Skip to main content

Compositional security certification for medium- to high-assurance COTS-based systems in environments with emerging threats

Deliverables

Security testing framework: strategy and approach

Approach, strategy, and architecture for the implementation of security testing framework is described.

Regulative baseline

The output is a report that summarises the schemes for certification with special respect to the MILS platform and the pilots in the different EU member states where partners have good access to their own certification authorities, and outlines regulatory options, where these exist.

Compositional security certification methodology

The output is a report that summarises the choices of the options outlined in D1.1 that certMILS has made.

List of tools and techniques applicable for high and medium assurance for efficient assurance

List of tools and requirements from standards and regulations that can be covered by the tool functionalities

Protection Profile (report)

This is a Protection Profile (PP) according to the Common Criteria (CC). The PP serves as “base PP” of the modular PP.

Project quality plan

The project quality plan (the project handbook) constitutes a set of project templates, explanations on the project management process, review process, quality checks, meeting organisation, which is communicated to all partners.

Risk Assessment Plan

The risk assessment plan shows how potential risks are assessed and mitigated in order to avoid any negative influence on the certMILS project objectives. The interrelated risk assessment plan – risk identification, handling and monitoring – will be established.

Guidelines to use and apply PP for all involved stakeholders

The guidelines to use and apply the PP target system integrators and security evaluators.

List of extensions of base PP (reports)

This is a list of extensions to the base PP that are available as modules in the modular PP.

Internal and external IT communication infrastructure and project website

The external IT communication infrastructure constitutes a guideline for communication of the certMILS project to external target groups including conferences, marketing measures and communication channels. Furthermore this deliverable constitutes the launch of the internal certMILS communication infrastructure including the establishment of mailing lists or a subversion server, and the certMILS website.

Security architecture templates

The security architecture templates are editable documents that can be instantiated by the pilots. SYSGO as third party will be the lead beneficiary of D2.3.

Searching for OpenAIRE data...

Publications

In search for a simple secure protocol for safety-critical high-assurance applications

Author(s): Schulz, Golatowski, Timmermann
Published in: International Workshop on MILS: Architecture and Assurance for Secure Systems, 2018
DOI: 10.5281/zenodo.1306101

Security by design: introduction to MILS

Author(s): Sergey Tverdyshev
Published in: Embedded World 2017, 2017
DOI: 10.5281/zenodo.571164

Classic and adaptive AUTOSAR in MILS

Author(s): Holger Blasum, Sergey Tverdyshev
Published in: International Workshop on MILS: Architecture and Assurance for Secure Systems, 2018
DOI: 10.5281/zenodo.1307651

Ease Standard Compliance by Technical Means via MILS

Author(s): S. Nordhoff, H. Blasum
Published in: Embedded World 2017, 2017
DOI: 10.5281/zenodo.571175

A Platform Approach for Fusing Safety and Security on a Solid Foundation

Author(s): Hametner, Reinhard; Resch, Stefan
Published in: International Workshop on MILS: Architecture and Assurance for Secure Systems, 2018
DOI: 10.5281/zenodo.1306080

Cyber Security of Urban Guided Transport Management according to MILS Principles

Author(s): Jan Prochazka, Petr Novobilsky, Dana Prochazkova
Published in: Proceedings of the 29th European Safety and Reliability Conference (ESREL), 2019, Page(s) 4107-4113
DOI: 10.3850/978-981-11-2724-3_0220-cd

Strategy for Security Certification of High Assurance Industrial Automation and Control Systems

Author(s): Thorsten Schulz, Caspar Griest, Frank Golatowski, Dirk Timmermann
Published in: 2018 IEEE 13th International Symposium on Industrial Embedded Systems (SIES), 2018, Page(s) 1-4
DOI: 10.1109/SIES.2018.8442081

MILS Platform PP Modules

Author(s): Ortega, Alvaro; Kurth, Helmut; Hohenegger, Andreas; Caracuel, Benito; Rico, Jose Emilio; Garcia, Luis; Blasum, Holger; Tverdyshev, Sergey
Published in: 2018
DOI: 10.5281/zenodo.2586506

Security Architecture Template

Author(s): Tverdyshev, Sergey; Caracuel, Benito; Álvarez, Amelia; Ortega, Alvaro; Rico, Jose Emilio; Hametner, Reinhard; Blasum, Holger; Kertis, Tomáš; Schulz, Thorsten
Published in: 2018
DOI: 10.5281/zenodo.2586566

MILS Security Architecture Templates

Author(s): Tverdyshev, Sergey; Caracuel, Benito; Álvarez, Amelia; Ortaga, Alvaro; Rico, Jose Emilio; Hametner, Reinhard; Blasum, Holger; Kertis, Tomáš; Schulz, Thorsten
Published in: 2018
DOI: 10.5281/zenodo.1442772

Guidelines to use and apply PP for all involved stakeholders

Author(s): Rollo, Jan; Kurth, Helmut; Hohenegger, Andreas; Álvarez de Sotomayor, Amelia; Caracuel, Benito; Ortega, Alvaro; Tverdyshev, Sergey; Blasum, Holger; Kertis, Tomáš
Published in: 2018
DOI: 10.5281/zenodo.2586574

List of tools and techniques applicable for high and medium assurance for efficient assurance

Author(s): Rollo, Jan; Alvarez de Sotomayor, Amelia; Caracuel, Benito; Ortega, Alvaro; Hametner, Reinhard; Tverdyshev, Sergey; Blasum, Holger; Kertis, Tomáš; Havle, Oto; Schulz, Thorsten; Hager, Michael
Published in: 2017
DOI: 10.5281/zenodo.2586480

Compositional security certification methodology

Author(s): Rico, José Emilio; Bañón, Miguel; Ortega, Alvaro; Hametner, Reinhard; Blasum, Holger; Hager, Michal
Published in: 2018
DOI: 10.5281/zenodo.2586493

Security testing framework: strategy and approach

Author(s): Schulz, Thorsten; Hohenegger, Andreas; Persson, Staffan; Ortega, Alvaro; Hametner, Reinhard; Paulitsch, Michael; Gries, Caspar; Tverdyshev, Sergey; Blasum, Holger; Tomáš, Kertis
Published in: 2017
DOI: 10.5281/zenodo.2586590

Regulative Baseline: Compositional Security Evaluation

Author(s): Hohenegger, Andreas; Blasum, Holger; Tverdyshev, Sergey; Garcia, Luis; Álvarez de Sotomayor, Amelia; Caracuel, Benito; Kertis, Tomáš; Krummeck, Gerald; Kurth, Helmut; Persson, Staffan; Hametner, Reinhard; Paultisch, Michael; Tummeltshammer, Peter; Hager, Michal
Published in: 2017
DOI: 10.5281/zenodo.2586475

Community Feedback on the Separation Kernel Protection Profile Draft

Author(s): Schulz, Thorsten; Hohenegger, Andreas; Ortega, Alvaro; Blasum, Holger
Published in: 2019
DOI: 10.5281/zenodo.2541464

Base MILS Platform Protection Profile

Author(s): Rico, Jose Emilio; Kurth, Helmut; Hohenegger, Andreas; Ortega, Alvaro; Blasum, Holger; Tverdyshev, Sergey; Hager, Michal
Published in: 2018
DOI: 10.5281/zenodo.2586498

Integration Approach for Communications-Based Train Control Applications in a High Assurance Security Architecture

Author(s): Thorsten Schulz, Frank Golatowski, Dirk Timmermann
Published in: Reliability, Safety, and Security of Railway Systems. Modelling, Analysis, Verification, and Certification - Third International Conference, RSSRail 2019, Lille, France, June 4–6, 2019, Proceedings, Issue 11495, 2019, Page(s) 272-283
DOI: 10.1007/978-3-030-18744-6_18