Periodic Reporting for period 2 - C4IIoT (Cyber security 4.0: protecting the Industrial Internet Of Things)
Berichtszeitraum: 2020-12-01 bis 2022-05-31
C4IIoT develops a novel Cybersecurity 4.0 framework to provide an end-to-end security enabling solution for minimizing the attack surfaces in Industrial IoT systems. C4IIoT novel cybersecurity mechanisms are orchestrated across all infrastructure elements involved within an IIoT system and is based upon analysis of various data flows.
The objectives are:
- Develop a holistic and disruptive security-enabling solution for prevention & protection against attacks targeting modern IoT components, complex Industrial IoT infrastructures and emerging technologies.
- Explore recent progress and converge diverse ICT engineering paradigms in cyber assurance and protection, machine (deep) learning, edge/cloud computing, blockchain and Big Data, to establish an edge-to-cloud Cybersecurity 4.0 framework to provide breakthroughs against Industrial IoT cyber-attacks.
- Leverage innovative secure execution environments to offer almost real-time malicious and anomalous behaviour anticipation, detection, tracking, mitigation, and end user informing, within evolving IIoT applications.
- Allow a secure exploration of IIoT’s full potential in the automotive industry and realize societal and industrial opportunities by validating real-world settings.
- Consolidate international and European links, collaborate with standardizations bodies and ensure transferability of results.
- Boost the effectiveness of the European Security Union against cyber-attacks in Industrial infrastructures, by offering almost ready to market solutions (TRL 6) and by ensuring business continuity and long-term sustainability.
The objectives are:
- Develop a holistic and disruptive security-enabling solution for prevention & protection against attacks targeting modern IoT components, complex Industrial IoT infrastructures and emerging technologies.
- Explore recent progress and converge diverse ICT engineering paradigms in cyber assurance and protection, machine (deep) learning, edge/cloud computing, blockchain and Big Data, to establish an edge-to-cloud Cybersecurity 4.0 framework to provide breakthroughs against Industrial IoT cyber-attacks.
- Leverage innovative secure execution environments to offer almost real-time malicious and anomalous behaviour anticipation, detection, tracking, mitigation, and end user informing, within evolving IIoT applications.
- Allow a secure exploration of IIoT’s full potential in the automotive industry and realize societal and industrial opportunities by validating real-world settings.
- Consolidate international and European links, collaborate with standardizations bodies and ensure transferability of results.
- Boost the effectiveness of the European Security Union against cyber-attacks in Industrial infrastructures, by offering almost ready to market solutions (TRL 6) and by ensuring business continuity and long-term sustainability.
Some of the project highlights are:
C4IIoT platform. The specification of C4IIoT architecture as a fully integrated strategic approach that bridge many different technologies and concepts, including hardware-enabled security and protection, access control and authentication mechanisms, end-to-end encryption, and behavioral analytical models. These mechanisms enable many different properties, such as accountability, privacy-preserving, reliability and trustworthiness.
Platform integration and use cases demonstrations. The project successfully delivered the Minimum Viable Product (M12) and the first integrated version of the platform (M18), which include different modes of operations within the two real-world scenarios, namely “Smart Factory” and “Inbound Logistics”.
Raise awareness. Several different dissemination activities have been made, including the 1st C4IIoT INFODAY webinar, the 1st C4IIoT Winter School and the participation with a panel in the CONCORDIA Open Door 2020 event.
Work highlights per WP:
WP1: A thorough review process of the requirements carried out in conjunction with the external advisory board that subsequently validated the requirements submitted.
WP2: Different technologies have been developed in the framework of the C4IIoT project. In this WP, edge nodes for both Logistics4.0 and Smart Factory use cases with hardware security were developed. Machine learning algorithms operating at the edge node level have been designed and developed in combination with other tools in upper levels of the architecture. Dynamic offloading decision mechanism has been developed, specifically the MEDICI tool.
WP3: The components related to the cloud environment of the C4IIoT framework have been enhanced and implemented in a trial environment. Focus was on hybrid cloud orchestration, network traffic analysis, behavioural analysis, anomaly detection, attack mitigation, and data flow security.
WP4: The work carried out within this period ensured the integration of the C4IIoT technologies and its relevant security-enabled layers; based on an agile approach. All necessary resources for the implementation and integration were deployed and managed, as well as their corresponding modules. The good practices and lessons learned for setting up C4IIoT have been consolidated into a single report so as to serve as a reference point to promote security in Industry 4.0 and Industrial IoT.
WP5: The work carried out led to the successful realization of the demonstrators, both for the Smart Factory and the Logistics 4.0 scenarios along with the C4IIoT solution evaluation process.
WP6: The work carried out led to providing the activities and plan for dissemination, communication, standardization and exploitation activities, and updates of the market analysis related to the C4IIoT framework
WP7: The goal of WP7 is to set up and maintain the administrative, financial, and management infrastructure of the C4IIoT project and to describe a plan for the data that will be used in this project.
C4IIoT platform. The specification of C4IIoT architecture as a fully integrated strategic approach that bridge many different technologies and concepts, including hardware-enabled security and protection, access control and authentication mechanisms, end-to-end encryption, and behavioral analytical models. These mechanisms enable many different properties, such as accountability, privacy-preserving, reliability and trustworthiness.
Platform integration and use cases demonstrations. The project successfully delivered the Minimum Viable Product (M12) and the first integrated version of the platform (M18), which include different modes of operations within the two real-world scenarios, namely “Smart Factory” and “Inbound Logistics”.
Raise awareness. Several different dissemination activities have been made, including the 1st C4IIoT INFODAY webinar, the 1st C4IIoT Winter School and the participation with a panel in the CONCORDIA Open Door 2020 event.
Work highlights per WP:
WP1: A thorough review process of the requirements carried out in conjunction with the external advisory board that subsequently validated the requirements submitted.
WP2: Different technologies have been developed in the framework of the C4IIoT project. In this WP, edge nodes for both Logistics4.0 and Smart Factory use cases with hardware security were developed. Machine learning algorithms operating at the edge node level have been designed and developed in combination with other tools in upper levels of the architecture. Dynamic offloading decision mechanism has been developed, specifically the MEDICI tool.
WP3: The components related to the cloud environment of the C4IIoT framework have been enhanced and implemented in a trial environment. Focus was on hybrid cloud orchestration, network traffic analysis, behavioural analysis, anomaly detection, attack mitigation, and data flow security.
WP4: The work carried out within this period ensured the integration of the C4IIoT technologies and its relevant security-enabled layers; based on an agile approach. All necessary resources for the implementation and integration were deployed and managed, as well as their corresponding modules. The good practices and lessons learned for setting up C4IIoT have been consolidated into a single report so as to serve as a reference point to promote security in Industry 4.0 and Industrial IoT.
WP5: The work carried out led to the successful realization of the demonstrators, both for the Smart Factory and the Logistics 4.0 scenarios along with the C4IIoT solution evaluation process.
WP6: The work carried out led to providing the activities and plan for dissemination, communication, standardization and exploitation activities, and updates of the market analysis related to the C4IIoT framework
WP7: The goal of WP7 is to set up and maintain the administrative, financial, and management infrastructure of the C4IIoT project and to describe a plan for the data that will be used in this project.
WP1 provided the analysis of novel and relevant academic literature in several technological domains and the integration of a large and diverse set of cybersecurity technologies in a single framework with attention to a human-in-the-loop approach. It also offers the classification of all CRF assets with an emphasis on cyber-physical impact and the modelling of likely entry-points.
WP2: The use of security tokens in hardware-enabled devices in combination with blockchain technologies. The improvement of the security properties of initial nodes based on cryptographic coprocessors. The use of security-aware offloading mechanisms implemented in devices close to the edge and edge level implementation of ML algorithms for anomaly detection in sensory data and network traffic flows.
WP3: ML and DL anomaly detection components, stretching through all three architectural layers, were developed and published on Zenodo. Network traffic analysis was developed for different architectures in order to detect malicious connections and attack patterns in encrypted TLS traffic. Development of the decentralized access control was completed and was deployed on the final execution environment.
WP4: Main challenge was to combine heterogeneous data sources in a real production environment and offer real-time interfaces using encrypted data. The activities also included the collection of details about how the challenges related to deploying and setting up the C4IIoT framework within a real-life operating environment have been addressed. Part of this WP was also the release of an end-user guide for installing, deploying, and using the C4IIoT framework and its components.
WP5: With respect to AS-IS situation, CRF was able to secure the IoT utilized both in the factory and in Supply Chain. The C4IIoT final demonstrators were tested and evaluated and it was possible to understand the impact of this kind of solution in terms of industrial and commercial benefits.
WP6: an updated plan for the dissemination and communication activities was provided and several activities around standardization and exploitation. The market analysis related to the C4IIoT framework was updated while providing its commercialization potential, targeted stakeholders, and business plan.
WP2: The use of security tokens in hardware-enabled devices in combination with blockchain technologies. The improvement of the security properties of initial nodes based on cryptographic coprocessors. The use of security-aware offloading mechanisms implemented in devices close to the edge and edge level implementation of ML algorithms for anomaly detection in sensory data and network traffic flows.
WP3: ML and DL anomaly detection components, stretching through all three architectural layers, were developed and published on Zenodo. Network traffic analysis was developed for different architectures in order to detect malicious connections and attack patterns in encrypted TLS traffic. Development of the decentralized access control was completed and was deployed on the final execution environment.
WP4: Main challenge was to combine heterogeneous data sources in a real production environment and offer real-time interfaces using encrypted data. The activities also included the collection of details about how the challenges related to deploying and setting up the C4IIoT framework within a real-life operating environment have been addressed. Part of this WP was also the release of an end-user guide for installing, deploying, and using the C4IIoT framework and its components.
WP5: With respect to AS-IS situation, CRF was able to secure the IoT utilized both in the factory and in Supply Chain. The C4IIoT final demonstrators were tested and evaluated and it was possible to understand the impact of this kind of solution in terms of industrial and commercial benefits.
WP6: an updated plan for the dissemination and communication activities was provided and several activities around standardization and exploitation. The market analysis related to the C4IIoT framework was updated while providing its commercialization potential, targeted stakeholders, and business plan.