Project description
Breakthrough solutions to support the entire life cycle of IoT devices
The EU-funded ERATOSTHENES project builds on recent challenges of Internet of Things (IoT) networks, including: lack of security visibility, lack of effective information sharing between organisations and availability of tools for CERTs/CSIRTs, heterogeneity of IoT devices, lack of a common trust enforcement mechanism and relevant standards, lack of a transparent identity and privacy frameworks and lacking security training and security protocols’ adoption for persons and devices. ERATOSTHENES will devise a novel distributed, automated, auditable, yet privacy-respectful, Trust and Identity Management Framework intended to dynamically and holistically manage the lifecycle of IoT devices, strengthening trust, identities, and resilience in the entire IoT ecosystem, supporting the enforcement of the NIS directive, GDPR and the Cybersecurity Act.
Objective
ERATOSTHENES will devise a novel distributed, automated, auditable, yet privacy-respectful, Trust and Identity Management Framework intended to dynamically and holistically manage the lifecycle of IoT devices, strengthening trust, identities, and resilience in the entire IoT ecosystem, supporting the enforcement of the NIS directive, GDPR and Cybersecurity Act. ERASTOSTHENES will leverage breakthrough solutions: (a) the first-ever enclosure of cybersecurity features in IoT devices through deployment of Trust Agents and continuous trust evaluation within the network in a contextual and social approach; (b) decentralised identity management mechanisms to conciliate requirements of self-sovereignty and privacy preservation in a distributed/transparent trust model along with disposable identities; (c) self-encryption/decryption at device-level with a whole system automated recovery process (incl. software, crypto-key material, identities) after an attack based on a multi-layer recovery model; (d) threat-analysis models based on federated learning and edge execution to continuously monitor devices and detect attacks; (e) collaborative IoT threat intelligence sharing across ledgers to adapt detection/defense mechanism to the evolving security conditions and assist the IoT life-cycle; (f) integration of Physical Unclonable Functions in trust framework and distributed ledgers. Finally, it will support enforcement of the NIS directive with a security information sharing mechanism based on inter-ledger technologies to support exchange of trust and security information among stakeholders, enhancing collaboration, vulnerabilities’ disclosure, and secure management of software updates. The overall vision of ERATOSTHENES is to provide core cybersecurity features to be adopted by manufacturers as baseline certification elements in the production of devices and throughout their entire lifecycle. The solution will be validated in 3 industrial cases: Automotive, Health, Industry 4.0.
Fields of science
Keywords
Programme(s)
Funding Scheme
RIA - Research and Innovation actionCoordinator
145 61 Athina
Greece
The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed.