ASSURED was invited to present the standardization activities carried out by the ASSURED consortium in the Standardization Workshop on Cybersecurity and Supply Chain Security, which was held on Friday June 16th and organized by the CYRENE Project. This workshop aimed to foster an exchange of knowledge and ideas between international standardization bodies and leading projects in the field of cybersecurity and supply chain security. The workshop was attended by industry experts and representatives of major standardization bodies, as well as participants from various European projects.
As part of the workshop, the various standardization activities performed as part of the ASSURED project were presented. First, the collaboration of ASSURED with the Trusted Computing Group (TCG) was highlighted. The TCG is the internationally accepted standardization group, which sets all relevant technologies and standards for Trusted Computing (TC) and relevant assurance and attestation schemes. Specifically, ASSURED has established liaison with the TPM Working Group and the Internet of Things Working Group of the TCG, towards integrating decentralized roots-of-trust in complex system environments. In addition, ASSURED has actively participated in the design and specification of a new revocation protocol for potentially compromised devices, which was included in the new version of the Trusted Software Stack (TSS). The ASSURED partners UBITECH and DTU have also collaboratively identified a bug in the TPM specification involving an infinite hash loop, and proposed an elegant solution that was included in the updated TSS specification and implementation.
The collaboration of ASSURED with the Decentralized Identity Foundation (DIF) and the European Self-Sovereign Identity Lab (eSSIF-Lab) was also highlighted, aiming to achieve digital and data sovereignty for users or devices. The goal of ASSURED in this regard is to provide the capabilities to shift control to users themselves over their own identity. In addition, as SSI implementations do not typically contain trust management approaches, ASSURED has made significant contributions towards their adoption, as well as the secure hardware integration into the SSI domain through the ASSURED TPM-based Wallet. In addition, ASSURED has established collaboration with the ISO TC 307 committee, focused on the standardization of Blockchain and distributed ledger technologies towards achieving efficient identity management.
Finally, the standardization efforts of ASSURED for establishing trust in the automotive industry were presented, particularly through its contributions into the Trust4Auto Working Item of the 5G Automotive Association (5GAA) WP7, where ASSURED will provide guidance into how to establish a high level of trust into exchanged data and MEC applications for enabling CCAM scenarios.
The participation of ASSURED in this workshop was an important part of the dissemination activities of the project, as well as a great opportunity to share the various standardization activities of ASSURED with a wide variety of industry experts and members of standardization bodies.
More details are available here: https://www.cyrene.eu/cyrene-standardisation-event/