auto_awesome_motion View all 3 versions


Country: France
21 Projects, page 1 of 5
  • Project . 2020 - 2023
    Open Access mandate for Publications
    Funder: EC Project Code: 957212
    Overall Budget: 3,965,330 EURFunder Contribution: 3,965,330 EUR
    Partners: Ikerlan, MDH, Åbo Akademi University, SOFTEAM, MI, FAGOR, ABB AB

    VeriDevOps is about fast, flexible system engineering that efficiently integrates development, delivery, and operations, thus aiming at quality deliveries with short cycle time to address ever evolving challenges. Current system development practices are increasingly based on using both off-the-shelf and legacy components which make such systems prone to security vulnerabilities. Since DevOps is promoting frequent software deliveries, verification methods artifacts should be updated in a timely fashion to cope with the pace of the process. VeriDevOps aims at providing faster feedback loop for verifying the security requirements i.e. confidentiality, integrity, availability, authentication, authorization and other quality attributes of large scale cyber-physical systems. VeriDevOps is focusing on optimizing the security verification activities, by automatically creating verifiable models directly from security requirements, and using these models to check security properties on design models and generate artefacts (such as tests or monitors) that can be used (later on) in the DevOps process. More concretely, we will develop methods and tools for: 1) creating security models from textual specifications using natural language processing, 2) automatic security test creation from security models using model-based testing and model-based mutation testing techniques and 3) generating (intelligent/adaptive, ML-based) security monitors for the operational phases. This brings together early security verification through formal modelling as well as test generation, selection, execution and analysis capabilities to enable companies to deliver quality systems with confidence in a fast-paced DevOps environment. Overall, VeriDevOps is using the results of formal verification of security requirements and design models created during the analysis and design phase for test and monitor generation to be used to enhance the feedback mechanisms during development and operation phases.

  • Open Access mandate for Publications and Research data
    Funder: EC Project Code: 644429
    Overall Budget: 3,574,190 EURFunder Contribution: 3,574,190 EUR

    The most challenging applications in heterogeneous cloud ecosystems are those that are able to maximise the benefits of the combination of the cloud resources in use: multi-cloud applications. They have to deal with the security of the individual components as well as with the overall application security including the communications and the data flow between the components. The main objective of MUSA is to support the security-intelligent lifecycle management of distributed applications over heterogeneous cloud resources, through a security framework that includes: security-by-design mechanisms to allow application self-protection at runtime, and methods and tools for the integrated security assurance in both the engineering and operation of multi-cloud applications. The MUSA framework leverages security-by-design, agile and DevOps approaches in multi-cloud applications, and enables the security-aware development and operation of multi-cloud applications. The framework will be composed of a) an IDE for creating the multi-cloud application taking into account its security requirements together with functional and business requirements, b) a set of security mechanisms embedded in the multi-cloud application components for self-protection, c) an automated deployment environment that, based on an intelligent decision support system, will allow for the dynamic distribution of the components according to security needs, and d) a security assurance platform in form of a SaaS that will support multi-cloud application runtime security control and transparency to increase user trust. The project will demonstrate and evaluate the economic viability and practical usability of the MUSA framework in highly relevant industrial applications representative of multi-cloud application development potential in Europe. The project duration will be 36 months, with an overall budget of 3,574,190 euros.

  • Open Access mandate for Publications
    Funder: EC Project Code: 700176
    Overall Budget: 6,341,780 EURFunder Contribution: 4,912,690 EUR

    SISSDEN is a project aimed at improving the cybersecurity posture of EU entities and end users through development of situational awareness and sharing of actionable information. It builds on the experience of Shadowserver, a non-profit organization well known in the security community for its efforts in mitigation of botnet and malware propagation, free of charge victim notification services, and close collaboration with Law Enforcement Agencies, national CERTs, and network providers. The core of SISSDEN is a worldwide sensor network, which will be deployed and operated by the project consortium. This passive threat data collection mechanism will be complemented by behavioral analysis of malware and multiple external data sources. Actionable information produced by SISSDEN will be used for the purposes of no‐cost victim notification and remediation via organizations such as National CERTs, ISPs, hosting providers and Law Enforcement Agencies such as EC3. It will especially benefit SMEs and citizens, which do not have the capability to resist threats alone, allowing them to participate in this global effort, and profit from the improved information processing, analysis and exchange of security intelligence, to effectively prevent and counter security breaches. The main goal of the project is creation of multiple high-quality feeds of actionable security information that will be used for remediation purposes and for proactive tightening of computer defences. This will be achieved through development and deployment of a distributed sensor network based on state-of-the-art honeypot/darknet technologies and creation of a high-throughput data processing center. SISSDEN will provide in-depth analytics on the collected data and develop metrics that will be used to establish the scale of most important security issues in the EU, and impact of the project itself. Finally, a curated reference data set will be created and published to provide a high-value resource.

  • Funder: EC Project Code: 215995
  • Open Access mandate for Publications
    Funder: EC Project Code: 740829
    Overall Budget: 1,998,700 EURFunder Contribution: 1,998,700 EUR
    Partners: MI, MI, University of Luxembourg, ARCHIMEDE SOLUTIONS SARL, National Centre of Scientific Research Demokritos, CTI, INCITES CONSULTING SA, STICHTING CYBERDEFCON NETHERLANDS FOUNDATION, KEMEA

    SAINT proposes to analyse and identify incentives to improve levels of collaboration between cooperative and regulatory approaches to information sharing. Analysis of the ecosystems of cybercriminal activity, associated markets and revenues will drive the development of a framework of business models appropriate for the fighting of cybercrime. The role of regulatory approaches as a cost benefit in cybercrime reduction will be explored within a concept of greater collaboration in order to gain optimal attrition of cybercriminal activities. Experimental economics will aid SAINT in designing new methodologies for the development of an ongoing and searchable public database of cybersecurity indicators and open source intelligence. Comparative analysis of cybercrime victims and stakeholders within a framework of qualitative social science methodologies will deliver valuable evidences and advance knowledge on privacy issues and Deep Web practices. Equally, comparative analysis of the failures of current cybersecurity solutions, products and models will underpin a model for greater effectiveness of applications and improved cost-benefits within the information security industry. SAINT proposes to advance measurement approaches and methodologies of the metrics of cybercrime through the construct of a framework of a new empirical science that challenges traditional approaches and fuses evidence-based practices with more established disciplines for a lasting legacy. SAINT’s innovative models, algorithms and automated framework for objective metrics will benefit decision-makers, regulators, law enforcement in the EU, at national and organisational levels providing improved cost-benefit analysis and supported by tangible and intangible costs for optimal risk and investment incentives. The resulting ongoing business spin off and the potential for novel research and further studies will be attractive to academia and researchers beyond the lifetime of the project.