Antonio Skarmeta
01 January 2017
31 December 2019
Introduction
The heterogeneous, distributed, and dynamically evolving nature of Cyber Physical Systems (CPS) based on Internet of Things (IoT) and virtualised cloud architectures introduces new and unexpected risks that cannot be solved by current state-of-the-art security solutions.
ANASTACIA will thus develop a trustworthy-by-design security framework that will address all the phases of the ICT Systems Development Lifecycle (SDL) and will be able to take autonomous decisions through the use of new networking technologies such as Software Defined Networking (SDN) and Network Function Virtualisation (NFV) and intelligent and dynamic security enforcement and monitoring methodologies and tools.
Who is the project designed for?
The holistic Anastacia framework spans over different levels of technical complexity and addresses different needs (from methodological guidelines to dynamic real-time sealing/certification, through a complex set of enablers and components); whereas technical profiles might be interested in interoperability/integrability/autonomic features etc., while end-users (mainly those involved in the management procedures in the addressed domains) might privilege other high-level aspects such as usability aspects, configurable dashboards, report generation, etc.
Thus, the context of use of the main services which will be included in the ANASTACIA framework potentially includes several different user categories, all coping at different levels with security and privacy issues:
How will your project benefit the end-user?
The main ANASTACIA objective is to provide security and trust on ICT systems by properly managing the constant and continuous discovery of vulnerabilities. ANASTACIA will adopt a holistic security framework addressing all the stages of the ICT systems development lifecycle. The ANASTACIA platform considers the evolution of ICT aspects such as information security, technologies and discovery of novel evolving cyber-attacks.
These concepts are extremely important in the cyber-security field. In particular, considering novel threats, in case an ICT system is targeted by a 0-day attack and it is not possible to properly counter and mitigate the threat, the effects of the attack may be catastrophic.
Because of this, the ANASTACIA project aims to create an elastic and dynamic protection system based on an innovative approach implementing, deploying, and providing security on data transmission and connected devices. Anastacia will provide the end users with intuitive and user-friendly tools and solutions to model and configure policies governing the configuration of the security in decentralized and virtualized architectures.
Please briefly describe the results your project achieved so far
During this first phase of the ANASTACIA project, eight deliverables have been achieved successfully. More than ten articles have been published, in different IEEE and ACM workshops, conferences and journals. Lastly, more than thirty events have organized by the partners to disseminate the project in several places (Roma, Paris, Athens, Brussels, Madid ...), and through different tools (Web, radio, workshop sessions, magazines …).
The Anastacia architecture has been defined in one of these deliverables, which aims to provide agility for countering IoTs security attacks. This architecture is based on the new softwarzation technologies; Software-Defined Networking (SDN) and Network Function Virtualization (NFV). In another important deliverable the use cases have been set.
The technological solutions proposed by ANASTACIA will be tested and demonstrated in two extremely influential business sectors: Mobile Edge Computing (now commonly indicated also as Multi Access Edge Computing) and Building Management Systems. Furthermore, the security policies, the attack threats analysis and contingency actions have been defined. Finally, recently the technical integration and validation report have been achieved.
What are the next steps for your project?
During the next phase of the Anastacia project, we will build a first demonstrator in partnership with the partners. The demonstrator will implement different use cases related to the Mobile Edge Computing and Building Management Systems. We aim to validate the proposed architecture and the security policies through it. Finally, the results of this first demonstrator will be used in order to improve the architecture, the use cases and the security policies and to validate the Anastacia project.
On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.
Are you looking for new Cybersecurity or Privacy services?
Find the right solution for your security needs!
In today’s Smart building, all the electrical and mechanical devices (controllers and sensors) such as Heating, Ventilation & Air-conditioning (HVAC), fire detection & suppression, video surveillance and/or a building’s SCADA based microgrid are controlled and monitored by a centralised B
Mobile Edge Computing applications
Massive Internet of Things (IoT), either active or dummy devices (sensors/machines), will compose a significant integral part of Future Internet (FI).
Dynamic Security and Privacy Seal
A holistic Dynamic Security and Privacy Seal, combining security and privacy standards and real time monitoring and online testing (to provide quantitative and qualitative run-time evaluation of privacy risks and security levels, which can be easily understood and controlled by the final users).
Distributed Trust and Security Enablers
A suite of distributed trust and security components and enablers, able to dynamically orchestrate and deploy user security policies and risk-assessed resilient actions within complex and dynamic CPS and IoT architectures (online monitoring and testing techniques will allow more automated adaptat
A security development paradigm based on the compliance to security best practices and the use of the security components and enablers (to provide assisted security design, development and deployment cycles to assure security-by-design).
Cyberwatching.eu has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740129. The content of this website does not represent the opinion of the European Commission, and the European Commission is not responsible for any use that might be made of such content. Privacy Policy | Disclaimer / Terms and Conditions of Use