IDUNN will provide interoperable technological blocks to create an evolving secure shield for complex ICT/OT environments.
The diversity of the consortium partners’ expertise and the variety of scenarios allow to achieve the proposed results:
A methodology based on an immutable blueprint that guarantees the integrity and traceability of a complex ICT system. This blueprint methodology will ease the implementation of certification processes. The accountability and traceability strategy will be based on an encrypted lightweight distributed ledger to allow decentralised accountability.
A holistic threat model at the light of the MITRE TTP of the ICT supply chain in complex ICT/OT environments to ensure that there are no weak links.
A validated technological security framework in the form of tools and microservices to enable automatic and dynamic cybersecurity operations:
- (1) AMORA: fingerprinting of the OT components by profiling interfaces and behaviours, testing for interfaces compliance to profiles, certification documentation, testing data;
- (2) HEIMDAL: automated discovery of known threats, detection at the endpoint;
- (3) THOR: Centrally detection of “unknown” or “zero-day” threats through fair AI and data analytics. Central detection aided by AI/M;
- (4) ODIN: This tool will run resilience actions (Response, Recovery, Mitigation) obtained through the Thor. Response (and decision making);
- (5) FRIGG: This tool will run a self-diagnostic operation according to certain metrics and Self-diagnostic (metric and goal-based).
A complete integration plan based on three main project scenarios as an example of their applicability on other general ICT supply systems. The baseline of the plan is based on three strategies:
- The exploitation of individual technology blocks and
- The integration within an existing Security Information and Event Management (SIEM).
- The complete cybersecurity framework licensed as a Security Operating Centre (SOC) as a service.
Co-creation activities with potential stakeholders (starting with the IDUNN three scenarios) to reduce and standardise the human intervention and tools proposed as a means to ensure resilience on ICT complex systems through certification. CERT/CSIRTs within the consortium will be targeted as the main actor to apply solutions developed.