Section: Partnerships and Cooperations

European Initiatives

H2020 Projects

VESSEDIA

Participants : Rehan Malak, Nathalie Mitton, Allan Blanchard [contact person] .

• Title: Verification Engineering of Safety and Security Critical Dynamic Industrial Applications

• Program: H2020

• Duration: January 2017 - Dec. 2019

• Coordinator: Technikon Forschungs und Planungsgesellschaft MBH (TEC)

• The VESSEDIA project will bring safety and security to many new software applications and devices. In the fast evolving world we live in, the Internet has brought many benefits to individuals, organizations and industries. With the capabilities offered now (such as IPv6) to connect billions of devices and therefore humans together, the Internet brings new threats to the software developers and VESSEDIA will allow connected applications to be safe and secure. VESSEDIA proposes to enhance and scale up modern software analysis tools, namely the mostly open-source Frama-C Analysis platform, to allow developers to benefit rapidly from them when developing connected applications. At the forefront of connected applications is the IoT, whose growth is exponential and whose security risks are real (for instance in hacked smart phones). VESSEDIA will take this domain as a target for demonstrating the benefits of using our tools on connected applications. VESSEDIA will tackle this challenge by 1) developing a methodology that allows to adopt and use source code analysis tools efficiently and produce similar benefits than already achieved for highly-critical applications (i.e. an exhaustive analysis and extraction of faults), 2) enhancing the Frama-C toolbox to enable efficient and fast implementation, 3) demonstrating the new toolbox capabilities on typical IoT (Internet of Things) applications including an IoT Operating System (Contiki), 4) developing a standardization plan for generalizing the use of the toolbox, 5) contributing to the Common Criteria certification process, and 6) defining a label "Verified in Europe" for validating software products with European technologies such as Frama-C. This project yields to set of publications in 2019: [17], [18], [35].

CyberSANE

Participants : Valeria Loscri, Nathalie Mitton [contact person] , Edward Staddon.

• Title: Cyber Security Incident Handling, Warning and Response System for the European Critical Infrastructures

• Program: H2020

• Duration: September 2019 - September 2022

• CyberSANE aims to enhance the security and resilience of Critical Information Infrastructures (CIIs) by providing a dynamic collaborative, warning and response system supporting and guiding security officers and operators (e.g. Incident Response professionals) to recognize, identify, dynamically analyze, forecast, treat and respond to advanced persistent threats (APTs) and handle their daily cyber incidents utilizing and combining both structured data (e.g. logs and network traffic) and unstructured data (e.g. data coming from social networks and dark web).

  In achieving that aim, CyberSANE will introduce a holistic and privacy-aware approach in handling security incidents, addressing the complexity of these nets consisting of cyber assets hosted in cross-border, heterogeneous Critical Information Infrastructures (CIs). Moreover, CyberSANE is fully in-line with relevant regulations (such as the GDPR and NIS directive), which requires organizations to increase their preparedness, improve their cooperation with each other, and adopt appropriate steps to manage security risks, report and handle security incidents.