O1: Identify IDUNN’s end-user, legal, technical, financial, standards and ethical requirements from use cases.
- 01.A1: To define meaningful scenarios and use cases in which to demonstrate the suitability of IDUNN’s tools while taking into consideration both financial and ethical concerns
- 01.A2: To assess associated risks to business within the supply chain of complex ICT systems
- 01.A3: To define relevant information required for notification of a threat, attack and countermeasure
- 01.A4: To define IDUNN´s architecture
- 01.R1: Complete risk assessment for each use case and its relevant scenarios.
- 01.R2: Identification of information needed for security operations and incident reporting. Standard’s compliance.
- 01.R3: Specifications and design of IDUNN’s overall architecture.
O2: IDENTIFICATION: Create the infrastructure to develop security products and services to foster a resilient and secure Operational Technology environment
- 02.A1: Define the information that should be included for audit and traceability purposes
- 02.A2: Define the decentralized infrastructure for data collection: individual components, interfaces, data communication to be used in context with the labs provided (e.g. SESALab) (e.g. AI, encryption type, tangle, performance)
- 02.A3: Define the DAG-based infrastructure for integrity and traceability of data elicited in the labs
- 02.A4: Define/create a simulation tool and formats for security incidents modelling and conformance testing
- 02.R1: Endorsement by value chain stakeholders, certification experts and authorities of the audit information.
- 02.R2: Successful testing of individual components for collection of real data from sensors, PLC and SCADA.
- 02.R3: Successful testing of data integrity verification for the complete chain through the tangle infrastructure and encryption.
- 02.R4: Successful development and scale-up of a testing solution based IHE Gazelle (proprietary solution from OFFIS).
O3: PROTECTION and DETECTION: Develop Fair AI-based automated forecasting solutions
- 03.A1: Identify external and internal sources for known threats (i.e. policies, configurations, traffic patterns, CVE), that is, Open Source Intelligence (OSINT)
- 03.A2: Identify data sources and high-performance data crawling “in the wild”
- 03.A3: Design and develop a Trusted Network Architecture for endpoints
- 03.A4: Develop an AI-driven Search Engine API for undiscovered vulnerabilities with time-series model
- 03.A5: Develop high-performance ML & Deep learning techniques for visualizing anomaly and outlier detection
- 03.A6: Develop high-performance Deep Generative models for simulating security incidents
- 03.A7: Develop an automated Smart Fuzzer
- 03.A8: Develop a catalogue of cybersecurity risks based on Indicators of Interest (IoI) and Indicators of Compromise (IoC)
- 03.A9: Identify and mitigate AI biases inherited from the source of data, security assumptions, and ML models.
- 03.R1: Successful simulation of security incidents with real communication with PLC and SCADA systems.
- 03.R2: Improved ability to identify and store data from heterogeneous sources from the dark and clear web.
- 03.R3: Provide fair AI-based risk models for addressing complex situations that are characterized by ambiguity and uncertainty, equally to risk issue.
- 03.R4: Increased accuracy of prediction tools using heterogeneous datasets.
- 03.R5: Achieve high accuracy in the detection of incidents and potential threats.
- 03.R6: Reducing the time it takes to detect a security breach.
O4: RESPONSE, INFORMING and MUTATION: Develop automated and AI-based supporting decision algorithms for fast recover
- 04.A1: Define the resilience actions supporting systems
- 04.A2: Define open Source and software vulnerability governance tools
- 04.A3: Implementation of dynamic visualization dashboards
- 04.A4: Development of DLT-based infrastructure for secure informing features
- 04.A5: Define AI-based self-diagnosis and automatic mutation tools
- 04.R1: Increase the protection of users’ privacy and trust in ICT systems.
- 04.R2: Reducing the time it takes to respond and recover from a security breach.
- 04.R3: Improving homogeneity by advanced credible secure informing tools among all the ICT supply stakeholders.
- 04.R4: Improvement over time (mutation) by means of self-diagnosis.
O5: Validate the solutions of this SOCaaS in relevant environments
- 05.A1: To define the integration activities and validation plan and KPIs
- 05.A2: To define the different scenarios for each use case
- 05.A3: IDUNN testing and final evaluation results
- 05.R1: Successful validation of IDUNN’s tools in three real-world scenarios (gas valves for energy distribution, manufacturing industrial machinery and the application of an innovative IoT Controller for edge computing).
- 05.R2: To benchmark the cost-efficiency of IDUNN in the three scenarios and prepare the replicability.
O6: Disseminate IDUNN’s results, develop an exploitation plan and contribution to standardisation
- 06.A1: Prepare the communication and promotion plan of the project objectives
- 06.A2: Promote the project outcomes to achieve awareness of the activities, joint research and innovation action strategy
- 06.A3: Engage collaborations with other related projects for the benefit of a fast uptake and to avoid reinventing the wheel
- 06.A4: Develop a comprehensive plan for the sustainability of the project’s results including the application of IDUNN to CSIRT/CERTs
- 06.R1: Support the demand for security-based solutions to improve resilience in OT based on international standards.
- 06.R2: Around 300 stakeholders engaged in dissemination activities through online and offline activities.
- 06.R3: Publication of at least 15 scientific articles in journals and conferences and the organisation and/or participation in at least 25 events and workshops.
- 06.R4: Relevant project results will contribute to corresponding standardization bodies/organisations.
- 06.R5: Outcomes exploitation of the project resulting in important benefits for ensuring security and data protection.