European Commission logo
español español
CORDIS - Resultados de investigaciones de la UE
CORDIS

Integrating Safety and Cybersecurity through Stochastic Model Checking

Descripción del proyecto

Un marco integral para la protección frente a riesgos de seguridad

Los avances tecnológicos están haciendo realidad la inteligencia artificial, el aprendizaje automático, los vehículos autónomos y el internet de las cosas. Para conseguir que el mundo esté más conectado, el desafío es mantener unos niveles de seguridad altos para los fallos y las averías, y aumentar la seguridad frente a ataques maliciosos. El proyecto financiado con fondos europeos CAESAR desarrollará un marco para abordar estos grandes retos. Uno de ellos es la asociación entre seguridad y protección, es decir, la forma en que vulnerabilidades y fallos pueden propagarse por un sistema y provocar alteraciones. El proyecto CAESAR desarrollará algoritmos para calcular con eficacia las métricas de riesgo a nivel de sistema, así como métodos de cuantificación de riesgos. Los resultados permitirán seguir elaborando análisis de la relación entre seguridad y protección, y contribuirán a la toma de decisiones.

Objetivo

Emerging technologies, like self-driving cars, drones, and the Internet-of-Things must not impose threats to people, neither due to accidental failures (safety), nor due to malicious attacks (security). As historically separated fields, safety and security are often analyzed in isolation. They are, however, heavily intertwined: measures that increase safety often decrease security and vice versa. Also, security vulnerabilities often cause safety hazards, e.g. in autonomous cars. Therefore, for effective decision-making, safety and security must be considered in combination.

The CAESAR project will develop an effective framework for the joint analysis of safety and security risks.
The successful integration of safety and security faces three challenges:
1. The complex interaction between safety and security, mapping how vulnerabilities and failures propagate through a system and lead to disruptions.
2. The lack of efficient algorithms to compute system-level risk metrics, such as the likelihood and expected damage of disruptions. Such metrics are pivotal to prioritize risks and mitigate them via appropriate countermeasures.
3. The lack of proper risk quantification methods. Numbers are crucial to devise cost-effective countermeasures. Yet, objective numbers on safety and (especially) security risks are notoriously hard to obtain.
The CAESAR project will address these challenges by novel combinations of mathematical game theory, stochastic model checking and the Bayesian, fuzzy, and Dempster-Schafer frameworks for uncertainty reasoning.
Key outcomes:
• An effective framework for joint safety-security analysis
• Scalable algorithms and diagnosis methods to compute safety-security risk metrics
• Stochastic model checking in the presence of uncertainty
CAESAR will not only yield breakthroughs in safety-security analysis, but also for quantitative analyses in other domains. It will make decision making on safety-security easier, more systematic, and transparent.

Régimen de financiación

ERC-COG - Consolidator Grant

Institución de acogida

UNIVERSITEIT TWENTE
Aportación neta de la UEn
€ 2 000 000,00
Dirección
DRIENERLOLAAN 5
7522 NB Enschede
Países Bajos

Ver en el mapa

Región
Oost-Nederland Overijssel Twente
Tipo de actividad
Higher or Secondary Education Establishments
Enlaces
Coste total
€ 2 000 000,00

Beneficiarios (1)