The paper presents results from the ECHO project, supporting the identification and development of cyberattack scenarios. It explores the scenario space along four dimensions: (1) critical infrastructures and essential services, critically dependent on the ICT infrastructure; (2) types of malicious actors and their capabilities; (3) exploited vulnerabilities; and (4) short- vs longer term horizon. The exploration serves to span comprehensively the scenario space. The authors present the list of selected scenarios, storylines, and use cases, that are used in follow-up research to define key components of the capability requirements: technology roadmaps, cyber skills framework, information exchange and certification requirements.
This paper is included in the program of DIGILIENCE 2019 and will be published in the post-conference volume.