Skip to main content
European Commission logo
English English
CORDIS - EU research results
CORDIS
CORDIS Web 30th anniversary CORDIS Web 30th anniversary

Future Proofing of ICT Trust Chains: Sustainable Operational Assurance and Verification Remote Guards for Systems-of-Systems Security and Privacy

Project description

An innovative runtime assurance framework for securing CPS supply chains

As the demand for increasingly autonomous Cyber-Physical Systems (CPSoS) grows, so does the need for advanced certification mechanisms that can enhance their security posture without compromising their safety. Existing validation methods require exhaustive offline testing of every possible state scenario prior to fielding the system. The EU-funded ASSURED project is introducing an innovative, formally verified runtime assurance framework for securing CPS supply chains: by leveraging edge computing ecosystems, a universal distributed solution will be developed for the transformation of CPSoS into distributed safety-critical CPSoS solutions, hosting multiple mixed-criticality applications. The project’s approach will ensure a smooth transition and advancement beyond current limiting strategies towards holistic security (attestation) services that are capable of reducing complex attack surfaces in (near) real-time.

Objective

ASSURED’s vision is to introduce a ground-breaking policy-driven, formally verified, runtime assurance framework in the complex CPS domain. As the demand for increasingly autonomous CPSs grows, so does the need for certification mechanisms to ensure their safety. Current methods towards software and system validation requires exhaustive offline testing of every possible state scenario PRIOR to fielding the system. In this context, novel assurance services ensure that the control output of such controllers does not put the system or people interacting with it in danger, especially in safety-critical applications as the ones envisaged in the ASSURED Demonstrators. ASSURED leverages and enhances runtime property-based attestation and verification techniques to allow intelligent (unverified) controllers to perform within a predetermined envelope of acceptable behaviour, and a risk management approach to extend this to a larger SoS. ASSURED elaborates over the coordination of deployed TEE agents in horizontal scope, encompassing numerous technologies applicable to everything from edge devices to gateways in the cloud. Such technologies DICE for binding devices to firmware/software, trusted execution environments, formal modelling of protocols and software processes, software attestation, blockchain technology for distributed verification of transactions between system elements and control-flow attestation techniques for enhancing the operational correctness of such devices. In this frame, we consider the mutual verification of system components in distributed multi-operator environments. Our approach ensures a smooth transition and advancement beyond current strategies where security management services are considered in an isolated manner relying on traditional perimeter security and forensics in a “catch-and-patch” fashion without dwelling on the safety of the overall network as a whole, to holistic network security services capable of minimizing attack surfaces.

Call for proposal

H2020-SU-ICT-2018-2020

See other projects for this call

Sub call

H2020-SU-ICT-2019

Coordinator

MARTEL GMBH
Net EU contribution
€ 481 648,75
Address
UBERLANDSTRASSE 111
8600 Dubendorf
Switzerland

See on map

SME

The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed.

Yes
Region
Schweiz/Suisse/Svizzera Zürich Zürich
Activity type
Private for-profit entities (excluding Higher or Secondary Education Establishments)
Links
Total cost
€ 481 648,75

Participants (15)