Over its lifetime, CERTIFY designed, implemented, and validated a full lifecycle management framework combining open hardware, secure software, and cooperative information sharing. Its achievements span three dimensions: technological innovation, methodological advances, and industrial validation.
Technological innovation: CERTIFY developed a modular architecture integrating hardware and software into a unified security ecosystem. At device level, it implemented Trusted Execution Environments (TEE) and Secure Elements (SE) based on open architectures such as RISC-V and ST33 secure microcontrollers, supporting key provisioning, secure storage, and advanced cryptography. These ensure protection of credentials and cryptographic materials even in hostile settings. At system level, secure bootstrapping guarantees that only authenticated devices join a network, while runtime monitoring and intrusion detection provide real-time integrity assessment. Policy enforcement mechanisms based on behavioural profiles—an evolution of the MUD standard—enable adaptive and secure device reconfiguration according to detected threats.
Methodological advances: CERTIFY introduced a continuous certification methodology aligning design-time evaluation with runtime assurance. Security evidence gathered during operation feeds into automated risk assessment, triggering re-certification when significant changes occur. This bridges static certification and the dynamic nature of IoT environments. CERTIFY extended behavioural and threat models with contextual data—vulnerabilities, patch status, and network dependencies—creating a living view of each device’s security posture. It also deployed a privacy-preserving cyber threat intelligence (CTI) service, enabling secure, MISP-based and DLT-backed information sharing among manufacturers, operators, and certification bodies, improving collective resilience without exposing sensitive data.
Industrial validation: The framework was validated in three pilot domains: i) Connected Aircraft Cabin, ensuring integrity and secure reconfiguration of in-flight systems; ii) Smart Micro-Factories, enabling dynamic monitoring and secure asset management across IT/OT; and iii) Artworks Tracking, protecting environmental sensors used in cultural heritage logistics. These pilots confirmed that CERTIFY’s lifecycle approach delivers continuous protection, accountability, and cost-efficient compliance across sectors. Integration of CERTIFY tools reduced onboarding time, improved anomaly detection, and demonstrated progress toward continuous certification and secure OTA maintenance.