Periodic Reporting for period 2 - nIoVe (A Novel Adaptive Cybersecurity Framework for the Internet-of-Vehicles)
Reporting period: 2020-11-01 to 2022-08-31
1. Reduce the attack surface of the overall IoV ecosystem.
2. Showcase effective and real-time detection of novel advanced threats and cyber-attacks in IoV ecosystems.
3. Reduce the response time substantially and reduce the impact of breaches drastically.
4. Contribute to the establishment and sustainable operation of Computer Security Incident Response Teams (CSIRTs), stimulating information and knowledge sharing across the IoV ecosystem.
5. Paves the way for the next generation of robust, scalable, and resilient IoV infrastructure.
nIoVe draws and builds upon the accumulated experience from its consortium of 12 partners from 6 European countries and Israel and implements the project, which is organised in 8 work packages with a 40-month duration.
- Management processes and procedures are established, and management organisation and structure are defined.
- Risks are continuously monitored and reported, and mitigation or response actions are performed.
- The user needs and requirements are defined, and a user-centred design approach is established.
- The system requirements are defined, and the architecture is finalised.
- nIoVe tools are developed, integrated into the nIoVe platform and deployed.
- Use cases and attack scenarios are analysed, defined, and described.
- Hybrid, simulated, and real-world conditions pilots are executed.
- Active end-user engagement within the development lifecycle was accomplished, and two user studies were conducted (17 and 15 participants).
- Adaptive UI is defined and fully integrated.
- Dissemination and communication actions are continuously planned, monitored, and executed by all consortium members, focusing on both scientific and industry communities.
- Collaboration and knowledge exchange with other projects and consortia are established and practised.
- nIoVe exploitation foreground, including products, business models, and financial planning, are defined.
- Exploitation strategy is defined.
- Continuous contributions to standardisation bodies and working groups, and alliances are rehearsed.
- Delivery of a dynamic real-time risk assessment linked with anomaly detection where a deep understanding of risk propagation and interdependencies within the network is available concerning the needs of the IoV environment.
- Implementation of visual analytics principles in cybersecurity real-time attacks monitoring, utilising the results of the entire nIoVe data pipeline and processing; more specifically, the delivery of intuitive and customisable dashboards to offer unique linked data exploration, perception and knowledge extraction for effective cyber-threat assessment based on state-of-the-art advances on visual analytics, and enabling the dynamic connection of different datasets with several types of visualisation, linked together, so that user selection in one visualisation has a direct impact on the others.
- Delivery of a forensic readiness tool for the IoV ecosystem by ensuring that necessary forensic information can be collected and used as a knowledge base about the cyber attacks in CAVs and the IoV ecosystem and supporting active and passive responses to known attacks.
- Delivery of a response toolkit that takes appropriate response actions, ranging from passive (e.g. notifications) to active (e.g. data packets jamming), while also issuing silent visual cues to the end-users based on evaluated incident meta-data and associated risks.
- Introduction of a trust and identity management platform based on blockchain technology to support remote and on-site vehicle maintenance, creating a secure and privacy-preserving environment.
- Development of advanced threat intelligence sharing services and handling of info on various cybersecurity engineering artefacts (e.g. malicious payloads, cybercrime laws and lessons learned, weblogs), as well as permitting cross-border attack propagation identification and tracking.
- Delivery of virtual honeypots infrastructure integrated with attack propagation monitoring services and supported by advanced visual analytics.
- Integration of a comprehensive approach towards the user-centred design of the nIoVe platform and services and platform adaptability and scalability of the services.
There are four core potential impacts are envisioned to advance further the IoV and CAVs ecosystem, including the following:
1. Enhanced protection against novel advanced threats.
2. Advanced technologies and services to manage complex cyber-attacks and reduce the impact of breaches.
3. The technological and operational enablers of cooperation in response and recovery will contribute to the development of the CSIRT Network across the EU, which is one of the key targets of the NIS Directive.
4. Robust, transversal and scalable ICT infrastructures resilient to cyber-attacks that can underpin relevant domain-specific ICT systems (e.g. for energy), providing them with sustainable cybersecurity, digital privacy and accountability, are still valid for the project overall.