The cyberspace operations are characterized by the employment of cyber capabilities when the primary purpose is to achieve militarily objectives in or through cyberspace. Like any of the other four battlefields, they rely on means and tools to conduct and accomplish the planed objectives. Given the complexity inherent in real-time understanding the status of the different data processing planes of a sophisticated ecosystem where allied, neutral and adversarial cyber assets/services coexist, the acquisition of cyber situational awareness for supporting military decision-making raised as one of the main cornerstones of the cyber defence capabilities of an army. This situation is exacerbated when taking into account their correlation with ongoing/planned missions and the other operational domains. A Cyber Situational Awareness solution enables commanders to have a clear understanding of the threats landscape during the planning and conduct phases of Cyberspace operations, assisting in the decisions a commander will have to take in the definition, management and enforcement of the most suitable Courses of Action (CoA). Note that the cyberspace, while part of the information environment, is dependent on the physical domains of air, land, maritime, and space. As such, the expected impact is not be confined to ad hoc communication and information systems, but rather, any information or cyber asset in any of the five (5) domains.
As indicated by the EDA, the analysis of the state-of-the-art in current cyber situational awareness solutions suggests that there are neither commercial nor open-source solutions that appropriately match the full capabilities raised by military end users. This fact was literally pointed out at the capacitation call “Cyber situational awareness and defence capabilities, military networks and technologies for secure communication and information sharing” (DIDPCSAMN-2019), which is framed in the European Defence Industrial Development Programme (EDIDP). This significant technological gap led the EC to request cyber defence stakeholders for the provisioning suitable cyber situational awareness capabilities, being the main motivation of this project to respond to such need. In this context, this project proposed the development of European Cyber Situational Awareness Platform (ECYSAP).