WP1 Project coordination & management
WP2 Multiple sector use case development and show cases
Identify use cases that can illustrate security risks and requirements involved in several embedded systems business sectors represented by the wide operational profile of the industrial partners. Document the current industrial base line that needs to be improved for a competitive edge in future markets.
Create a portfolio of show cases of security engineering for embedded systems, provide a systematic implementation of embedded devices including heterogeneous hardware, standard platforms such as TPM, legacy code, SME open software and proprietary code, illustrating processes, tools, and techniques from work package 3 and 4.
Identify, measure or demonstrate significant improvement in efficiency of future upgrades compared to the initial baseline, while preserving security, dependability, and adaptability of the implemented devices.
WP3 Security building blocks
This work package targets the development of security building blocks ready for integration into the development process of embedded systems. These building blocks shall provide security properties that go beyond the well-known elementary requirements like authenticity and confidentiality, targeting more complex security requirements such as:
- incontestable timestamps
- non-repudiation of specific actions taking into account the current state of the system
- attestation of the integrity of system states
- identification in peer-to-peer systems
- reliable evidence for sensor data produced by embedded nodes
- partition-tolerant manycast on commodity smart phones
different privacy requirements
- energy-efficient reliable manycast in ad hoc networks and combinations of all these
WP4 Security engineering process
This WP will support a security engineering discipline that is tailored for embedded and networked devices. This is done by two major objectives that "build security in'' for embedded devices with strict security requirements:
To define extensions to engineering process that establish an "embedded systems process" from requirements elicitation to final qualification of the security properties in a distributed integrated system.
To research on languages, models, and supporting tools for the above process, taking account of special characteristics of embedded systems, including competitive time to market requirements, low energy and small footprint, and the involved trade-offs.
In particular, the process will be aware of the model for embedded systems developed in WP3, supporting the analysis and engineering of the system as a whole and taking into account the distributed nature of it, and connected to the V&V activities developed in WP5.
WP5 Automated security evaluation
Longer design and development cycles due to increased complexity of devices and the need for shorter time to market due to increased competition imply that developers are quite limited in resources to conduct complex evaluation of the implementations. This is especially true for security evaluation. Therefore, we propose to automate the security evaluation so that trustworthiness of even complex and evolving devices can be assessed affordably and rapidly, literally by a press of a button.
In this work package we intend to complement the set of methods and tools of the project with a framework for automated security evaluation of software implementations running on embedded systems. The evaluation will rely on the abstract model of WP2, and will be aligned to the security engineering process defined in WP3. The framework will be designed to host different test logics focusing on finding security flaws and also on providing automated means of certification against certain security requirements.