New paradigms and methods are required to build security into an ICT system from the very beginning, adapt to changing security conditions, reduce the need to fix flaws after deployment, and provide assurances that it’s secure and reliable at all times. The EU-funded ANASTACIA project addressed these concerns by researching, developing, demonstrating and validating a holistic solution that enables trust and security by design for heterogeneous, distributed and dynamically evolving CPSs.
Addressing the increasing vulnerability of today’s ICTs
“To this end, we developed a security and privacy framework that tackles the complexity of IoT architectures and the different nature of potential attacks,” explains coordinator Stefano Bianchi. This was done to make autonomous decisions using new networking technologies such as software-defined networking (SDN) and network function virtualisation (NFV), as well as intelligent and dynamic security enforcement and monitoring methodologies and tools. The project relied on SDN and NFV functionalities to embed the developed security products and provide a dynamic way to deploy them when needed. SDN and NFV also provide a security solution for highly connected CPSs and IoT. “By proposing a security- and privacy-compliant framework to secure complex CPS and IoT architectures, ANASTACIA will embrace many different ICT sectors and application domains,” comments Bianchi. The framework includes a security development paradigm based on compliance to security best practices and the use of security components and enablers, and a holistic dynamic security and privacy seal (DSPS) that combines security and privacy standards like the General Data Protection Regulation and ISO standards with real-time monitoring and online testing. It’s also comprised of a suite of distributed trust and security components and enablers capable of dynamically orchestrating and deploying user security policies and risk-assessed resilient actions within complex and dynamic CPS and IoT architectures.
Smart security planning, enforcement and monitoring strategies
Stakeholders directly affected by cybersecurity and privacy aspects will benefit. Solution and software architects, analysts and project managers will take advantage of the security development paradigm, and developers and integrators will make the most of the distributed trust and security components and enablers. The DSPS will be exploited by chief information officers, chief security officers, chief information security officers and managers. “ANASTACIA developed methodologies and tools to provide appropriate guarantees that developed ICT systems are maintained secure and trustworthy and satisfy the need of certified levels of assurance where security is regarded as the primary concern,” concludes Bianchi. “The solutions are ultimately meant to free end users from the burden of continuously checking the status of security and privacy compliance of a monitored CPS and IoT infrastructure.” The framework will also contribute to raising awareness about cyberthreats and privacy issues, and provide actionable solutions to put the methodological approaches into practice and increase the level of cybersecurity and privacy within the EU’s Digital Single Market.
ANASTACIA, security, privacy, CPS, IoT, trust, cybersecurity, SDN, NFV