IoT DIH and AIR Institute participate in Certify project to investigate IoT security
The IoT DIH, through its coordinator AIR Institute, participates in Certify, an initiative that defines a methodological, technological and organisational approach to IoT security lifecycle management.
Last October, the kick-off meeting was held at the University of Murcia, the institution leading the project. This meeting served to lay the foundations for the project and the path to be followed by the partners. In addition, partners had the opportunity to exchange their ideas.
Certify will develop a dynamic run-time security assessment methodology to verify the security of IoT devices throughout their lifecycle and a continuous (re)certification methodology that can facilitate (re)certification when a change in security requirements occurs, or a new threat is identified.
The project's objectives include:
- CERTIFY has specific SMART (Specific, Measurable, Achievable, Realistic and Timely) objectives.
- Raising cybersecurity awareness for IoT-enabled environments through a multi-stakeholder sharing of threats and mitigations.
- Secure reconfiguration and maintenance of customisable embedded devices through open hardware primitives and services.
- Operational security management based on bootstrapping and monitoring of attacks and malicious behaviour.
- Runtime security compliance and continuous certification methodology using objective metrics.
- Fostering knowledge transfer through broad dissemination, capacity building and support for standardisation activities. Build a robust exploitation plan to drive return on investment by optimising the EU's current and future cybersecurity capabilities.
- Industrial validation of the CERTIFY framework in IoT ecosystems.
Certify's work is also aligned with the new European NIS2 and previous NIS security information exchange directives. With the aim of defining a European certification scheme under the umbrella of the CyberSecurity Act.
This project has received funding from the European Union’s Horizon CL3 Increased Cybersecurity 2021 under grant number agreement number 101069471 and from the Swiss State Secretariat for Education, Research and Innovation (SERI) under grant agreement numbers 22.00165 and 22.00191