Revolutionised Enhanced Supply Chain Automation with Limited Threats Exposure

Informations projet

RESCALE

N° de convention de subvention: 101120962

DOI

10.3030/101120962

Date de signature de la CE 11 Juillet 2023

Date de début 1 Octobre 2023

Date de fin 30 Septembre 2026

Financé au titre de

Civil Security for Society

Coût total

€ 4 998 250,00

Contribution de l’UE

€ 4 998 250,00

4 998 250,00

Coordonné par

ATHINA-EREVNITIKO KENTRO KAINOTOMIAS STIS TECHNOLOGIES TIS PLIROFORIAS, TON EPIKOINONION KAI TIS GNOSIS
Greece

CORDIS fournit des liens vers les livrables publics et les publications des projets HORIZON.

Les liens vers les livrables et les publications des projets du 7e PC, ainsi que les liens vers certains types de résultats spécifiques tels que les jeux de données et les logiciels, sont récupérés dynamiquement sur OpenAIRE .

Livrables

RESCALE Continuous Security Assurance Platform (first version)

This deliverable will provide a description (support features, architectures, functionalities) of the first version (MVP) of the continuous security assurance platform.

Dissemination Report (first version)

The deliverable will describe the dissemination plan and report on all relevant activities during the first half of the project.

TBOM Security and Trust Mechanism (first version)

This deliverable will present the initial version of the RESCALE TBOM security and trust mechanism detailing the chosen blockchain infrastructure, entries and initial smart contracts features. It will present also potential issues and will provide a roadmap on the future development towards the final version of these trust mechanisms.

Solutions for Security Testing of Low-Level System Components (first version)

This deliverable will present the initial version of the RESCALE solutions that target security testing of firmware, OS and microarchitectural components. Besides the description of the solutions’ features, functionalities and architecture, the report will present open issues and future features and functionalities that will be included in the final version of the solutions.

Technology Analysis and Requirements Specification (first version)

This deliverable will provide a state-of-the-art analysis and the initial requirements specification.

Specification of the TBOM Structure

This deliverable will provide the complete specification of the TBOM structure and its subcomponents.

Hardware Vulnerability and Leakage Detection (first version)

This deliverable will present the initial version of the RESCALE solutions that target the detection of hardware vulnerabilities and information leakage. It will detail the coverage that this initial version achieves as well as potential issues and will provide a roadmap on the future development towards the final version of these components.

Trust Orchestrator (first version)

The deliverable will provide the description of the first integrated version of the overall Trust Orchestrator framework.

Validation and Evaluation Report (first version)

The deliverable will provide the validation and evaluation report of the first cycle of the project covering the MVP version of all components, initial integration results and pilot deployments.

Use Case Specification (first version)

This deliverable will provide a detailed description and specification of the two pilot use cases of the project.

High Level Architecture (first version)

This deliverable will present the initial version of the high level architecture of all RESCALE tools and components along with their interactions and interfaces.

Dynamic Testing Analysis Components (first version)

This deliverable will provide a description (support features, architectures, functionalities) of the first version of the dynamic testing analysis modules. Additionally it will provide information on open issues with said modules and a roadmap towards their envisioned final version.

Static Code Analysers and Formal Verification Methods (first version)

This deliverable will cover the development of the first version of the RESCALE static code analysers and formal verifications methods and describe their features, functionalities and open issues. The deliverable will also include a roadmap towards a final version of these components.

Project Website

A website will be designed as the main communication portal of the project. After initial deployment, the website will be continuously updated to reflect current information about the project, important news and announcements, public deliverables, events etc. In addition, social media accounts will be created (Twitter, Youtube channel, Facebook page, LinkedIn page) to engage a wider audience, disseminate project activities, drive traffic towards the projects main website and establish easy and direct communication paths with the general academic and industrial community.

Pilot Deployment, Test and Demonstration (first version)

The deliverable will present the results of the deployment and testing of the first version of the RESCALE solutions in the pilot use cases and provide demonstrators for the initial outcomes.

Publications

Training Solo: On the Limitations of Domain Isolation Against Spectre-v2 Attacks

Auteurs: Sander Wiebing, Cristiano Giuffrida
Publié dans: 2025 IEEE Symposium on Security and Privacy (SP), 2025, ISBN 979-8-3315-2236-0
Éditeur: IEEE
DOI: 10.1109/SP61157.2025.00253

VulnBERTa: On Automating CWE Weakness Assignment and Improving the Quality of Cybersecurity CVE Vulnerabilities Through ML/NLP

Auteurs: Hannu Turtiainen, Andrei Costin
Publié dans: 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&amp;PW), 2024, ISSN 2768-0657
Éditeur: IEEE
DOI: 10.1109/EUROSPW61312.2024.00075

Phantom Trails: Practical Pre-Silicon Discovery of Transient Data Leaks

Auteurs: Alvise de Faveri Tron, Raphael Isemann, Hany Ragab, Cristiano Giuffrida, Klaus von Gleissenthall, Herbert Bos
Publié dans: 2025, ISBN 9781939133526
Éditeur: USENIX Association
DOI: 10.5281/ZENODO.17009888

Leaky Address Masking: Exploiting Unmasked Spectre Gadgets with Noncanonical Address Translation

Auteurs: Mathé Hertogh, Sander Wiebing, Cristiano Giuffrida
Publié dans: 2024 IEEE Symposium on Security and Privacy (SP), 2024, ISBN 979-8-3503-3130-1
Éditeur: IEEE
DOI: 10.1109/SP54263.2024.00158

Safeguarding Blockchain and Dlts From Arbitrary and Malicious Content

Auteurs: Alan Barnett, Merry Globin, Tarek Zaarour, Sean Ahearne, Ahmed Khalid
Publié dans: 2024 IEEE 32nd International Conference on Network Protocols (ICNP), 2025, ISSN 2643-3303
Éditeur: IEEE
DOI: 10.1109/ICNP61940.2024.10858544

Predictive Context-sensitive Fuzzing

Auteurs: Pietro Borrello, Andrea Fioraldi, Daniele Cono D'Elia, Davide Balzarotti, Leonardo Querzoni, Cristiano Giuffrida
Publié dans: Proceedings 2024 Network and Distributed System Security Symposium, 2024
Éditeur: Internet Society
DOI: 10.14722/NDSS.2024.24113

A Review on Privacy and Monetization Aspects Within BCI and XR-BCI Ecosystems

Auteurs: Tuomo Lahtinen, Andrei Costin, Guillermo Suarez-Tangil, Narges Yousefnezhad
Publié dans: Lecture Notes in Business Information Processing, Business Modeling and Software Design, 2024, ISBN 978-3-031-64073-5
Éditeur: Springer Nature Switzerland
DOI: 10.1007/978-3-031-64073-5_11

iVault: Architectural Code Concealing Techniques to Protect Cryptographic Keys

Auteurs: George Christou, Giorgos Vasiliadis, Apostolis Zarras, Sotiris Ioannidis
Publié dans: Lecture Notes in Computer Science, Embedded Computer Systems: Architectures, Modeling, and Simulation, 2024, ISBN 978-3-031-78380-7
Éditeur: Springer Nature Switzerland
DOI: 10.1007/978-3-031-78380-7_13

Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags

Auteurs: Floris Gorter, Taddeus Kroes, Herbert Bos, Cristiano Giuffrida
Publié dans: 2024 IEEE Symposium on Security and Privacy (SP), 2024, ISBN 979-8-3503-3130-1
Éditeur: IEEE
DOI: 10.1109/SP54263.2024.00263

GhostRace: Exploiting and Mitigating Speculative Race Conditions

Auteurs: Hany Ragab, Andrea Mambretti, Anil Kurmus, Cristiano Giuffrida
Publié dans: 33rd USENIX Security Symposium, 2024, ISBN 978-1-939133-44-1
Éditeur: USENIX Association
DOI: 10.5281/ZENODO.13771348

Understanding SBOMs in Real-World Systems – A Practical DevOps/SecOps Perspective

Auteurs: Narges Yousefnezhad, Andrei Costin
Publié dans: Lecture Notes in Business Information Processing, Business Modeling and Software Design, 2024, ISBN 978-3-031-64073-5
Éditeur: Springer Nature Switzerland
DOI: 10.1007/978-3-031-64073-5_20

Half Spectre, Full Exploit: Hardening Rowhammer Attacks with Half-Spectre Gadgets

Auteurs: Andrea Di Dio, Mathé Hertogh, Cristiano Giuffrida
Publié dans: 2025 IEEE Symposium on Security and Privacy (SP), 2025, ISBN 979-8-3315-2236-0
Éditeur: IEEE
DOI: 10.1109/SP61157.2025.00207

Reproducibility of Firmware Analysis: An Empirical Study

Position: On Potential Malware & New Attack Vectors for Internet-of-Brains (IoB)

Auteurs: Tuomo Lahtinen, Andrei Costin, Guillermo Suarez-Tangil
Publié dans: 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&amp;PW), 2024, ISSN 2768-0657
Éditeur: IEEE
DOI: 10.1109/EUROSPW61312.2024.00066

RangeSanitizer: Detecting Memory Errors with Efficient Range Checks

Auteurs: Floris Gorter, Cristiano Giuffrida
Publié dans: 2025, ISBN 9781939133526
Éditeur: USENIX Association
DOI: 10.5281/ZENODO.17009907

SafeFetch: Practical Double-Fetch Protection with Kernel-Fetch Caching

Auteurs: Victor Duta, Mitchel Josephus Aloserij, Cristiano Giuffrida
Publié dans: 33rd USENIX Security Symposium, 2024, ISBN 978-1-939133-44-1
Éditeur: USENIX Association
DOI: 10.5281/ZENODO.13771642

InSpectre Gadget: Inspecting the Residual Attack Surface of Cross-privilege Spectre v2

Auteurs: Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, Cristiano Giuffrida
Publié dans: 33rd USENIX Security Symposium, 2024, ISBN 978-1-939133-44-1
Éditeur: USENIX Association
DOI: 10.5281/ZENODO.13771606

Holistic IoT Security, Privacy and Safety: Integrated, Approaches Protecting A Highly Connected World

Auteurs: Konstantinos Loupos
Publié dans: 2025, ISBN 978-1-63828-507-6
Éditeur: Now Publishers
DOI: 10.1561/9781638285076

Game on: a performance comparison of interpolation techniques applied to Shamir’s secret sharing

Auteurs: Anastassis Voudouris, Aristomenis Tressos, Apostolis Zarras, Christos Xenakis
Publié dans: The Computer Journal, Numéro 68, 2024, ISSN 0010-4620
Éditeur: Oxford University Press (OUP)
DOI: 10.1093/COMJNL/BXAE109

Recherche de données OpenAIRE...

Livrables

Publications

Partager cette page Partager cette page sur les réseaux sociaux

Télécharger Télécharger le contenu de la page