Descrizione del progetto
Aggiornamenti software sicuri per sistemi ciberfisici a criticità mista
I sistemi ciberfisici a criticità mista (MCCPS, mixed-criticality cyber-physical systems) sono sistemi informatici utilizzati in automobili e ferrovie. Necessitano di aggiornamenti e riparazioni costanti con la consegna wireless di nuovi software o dati per le loro funzionalità quotidiane. Gli aggiornamenti software via etere (OTASU, over the air software updates) vengono forniti con miglioramenti della funzionalità e risoluzione di bug e minacce, ma i processi di aggiornamento causano problemi di prevenzione dei rischi, sicurezza dei dati dell’utente o inconvenienti. Il progetto UP2DATE, finanziato dall’UE, si propone di elaborare un nuovo paradigma per gli aggiornamenti software di sicurezza e prevenzione dei rischi (SASE, Safe and Secure Environment) dei sistemi MCCPS. Due casi di tale nuova architettura saranno testati dal consorzio di generatori di conoscenza (IKL, BSC, OFFIS), integratori di tecnologia (IAV, TTA) e utenti finali dei settori automobilistico e ferroviario (MM, CAF).
Obiettivo
Mixed-Criticality Cyber-Physical Systems (MCCPS) deployed in critical domains like automotive and railway are starting to use Over The Air Software Updates (OTASU) for functionality improvement, bug fixing, and solving security vulnerabilities (among others). But, OTASU entails several difficulties: 1) Safety including non-functional properties like real-time, functional safety, and energy-efficiency. 2) Security. OTASU creates entry points for hackers 3) Availability. During updates the system is not available. While this is just inconvenient for mainstream devices, this is not acceptable for critical MCCPS that must remain active during operation.
Additionally, computing performance needs are bigger and therefore complex hardware platforms based on multicore processors and accelerators are used in MCCPS. Such complex hardware platforms, software applications are subject to intricate dependences in their functional and non-functional behaviour.
For facing these two trends in MCCPS: OTASU and complex hardware platforms, that entails relevant research challenges, the UP2DATE project propose: a new software paradigm for SAfety and SEcurity (SASE) software updates for intelligent and resource intensive MCCPS, promoting a safety and security concept that builds around composability and modularity as main properties to enable a dynamic (post-deployment) validation of SASE properties.
A high quality and complementary consortium comprising knowledge generators (IKL, BSC and OFFIS) plus technology integrators (IAV and TTA) and two end uses from the automotive and railway sector (MM and CAF), will be able to test in two uses cases a new software architecture that will enable the runtime deployment of new (mixed-criticality) applications remotely (patching existing functions or extending the functionality) in heterogeneous computing platforms.
The total budget foreseen for this research project is around €3.8M.
Parole chiave
Programma(i)
Argomento(i)
Meccanismo di finanziamento
RIA - Research and Innovation actionCoordinatore
20500 Mondragon
Spagna