DIAS (Smart Adaptive Remote Diagnostic Antitampering Systems)

Program: Horizon 2020, Call identifier: H2020-MG-2018-2019-2020 (2018-2020 Mobility for Growth)

Emissions standards for vehicles have managed to introduce state-of-the art emissions controls that have brought significant reductions in the actual emissions levels. However, there is increasing clear evidence of illegal manipulation of emission control systems by vehicle owners and widespread usage is observed in the market. In general it is almost always the vehicle's owner or operator that tampers the EPS for economic advantages; either to reduce fuel or urea costs, or to avoid costly repairs of aged or malfunctioning equipment. Traditional OBD systems are designed to inform users about malfunctions of systems and components and notify the users of the repair needs and cannot prevent tampering. The primary target of DIAS is thus to harden vehicle environmental protection systems (EPS) against such tampering. This means that any changes in EPS hardware, software that degrade the performance of the system will be prevented, or detected. DIAS will develop innovative protection and security measures to increase the level of prevention. In case detected, information about the tampering attempt is available and is used to introduce countermeasures e.g. the activation of the driver inducement systems. DIAS brings together a highly qualified interdisciplinary team that starts with OBD and takes a two-step approach that involves implementing first measures to take early action against these activities, and a second cloud-based step that prepares methodologies and means for dealing with tampering attempts in the future that are currently unknown. Additionally DIAS will take into account that effective upcoming new tampering countermeasures can also be applied on vehicles already in the field to have an even stronger impact on preventing unnecessary environmental pollution. Finally DIAS takes advantage of future vehicle connectivity, both as opportunity and challenge, since these systems are intended to operate throughout Europe and even on a global scale.

GHOST (Safe-Guarding Home IoT Environments with Personalised Real-time Risk Control)

Program: Horizon 2020, Call identifier: H2020-DS-2016-2017 (Digital Security Focus Area)

To effectively respond to the multitude & complexity of cybersecurity challenges in smart-homes GHOST deploys a pioneering software-enabled "usable security" solution. The project brings professional level security to the European citizens and to this end it: (a) increases the automation level & effectiveness of existing security services; (b) opens up the cybersecurity "blackbox" to consumers, creates understanding and builds trust through effortless decision support & advanced "usable transparency"; (c) enhances the system's self-defence by safeguarding critical security-related data using blockchain technology. GHOST software will be embedded in an adequately adapted smart-home network gateway though it will be designed to be vendor-independent. A dedicated middleware layer ensures interoperability with multiple gateways & IoT devices. GHOST considers the relationship between security and usability to be an integration challenge (positive sum game) and definitely not a trade-off (zero-sum game). In this context, the project envisions to lead a paradigm shift in consumer cybersecurity by successfully coupling usable security with transparency and behavioural engineering. The envisaged user experience will systematically trigger security-friendly behaviour aiming at establishing appropriate "habitual behaviours". The solution will perform network analysis & deep packet inspection for suspicious pattern recognition, will apply machine learning for malicious behaviour detection, will carry out context-aware real-time risk assessment, and widely apply analytics & visualization for effortless user comprehension & decision support. In short, GHOST will (i) increase cybersecurity resilience; (ii) boost usability & automation; and (iii) enhance the competitiveness of European ICT security industry. GHOST will be demonstrated in more than 140 real smart-homes in Spain, Norway & Romania via the Red Cross network and beta testers from the customer basis of Televes & Vitheia.

PROTECT-G (Protection of communications in natural gas transportation systems)

Program: UEFISCDI PN III Cresterea competitivitatii economiei romanesti prin cercetare, dezvoltare si inovare, Call identifier: Bridge Grant (2016)

The project entitled PROTEction of Communications in natural Gas Transportation systems (PROTECT-G) aims at developing innovative solutions for the protection of communications in the field of natural gas transportation. The project fuses the expertise of the Petru Maior University (PMU) with the expertise of Hasel Invent (HASEL) in order to develop secure solutions for industrial gas communication systems. The industrial partner's technology is a "Centralized monitoring and operation system of a technological node from a natural gas transportation system", which is a modern and complex product aimed to facilitate the automatization, monitoring and centralized operation of technological nodes from natural gas transportation systems

• designing and implementing the security protocols to guarantee a wide range of security properties including confidentiality, data integrity and authenticity, authentication, etc.;
• developing a scalable solution for the administration of cryptographic keys and for the monitoring of security components;
• developing solutions to detect anomalies in industrial communications and for the remote attestation of industrial equipment;
• integrating the developed solutions in HASEL's technology;
• elaborating training programs for master students.

SERENITI (Cyber Security and Resilience of Networked Critical Infrastructures)

Program: FP7 Marie Curie Actions - Support for training and career development of researcher, Call identifier: Career Integration Grant (FP7-PEOPLE-2013-CIG)

SERENITI: Cyber Security and Resilience of Networked Critical Infrastructures (NCI), aims at elaborating novel methodologies for the design of security and resilience-aware ICT infrastructures for Networked Critical Infrastructures, e.g., water plants, oil and gas pipelines, power grid, and the emerging Smart Grid. It addresses several research gaps by providing:

• A new approach for designing more secure and resilient NCI. In particular the project will develop unique techniques to aid engineers in designing their networks according to a wide set of requirements.
• A novel Distributed IDS (DIDS) that glues together existing cyber and physical IDS.
• A novel approach for DIDS placement in NCI that takes into account security and resilience design requirements.

SDIIT (Software Defined Industrial Internet of Things)

Program: Accenture Industrial Software Solutions, Call identifier: Grants for Universities for IoT Activity (2015)

SDIIT (Software Defined Industrial Internet of Things) develops a framework to improve the security of IIoT. The approach embraces recent advancements from the field of traditional IP networks by adopting the Software Defined Networking (SDN) paradigm. SDIIT enhances the architecture of SDN with an automated firewall configuration component and with a novel physical process Anomaly Detection System (ADS). In SDN traditional local router-based decisions are replaced with global routing decision software. SDN separates control planes from forwarding planes, enabling more complex traffic management techniques, dynamic, reconfigurable, and disturbance-tolerant IIoT. Most importantly, however, each SDN-enabled network switch includes basic firewall features that permit only legitimate traffic and filter other packets. By building on the capabilities offered by SDN, SDIIT will deliver an automated technique for comprehensively configuring distributed SDN firewalls (SDN-enabled switches).