Our society increasingly relies on digitalizing critical infrastructures to achieve significant gains in effectiveness, safety, and better access to societal services for citizens and industries. An important part of the digitalization process is to connect critical infrastructures to the Internet. This creates a wide range of opportunities for security attacks with a huge potential impact and thus makes our society vulnerable and unsafe.
The core idea of the CRITISEC project is to develop novel security products, services, and standards for edge networks in critical infrastructures, where the edge networks are a heterogeneous set of networks connected to the edge of a core production network. These services will make it possible to connect edge networks to control systems securely and robustly and secure the edge network when it is the critical infrastructure that requires protection (e.g., the 5G network).
The challenges that CRITISEC will be addressing are:
- the heterogeneity of the edge networks and of the systems they are connected to;
- the resource-constrained nature of devices (e.g. battery power) and even of networks as a whole (packet loss, low bandwidth);
- the scale of the edge networks, that can be composed of huge numbers of (resource-constrained) devices, so requiring efficient and highly scalable security solutions;
- the predominant presence of open/shared platforms, where multiple applications share access to a common network of edge devices;
- the presence of legacy devices and platforms, for which secure update procedures are often scarce, if any.
The main results of this project will be novel security standards, solutions, products and services that can be used by providers of critical infrastructures to secure edge networks connected to their production systems. This will reduce the risk of malicious service disruption and preserve availability, reliability and safety in provisioning of societal services.
Main results
The main results of this project will be novel security standards, solutions, products, and services that providers of critical infrastructures can use to secure edge
networks connected to their production systems. This will reduce the risk of malicious service disruption and preserve availability, reliability, and safety in the provisioning
of societal services.
The main results will include:
- IETF (Internet Engineering Task Force) standards and advanced standard proposals concerning lightweight protocols for secure end-to-end communication and access control for IoT devices
- Integration and testing of the OSCORE (Object Security for Constrained RESTful Environments ) protocol in several IoT platforms
- AI-based application security for edge computing
- AI-based network security
- Solutions to use blockchain and open ledgers for IoT device management
- A 5G security surveillance system
Impact
The CRITISEC project results will have a great impact on several areas in the IoT market.
- First, the IETF standards proposed by CRITISEC – including OSCORE and Group OSCORE – will be implemented in several solutions from CRITISEC partners and used to improve the end-to-end security
of critical IoT networks. The solutions will be implemented in several real-world use cases by the project partners - The AI-based application security module for edge computing is planned to be integrated into a
disaster management solution to improve application security. Still, it will also be available for a general introduction into edge computing. - The AI-based network security device will improve the security of IoT networks and allow the early detection of threats.
Sensative part: Sensative contributes to the project with the use of Yggio. Yggio will be extended with the results of the project, e.g. implementation of new security standards, etc.
Participants: HITEC Luxembourg S.A., Itrust Consulting Luxembourg, RISE, Sony Mobile Communications, Tyréns AB, Sensative AB, Kraftringen Energi AB, q2d Solutions AB
External funding: CELTIC-NEXT
Duration: December 2018 – December, 2021