Facing Cyber-Physical Security Threats by PSIM-SIEM Integration

Abstract

Physical Protection Systems are Physical Systems that evolved towards the cyber world. Sensors, cameras, barriers and control panels are now networked, making up a monitoring system subject to cyber attacks. Physical Security Information Management (PSIM) software systems are used for managing physical security information; Security Information and Event Management (SIEM) systems are used for cyber security information and events. Considering cyber-physical risks, they can not remain separated. In this paper, we describe our experience in merging PCMS, a PSIM system widely used by Banks in Italy, with QRadar, the well known IBM SIEM. Their integration helps physical security personnel in figuring out hidden threats, as well as the cyber security team for understanding risks related to the Physical Protection System.