Posted on

UBITECH undertakes the technical coordination of the CONNECT Research and Innovation Action on CCAM trust and resilience

UBITECH hosts, in Athens, Greece, the kick-off meeting (September 22-23, 2022) of the CONNECT Research and Innovation Action, officially started on September 1st, 2022. The project is funded by European Commission under Horizon Europe Programme (Grant Agreement No. 101069688) and spans on the period September 2022 – August 2025. CONNECT addresses the convergence of security and safety in CCAM by assessing dynamic trust relationships and defining a trust reasoning framework based on which involved entities can establish trust for cooperatively executing safety-critical functions. This will enable both a) cyber-secure data sharing between data sources in the CCAM ecosystem that had no or insufficient pre-existing trust relationship, and b) outsourcing tasks to the MEC and cloud in a trustworthy way.

Beyond the needs of functional safety, trustworthiness management should be included in CCAM’s security functionality solution for verifying trustworthiness of transmitting stations and infrastructure. CONNECT will build upon and expand the Zero Trust concept to tackle the issue of how to bootstrap vertical trust from the application, the execution environment and device hardware from the vehicle up to MEC and cloud environments. This includes measuring the system when instantiating network functions and determining the integrity and origin of software. Trusted Execution Environments (TEEs), as sw- or hw-based security elements, will be essential to establish a verifiable chain of trust throughout the entire application stack of the host vehicle, as well as protecting data in transit, at rest and in use. By coupling the Zero Trust security principle with the need of “Never Trust, Always Verify”, CONNECT bootstraps vertical trust for all users, devices and systems in the CCAM ecosystem by enabling continuous authorization and authentication prior to be granted access to data or resources. Through TEE-enabled “Chip-to-Cloud” assurances and verifiable chain of trust, CONNECT reaches its full potential: not only does it mitigates risks stemming from the Zero Trust CCAM environment but also ensures resilience. This can make CONNECT the cornerstone of future smart transportation as it will usher new levels of safety and connectivity and bring vehicles even close to autonomy.

Within CONNECT, UBITECH undertakes the overall technical coordination and drives the activities related to (i) the definition of the functional and non-functional requirements as well as security, trust and operational assurance requirements and properties, (ii) the design and conceptualization of the overall framework architecture, (iii) the identification of the CCAM operational and security services, their criticality and a positioning of where they can be executed considering the application domains of the use cases, and (iv) the ethical analysis of the measures of evidence that can be considered during the trust assessment of the CCAM ecosystem.

Finally, UBITECH develops and implements the CONNECT Connected and Autonomous Driving (CAD) Twinning framework responsible for managing the creation and execution of virtual functions capable of not only mirroring specific aspects of a vehicle’s trust and operational calculations but also acting as a virtual interaction environment enabling the real-time investigation of possible zero-day exploits, in the vehicle’s software stack, that may lead to updated trustworthiness controls and migration of sensitive workloads from a compromised vehicle (or ECU) to a Digital Twin so as to not compromise the overall trustworthiness of the entire CCAM service. This includes secure tracing mechanisms (monitoring and introspection) responsible for providing the multi-level detailed secure extraction of system data for further analysis and investigation of any newly identified attack paths.