Periodic Reporting for period 1 - DOSS (SECURE-BY-DESIGN IOT OPERATION WITH SUPPLY CHAIN CONTROL)
Reporting period: 2023-09-01 to 2025-02-28
The importance of supply chains is attributed to the fact that successful attacks may impact a large number of customers who make use of the affected supplier.
To respond to this challenge DOSS elaborates a secure-by-design methodology and implements related technology for complex Internet of Things (IoT) architectures, based on information provisioning, supply chain monitoring, component testing and architecture modelling. The project implements interconnected modules and workflows to assure security of both IoT devices as well as the complex architectures built from them.
The procedures and technology will be validated in three IoT domains: automotive, energy and smart home.
To respond to this challenge DOSS elaborates a secure-by-design methodology and implements related technology for complex Internet of Things (IoT) architectures, based on information provisioning, supply chain monitoring, component testing and architecture modelling. The project implements interconnected modules and workflows to assure security of both IoT devices as well as the complex architectures built from them.
The procedures and technology will be validated in three IoT domains: automotive, energy and smart home.
In WP2 DOSS has collected 6 best-practice documents, 2 standards, 5 regulations, and 3 private documents from organizations such as ENISA, ECSI, NIST, EC, IETF, and ETSI. We have analysed the documents, identified the requirements and best practices, and also proposed recommendations for potential improvements. Based on the findings the project elaborated the end-to-end "Supply Trust Chain" and have verified the final concept with external stakeholders taking into account their comments and recommendations. The Supply Trust Chain realizes the end-to-end security monitoring of the supply chain by integrating testing and validation modules as well as protection devices at the operating environment.
Beyond the model concept also the underlying technologies of the overall system have been defined and the design and implementation work of the modules have started. (See: D2.1 D2.2)
Based on this analytical work we have specified the new combined device security descriptor the "Device Security Passport" (DSP), which supports security, compliance, and risk management across different IoT environments. DSP integrates multiple security descriptors, ensuring a comprehensive security overview throughout a device’s lifecycle. This machine-readable document integrates existing descriptors such as SBOM, HBOM, MUD and VEX. We also defined additional content based on the requirements of the CRA as well as for security enhancement the ThreatMUD file. (See: D2.3)
The integrated DSP files will be stored in the DSP Platform which serves as a central data repository. The platform manages version control and maintains an audit trail, tracking changes to DSP versions and ensuring accountability and transparency. The platform design is in progress with a mock up having been built as well to verify the security concept of the architecture. (See: D2.2)
In WP3 the DOSS Component Tester (CT) has been designed. The Component Tester was created to assess software components using a variety of security validation methodologies, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST). Furthermore, the Component Tester is used to validate the information contained in the SBOM part of the DSP. (See: D3.1)
Also in this WP work related to the automated Onboarding Platform of DOSS has been performed. After through research the FDO concept has been selected which has been gaining significant traction. . For secure configuration, we have taken the NIST onboarding approach as basis, using the DSP, primarily its Manufacturer Usage Description (MUD) files, as the main source of information to perform a secure deployment of the IoT. Implementation of the platform just started.
In WP4 the Digital Cybersecurity Twin (DCT) has been designed and implementation is in progress. The DCT validates the security exposure of IoT architectures already at the design phase and thus realizes the security-by-design concept. The DCT will perform the following steps fully automatically:
• checks the consistency of the inputs received from the system developer/integrator;
• identifies system components and retrieves their DSPs;
• performs error propagation analysis on the system and determines impactful attack goals;
• generates attack trees for those attack goals;
• generates executable test cases and a test plan from the attack trees;
• augments the IaC representation of the digital twin by appropriate testing and observational tools;
• launches the digital twin in a virtualized execution environment;
• executes vulnerability scanning and penetration testing;
• identifies security weaknesses provides recommendations about how to fixing them.
(See: D4.1)
In WP5 the Architecture Security Validator (ASV) has been designed and implementation is well underway, with some of the modules already being completed. The ASV is an automated platform that verifies and pre-certifies IoT architectures against security standards and regulations. It provides continuous compliance assessment by transforming security standards into machine-readable formats, developing automated validation methodologies, and implementing a platform for structured security verification. (See: D5.1)
In WP6, which is the pilot work package, only one task has started which is the design and implementation of the security environment of the pilot operations. The modules - attack detection, access control, honeypot, malware detection and the reporting platform - are all ready for the deployment.
Beyond the model concept also the underlying technologies of the overall system have been defined and the design and implementation work of the modules have started. (See: D2.1 D2.2)
Based on this analytical work we have specified the new combined device security descriptor the "Device Security Passport" (DSP), which supports security, compliance, and risk management across different IoT environments. DSP integrates multiple security descriptors, ensuring a comprehensive security overview throughout a device’s lifecycle. This machine-readable document integrates existing descriptors such as SBOM, HBOM, MUD and VEX. We also defined additional content based on the requirements of the CRA as well as for security enhancement the ThreatMUD file. (See: D2.3)
The integrated DSP files will be stored in the DSP Platform which serves as a central data repository. The platform manages version control and maintains an audit trail, tracking changes to DSP versions and ensuring accountability and transparency. The platform design is in progress with a mock up having been built as well to verify the security concept of the architecture. (See: D2.2)
In WP3 the DOSS Component Tester (CT) has been designed. The Component Tester was created to assess software components using a variety of security validation methodologies, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST). Furthermore, the Component Tester is used to validate the information contained in the SBOM part of the DSP. (See: D3.1)
Also in this WP work related to the automated Onboarding Platform of DOSS has been performed. After through research the FDO concept has been selected which has been gaining significant traction. . For secure configuration, we have taken the NIST onboarding approach as basis, using the DSP, primarily its Manufacturer Usage Description (MUD) files, as the main source of information to perform a secure deployment of the IoT. Implementation of the platform just started.
In WP4 the Digital Cybersecurity Twin (DCT) has been designed and implementation is in progress. The DCT validates the security exposure of IoT architectures already at the design phase and thus realizes the security-by-design concept. The DCT will perform the following steps fully automatically:
• checks the consistency of the inputs received from the system developer/integrator;
• identifies system components and retrieves their DSPs;
• performs error propagation analysis on the system and determines impactful attack goals;
• generates attack trees for those attack goals;
• generates executable test cases and a test plan from the attack trees;
• augments the IaC representation of the digital twin by appropriate testing and observational tools;
• launches the digital twin in a virtualized execution environment;
• executes vulnerability scanning and penetration testing;
• identifies security weaknesses provides recommendations about how to fixing them.
(See: D4.1)
In WP5 the Architecture Security Validator (ASV) has been designed and implementation is well underway, with some of the modules already being completed. The ASV is an automated platform that verifies and pre-certifies IoT architectures against security standards and regulations. It provides continuous compliance assessment by transforming security standards into machine-readable formats, developing automated validation methodologies, and implementing a platform for structured security verification. (See: D5.1)
In WP6, which is the pilot work package, only one task has started which is the design and implementation of the security environment of the pilot operations. The modules - attack detection, access control, honeypot, malware detection and the reporting platform - are all ready for the deployment.
The following advanced results are in progress:
The Supply Trust Chain allows monitoring the entire supply chain through testing, validation, pre-certification and the integrated communication of these functions.
DSP file which integrates key security descriptors of IoT devices into a single machine-readable format aligning with the regulations of the CRA;
Automated onboarding platform extending the FDO protocol to include DSP URLs to support lifecycle-aware security configuration;
Automated penetration testing framework for IoT systems based on system modelling, logic, AI and a wide range of attack tools in a Digital Cybersecurity Twin;
Digital transformation of security standards using transformer-based LLMs;
Automated validation model for security compliance;
Cloud based card farm with scalable architecture which is patent pending;
Attack detection algorithm based on Auto-Associative Deep Random Neural Network.
In order to assure uptake of these results further research will be necessary, as well as validation in close to real-life environments and then raising the solutions to product/service level quality.
The Supply Trust Chain allows monitoring the entire supply chain through testing, validation, pre-certification and the integrated communication of these functions.
DSP file which integrates key security descriptors of IoT devices into a single machine-readable format aligning with the regulations of the CRA;
Automated onboarding platform extending the FDO protocol to include DSP URLs to support lifecycle-aware security configuration;
Automated penetration testing framework for IoT systems based on system modelling, logic, AI and a wide range of attack tools in a Digital Cybersecurity Twin;
Digital transformation of security standards using transformer-based LLMs;
Automated validation model for security compliance;
Cloud based card farm with scalable architecture which is patent pending;
Attack detection algorithm based on Auto-Associative Deep Random Neural Network.
In order to assure uptake of these results further research will be necessary, as well as validation in close to real-life environments and then raising the solutions to product/service level quality.