ANASTACIA - Advanced Networked Agents for Security and Trust Assessment in CPS/IOT Architectures

Date: 
01/01/2017 to 31/12/2019

Introduction

The heterogeneous, distributed, and dynamically evolving nature of Cyber Physical Systems (CPS) based on Internet of Things (IoT) and virtualised cloud architectures introduces new and unexpected risks that cannot be solved by current state-of-the-art security solutions.

ANASTACIA will thus develop a trustworthy-by-design security framework that will address all the phases of the ICT Systems Development Lifecycle (SDL) and will be able to take autonomous decisions through the use of new networking technologies such as Software Defined Networking (SDN) and Network Function Virtualisation (NFV) and intelligent and dynamic security enforcement and monitoring methodologies and tools.

Who is the project designed for?

The holistic Anastacia framework spans over different levels of technical complexity and addresses different needs (from methodological guidelines to dynamic real-time sealing/certification, through a complex set of enablers and components); whereas technical profiles might be interested in interoperability/integrability/autonomic features etc., while end-users (mainly those involved in the management procedures in the addressed domains) might privilege other high-level aspects such as usability aspects, configurable dashboards, report generation, etc.

Thus, the context of use of the main services which will be included in the ANASTACIA framework potentially includes several different user categories, all coping at different levels with security and privacy issues:

  • SW developers, IoT architects/developers, SDN architects/developers, NFV architect/developers, Security managers, Solution integrators, Chief Security Officer (CSO), Chief Technology Officer (CTO), Chief Information Officer (CIO), Chief Information and Security Officer (CISO), Mobile Edge Computing/Multi Access Edge Computing (MEC) stakeholders, Building Management System (BMS) stakeholders, System / Network administrators, Security professionals/consultants, Lawyers, etc.

How will your project benefit the end-user?

The main ANASTACIA objective is to provide security and trust on ICT systems by properly managing the constant and continuous discovery of vulnerabilities. ANASTACIA will adopt a holistic security framework addressing all the stages of the ICT systems development lifecycle. The ANASTACIA platform considers the evolution of ICT aspects such as information security, technologies and discovery of novel evolving cyber-attacks.

These concepts are extremely important in the cyber-security field. In particular, considering novel threats, in case an ICT system is targeted by a 0-day attack and it is not possible to properly counter and mitigate the threat, the effects of the attack may be catastrophic.

Because of this, the ANASTACIA project aims to create an elastic and dynamic protection system based on an innovative approach implementing, deploying, and providing security on data transmission and connected devices. Anastacia will provide the end users with intuitive and user-friendly tools and solutions to model and configure policies governing the configuration of the security in decentralized and virtualized architectures.

Please briefly describe the results your project achieved so far

During this first phase of the ANASTACIA project, eight deliverables have been achieved successfully. More than ten articles have been published, in different IEEE and ACM workshops, conferences and journals. Lastly, more than thirty events have organized by the partners to disseminate the project in several places (Roma, Paris, Athens, Brussels, Madid ...), and through different tools (Web, radio, workshop sessions, magazines …).

The Anastacia architecture has been defined in one of these deliverables, which aims to provide agility for countering IoTs security attacks. This architecture is based on the new softwarzation technologies; Software-Defined Networking (SDN) and Network Function Virtualization (NFV). In another important deliverable the use cases have been set.

The technological solutions proposed by ANASTACIA will be tested and demonstrated in two extremely influential business sectors: Mobile Edge Computing (now commonly indicated also as Multi Access Edge Computing) and Building Management Systems. Furthermore, the security policies, the attack threats analysis and contingency actions have been defined. Finally, recently the technical integration and validation report have been achieved.

What are the next steps for your project?

During the next phase of the Anastacia project, we will build a first demonstrator in partnership with the partners. The demonstrator will implement different use cases related to the Mobile Edge Computing and Building Management Systems. We aim to validate the proposed architecture and the security policies through it. Finally, the results of this first demonstrator will be used in order to improve the architecture, the use cases and the security policies and to validate the Anastacia project.

 

 

 

News

UNICORN’s Validation Contest now open for participation!

UNICORN project is looking for SMEs and start-ups to test and validate the UNICORN platform by developing their own software or use-cases. The selected participants will receive 10.000€ funding each (find here a template for the contract)

Events

17/01/2019
Reinforcing Cyber Security in the EU: Building Coordinated Security, Confidence and Capability in the Cyber Domain

With 315 million Europeans using the internet each day, the provision of critical services and the functioning of a modern economy are now entirely dependent upon the robustness and safety of cyberspace and its infrastructure. Cyber security attacks are a growing source of threat and concern, while also representing a growing economic opportunity for Europe, with the market predicted to be worth over $100 Billion by 2018 (European Commission). Moreover, cyber attacks in the EU are constantly growing in both their frequency (quintuplicate between 2013 and 2017) and sophistication.