Security and Safety by Design

SSI40

  • Jan 01, 2021 - Mar 18, 2021
  • Security and Safety by Design, Compliance Management

Description

SSI 4.0 se constituye como un proyecto de investigación estratégica que, liderado por IZERTIS, integra un consorcio de varias empresas que se enfrentan al reto de facilitar el establecimiento de relaciones de confianza entre diferentes participantes de la Industria 4.0, permitiendo optimizar el funcionamiento del ecosistema industrial en su conjunto. El objetivo principal del proyecto es la investigación y desarrollo experimental de tecnologías para alcanzar un nuevo ámbito de digitalización, optimización y mejora de la industria, focalizándose en la generación de relaciones de confianza entre los diferentes actores y sistemas del ecosistema industrial, así como en la gestión de la soberanía, integridad y confidencialidad de la información intercambiada por los mismos (credenciales, diseños, datos producción, etc.). Para alcanzar dicho objetivo el proyecto pretende desarrollar una plataforma para la gestión de identidades soberanas y la gobernanza de datos en el contexto de la Industria 4.0 Se plantea así incorporar varias tecnologías emergentes, como son las identidades descentralizadas SSI, blockchain y nuevas técnicas criptográficas y matemáticas para la soberanía del dato, a diferentes tipos de entidades involucradas en el ecosistema de la Industria 4.0. Se contempla tanto la oportunidad de aplicar tecnología a nivel de organizaciones y personas, como a medios y sistemas de producción, con el fin de mejorar tanto los propios procesos productivos como productos de alto valor añadido o con altos requisitos de seguridad. El proyecto SSI4.0 ha sido cofinanciado por el Departamento de Desarrollo Económico, Sostenibilidad y Medio Ambiente de la Viceconsejería de Tecnología, Innovación y Competitividad del Gobierno Vasco dentro del programa HAZITEK (nº de expediente ZE-2020/00020). Actuación cofinanciada por el Gobierno Vasco y la Unión Europea a través del Fondo Europeo de Desarrollo Regional 2014-2020 (FEDER).

SSI 4.0 se constituye como un proyecto de investigación estratégica que, liderado por IZERTIS, integra un consorcio de varias empresas que se enfrentan al reto de facilitar el establecimiento de relaciones de confianza entre diferentes participantes de la Industria 4.0, permitiendo optimizar el funcionamiento del ecosistema industrial en su conjunto.


Programme/Client:
PROGRAMA DE AYUDAS DE APOYO A LA I+D EMPRESARIAL – HAZITEK (2020). Proyecto nº ZE-2020/00020.

OSASUKAT

  • Jan 01, 2021 - Jan 01, 2024
  • Security and Safety by Design

Description

El objetivo de OSASUKAT es la creación de una plataforma para la gestión del Historial Médico Electrónico de pacientes que permita, de forma interoperable, integrar la información proveniente de diferentes fuentes de datos – principalmente, sistemas de gestión hospitalaria de los centros sanitarios - así como ofrecer servicios para facilitar el acceso a esa información a los profesionales en los términos de privacidad y confidencialidad que se definan y llevar un seguimiento de las acciones que se realizan sobre la misma. Actuación cofinanciada por el Gobierno Vasco y la Unión Europea a través del Fondo Europeo de Desarrollo Regional 2014-2020 (FEDER).
El objetivo de OSASUKAT es la creación de una plataforma para la gestión del Historial Médico Electrónico de pacientes que permita, de forma interoperable, integrar la información proveniente de diferentes fuentes de datos – principalmente, sistemas de gestión hospitalaria de los centros sanitarios - así como ofrecer servicios para facilitar el acceso a esa información a los profesionales en los términos de privacidad y confidencialidad que se definan y llevar un seguimiento de las acciones que se realizan sobre la misma.

Programme/Client:
PROGRAMA DE AYUDAS DE APOYO A LA I+D EMPRESARIAL – HAZITEK (2018). Proyecto nº ZL – 2019/00644

TRUSTIND

  • Jul 01, 2020 - Dec 31, 2021
  • Security and Safety by Design, Control and Protection

Description

TRUSTIND (Creating Trust in the Industrial Digital Transformation) es un proyecto ELKARTEK 2020 financiado por el departamento de Desarrollo Económico e Infraestructuras del Gobierno Vasco y alineado con la estrategia del BCSC (Basque CyberSecurity Centre).

TRUSTIND nace con el objetivo de desarrollar la base de conocimiento en Ciberseguridad Industrial, iniciada con el proyecto ELKARTEK SEKUTEK, continuada con CYBERPREST y SENDAI, desarrollando tecnología que permite lograr una industria y productos industriales resilientes ante ciberataques durante todo su ciclo de vida, así como potenciar el desarrollo de la Industria Vasca de Ciberseguridad. La tecnología desarrollada en el proyecto será demostrable en casos de uso del Nodo de Ciberseguridad del BDIH. TRUSTIND está alineado con la estrategia del BCSC, potenciando el polo de conocimiento en Ciberseguridad Industrial del País Vasco, poniendo en valor en el contexto del País Vasco e internacional la tecnología a desarrollar que será probada sobre los laboratorios existentes.

TRUSTIND investigará en tecnologías de “Industrial Resilience Management”, “Industrial Digital Identity”, ”Industrial Data Security”, “Audit & Forensic Analysis” y “Secure Systems Life Cycle Development“ que permitan reforzar la Seguridad y Privacidad desde el diseño y por defecto, a lo largo de la cadena de suministro, de forma evaluable y verificable, facilitando el mantenimiento de la ciberseguridad postventa por parte del fabricante. La prueba de concepto y su visualización se realizará en los laboratorios del BDIH.

Este proyecto de investigación aúna a los nueve agentes investigadores en ciberseguridad del País Vasco: TECNALIA (líder), IKERLAN, Vicomtech, BCAM, CEIT, Mondragon Unibertsitatea, Tecnun, UPV/EHU y la Universidad de Deusto.

Twitter: @TRUSTIND2020

Laboratorio para Cyber-Ranges: Descargar Catálogo.

Laboratorio Industrial de Blockchain: Descargar Catálogo.

Laboratorio de SmartGrid: Descargar Catálogo.

Autonomus Car Lab: Descargar Catálogo.

Laboratorio de soluciones de ciberseguridad basadas en análisis de datos: Descargar Catálogo.


Programme/Client:
ELKARTEK 2020, Gobierno Vasco, Departamento de Desarrollo Económico e Infraestructuras

SENDAI

  • Nov 08, 2019 - Nov 08, 2021
  • Security and Safety by Design, Control and Protection

Description

SENDAI (SEgurtasun integrala iNDustria AdImentsura) es un proyecto ELKARTEK 2019 financiado por el departamento de Desarrollo Económico e Infraestructuras del Gobierno Vasco y alineado con la estrategia del BCSC (Basque CyberSecurity Centre).

SENDAI nace con el objetivo de desarrollar la base de conocimiento en Ciberseguridad Industrial, iniciada con el proyecto ELKARTEK SEKUTEK y continuada con CYBERPREST, desarrollando tecnología alrededor de los Laboratorios del Nodo de Ciberseguridad del Basque Digital Innovation Hub (BDIH) y de otros laboratorios que puedan llegar a incorporarse al mismo, permitiendo mejorar la resiliencia de la Industria Vasca ante los ciberataques y potenciando el desarrollo de la Industria Vasca de Ciberseguridad. Mediante esta acción se potenciará el polo de conocimiento en Ciberseguridad Industrial del País Vasco, poniendo en valor en el contexto del País Vasco e internacional la tecnología a desarrollar sobre los laboratorios existentes.

Dentro del proyecto SENDAI se investigará en tecnología de indicadores de compromiso en sistemas de control industrial, sistemas para la evaluación integral de componentes industriales, tecnologías de Distributed Ledgers y algoritmos de Inteligencia Artificial para su prueba de concepto en los laboratorios del BDIH y su visualización mediante el desarrollo de tecnología de CiberRange industrial para el training avanzado en ciberseguridad.

Este proyecto de investigación aúna a los nueve agentes investigadores en ciberseguridad del País Vasco: TECNALIA (líder), IKERLAN, Vicomtech, BCAM, CEIT, Mondragon Unibertsitatea, Tecnun, UPV/EHU y la Universidad de Deusto.

Twitter: @SENDAI_ELKARTEK

Laboratorio para Cyber-Ranges: Descargar Catálogo.

Laboratorio Industrial de Blockchain: Descargar Catálogo.

Laboratorio de SmartGrid: Descargar Catálogo.

Autonomus Car Lab: Descargar Catálogo.

Laboratorio de soluciones de ciberseguridad basadas en análisis de datos: Descargar Catálogo.

Website

Programme/Client:
ELKARTEK 2019, Gobierno Vasco, Departamento de Desarrollo Económico e Infraestructuras

SAFECC4Robot

  • Oct 22, 2019 - Oct 22, 2019
  • Security and Safety by Design

Description

The SafeCC4Robot project aims to create a methodology and tool support for integrating components for robotics ensuring safety at system level. It will enable suppliers’ robotic components to be used at different robot systems while ensuring system will remain safe after the composition.

The focus is in achieving two main goals:

  • Develop and integrate safety methodological guidance within RobMoSys tools to ensure functional safety standards compliance from early design phases of the development life cycle.
  • Develop a safe-aware robotics compositional modelling assets and software supported on model-based compositional design, to leverage the reuse opportunities of using RobMoSys tools.

The main eITUS results (safety view and code generators) have been supported by the European Horizon 2020 project RobMoSys . This contribution is RobMoSys conformant .

SafeCC4Robot KoM Presentation, download presentation here.

SafeCC4Robot 2019 brochure, download brochure here.

Website

Programme/Client:
RobMoSys Horizon 2020 Project second open call for experiments proposals (RobMoSys-2FORC)

eITUS

  • Apr 12, 2019 - Apr 12, 2019
  • Security and Safety by Design, Compliance Management

Description

The eITUS project aims at creating a basic experimental infrastructure (models, software and tools) that enables robotic development stakeholders to assure system safety both at design time, using analysis and simulation-based techniques, and at run time, using safety monitoring algorithms.

The main eITUS results (safety view and code generators) have been supported by the European Horizon 2020 project RobMoSys. This contribution is RobMoSys conformant.

eITUS pursues two major objectives:

  • Model-based design for safe-aware compositional robotic systems
  • Extension of the RobMoSys metamodel to include safety concerns and support contract-based design. As a result, a safety view will be provided. The currently implemented solution is based on a Papyrus/SysML profile. However, it can be easily adjusted to work with Papyrus/RobotML or as a separate ecore-based editor.
  • Tools to generate ROS/OROCOS compliant code to run on real demonstration systems.
  • Creation of run-time monitors for safety assessment. By providing formal safety specifications, monitors can be automatically generated and incorporated in the system to ensure the safety of robots. 
  • Safety Validation of Robotics Systems during early design phases
  • A tool enabling an early safety assessment of robotics systems, starting from the Sabotage simulation-based fault injection framework will be developed. Fault injection simulations will be used for testing the architecture´s robustness and to perform an early dependability/safety validation. The area of Fault Injection is mainly concerned with simulation-based analysis of a system’s safety or its dependability properties. Due to its simulative approach, failure characteristics of system components should be modeled as realistically as possible to obtain reliable results. Failure modeling of different components such as sensor failures will be tackled.
  • Sabotage, Gazebo for robot dynamics and environment simulation, and the integration with the RobMoSys design platform will be performed. Furthermore, possible integration to model-based safety analysis tools such as SOPHIA will be further investigated.

The eITUS building blocks integrate existing technologies from RobMoSys, P-RC2 (Platform for Robot Controller Construction) and AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) projects. RobMoSys will provide the core technologies for modeling robotics systems using the different metamodels underlying the RobMoSys views. P-RC2 will provide a framework for the functional design of the robot controller with component development and system configuration views. It will additionally provide tools for code generation from these views. AMASS will provide the metamodeling backbone for safety validation by providing a safety modeling view for both safety analyses and simulation-based fault injection.

Website

Programme/Client:
eITUS is one of the six Integrated Technical Projects (ITPs) that has been selected from the RobMoSys Horizon 2020 Project first open call for experiments proposals (RobMoSys-1FORC)

NSHIELD

  • Dec 23, 2010 - Aug 31, 2014
  • Security and Safety by Design

Description

The nSHIELD project is, at the same time, a complement and significant technology breakthrough of pSHIELD, a pilot project funded in ARTEMIS Call 2009 as the first investigation towards the realization of the SHIELD Architectural Framework for Security, Privacy and Dependability (SPD). The roadmap, already started in the pilot project, will bring to address SPD in the context of Embedded Systems (ESs) as “built in” rather than as “add-on” functionalities, proposing and perceiving with this strategy the first step toward SPD certification for future ES. The composability of this architectural framework will have great impact on the system design costs and time to market of new SPD solutions in ESs. At the same time, the integrated use of SPD metrics in the framework will have impact on the development cycles of SPD in ESs because the qualification, (re-)certification and (re-)validation process of a SHIELD framework instance will be faster, easier and widely accepted.
Website

Programme/Client:
EUROPEAN COMMISSION JTI – ARTEMIS. ARTEMIS-2010-1

COSSIM

  • Feb 01, 2011 - Feb 01, 2018
  • Security and Safety by Design

Description

One of the main problems the CPS designers face is “the lack of simulation tools and models for system design and analysis”. This is mainly because the majority of the existing simulation tools for complex CPS handle efficiently only parts of a system while they mainly focus on the performance. Moreover, they require extreme amounts of processing resources and computation time to accurately simulate the CPS nodes’ processing. Faster approaches are available, however as they function at high levels of abstraction, they cannot provide the accuracy required to model the exact behavior of the system under design so as to guarantee that it meets the requirements in terms of performance and/or energy consumption. The COSSIM project will address all those needs by providing an open-source framework which will a) seamlessly simulate, in an integrated way, both the networking and the processing parts of the CPS, b) perform the simulations orders of magnitude faster, c) provide much more accurate results especially in terms of power consumption than existing solutions, d) report more CPS aspects than any existing tool including the underlying security of the CPS. COSSIM will achieve the above by developing a novel simulator framework based on a processing simulation sub-system (i.e. a “full-system simulator”) which will be integrated with a novel network simulator. Furthermore, innovative power consumption and security measurement models will be developed and incorporated to the end framework. On top of that, COSSIM will also address another critical aspect of an accurate CPS simulation environment: the performance as measured in required simulation time. COSSIM will create a framework that is orders of magnitude faster, while also being more accurate and reporting more CPS aspects, than existing solutions, by applying hardware acceleration through the use of field programmable gate arrays (FPGAs), which have been proven extremely efficient in relevant tasks.
Website

Programme/Client:
EUROPEAN COMMISSION H2020-IL-LEIT-ICT, H2020-ICT-2014-1

SWEPT

  • Jan 01, 2014 - Dec 31, 2016
  • Security and Safety by Design, Control and Protection

Description

SWEPT security solution will incorporate preventive and detecting security mechanisms and tools for automatically preventing and mitigating web site attacks, maximizing the security posture of websites with a minimum intervention of web site owners and administrators The project also proposes a certification model that will certificate the security level of a web application based on SWEPT security mechanisms.
Beyond this triplet (prevention, detection and certification) there will be an integration methodology based on:
1- Normalisation of different outcomes from different tools.
2- Extension of an XML format file oriented to vulnerabilities and threats concepts
3- Log based integration in a common DB
4- Definition of correlation techniques
5- Certification of SWEPT Integration platform
This will generate the SWEPT platform ready to offer preventive and reactive services toward web developers and hosters.

Website

Programme/Client:
EUROPEAN COMMISSION CIP - ICT POLICY SUPPORT PROGRAMME

TACIT

  • Jul 01, 2014 - Mar 31, 2016
  • Security and Safety by Design, Risk Management

Description

The OBJECTIVE of TACIT will be the definition and development of a framework for the assessment of risk and impact of cyber attacks in smart grids. The framework will be used in the risk analysis and assessment phase of CIP and will support the simulation of the relevant cyber-attacks to smart grids, in order to better design the reactive measures in these infrastructures. The framework will lead to a significant improvement on the knowledge and capacities of European CI providers to develop and maintain resilient energy infrastructures. TACIT will validate and improve the framework by performing a series of end-user tests simulating cyber attacks on running smargrids to derive appropriate recommendations to enhance cyber security in smartgrids and by getting feedback through the celebration of a European-wide workshop attended by experts and relevant stakeholders.
Website

Programme/Client:
EUROPEAN COMMISSION OPI - SECURITY AND SAFEGUARDING LIBERTIES PROGRAM HOME/2013/CIPS/AG-4000005111

Pages