Security and Safety by Design

TRUSTIND

  • Jul 01, 2020 - Dec 31, 2021
  • Security and Safety by Design, Control and Protection

Description

TRUSTIND (Creating Trust in the Industrial Digital Transformation) es un proyecto ELKARTEK 2020 financiado por el departamento de Desarrollo Económico e Infraestructuras del Gobierno Vasco y alineado con la estrategia del BCSC (Basque CyberSecurity Centre).

TRUSTIND nace con el objetivo de desarrollar la base de conocimiento en Ciberseguridad Industrial, iniciada con el proyecto ELKARTEK SEKUTEK, continuada con CYBERPREST y SENDAI, desarrollando tecnología que permite lograr una industria y productos industriales resilientes ante ciberataques durante todo su ciclo de vida, así como potenciar el desarrollo de la Industria Vasca de Ciberseguridad. La tecnología desarrollada en el proyecto será demostrable en casos de uso del Nodo de Ciberseguridad del BDIH. TRUSTIND está alineado con la estrategia del BCSC, potenciando el polo de conocimiento en Ciberseguridad Industrial del País Vasco, poniendo en valor en el contexto del País Vasco e internacional la tecnología a desarrollar que será probada sobre los laboratorios existentes.

TRUSTIND investigará en tecnologías de “Industrial Resilience Management”, “Industrial Digital Identity”, ”Industrial Data Security”, “Audit & Forensic Analysis” y “Secure Systems Life Cycle Development“ que permitan reforzar la Seguridad y Privacidad desde el diseño y por defecto, a lo largo de la cadena de suministro, de forma evaluable y verificable, facilitando el mantenimiento de la ciberseguridad postventa por parte del fabricante. La prueba de concepto y su visualización se realizará en los laboratorios del BDIH.

Este proyecto de investigación aúna a los nueve agentes investigadores en ciberseguridad del País Vasco: TECNALIA (líder), IKERLAN, Vicomtech, BCAM, CEIT, Mondragon Unibertsitatea, Tecnun, UPV/EHU y la Universidad de Deusto.

Twitter: @TRUSTIND2020

Laboratorio para Cyber-Ranges: Descargar Catálogo.

Laboratorio Industrial de Blockchain: Descargar Catálogo.

Laboratorio de SmartGrid: Descargar Catálogo.

Autonomus Car Lab: Descargar Catálogo.

Laboratorio de soluciones de ciberseguridad basadas en análisis de datos: Descargar Catálogo.


Programme/Client:
ELKARTEK 2020, Gobierno Vasco, Departamento de Desarrollo Económico e Infraestructuras

SENDAI

  • Nov 08, 2019 - Nov 08, 2021
  • Security and Safety by Design, Control and Protection

Description

SENDAI (SEgurtasun integrala iNDustria AdImentsura) es un proyecto ELKARTEK 2019 financiado por el departamento de Desarrollo Económico e Infraestructuras del Gobierno Vasco y alineado con la estrategia del BCSC (Basque CyberSecurity Centre).

SENDAI nace con el objetivo de desarrollar la base de conocimiento en Ciberseguridad Industrial, iniciada con el proyecto ELKARTEK SEKUTEK y continuada con CYBERPREST, desarrollando tecnología alrededor de los Laboratorios del Nodo de Ciberseguridad del Basque Digital Innovation Hub (BDIH) y de otros laboratorios que puedan llegar a incorporarse al mismo, permitiendo mejorar la resiliencia de la Industria Vasca ante los ciberataques y potenciando el desarrollo de la Industria Vasca de Ciberseguridad. Mediante esta acción se potenciará el polo de conocimiento en Ciberseguridad Industrial del País Vasco, poniendo en valor en el contexto del País Vasco e internacional la tecnología a desarrollar sobre los laboratorios existentes.

Dentro del proyecto SENDAI se investigará en tecnología de indicadores de compromiso en sistemas de control industrial, sistemas para la evaluación integral de componentes industriales, tecnologías de Distributed Ledgers y algoritmos de Inteligencia Artificial para su prueba de concepto en los laboratorios del BDIH y su visualización mediante el desarrollo de tecnología de CiberRange industrial para el training avanzado en ciberseguridad.

Este proyecto de investigación aúna a los nueve agentes investigadores en ciberseguridad del País Vasco: TECNALIA (líder), IKERLAN, Vicomtech, BCAM, CEIT, Mondragon Unibertsitatea, Tecnun, UPV/EHU y la Universidad de Deusto.

Twitter: @SENDAI_ELKARTEK

Laboratorio para Cyber-Ranges: Descargar Catálogo.

Laboratorio Industrial de Blockchain: Descargar Catálogo.

Laboratorio de SmartGrid: Descargar Catálogo.

Autonomus Car Lab: Descargar Catálogo.

Laboratorio de soluciones de ciberseguridad basadas en análisis de datos: Descargar Catálogo.

Website

Programme/Client:
ELKARTEK 2019, Gobierno Vasco, Departamento de Desarrollo Económico e Infraestructuras

SAFECC4Robot

  • Oct 22, 2019 - Oct 22, 2019
  • Security and Safety by Design

Description

The SafeCC4Robot project aims to create a methodology and tool support for integrating components for robotics ensuring safety at system level. It will enable suppliers’ robotic components to be used at different robot systems while ensuring system will remain safe after the composition.

The focus is in achieving two main goals:

  • Develop and integrate safety methodological guidance within RobMoSys tools to ensure functional safety standards compliance from early design phases of the development life cycle.
  • Develop a safe-aware robotics compositional modelling assets and software supported on model-based compositional design, to leverage the reuse opportunities of using RobMoSys tools.

The main eITUS results (safety view and code generators) have been supported by the European Horizon 2020 project RobMoSys . This contribution is RobMoSys conformant .

SafeCC4Robot KoM Presentation, download presentation here.

SafeCC4Robot 2019 brochure, download brochure here.

Website

Programme/Client:
RobMoSys Horizon 2020 Project second open call for experiments proposals (RobMoSys-2FORC)

eITUS

  • Apr 12, 2019 - Apr 12, 2019
  • Security and Safety by Design, Compliance Management

Description

The eITUS project aims at creating a basic experimental infrastructure (models, software and tools) that enables robotic development stakeholders to assure system safety both at design time, using analysis and simulation-based techniques, and at run time, using safety monitoring algorithms.

The main eITUS results (safety view and code generators) have been supported by the European Horizon 2020 project RobMoSys. This contribution is RobMoSys conformant.

eITUS pursues two major objectives:

  • Model-based design for safe-aware compositional robotic systems
  • Extension of the RobMoSys metamodel to include safety concerns and support contract-based design. As a result, a safety view will be provided. The currently implemented solution is based on a Papyrus/SysML profile. However, it can be easily adjusted to work with Papyrus/RobotML or as a separate ecore-based editor.
  • Tools to generate ROS/OROCOS compliant code to run on real demonstration systems.
  • Creation of run-time monitors for safety assessment. By providing formal safety specifications, monitors can be automatically generated and incorporated in the system to ensure the safety of robots. 
  • Safety Validation of Robotics Systems during early design phases
  • A tool enabling an early safety assessment of robotics systems, starting from the Sabotage simulation-based fault injection framework will be developed. Fault injection simulations will be used for testing the architecture´s robustness and to perform an early dependability/safety validation. The area of Fault Injection is mainly concerned with simulation-based analysis of a system’s safety or its dependability properties. Due to its simulative approach, failure characteristics of system components should be modeled as realistically as possible to obtain reliable results. Failure modeling of different components such as sensor failures will be tackled.
  • Sabotage, Gazebo for robot dynamics and environment simulation, and the integration with the RobMoSys design platform will be performed. Furthermore, possible integration to model-based safety analysis tools such as SOPHIA will be further investigated.

The eITUS building blocks integrate existing technologies from RobMoSys, P-RC2 (Platform for Robot Controller Construction) and AMASS (Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems) projects. RobMoSys will provide the core technologies for modeling robotics systems using the different metamodels underlying the RobMoSys views. P-RC2 will provide a framework for the functional design of the robot controller with component development and system configuration views. It will additionally provide tools for code generation from these views. AMASS will provide the metamodeling backbone for safety validation by providing a safety modeling view for both safety analyses and simulation-based fault injection.

Website

Programme/Client:
eITUS is one of the six Integrated Technical Projects (ITPs) that has been selected from the RobMoSys Horizon 2020 Project first open call for experiments proposals (RobMoSys-1FORC)

NSHIELD

  • Dec 23, 2010 - Aug 31, 2014
  • Security and Safety by Design

Description

The nSHIELD project is, at the same time, a complement and significant technology breakthrough of pSHIELD, a pilot project funded in ARTEMIS Call 2009 as the first investigation towards the realization of the SHIELD Architectural Framework for Security, Privacy and Dependability (SPD). The roadmap, already started in the pilot project, will bring to address SPD in the context of Embedded Systems (ESs) as “built in” rather than as “add-on” functionalities, proposing and perceiving with this strategy the first step toward SPD certification for future ES. The composability of this architectural framework will have great impact on the system design costs and time to market of new SPD solutions in ESs. At the same time, the integrated use of SPD metrics in the framework will have impact on the development cycles of SPD in ESs because the qualification, (re-)certification and (re-)validation process of a SHIELD framework instance will be faster, easier and widely accepted.
Website

Programme/Client:
EUROPEAN COMMISSION JTI – ARTEMIS. ARTEMIS-2010-1

COSSIM

  • Feb 01, 2011 - Feb 01, 2018
  • Security and Safety by Design

Description

One of the main problems the CPS designers face is “the lack of simulation tools and models for system design and analysis”. This is mainly because the majority of the existing simulation tools for complex CPS handle efficiently only parts of a system while they mainly focus on the performance. Moreover, they require extreme amounts of processing resources and computation time to accurately simulate the CPS nodes’ processing. Faster approaches are available, however as they function at high levels of abstraction, they cannot provide the accuracy required to model the exact behavior of the system under design so as to guarantee that it meets the requirements in terms of performance and/or energy consumption. The COSSIM project will address all those needs by providing an open-source framework which will a) seamlessly simulate, in an integrated way, both the networking and the processing parts of the CPS, b) perform the simulations orders of magnitude faster, c) provide much more accurate results especially in terms of power consumption than existing solutions, d) report more CPS aspects than any existing tool including the underlying security of the CPS. COSSIM will achieve the above by developing a novel simulator framework based on a processing simulation sub-system (i.e. a “full-system simulator”) which will be integrated with a novel network simulator. Furthermore, innovative power consumption and security measurement models will be developed and incorporated to the end framework. On top of that, COSSIM will also address another critical aspect of an accurate CPS simulation environment: the performance as measured in required simulation time. COSSIM will create a framework that is orders of magnitude faster, while also being more accurate and reporting more CPS aspects, than existing solutions, by applying hardware acceleration through the use of field programmable gate arrays (FPGAs), which have been proven extremely efficient in relevant tasks.
Website

Programme/Client:
EUROPEAN COMMISSION H2020-IL-LEIT-ICT, H2020-ICT-2014-1

SWEPT

  • Jan 01, 2014 - Dec 31, 2016
  • Security and Safety by Design, Control and Protection

Description

SWEPT security solution will incorporate preventive and detecting security mechanisms and tools for automatically preventing and mitigating web site attacks, maximizing the security posture of websites with a minimum intervention of web site owners and administrators The project also proposes a certification model that will certificate the security level of a web application based on SWEPT security mechanisms.
Beyond this triplet (prevention, detection and certification) there will be an integration methodology based on:
1- Normalisation of different outcomes from different tools.
2- Extension of an XML format file oriented to vulnerabilities and threats concepts
3- Log based integration in a common DB
4- Definition of correlation techniques
5- Certification of SWEPT Integration platform
This will generate the SWEPT platform ready to offer preventive and reactive services toward web developers and hosters.

Website

Programme/Client:
EUROPEAN COMMISSION CIP - ICT POLICY SUPPORT PROGRAMME

TACIT

  • Jul 01, 2014 - Mar 31, 2016
  • Security and Safety by Design, Risk Management

Description

The OBJECTIVE of TACIT will be the definition and development of a framework for the assessment of risk and impact of cyber attacks in smart grids. The framework will be used in the risk analysis and assessment phase of CIP and will support the simulation of the relevant cyber-attacks to smart grids, in order to better design the reactive measures in these infrastructures. The framework will lead to a significant improvement on the knowledge and capacities of European CI providers to develop and maintain resilient energy infrastructures. TACIT will validate and improve the framework by performing a series of end-user tests simulating cyber attacks on running smargrids to derive appropriate recommendations to enhance cyber security in smartgrids and by getting feedback through the celebration of a European-wide workshop attended by experts and relevant stakeholders.
Website

Programme/Client:
EUROPEAN COMMISSION OPI - SECURITY AND SAFEGUARDING LIBERTIES PROGRAM HOME/2013/CIPS/AG-4000005111

FM-BIASED

  • May 01, 2014 - Oct 31, 2014
  • Security and Safety by Design

Description

Nowadays crucial system functions tend to be hardwired, such as protocols, parallel processing algorithms, operating system kernels, etc. This opens a prospect for application of formal methods to prove properties of relevant system components, like compliance to Common Criteria and more specialized standards such as NERC CIP (standards providing a cyber-security framework for the identification and protection of Critical Cyber Assets) and ISA 99. FM-BIASED is a study project on the establishment of the business impact of formal methods concerning compliance to the above standards in several industrial and business sectors where such regulations are enforced or will soon be enforced. In most of those sectors, compliance verification may be difficult because most automation are legacy systems, so that industrial stakeholders must face the prospect of either trying to validate ageing systems designed many years ago, or redesigning/re-implementing their functions anew.
Website

Programme/Client:
EUROPEAN COMMISSION OPI / SECURITY AND SAFEGUARDING LIBERTIES PROGRAM; EC HOME/2012/CIPS/AG/4.

ANIKETOS

  • Jun 06, 2010 - Mar 31, 2014
  • Security and Safety by Design

Description

ANIKETOS helps establish and maintain trustworthiness and secure behaviour in a constantly changing service environment. The project aligns existing and develops new technology, methods, tools and security services that support the design-time creation and run-time dynamic behaviour of composite services, addressing service developers, service providers and service end users. ANIKETOS platform supports creating and maintaining secure and trusted composite services, and offers methods for analysing, solving, and sharing information on how new threats and vulnerabilities can be mitigated. Specifications, best practices, standards and certification work related to security and trust of composite services will be promoted for inclusion in European reference architectures.
Website

Programme/Client:
EUROPEAN COMMISSION / FP7 - COOP - ICT

Pages