Descripción del proyecto
REWIRE envisions a holistic framework for continuous security assessment of open-source and open-specification hardware and software for IoT devices and the development of cybersecurity certification in accordance with the requirements and guidelines of recent EU regulation Cyber security Act3. The proposed scalable and multifunctional cybersecurity platform will ensure the security throughout the life of the IoT devices with continuous security auditing, trust computing and theorem proofs for defining an hw-based microarchitecture for enhanced protection targeting to open-hardware/software vulnerabilities. A certification procedure of the audited software and hardware components will propose new software security metrics and establish a layer of trust between stakeholders, utilizing Blockchain and smart contracts. REWIRE will expand traditional cyber insurance models to account for both open-source hardware and software assets, by ingesting security auditing results for estimating premium costs. REWIRE will exploit a Knowledge Plane of metadata generated from application behavioral patterns and operations to determine appropriate security policies and properties to enforce on open-source hw/sw to block potentially harmful instructions.
REWIRE has invested in three carefully selected pilots (Automotive, Smart Cities, Smart Satellites), which can address the ambitious objectives of the project.
- customizable TEE based on RISC-V
- micro benchmarking for quick and automated assessment of h/w vulnerability
Based on the above description, REWIRE aims to safeguard the entire workflow of secure processing; from the Deployment and Operation of SW-based SoSes to their patch management when new exploits have been identified during run-time, by providing new trust management mechanisms towards the auditability and certification of SW/HW open-source specifications.