The vision of ASSURED is to design and implement a novel policy-driven, formally verified, runtime assurance framework in the complex domain of Cyber-Physical System (CPS).
Highly-usable, resilient cybersecurity, privacy and data protection management framework
The design and development of a novel, highly-usable, and resilient cybersecurity, privacy and data protection management framework, targeted at “Systems-of-Systems” (SoS) enabled ecosystems, aiming at: (i) providing strong system integrity and operational assurance of safety-critical components towards the enabling of the integration of heterogeneous Cyber-Physical Systems (CPSs) to a SoS with federated trust, and (ii) accountable sharing of complex data flows, through the use of Blockchain distributed ledgers & smart contracts, encountered in today’s hyper-connected digital supply networks.
Highly automated middleware for the secure configuration, management of edge devices, processes and safety-critical software components.
The construction of a highly automated middleware for the secure configuration, deployment, operation, management and maintenance of edge devices, processes and safety-critical software components. This will be based on the development of novel, remote and scalable attestation and verification programmable components as a means of assurance and trusted interoperability between a wide range of Systems-of-Systems, targeting all layers of the software stack, including design verification and testing to runtime attestation and enforcement. The aim of this process is to enable the support of extended “trusted chains of devices” with strong claims on their correctness and functional safety, from their trusted launch and configuration to the verification of both behavioural and low-level concrete execution properties about an entity’s integrity and execution correctness.
Reactive, runtime risk assessment model
The identification and implementation of a reactive, runtime risk assessment model, facilitating the real-time handling of threats and identified risks, for enhancing the security- and privacy-by-design features of the entire ASSURED security assurance and data sharing framework through a holistic threat assessment against aspects of such hyper-connected SoS. This will enable the dynamic assessment and forecast of individual, cumulative and propagated risks, taking into account the representation of assets along with their dependencies, the associated threats and vulnerabilities and the potential cascading effects, thus, allowing for enhanced situation awareness adaptation of the entire SoS-enabled ecosystem (based on newly identified vulnerabilities and the prediction of unseen cyber threats) supporting policy adjustments and the compilation of updated mitigation strategies and attestation policies.
Safe implementation of mixed-criticality applications in CPSs
The leverage of the ASSURED Framework to automatically infer optimal software deployment plans, for the safe implementation of mixed-criticality applications in CPSs, and support their correct execution and verification through an incremental adoption and deployment of (on-demand) capability-oriented security attestation controls. The deployment of these security elements is going to be produced (and updated when needed) based on the live announcement of vulnerabilities through the interaction with the ASSURED risk assessment toolkit and other open threat intelligence services (i.e., CVVE). Thus, the objective is to significantly reduce the complexity and scalability issues with such strong control-flow integrity verification solutions and to facilitate the immediate reaction to newly identified threats.
Secure, trusted and audible data sharing environment
The provision of a secure, trusted and audible data sharing environment (for threat intelligence data and beyond) by designing and implementing advanced Blockchain operation and control services through leveraging distributed ledgers infrastructure and specifying novel Trusted Component (TC)-enabled security and privacy-preserving protocols for advancing the state-of-the-art in scalability and computational efficiency when providing fully transparent and accountable secure information exchange (through the use of smart contracts) based on traceable and credible security auditing and attestation activities.
Implementation & evaluation of the ASSURED models and mechanisms in the four envisioned use cases
The delivery of the applicability, usability, effectiveness and value of the ASSURED concepts, models and identified security, privacy, trust and operational assurance enablers in real-world industries, safety critical infrastructures and applications (under pragmatic conditions), against a pre-defined set of demonstrators, along with the development of threat intelligence data and data sharing to reap the benefits of interconnected SoS and supply chains that are affected by the absent of secure digital supply networks with strong security auditing mechanisms.
Stay informed about all ASSURED activities and subscribe now to our newsletter.