by Ubitech,
The overall architectural framework of REWIRE project including all the relevant components, defines two distinct operational phases. These two phases include (a) the Design-time Phase and (b) Runtime Phase. Together, these phases highlight REWIRE’s ability to manage and safeguard critical software and hardware systems throughout their entire life cycle, ensuring that both proactive and reactive security measures are applied seamlessly from design to runtime. The design-time phase follows a top-to-bottom approach to the description of the workflows that take place within REWIRE Framework, while the runtime phase includes the REWIRE-enabled edge device and the cloud-based backend infrastructure.
Both phases within this REWIRE framework have been designed to guarantee the security, integrity, and resilience of software across various deployment environments, including Smart Transportation with autonomous vehicles, Smart Satellites, and other complex systems for Smart Cities. These two phases guarantee the integration of security, both during design and throughout the operational lifecycle of such complex systems. To this end, the Design Phase focuses on pre-deployment activities such as secure architecture design, trust management, and policy definitions, ensuring that all systems are configured with strong security foundations before being deployed. Moreover, the Runtime Phase covers the ongoing operational workflows, including secure onboarding, SW/FW updates, threat intelligence, and risk assessment.
Figure 1: Brief description of the REWIRE Design-time and Runtime Phases
More analytically, as described in Figure 1, the REWIRE design-time phase focuses on the formal verification of the SW/HW co-design, involving the identification and implementation of security measures for guaranteeing a secure and trustworthy system. This step approach is implied into five concrete steps: (a) Definition of Requirements by the security administrator, the use case providers and the OEM, (b) AADL-based System Modelling for turning the requirements into functional components, (c) Formal Verification to verify different aspects of the system’s security, (d) Definition of Security Controls and Security Policy Management and (e) Definition of the MUD Profiles to ensure that the device operates as initially designed. The REWIRE design-time phase ensures a secure-by-design SW/HW co-design, with critical security measures integrated into both the system’s architecture and its runtime operations. Consequently, during the runtime phase, all REWIRE core functionalities such as secure onboarding, operation, updating, and decommissioning, work interdependently in order to secure the systems.