Security and Safety by Design

SENDAI (SEgurtasun integrala iNDustria AdImentsura) es un proyecto ELKARTEK 2019 financiado por el departamento de Desarrollo Económico e Infraestructuras del Gobierno Vasco y alineado con la estrategia del BCSC (Basque CyberSecurity Centre).

SENDAI nace con el objetivo de desarrollar la base de conocimiento en Ciberseguridad Industrial, iniciada con el proyecto ELKARTEK SEKUTEK y continuada con CYBERPREST, desarrollando tecnología alrededor de los Laboratorios del Nodo de Ciberseguridad del Basque Digital Innovation Hub (BDIH) y de otros laboratorios que puedan llegar a incorporarse al mismo, permitiendo mejorar la resiliencia de la Industria Vasca ante los ciberataques y potenciando el desarrollo de la Industria Vasca de Ciberseguridad. Mediante esta acción se potenciará el polo de conocimiento en Ciberseguridad Industrial del País Vasco, poniendo en valor en el contexto del País Vasco e internacional la tecnología a desarrollar sobre los laboratorios existentes.

Dentro del proyecto SENDAI se investigará en tecnología de indicadores de compromiso en sistemas de control industrial, sistemas para la evaluación integral de componentes industriales, tecnologías de Distributed Ledgers y algoritmos de Inteligencia Artificial para su prueba de concepto en los laboratorios del BDIH y su visualización mediante el desarrollo de tecnología de CiberRange industrial para el training avanzado en ciberseguridad.

Este proyecto de investigación aúna a los nueve agentes investigadores en ciberseguridad del País Vasco: TECNALIA (líder), IKERLAN, Vicomtech, BCAM, CEIT, Mondragon Unibertsitatea, Tecnun, UPV/EHU y la Universidad de Deusto.

Twitter: @SENDAI_ELKARTEK

Laboratorio para Cyber-Ranges: Descargar Catálogo.

Laboratorio Industrial de Blockchain: Descargar Catálogo.

Laboratorio de SmartGrid: Descargar Catálogo.

Autonomus Car Lab: Descargar Catálogo.

Laboratorio de soluciones de ciberseguridad basadas en análisis de datos: Descargar Catálogo.

The SafeCC4Robot project aims to create a methodology and tool support for integrating components for robotics ensuring safety at system level. It will enable suppliers’ robotic components to be used at different robot systems while ensuring system will remain safe after the composition.

The focus is in achieving two main goals:

• Develop and integrate safety methodological guidance within RobMoSys tools to ensure functional safety standards compliance from early design phases of the development life cycle.
• Develop a safe-aware robotics compositional modelling assets and software supported on model-based compositional design, to leverage the reuse opportunities of using RobMoSys tools.

The main eITUS results (safety view and code generators) have been supported by the European Horizon 2020 project RobMoSys . This contribution is RobMoSys conformant .

SafeCC4Robot KoM Presentation, download presentation here.

SafeCC4Robot 2019 brochure, download brochure here.

The eITUS project aims at creating a basic experimental infrastructure (models, software and tools) that enables robotic development stakeholders to assure system safety both at design time, using analysis and simulation-based techniques, and at run time, using safety monitoring algorithms.

The main eITUS results (safety view and code generators) have been supported by the European Horizon 2020 project RobMoSys. This contribution is RobMoSys conformant.

eITUS pursues two major objectives:

• Model-based design for safe-aware compositional robotic systems
• Extension of the RobMoSys metamodel to include safety concerns and support contract-based design. As a result, a safety view will be provided. The currently implemented solution is based on a Papyrus/SysML profile. However, it can be easily adjusted to work with Papyrus/RobotML or as a separate ecore-based editor.
• Tools to generate ROS/OROCOS compliant code to run on real demonstration systems.
• Creation of run-time monitors for safety assessment. By providing formal safety specifications, monitors can be automatically generated and incorporated in the system to ensure the safety of robots. 

• Safety Validation of Robotics Systems during early design phases
• A tool enabling an early safety assessment of robotics systems, starting from the Sabotage simulation-based fault injection framework will be developed. Fault injection simulations will be used for testing the architecture´s robustness and to perform an early dependability/safety validation. The area of Fault Injection is mainly concerned with simulation-based analysis of a system’s safety or its dependability properties. Due to its simulative approach, failure characteristics of system components should be modeled as realistically as possible to obtain reliable results. Failure modeling of different components such as sensor failures will be tackled.
• Sabotage, Gazebo for robot dynamics and environment simulation, and the integration with the RobMoSys design platform will be performed. Furthermore, possible integration to model-based safety analysis tools such as SOPHIA will be further investigated.

The eITUS building blocks integrate existing technologies from RobMoSys, P-RC2 (Platform for Robot Controller Construction) and AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) projects. RobMoSys will provide the core technologies for modeling robotics systems using the different metamodels underlying the RobMoSys views. P-RC2 will provide a framework for the functional design of the robot controller with component development and system configuration views. It will additionally provide tools for code generation from these views. AMASS will provide the metamodeling backbone for safety validation by providing a safety modeling view for both safety analyses and simulation-based fault injection.

• Leaflet
• Video: “Safety Assessment of Robotics Systems Using Fault Injection in RobMoSys (eITUS ITP)”

SWEPT security solution will incorporate preventive and detecting security mechanisms and tools for automatically preventing and mitigating web site attacks, maximizing the security posture of websites with a minimum intervention of web site owners and administrators The project also proposes a certification model that will certificate the security level of a web application based on SWEPT security mechanisms.
Beyond this triplet (prevention, detection and certification) there will be an integration methodology based on:
1- Normalisation of different outcomes from different tools.
2- Extension of an XML format file oriented to vulnerabilities and threats concepts
3- Log based integration in a common DB
4- Definition of correlation techniques
5- Certification of SWEPT Integration platform
This will generate the SWEPT platform ready to offer preventive and reactive services toward web developers and hosters.

The main idea of SafeAdapt is to develop novel architecture concepts based on adaptation to address the needs of a new E/E architecture for FEVs regarding safety, reliability and cost-efficiency. This will reduce the complexity of the system and the interactions by generic, system-wide fault and adaptation handling. It also enables extended reliability despite failures, improvements of active safety, and optimized resources. This is especially important for increasing reliability and efficiency regarding energy consumption, costs and design simplicity.
SafeAdapt follows a holistic approach for building adaptable systems in safety-critical environments that comprises methods, tools, and building blocks for safe adaptation. This also includes certification support of safety-critical systems in the e-vehicle domain. The SafeAdapt approach also considers functional safety with respect to the ISO 26262 standard.