Work Package 2


Illustration FundationsThis work package seeks to identify and address gaps in the state-of-the-art in securing cyber-physical systems and systems in critical sectors through modelling of services and dependencies, enhanced understanding of advanced attacks and both challenges as well as opportunities presented by dynamic cyber-physical environments from industrial systems and critical sectors relying not only on technological aspects but also ensuring that human aspects are given due consideration.

Tasks for the first 48 months of the center have been planned; these are listed below. These may be extended in time and/or new tasks will be established according to the input received from WP1, WP3 and WP4.

Tasks within Work Package 2

Tasks within Work Package 2

Critical infrastructure networks, including supply chains are increasingly characterised by dynamic changes. Dependencies need to be identified and understood so that these can be mitigated and responded to.

In this work we will study algorithms and tools for:

  • Graph models and combinatorial algorithms on graphs with dynamic constraints representing dependencies in critical infrastructures and supply chains
  • Derivation of optimal algorithms for preserving partial results after modifications to source graphs
  • Development of tools and algorithms to maintain dependency information even in the presence of incomplete information on structures
  • Integration of research on understanding risk propagation in supply chains

Contact: Task Leader T2.1, Stephen Wolthussen 

Objective: Develop new security primitives for the verification and detection.

  • Symbolically define safe state machine behaviour in the face of disruptive attackers
  • Create a weakened symbolic adversary
  • Model how communication channel semantics and partial information affect the state machine
  • Develop security primitives for synchronization of state and availability
  • Identify attacks in real world ICS/CPS standards

Contact: Task Leader T2.2, Stephen Wolthussen. Postdoctoral researcher James Wright.


  • Development of detection and mitigation mechanisms for attacks targeted towards the monitoring and control processes
  • Training for incident handling and analysis
  • Development of key situational awareness training mechanisms
  • Assess risks and attack methods towards the selected production systems, the digital twin configurations, and the bindings between the two


  • Digital twins have evolved from passive monitoring and state estimation systems to integrated sociotechnical mechanisms that are essential for strategic modelling and planning, as well as operational real-time monitoring and control of cyber-physical systems.


  • Developing digital twin demonstrators, and mechanisms that allow the monitoring and protection of such digital twin configurations targeted towards safety-critical cyber-physical systems.
  • Develop digital twin demonstrations of sufficient fidelty and ability to support realistic scenarios within selected sectors, such as manufacturing, energy, and smart cities.
  • Study data flows, state synchronisation, and broadly binding processes between production systems and the corresponding digital twins.

In order to support these functionalities, the operation of digital twins relies heavily on maintaining fidelty and synchronisation with the production systems to which they are targeted. This is particularly important in safety-critical systems. 

Contact: Task Leader T2.3, Vasileios Gkioulos

Objective: Demonstrate how cybersecurity interact with work and innovation processes.

  • Create double-loop learning with the help of laboratories, catapult centers and learning factories etc.
  • Integrate cybersecurity as a natural part of value creating activities and continuous improvement
  • Shift the view away from human as a liability in cybersecurity
  • Introduce cybersecurity to the successful Nordic Collaborative Model
  • Better understand how to organize for cybersecurity when new skills and processes dominates the work

Contact: Task Leader T2.4, Halvor Holtskog

The NORCICS-proposal:

"To develop novel methods and tools for cybersecurity training and awareness improvement."

About how framing matters: 

"Putting the message into stories (or frames) helps the audience to understand the potential gains (positive framing) or potential losses (negative framing)."

Objective: To test security skills and to measure awareness of security threats. 

Tool: Riskio - A Serious Game for Risk Management

Contact: Task Leader T2.5, Ingvar Tjøstheim ( or Sigurd Eskeland (