UBITECH hosts the kick-off meeting in Athens, Greece (October 6-7, 2022) of the REWIRE Research and Innovation Action, officially started on October 1st, 2022. The project is funded by European Commission under Horizon Europe Programme (Grant Agreement No. 101070627) and spans on the period October 2022 – September 2025. REWIRE envisions a holistic framework for continuous security assessment of open-source and open-specification hardware and software for IoT devices and the development of cybersecurity certification in accordance with the requirements and guidelines of recent EU Cybersecurity Act.
In particular, REWIRE proposes a scalable and multifunctional cybersecurity platform that will ensure the security throughout the life of the IoT devices with continuous security auditing, trust computing and theorem proofs for defining an hardware-based microarchitecture for enhanced protection targeting to open-hardware/software vulnerabilities. A certification procedure of the audited software and hardware components will propose new software security metrics and establish a layer of trust between stakeholders, utilizing Blockchain and smart contracts.
REWIRE will expand traditional cyber insurance models to account for both open-source hardware and software assets, by ingesting security auditing results for estimating premium costs. REWIRE will exploit a Knowledge Plane of metadata generated from application behavioral patterns and operations to determine appropriate security policies and properties to enforce on open-source hw/sw to block potentially harmful instructions. REWIRE has invested in three carefully selected pilots (Automotive, Smart Cities, Smart Satellites), which can address the ambitious objectives of the project, i.e. a customizable TEE based on RISC-V, and micro benchmarking for quick and automated assessment of h/w vulnerability. Thus, REWIRE aims to safeguard the entire workflow of secure processing; from the Deployment and Operation of software-based System of Systems to their patch management when new exploits have been identified during run-time, by providing new trust management mechanisms towards the auditability and certification of SW/HW open-source specifications.
UBITECH undertakes both the administrative and technical coordination of the REWIRE action. As a matter of fact, UBITECH will drive the specification of REWIRE reference architecture, as well as the implementation of the REWIRE automated Risk Assessment framework, that will focus both on the Design and Runtime phases of the System of Systems deployment lifecycle. Moreover, UBITECH will design and implement the REWIRE device runtime data and execution stream monitoring and introspection capabilities for tracing the control- and information-flow execution paths.
