of_measure": ["Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve", "Well"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Reactive", "comments": "The inspections shall detect intended manipulations of the assets and infrastructure by attackers as well as existing and imminent damages or failures due to wrong operation or wear.", "details": null}, {"id": "M42", "short_name": "InformationSecurityGuidelines", "description": "Establishment of a guideline for information security. This guideline contains all relevant aspects about the company's information security aims and underlying processes. Thus the employees are aware of the importance of information security procedures and know how to behave to ensure information security.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "External supplier"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Media Channels", "Sensor", "Server", "Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The guideline(s) should contain information about the importance of information security, the security objectives, the most important aspects of the security strategy as well as the organisational structure established for information security. A clear scope must be defined. All employees must be informed about the guideline on information security. The guideline should regularly be updated.", "details": "Federal Office for Information \nSecurity:  ISMS.1: Sicherheitsmanagement. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. P. 5"}, {"id": "M43", "short_name": "InformationSecurityManagementSystem", "description": "Implementation of an Information Security Management System (ISMS). The ISMS enables the implementation and continuous application of a thought out and effective information security process. The aim is to provide a general concept for a continuosly updated information security in a water utility.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Spoofing"], "specific_asset": ["Ds 13 interface\u00a0", "Web application"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Quantity"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "An ISMS should be tailored to the existing management structures of the specific water utility. Due to different conditions existing in each site and utility, there cannot be one ISMS fitting as general system for all utilites. Thus there is a need of customization in each case.", "details": "Federal Office for Information \nSecurity:  ISMS.1: Sicherheitsmanagement. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-8"}, {"id": "M44", "short_name": "PasswordSecurity", "description": "Access to sensitive and critical cyber applications, databases, control tools or similar should be protected by secure passwords. Thus only authorized people get access to the respective cyber space. The aim is to prevent attacker's access by hacking and to ensure the cyber system's integrity.", "type_of_measure": ["Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker", "External attacker", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Web applicaton", "Web application", "Match-making tool", "Server", "Ml based early warning system for bathing water", "Mobile apps to communicate bathing water quality", "Serious game", "Alert system", "Web server", "Ds11 flow forecast"], "type_of_asset": ["Sewers or wastewater treatment plant", "Raw water bodies", "Digital solution users"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Reputation", "Health issues"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "For the access to any application, database or similar a different password has to be used. Passwords should not be too short (at least 8 symbols) and contain symbols of different kinds (e.g. capital and small letters, special symbols, numbers). Passwords should be changed regularly.", "details": "Federal Office for Information Security: Passwords. \nLink: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/Passwoerter/passwoerter_node.html\nLast access: 21.01.2019"}, {"id": "M45", "short_name": "TwoFactorAuthentification", "description": "Implementation of two-factor authentification for especially sensitive applications. Thus the possibility of unauthorized access to sensitive applications is significantly reduced. The aim is to ensure a special protection for especially sensitive applications. Try not using SMS but dedicated apps instead (or dongles).", "type_of_measure": ["Cyber Barriers", "Control System"], "type_of_source": ["External attacker", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data"], "specific_asset": ["Web applicaton", "Web application", "Match-making tool", "Server", "Mobile apps to communicate bathing water quality", "Ds11 flow forecast"], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Reputation", "Health issues"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Possible realizations for a two-factor authentification could for example be individual codes that are sent via SMS or TAN generators. ", "details": "Federal Office for Information Security: Passwords. \nLink: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/Passwoerter/passwoerter_node.html\nLast access: 21.01.2019"}, {"id": "M46", "short_name": "RestrictedAccesToITSystem", "description": "The company must to restrict the network control actions and information accesibility to particular actors inside the company using a particular protocol acces (double factor). A security  level of accessibility should be defined according to the person or group in charge of specific tasks in the company. ", "type_of_measure": ["Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker", "External supplier", "External attacker", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation", "Denial of service", "Spoofing"], "specific_asset": ["Sensors", "Ds 13 interface\u00a0", "Web applicaton", "Web application", "Temperature sensor web-platform", "Match-making tool", "Alert system", "Server", "Ml based early warning system for bathing water", "Mobile apps to communicate bathing water quality", "Serious game", "Web server", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M47", "short_name": "NonManipulationConnectionTool", "description": "The company must forbid the network connection to not authorized mobile devices (PC, laptop, etc.).", "type_of_measure": ["Physical Barriers", "Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Spoofing"], "specific_asset": ["Ds 13 interface\u00a0", "Web application"], "type_of_asset": ["Sewers or wastewater treatment plant"], "consequence": ["Quantity"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M48", "short_name": "CryptographicProcesses", "description": "Implementation of cryptographic processes. Thus any relevant data is encrypted and therfore unreadable for an attacker. The aim is to ensure that any attacker getting access to sensitive data cannot read the data due to its encryption.", "type_of_measure": ["Cyber Barriers", "Consequence Mitigation"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Sensors", "Early warning system \nfor bathing water quality", "Web applicaton", "Web application", "Temperature sensor web-platform", "Match-making tool", "Alert system", "Server", "Ml based early warning system for bathing water", "Mobile apps to communicate bathing water quality", "Serious game", "Web server", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "Additionally to the data encryption, the possibility of encrypting also communication connections should be checked in dependence on the necessary effort for encryption and its practicability. The source and integrity of used cryptographic keys should also be checked. The keys should be changed in a sufficient frequency. \nEncryptions can be realized for transferred data (wireless connections, wires, mobile storage devices) and for data stored on servers, clients, mobile devices or similar. ", "details": "Federal Office for Information \nSecurity:  CON.1: Kryptokonzept. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-6"}, {"id": "M49", "short_name": "DataBackups", "description": "All relevant data should be saved in a data backup regularly. Due to redundant data storages the loss of one data set can be compensated by using the backup data. Thus the ongoing operability of the utility is ensured.", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "All relevant factors of influence on the process of data backup generation must be documented, e.g. the amount and time of changed data, availability requirements or similar. If applied, the requirements for online data backups, e.g. in clouds, must be determined (e.g. location of storage, methods of authentification, etc.). The backup data should be encrypted, furthermore the location of the backup data should not be the same as the location of the original data.", "details": "Federal Office for Information \nSecurity:  CON.3: Datensicherungskonzept. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 2-4"}, {"id": "M50", "short_name": "NetworkSeparation", "description": "Secure installation and operation of different network security zones. Thus unauthorized entries into sensitive networks can be complicated. The aim is to ensure the integrity, authenticity and confidentiality of all data in the network.", "type_of_measure": ["Physical Barriers", "Cyber Barriers", "Control System"], "type_of_source": ["Internal attacker", "External supplier", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation", "Spoofing"], "specific_asset": ["Ds 13 interface\u00a0", "Web application", "Server", "Ml based early warning system for bathing water", "Early warning system \nfor safe water reuse", "Ds11 flow forecast"], "type_of_asset": ["Sewers or wastewater treatment plant", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Reputation", "Quantity"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "This measure is dealing with the IT networks. The complete network setup, structure, changes or similar must be documented in detail. The network must be separated into different security zones (e.g. internal network, demilitarized zone [DMZ], external connections [including untrustworthy networks like the internet]). Different security zones should also be physically separated. Firewalls must separate the security zones. Clients and server must be located in different segments of the network. Sensitive information must be transferred by using state-of-the-art secure protocols. ", "details": null}, {"id": "M51", "short_name": "AppropriateLayingOfWires", "description": "Information transmitting wires should be laid in a security conform way. Thus the probability of data thieveries and damages of wires is reduced by preventing unauthorized access to the data transmission wire. The aim is to protect sensitive data.", "type_of_measure": ["Physical Barriers"], "type_of_source": ["External attacker", "Internal attacker"], "type_of_threat": ["Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "It should be made difficult to get access to wires e.g. by underground laying of wires, the protection of wires by mantles or similar. ", "details": null}, {"id": "M52", "short_name": "ServerRoomSetup", "description": "Appropriate setup of server rooms. Thus the lifetime of servers is extended and its ongoing functionality is ensured. The aim is to ensure the continuous operability of all servers under appropriate conditions.", "type_of_measure": ["Physical Barriers", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "Interdependent CI"], "type_of_threat": ["Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation"], "specific_asset": ["Server"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "The server room should be located apart from office rooms and ensure appropriate conditions (temperature, air humidity, constant electrical energy supply, etc.). \nThe room should be secured by doors with an appropriate resistance class and with an appropriate access control system. Furthermore it should be protected against physical hazards like fire, water intrusion etc. \nA constant supply with electrical energy must be ensured, if necessary an Uninterruptable Power Supply (UPS) must be implemented.", "details": "Federal Office for Information \nSecurity:  APP.3.3 Fileserver. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-5"}, {"id": "M53", "short_name": "MirroredSCADA", "description": "Implementation of a mirrored SCADA system. Thus in case of a failure of the SCADA system, this failure can be compensated by activating the mirrored SCADA system. The aim is to ensure an ongoing operability of the water utility. ", "type_of_measure": ["Redundancy", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Manipulation"], "specific_asset": ["Control Center", "Control System"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": "The mirrored SCADA system should be not be located at the same position as the acutally used SCADA system. ", "details": null}, {"id": "M54", "short_name": "DataIntegrityCheck", "description": "The integrity of important data should be checked e.g. by blockchain technology. Thus falsified signals are immediately detected. The aim is to ensure that any decision of the utility is based on data with ensured integrity.", "type_of_measure": ["Control System"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Sensors", "Early warning system \nfor bathing water quality", "Web applicaton", "Web application", "Temperature sensor web-platform", "Match-making tool", "Alert system", "Server", "Ml based early warning system for bathing water", "Mobile apps to communicate bathing water quality", "Serious game", "Web server", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M55", "short_name": "MalwareProtectionGuidelines", "description": "Implementation of guidelines for a correct behaviour to protect the IT systems from malware. Thus all employees know how to handle hard- and software to ensure a secure IT environment. The aim is to prevent any damages resulting from the malware and to ensure the integrity, authenticity and confidentiality of all data and assets in the IT infrastructure. ", "type_of_measure": ["Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Media Channels", "Sensor", "Server", "Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The guidelines should define the handling of potentially harmful soft- and hardware. It should e.g. be defined when and which storage devices may be connected to the IT infrastructure, how annexes of e-mails have to be handled and how executable files have to be treated.", "details": null}, {"id": "M56", "short_name": "MalwareProtectionSoftware", "description": "Installation of suitable software to protect the IT systems against malware. By this measure malware reaching the IT system shall be blocked, deleted or at least directly noticed. Thus any damages resulting from the malware shall be avoided to ensure the integrity, authenticity and confidentiality of all data and assets in the IT infrastructure.", "type_of_measure": ["Cyber Barriers", "Control System", "Consequence Mitigation"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Media Channels", "Sensor", "Server", "Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Used applications and software for defense against malware should be tailored for the use in enterprises, solutions for home use are not sufficiently safe. Furthermore, the chosen solution should be updated and checked on its effectiveness regularly. The employees should be trained on handling possibly dangerous contents in a sensitive way. Any detections of malware should be reported directly by both, the user detecting the malware and automatically by the system.\nAll relevant data emerging in the IT system should be logged for a fast detection of incidents and for an easier understanding of past attacks. ", "details": "Federal Office for Information \nSecurity:  OPS.1.1.4: Schutz vor Schadprogrammen. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-5"}, {"id": "M57", "short_name": "PatchAndChangeManagement", "description": "Implementation of a concept for the patch and change management in the IT environment. By following this concept, emerging security holes can be closed quickly and any (e.g. software) changes are monitored with regard to security issues. Thus the security of the IT systems of the company is ensured in general.", "type_of_measure": ["Cyber Barriers", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The concept should clearly define all responsabilites and procedures of the patch and changes management process. Furthermore, the handling of auto-updates that might be implemented in the used software should be regulated. ", "details": "Federal Office for Information \nSecurity:  OPS.1.1.3: Patch- und \u00c4nderungsmanagement. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-5"}, {"id": "M58", "short_name": "NetworkTrafficAnalysis", "description": "Surveillance of all network traffic on suspicious patterns. Thus hacker attacks shall be recognized and negative consequences shall be prevented. The aim is to ensure the integrity, authenticity, confidentiality and operability of the network and all connected devices.", "type_of_measure": ["Control System", "Consequence Mitigation", "Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External supplier", "External attacker", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation", "Denial of service", "Spoofing"], "specific_asset": ["Early warning system \nfor bathing water quality", "Ds 13 interface\u00a0", "Sensors", "Web application", "Ds 12 decision support system", "Match-making tool", "Server", "Alert system", "Ml based early warning system for bathing water", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Information leak", "False information", "Quantity", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": "Consequences", "characteristics_of_action": "Proactive", "comments": null, "details": null}, {"id": "M59", "short_name": "SecurityOfWirelessNetworks", "description": "Defitinition of security measures for the implementation and use of wireless network connections. Thus attacks on wireless connections shall be prevented. The aim is to ensure the integrity, autenticity, confidentiality and operability of the wireless network and all connected devices.", "type_of_measure": ["Cyber Barriers", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Denial of service"], "specific_asset": ["Sensors", "Early warning system \nfor safe water reuse", "Match-making tool"], "type_of_asset": ["Irrigation water", "Digital solution users"], "consequence": ["Quality", "Quantity"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "Before the implementation of wireless networks it must be checked if any other wireless networks exist in the same area with similar configurations that could disturb the implemented network. Generally accepted standards for authentification and encryption have to be used. All information transferred via wireless networks has to be encrypted with up-to-date encryption technologies. Access points must be located at positions where no unauthorized personnel can reach them. Access points may not be operated in default configurations. A security barrier should exist between wireless and wired connections. Regular checks for security wholes should be ensured. ", "details": "Federal Office for Information \nSecurity: NET.2.1: WLAN-Betrieb. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-6"}, {"id": "M60", "short_name": "SoftwareManagement", "description": "The software management should be organized and carried out by responsible IT experts. Thus only credible software is installed correctly, furthermore an appropriate use of the software is teached to the staff. The aim is to avoid cyber security issues due to the installation of untrustful software, wrong installation of trustful software or inappropriate software uses.", "type_of_measure": ["Cyber Barriers", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Spoofing"], "specific_asset": ["Serious game", "Ds 13 interface\u00a0", "Web application", "Web server"], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users"], "consequence": ["Quality", "Reputation", "Quantity"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": null, "details": "Federal Office for Information \nSecurity:  CON.4: Auswahl und Einsatz von Standardsoftware. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 1-4"}, {"id": "M61", "short_name": "MobileDeviceUsageRules", "description": "Setting up of clear rules for the use of mobile devices. Thus the staff knows how to use mobile devices outside the utility in a secure way. The aim is to ensure data and cyber security also outside of the utility area.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Transferred Information", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "Examples for rules could be the mandatory use of privacy films for monitors or automatic screen locks after a certain time of inactivity. Losses of IT equipment should be reported as soon as possible to the utility. Portable devices should be encrypted. Connections to the utility's network should only be allowed via Virtual Private Network (VPN) connections.\nA list of mobile devices should exist in the company. ", "details": "Federal Office for Information \nSecurity:  CON.7: Informationssicherheit auf Auslandsreisen. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 5-8"}, {"id": "M62", "short_name": "DeletionAndDestructionOfDataCarriers", "description": "Ensuring of proper deletion of data and destruction of data carriers. By a proper deletion or destruction, the data shall be irreversibly wiped out. Thus the loss of any sensitive data shall be prevented.", "type_of_measure": ["Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault"], "type_of_threat": ["Cyber", "Cyber-Physical"], "type_of_event": ["Manipulation"], "specific_asset": ["Control System", "Server", "Transmission Devices"], "type_of_asset": ["Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood", "characteristics_of_action": "Proactive", "comments": "The data deletion mechanisms should ensure that no data can be restored and that no residual data exist. All employees should be trained how to delete data and destroy data carriers correctly. If data carriers are collected and stored before destruction, the location of collection has to be protected against any possible intruders. ", "details": "Federal Office for Information \nSecurity:  CON.6: L\u00f6schen und Vernichten. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-4"}, {"id": "M63", "short_name": "SecureOutsourcing", "description": "Assurance of IT security in case of outsourcing by setting-up appropriate agreements with the respective companies. By these agreements it is guaranteed that also the respective external companies comply with the relevant security guidelines. Thereby it is ensured that emerging risks due to the outsourcing process are minimized. ", "type_of_measure": ["Cyber Barriers", "Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service", "Spoofing"], "specific_asset": ["Serious game", "Ds 13 interface\u00a0", "Web application", "Web server"], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users"], "consequence": ["Quality", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive", "comments": "The agreement should ensure that the commissioned company complies with a sufficiently acknowledged security standard (e.g. the German IT-Grundschutz [IT-Basic Protection]). ", "details": "Federal Office for Information \nSecurity:  OPS.2.1: Outsourcing f\u00fcr Kunden. In: IT-Grundschutz-Kompedium. 1st Edition. Bundesanzeiger Verlag GmbH, Cologne, 2018. Pp. 3-6"}, {"id": "M64", "short_name": "Documentation", "description": "A complete documentation of all relevant assets and processes in the physical and digital infrastructure of the water utility must be ensured. Thus a full overview of the utility and potential risks is available at any point of time. The aim is to be able to recognize any weak points that have to be treated by different risk redcution measures.", "type_of_measure": ["Control System", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M65", "short_name": "IdentificationClassificationAndRiskAssessmentTool", "description": "The Company must select a particular approach and methodology for risk assessment and analysis that incidents and prioritizes risks based on threats, vulnerabilities and consequences of security.", "type_of_measure": ["Physical Barriers", "Cyber Barriers", "Redundancy", "Control System", "Consequence Mitigation", "Economic Policy", "Action and Crisis Management Plans and Training"], "type_of_source": ["External attacker", "Internal attacker", "Human fault", "Natural phenomena", "External supplier", "Interdependent CI"], "type_of_threat": ["Cyber", "Physical", "Cyber-Physical"], "type_of_event": ["Destruction", "Interruption", "Manipulation", "Pollution"], "specific_asset": ["Additives", "Control Center", "Control System", "Dosing System", "Drinking Water Pipes", "Drinking Water Tanks", "Drinking Water Taps", "Fire Hydrants", "Groundwater", "Media Channels", "Power Transformer", "Pressure Boosting Station", "Pump", "Sensor", "Server", "Spring Water", "Surface Water", "Transferred Information", "Transmission Devices", "Transmission Pipes and Equipment", "Treatment Unit Process", "Valve", "Water under treatment", "Well"], "type_of_asset": ["Catchment Area", "Drinking Water Network", "Drinking Water Tanks", "Pressure Boosting Station", "Raw Water Bodies", "Raw Water Pipeline", "Water Abstraction Points", "Water Treatment Plants"], "consequence": ["Quantity ", "Quality", "Financial", "Reputation"], "risk_reduction_mechanism": "Frequency/Likelihood & Consequences", "characteristics_of_action": "Proactive & Reactive", "comments": null, "details": null}, {"id": "M66", "short_name": "DDoS Protection", "description": "DDoS (Distributed Denial of Service) protection or mitigation is the process of protecting a target from a DDoS attack by using specialized network equipment or cloud based services. By using such a protection, the targeted company is able to mitigate the threat.", "type_of_measure": ["Cyber Barriers", "Redundancy"], "type_of_source": ["Internal attacker", "External supplier", "External attacker", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Sensors", "Ds 13 interface\u00a0", "Web application", "Ds 12 decision support system", "Match-making tool", "Server", "Alert system", "Serious game", "Web server", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Csos data quality", "Raw water bodies", "Digital solution users"], "consequence": ["Financial", "Quality", "Reputation", "Quantity"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M67", "short_name": "Authenticity check", "description": "Implementing authenticity checks on the data provenance and applications (by using certificates for instance) allows to ensure that the data is indeed coming from the source it seems to come from.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["Internal attacker", "External supplier", "External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation"], "specific_asset": ["Sensors", "Early warning system \nfor bathing water quality", "Web application", "Temperature sensor web-platform", "Match-making tool", "Alert system", "Server", "Ml based early warning system for bathing water", "Serious game", "Web server", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M68", "short_name": "Access Control", "description": "Ensuring that only authorized users have access to specified resources. Can be both physical (fences, locked doors, \u2026) and cyber. ", "type_of_measure": ["Physical Barriers", "Cyber Barriers"], "type_of_source": ["Internal attacker", "External supplier", "External attacker", "Human fault"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Manipulation", "Denial of service"], "specific_asset": ["Sensors", "Early warning system \nfor bathing water quality", "Web applicaton", "Web application", "Match-making tool", "Alert system", "Server", "Ml based early warning system for bathing water", "Mobile apps to communicate bathing water quality", "Serious game", "Web server", "Early warning system \nfor safe water reuse", "Ds11 flow forecast", "Temperature sensor web-platform"], "type_of_asset": ["Sewers or wastewater treatment plant", "Digital solution users", "Csos data quality", "Irrigation water", "Raw water bodies"], "consequence": ["Quality", "Damage to stakeholder activtiy", "Information leak", "Quantity", "False information", "Financial", "Reputation", "Health issues"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M69", "short_name": "Jammer Detector", "description": "Specific measure for detecting the presence of a jammer device that prevents wireless communication.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Sensors", "Alert system", "Early warning system \nfor safe water reuse", "Temperature sensor web-platform "], "type_of_asset": ["Sewers or wastewater treatment plant", "Csos data quality", "Raw water bodies", "Irrigation water"], "consequence": ["Quality", "Financial"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M70", "short_name": "Setting up Web Application Firewall (WAF)", "description": "Setting up a Web Application Firewal (WAF) helps protecting against different attacks such as Cross Site Scripting (XSS), SQL injection or cookie poisining for instance. Having a WAF in front of web applications can help with common and auomated attacks.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data", "Denial of service"], "specific_asset": ["Web applicaton", "Mobile apps to communicate bathing water quality", "Web server", "Serious game"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation", "False information", "Health issues"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M71", "short_name": "Server side monitoring of the sensors", "description": "Sensors can be monitored from the server, for instance by sending a heartbeat. This ensures that the sensor is not physically tampered with. In addition, GPS data can be monitored to also ensure that the sensor is at the right position.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Sensors", "Alert system", "Early warning system \nfor safe water reuse"], "type_of_asset": ["Sewers or wastewater treatment plant", "Raw water bodies", "Irrigation water"], "consequence": ["Quality"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M72", "short_name": "Proper device management", "description": "Device management means having the ability to enroll devices but also to revoke their access to the system (for instance in case one sensor gets stolen). Being able to update the firmware and apply secruity patches is also part of the device management.", "type_of_measure": ["Cyber Barriers", "Consequence Mitigation"], "type_of_source": ["External attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Manipulation of the data"], "specific_asset": ["Sensors", "Alert system", "Match-making tool"], "type_of_asset": ["Sewers or wastewater treatment plant", "Raw water bodies", "Digital solution users"], "consequence": ["Quantity", "Quality", "Information leak", "False information"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}, {"id": "M73", "short_name": "Software security assessment", "description": "Performing software security assessment allows to discover security vulnerabilities before they are found and exploited by attackers.", "type_of_measure": ["Cyber Barriers"], "type_of_source": ["Internal attacker"], "type_of_threat": ["Cyber"], "type_of_event": ["Denial of service"], "specific_asset": ["Serious game", "Web server"], "type_of_asset": ["Digital solution users"], "consequence": ["Reputation"], "risk_reduction_mechanism": null, "characteristics_of_action": null, "comments": null, "details": null}]
\ No newline at end of file
diff --git a/public/resources/ridb.xlsx b/public/resources/ridb.xlsx
index dbcfe7d..59244b7 100644
Binary files a/public/resources/ridb.xlsx and b/public/resources/ridb.xlsx differ
diff --git a/public/resources/rrmd.xlsx b/public/resources/rrmd.xlsx
index 97cadaa..9cf374a 100755
Binary files a/public/resources/rrmd.xlsx and b/public/resources/rrmd.xlsx differ