UBITECH hosts the virtual kick-off meeting (September 10-11, 2020) of the SANCUS Research and Innovation Action, officially started on September 1st, 2020. The project is funded by European Commission under Horizon 2020 Programme (Grant Agreement No. 952672) and spans on the period September 2020 – August 2023. The vision of the SANCUS project is to support the EU mission of protecting the next generation of Information and Communications Technology (ICT) networks by proposing an analySis softwAre scheme of uNiform statistiCal sampling, aUdit and defence proceSses. The key idea is to build a wide‐ranging manifold of new tools and strategies that enable next‐generation ICT system networks with massively distributed environments, to perform automated and Artificial Intelligence (AI) driven analysis of their firmware images at massive scale – as the quantity of the processed firmware grows, the capabilities of the system networks advance towards enabling proactive risk assessment of their applications and services by means of and maximising the overall system resilience in joint terms of security, privacy and reliability.
In this respect, the purpose of this project is to effectuate its idea by synergistic amalgamation of three emerging topics of research: (i) the formalisation of the logic towards standardising the highly abstracted notions of cybersecurity and privacy as network performance measures by introducing a new inclusive Key Performance Indicator (KPI) metric, namely, the security‐vs‐privacy‐vs‐reliability efficiency trade‐off, (ii) the design and development of automated security validation and verification solutions using new analysis methods with improved accuracy and efficiency for extracting ground‐truth risk evidence from both the code‐ and network‐level perspectives, and (iii) the establishment of intelligent game theoretic decision‐making frameworks to facilitate automated cybersecurity optimisation and truly optimal defence recommendations subject to risks and vulnerabilities assessments in firmware, applications, network architectures and ICT deployment environments.”
Within SANCUS, UBITECH is responsible for the overall scientific and technical management and progress of the project, driving the SANCUS architectural design, as well. Moreover, UBITECH works towards the implementation of the firmware automated validation and verification engine that comprises of the FiV module, a unified tool and method for extracting firmware in a reliable way, and the CiV module, executing in‐depth analysis of possible vulnerabilities present in the firmware image. Additionally, UBITECH contributes in the development of SiD module that provides automated validation and verification of the security of open‐source systems and to dynamically assess the risks of the running containers against threats, attacks, ransomware, viruses, breakouts and other suspicious activity.