UBITECH has actively participated in the kick-off meeting, in Genoa, Italy (January 19-20, 2017) of the ANASTACIA Research and Innovation Action, officially started on January 1st, 2017. The project is funded by European Commission under Horizon 2020 Programme (Grant Agreement No. 731558) and spans on the period January 2017 – December 2019. The ANASTACIA project develops and demonstrates a holistic solution that enables trust and security by-design for cyber physical systems (CPS) that are based on IoT and cloud architectures, addressing the increasing vulnerability of today’s smart, highly connected and dynamic CPS, by leveraging the same dynamic distributed and connected environment to enact smart security planning, enforcement and monitoring strategies. This trustworthy-by-design security framework addresses all the phases of the ICT Systems Development Lifecycle and enables autonomous decisions taking through the adoption of the emerging networking technologies of Software Defined Networks (SDN) and Network Function Virtualisation (NFV) and the use of intelligent and dynamic security enforcement and monitoring methodologies and tools. ANASTACIA incorporates (a) a security development paradigm based on the compliance to security best practices and the use of the security components and enablers, providing assisted security design, development and deployment cycles to assure security-by-design; (b) a suite of distributed trust and security components and enablers, that are able to dynamically orchestrate and deploy user security policies and risk-assessed resilient actions within complex and dynamic CPS and IoT architectures (online monitoring and testing techniques will allow more automated adaptation of the system to mitigate new and unexpected security vulnerabilities); and (c) a Dynamic Security and Privacy Seal, combining security and privacy standards and real time monitoring and online testing – providing quantitative and qualitative run-time evaluation of privacy risks and security levels, which can be easily understood and controlled by the final users.
UBITECH undertakes the technical integration lead of the project’s R&D activities, while UBITECH R&D team heavily contributes and leads the technological choices towards the definition and design of a trustworthy-by-design autonomic security framework that allows testing, validating and optimizing security, from design to deployment and maintenance and relies on diverse enablers to dynamically orchestrate and deploy user security preferences, facilitate the deployment of local agents, and enforce security in heterogeneous scenarios including those based on SDN/NFV and Internet-of-Things networks. Moreover, UBITECH significantly contributes towards the implementation of the autonomic plane components, which provides the ANASTACIA trustworthy-by-design security framework with intelligent and dynamic behavior. UBITECH is mainly involved in the implementation of (a) the security enforcement manager that analyses the reaction outcome and oversees the interactions among objects and components in order to ensure that security requirements defined in high-level policies are met, performing resilient control of compromised or threatened components, and controls of interactions among objects and users to ensure that the security requirements of legacy systems and IoT controls are met; and (b) the security orchestrator that organizes the resources to support the required enforcement, mapping source-code metadata security properties to configuration and infrastructural requirements by communicating with NFV orchestrators, the control plane of the framework (either SDN controllers, or IoT controls), and legacy network functions.