D5.11 Design of Customized SIEM solution (Version 1)

The scope of this deliverable is to design a customized SIEM solution able to deal with specificities of KONFIDOtechnologies and components. The deliverable include the initial result of the task T5.4 Design of Customized SIEMsolution leaded by CINI. The KONFIDO SIEM has been designed to deal with the federated structure imposed by anOpenNCP compliant architecture, thus itself will be structured as a distributed system composed of multiplefederated monitoring nodes. Moreover, the KONFIDO SIEM balances the strict security policies enforced bytechniques such as Homomorphic encryption, PUF, or security enclaves, and the need for fine grained monitoringtypical of traditional SIEM systems. The KONFIDO SIEM has been designed to use both misuse based approachesand anomaly based ones.