Project description
Independent IoT security stack for different devices
Developers of the Internet of Things (IoT) face a fragmented landscape consisting of very different devices. These range from bare metal devices to those equipped with powerful support for AI and with built-in hardware (HW) to implement Root of Trust (RoT) and Trusted Execution Environments (TEE). Their coexistence guarantees an acceptable level of security across the whole system but avoiding attacks remains an open challenge. The existence of many HW platforms prevents, or makes very difficult, interoperation of applications and security services. The EU-funded CROSSCON project will design an open, flexible, highly portable and vendor-independent IoT security stack that can run across different edge devices and multiple HW platforms.
Objective
IoT developers face a very fragmented landscape made of very different devices, from bare metal devices with few KB of RAM and limited or no security protection to devices equipped with powerful support for AI and with built-in hardware (HW) to implement Root of Trust (RoT) and Trusted Execution Environments (TEE). Such different devices coexist, and it is an open challenge to guarantee an acceptable level of security across the whole system to avoid “easy” entry points for attackers. The complexity is further exacerbated by the existence of many HW platforms, general purpose but also domain specific, each implementing proprietary instances of RoT and TEE that prevent or make it very difficult for applications and security services to interoperate. CROSSCON aims at addressing all these issues by designing a new open, flexible, highly portable and vendor independent IoT security stack that can run across a variety of different edge devices and multiple HW platforms to offer a consistent security baseline across an entire IoT system. A high-level assurance is guaranteed by the formal verification of the stack specifications. CROSSCON stack offers a unified set of trusted APIs to the layers above. It is modular and among all the security features it offers is possible to configure only the ones needed depending on the underlined HW and firmware. It leverages the security features already implemented in the layers below. In case such security features are missing, like in bare metal devices, the stack offers an entire TEE implementation suitable for such devices. As devices are getting more powerful and use cases more complex, there is the need to add new trusted services as building blocks to implement security at the higher levels, such as protection of the models given in input to ML engines embedded in HW or support for biometrics and template protections. CROSSCON provides the open specifications of the stack along with an open-source reference implementation.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
-
HORIZON.2.3 - Civil Security for Society
MAIN PROGRAMME
See all projects funded under this programme -
HORIZON.2.3.3 - Cybersecurity
See all projects funded under this programme
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
HORIZON-RIA - HORIZON Research and Innovation Actions
See all projects funded under this funding scheme
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
(opens in new window) HORIZON-CL3-2021-CS-01
See all projects funded under this callCoordinator
Net EU financial contribution. The sum of money that the participant receives, deducted by the EU contribution to its linked third party. It considers the distribution of the EU financial contribution between direct beneficiaries of the project and other types of participants, like third-party participants.
28037 MADRID
Spain
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.