Application of security information and event management technology for information security in critical infrastructures

Application of SIEM (Security Information and Event Management) technology is promising in the field of information protection, especially for critical infrastructures. The paper considers the general issues of construction and operation of systems that implement this technology. The known implementations of such systems are described. The paper also discusses the peculiarities of the MASSIF project of the seventh framework program of the European Union which is devoted to advanced SIEM systems. We outline two key tasks of the project associated with the analysis of security events, based on the modeling of network attacks, and building the SIEM repository.