ANASTACIA

Introduction

The heterogeneous, distributed, and dynamically evolving nature of Cyber Physical Systems (CPS) based on Internet of Things (IoT) and virtualised cloud architectures introduces new and unexpected risks that cannot be solved by current state-of-the-art security solutions.

ANASTACIA will thus develop a trustworthy-by-design security framework that will address all the phases of the ICT Systems Development Lifecycle (SDL) and will be able to take autonomous decisions through the use of new networking technologies such as Software Defined Networking (SDN) and Network Function Virtualisation (NFV) and intelligent and dynamic security enforcement and monitoring methodologies and tools.

Who is the project designed for?

The holistic Anastacia framework spans over different levels of technical complexity and addresses different needs (from methodological guidelines to dynamic real-time sealing/certification, through a complex set of enablers and components); whereas technical profiles might be interested in interoperability/integrability/autonomic features etc., while end-users (mainly those involved in the management procedures in the addressed domains) might privilege other high-level aspects such as usability aspects, configurable dashboards, report generation, etc.

Thus, the context of use of the main services which will be included in the ANASTACIA framework potentially includes several different user categories, all coping at different levels with security and privacy issues:

• SW developers, IoT architects/developers, SDN architects/developers, NFV architect/developers, Security managers, Solution integrators, Chief Security Officer (CSO), Chief Technology Officer (CTO), Chief Information Officer (CIO), Chief Information and Security Officer (CISO), Mobile Edge Computing/Multi Access Edge Computing (MEC) stakeholders, Building Management System (BMS) stakeholders, System / Network administrators, Security professionals/consultants, Lawyers, etc.

How will your project benefit the end-user?

The main ANASTACIA objective is to provide security and trust on ICT systems by properly managing the constant and continuous discovery of vulnerabilities. ANASTACIA will adopt a holistic security framework addressing all the stages of the ICT systems development lifecycle. The ANASTACIA platform considers the evolution of ICT aspects such as information security, technologies and discovery of novel evolving cyber-attacks.

These concepts are extremely important in the cyber-security field. In particular, considering novel threats, in case an ICT system is targeted by a 0-day attack and it is not possible to properly counter and mitigate the threat, the effects of the attack may be catastrophic.

Because of this, the ANASTACIA project aims to create an elastic and dynamic protection system based on an innovative approach implementing, deploying, and providing security on data transmission and connected devices. Anastacia will provide the end users with intuitive and user-friendly tools and solutions to model and configure policies governing the configuration of the security in decentralized and virtualized architectures.

Please briefly describe the results your project achieved so far

During this first phase of the ANASTACIA project, eight deliverables have been achieved successfully. More than ten articles have been published, in different IEEE and ACM workshops, conferences and journals. Lastly, more than thirty events have organized by the partners to disseminate the project in several places (Roma, Paris, Athens, Brussels, Madid ...), and through different tools (Web, radio, workshop sessions, magazines …).

The Anastacia architecture has been defined in one of these deliverables, which aims to provide agility for countering IoTs security attacks. This architecture is based on the new softwarzation technologies; Software-Defined Networking (SDN) and Network Function Virtualization (NFV). In another important deliverable the use cases have been set.

The technological solutions proposed by ANASTACIA will be tested and demonstrated in two extremely influential business sectors: Mobile Edge Computing (now commonly indicated also as Multi Access Edge Computing) and Building Management Systems. Furthermore, the security policies, the attack threats analysis and contingency actions have been defined. Finally, recently the technical integration and validation report have been achieved.

What are the next steps for your project?

During the next phase of the Anastacia project, we will build a first demonstrator in partnership with the partners. The demonstrator will implement different use cases related to the Mobile Edge Computing and Building Management Systems. We aim to validate the proposed architecture and the security policies through it. Finally, the results of this first demonstrator will be used in order to improve the architecture, the use cases and the security policies and to validate the Anastacia project.