The Internet of Things (IoT) landscape consists of highly heterogeneous devices, ranging from bare metal systems with a few kilobytes of RAM and limited or no security, to devices equipped with powerful AI support and built-in hardware to implement the Root of Trust (RoT) and Trusted Execution Environments (TEEs). Such a reality creates an open challenge for end-to-end security across the IoT network, leading to easy entry points for attackers. In addition to the need to handle interoperability issues between IoT devices with heterogeneous security capabilities, i.e., “horizontal” security assurance issues, there is also a need to provide high levels of assurance in “vertical” IoT device security stack, i.e., starting from the RoT to the TEE and up to the application layer. The CROSSCON project aims to address all these issues by designing a new open, flexible, highly portable, and vendor-independent IoT security stack that can run across a variety of different edge devices and multiple hardware platforms. The project’s scope covers security threats for open-source hardware for connected devices and smart, quantifiable security assurance in vertical IoT supply chains and across heterogeneous devices, including formal verification of open hardware.

Towards a Sophisticated SIEM Marketplace for Blockchain-based Threat Intelligence and Security-as-a-Service. The PUZZLE project will implement a highly usable cybersecurity, privacy and data protection management marketplace targeted at SMEs&MEs. PUZZLE will track the relationships among the cyber assets of each SME&ME, considering the available network, compute and storage infrastructure and use them to efficiently calculate individual, cumulative and propagated risks, as well as recommend and apply mitigation actions. The project is going to provide monitoring and visualisation tools, as well as a dashboard where information regarding sets of assets, vulnerabilities, identified threats and risks is going to be made available to end-users.

CERTIFY defines a methodological, technological, and organizational approach towards IoT security lifecycle management based on (i) security by design support, (ii) continuous security assessment and monitoring (iii) timely detection, mitigation, and reconfiguration, (iv) secure IoT Over-The-Air (OTA) updating, and (v) continuous security information sharing

ORSHIN is creating the first generic and integrated methodology, called trusted lifecycle, to develop secure network devices based on open-source components while managing their entire lifecycle. The ORSHIN project’s main goal is to provide solutions to build trustworthy open-source hardware and connected devices. At the same time, this is intended to build a foundation for building trust in the security properties of open source components to promote their acceptance.

The vision of CONNECT is to address the convergence of security and safety in CCAM by assessing dynamic trust relationships and defining a trust model and trust reasoning framework based on which involved entities can establish trust for cooperatively executing safety-critical functions. The CONNECT Trust Management framework is the basis that models and captures the trust relationships of the next generation CCAM systems. CONNECT’s new safety paradigm is a key element in bringing autonomous driving to a completely new level of trustworthiness and is expected to lead to long-term consumer acceptance as a result.

SecOPERA aims to provide a one-stop hub for complex OSS/OSH solutions delivering to a connected device designer, implementer and operator as well as any open-source software/hardware developer, the means to analyse, assess, secure/harden and share open-source solutions as those are integrated in an overall complex product developed for a networked connected environment. The SecOPERA hub offers to the open-source community a framework supporting the open-source DevSecOps lifecycle and generates secure open-source solutions along with appropriate, verifiable security guarantees.

Sign up for REWIRE

Be the first to learn about project progress updates, results, events, publications, and more!
*By signing up to receive the periodical newsletter you accept REWIRE Privacy & Cookies Policy