Project description DEENESFRITPL A new way to certify open source software Europe depends on open source software (OSS) that is mostly designed abroad. In particular, the European Digital Single Market lacks an in-house software, with data showing that most is assembled online and more than half is derived from OSS, mainly from outside Europe. Universities, small, medium- and large-sized enterprises, a specialised interest group and an advisory board with key OSS and industry profiles have teamed up to create new methods and approaches to accelerate the development of better software. The EU-funded AssureMOSS project will address the challenge of OSS designed in any location, but secured in Europe. Specifically, it proposes to make the shift from process-based to artefact-based security evaluation, by supporting all phases of the continuous software life-cycle (design, develop, deploy, evaluate and back up). Show the project objective Hide the project objective Objective Continuous, distributed changes rule today's European Digital Single Market as no single company does master its own national, in-house software. Software is mostly assembled from “the internet” and more than half come from Open Source Software repositories (some in Europe, most elsewhere). Security & privacy assurance, verification and process certification techniques designed for large, controlled updates over months or years, must now cope with small, continuous changes in weeks, happening in sub-components and decided by third party developers one did not even know they existed.AssureMOSS addresses these challenges to the fullest extent: « Open Source Software - Designed Everywhere, Secured in Europe ».AssureMOSS proposes to switch from process-based to an artefact-based security evaluation by supporting all phases of the continuous software lifecycle (Design, Develop, Deploy, Evaluate and back) their artefacts (Models, Source code, Container images, Services). The key idea is to support mechanisms for lightweigth and scalable screenings applicable automatically to the entire population of software components by- Machine intelligent identification of security issues across artifacts,- Sound analysis and verification of changes by tracing the security and privay side effects,- Business insight by risk analysis and security evaluation.This approach supports fast-paced development of better software by a new notion: continuous (re)certification.AssureMOSS has assembled a team including 5 leading Universities (Delft, Gotheborg, Trento, Vienna, VU Amsterdam), 3 innovative SMEs (FrontEndART, Search-Lab, Pluribus One), 3 Large Enterprises (E&Y, SAP, Thales) and 1 Special Interest Group Organization (EU-VRi) and an Advisory Board with key figures from OSS and industry at large.The project will generate not only a set of innovative methods and open source tools but also benchmark datasets with thousands of vulnerabilities and code that can be used by other researchers. Fields of science natural sciencescomputer and information sciencessoftwarenatural sciencescomputer and information sciencesinternet Keywords Open source software Continuous development deployment and certification Security Design and Verification Machine learning Vulnerability Dataset Security evaluation Risk analysis Benchmarking Programme(s) H2020-EU.2.1.1. - INDUSTRIAL LEADERSHIP - Leadership in enabling and industrial technologies - Information and Communication Technologies (ICT) Main Programme Topic(s) SU-ICT-02-2020 - Building blocks for resilience in evolving ICT systems Call for proposal H2020-SU-ICT-2018-2020 See other projects for this call Sub call H2020-SU-ICT-2019 Funding Scheme RIA - Research and Innovation action Coordinator UNIVERSITA DEGLI STUDI DI TRENTO Net EU contribution € 426 362,40 Address Via calepina 14 38122 Trento Italy See on map Region Nord-Est Provincia Autonoma di Trento Trento Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 Participants (12) Sort alphabetically Sort by Net EU contribution Expand all Collapse all SAP SE Germany Net EU contribution € 680 625,00 Address Dietmar hopp allee 16 69190 Walldorf See on map Region Baden-Württemberg Karlsruhe Rhein-Neckar-Kreis Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 GOETEBORGS UNIVERSITET Participation ended Sweden Net EU contribution € 0,00 Address Vasaparken 405 30 Goeteborg See on map Region Södra Sverige Västsverige Västra Götalands län Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 EY ADVISORY SPA Italy Net EU contribution € 286 875,00 Address Via meravigli 14 20123 Milano See on map Region Nord-Ovest Lombardia Milano Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 TECHNISCHE UNIVERSITEIT DELFT Netherlands Net EU contribution € 309 800,00 Address Stevinweg 1 2628 CN Delft See on map Region West-Nederland Zuid-Holland Delft en Westland Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 THALES SIX GTS FRANCE SAS France Net EU contribution € 399 530,00 Address Avenue des louvresses 4 92230 Gennevilliers See on map Region Ile-de-France Ile-de-France Hauts-de-Seine Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 UNIVERSITAT WIEN Austria Net EU contribution € 334 095,00 Address Universitatsring 1 1010 Wien See on map Region Ostösterreich Wien Wien Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 PLURIBUS ONE SRL Italy Net EU contribution € 306 250,00 Address Via vincenzo bellini 9 09128 Cagliari See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Isole Sardegna Cagliari Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 FRONTENDART SZOFTVER KFT Hungary Net EU contribution € 345 625,00 Address Somogyi utca 19 6720 Szeged See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Alföld és Észak Dél-Alföld Csongrád Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 STEINBEIS EU-VRI GMBH Germany Net EU contribution € 448 125,00 Address Filderhauptstrasse 142 70599 Stuttgart See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Baden-Württemberg Stuttgart Stuttgart, Stadtkreis Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 SEARCH-LAB BIZTONSAGI ERTEKELO ELEMZO ES KUTATO LABORATORIUM KORLATOLTFELELOSSEGU TARSASAG Hungary Net EU contribution € 446 250,00 Address Szeruskert utca 19 1 em 6 1033 Budapest See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Közép-Magyarország Budapest Budapest Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 STICHTING VU Netherlands Net EU contribution € 286 387,60 Address De boelelaan 1105 1081 HV Amsterdam See on map Region West-Nederland Noord-Holland Groot-Amsterdam Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 TECHNISCHE UNIVERSITAT HAMBURG Germany Net EU contribution € 419 500,00 Address Am schwarzenberg campus 1 21073 Hamburg See on map Region Hamburg Hamburg Hamburg Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00
