Summary
Security of open-source solutions in the business interconnected market (especially in IoT where a single product may include components from various Tier 1 or OEM manufacturers) is hard to assure. OEM SW/HW developers that employ open-source solutions must assume that any component provided by 3rd parties needs to be reassessed for security as there is not holistic security auditing/testing process to cover the full production line. The plethora of open-source HW/SW solutions on devices with constrained resources and no trusted environments leads to a considerably expanded threat landscape. The restricted execution environment reduces bootstrapping new devices in an IoT network and deploying/patching them securely; and the full DevSecOps of connected device open-source HW/SW must be reformulated offering security guarantees on the usage of open-source solutions. SecOPERA will provide a one stop hub for complex OSS/OSH solutions offering to designers, implementers, operators and open-source HW/SW developers the means to analyse, assess, secure/harden and share open-source solutions as these are integrated in an overall complex product within a networked connected environment. SecOPERA provides a framework supporting the open source DevSecOps lifecycle that comprises (i) a decomposition and security audit/testing engine that analyses open source solutions (OSS/OSH) (ii) an adaptation engine that debloats OSS/OSH code to remove unrelated open-source code and reduce the code attack surface; and a security enhancement process to harden the OSS/OSH solution (iii) an updating/patching mechanism so that the SecOPERA open-source flows remain secure even if their open-source code starting points are vulnerable. On top of that, SecOPERA hub provides (iv) an open-source repository for secure modules that is used in the security enhancement mechanism of open-source solutions; and (v) an open-source repository of security hardened OSS/OSH solutions and their security guarantees.
Unfold all
/
Fold all
More information & hyperlinks
Web resources: | https://cordis.europa.eu/project/id/101070599 |
Start date: | 01-01-2023 |
End date: | 31-12-2025 |
Total budget - Public funding: | 4 581 135,00 Euro - 4 581 135,00 Euro |
Cordis data
Original description
Security of open-source solutions in the business interconnected market (especially in IoT where a single product may include components from various Tier 1 or OEM manufacturers) is hard to assure. OEM SW/HW developers that employ open-source solutions must assume that any component provided by 3rd parties needs to be reassessed for security as there is not holistic security auditing/testing process to cover the full production line. The plethora of open-source HW/SW solutions on devices with constrained resources and no trusted environments leads to a considerably expanded threat landscape. The restricted execution environment reduces bootstrapping new devices in an IoT network and deploying/patching them securely; and the full DevSecOps of connected device open-source HW/SW must be reformulated offering security guarantees on the usage of open-source solutions. SecOPERA will provide a one stop hub for complex OSS/OSH solutions offering to designers, implementers, operators and open-source HW/SW developers the means to analyse, assess, secure/harden and share open-source solutions as these are integrated in an overall complex product within a networked connected environment. SecOPERA provides a framework supporting the open source DevSecOps lifecycle that comprises (i) a decomposition and security audit/testing engine that analyses open source solutions (OSS/OSH) (ii) an adaptation engine that debloats OSS/OSH code to remove unrelated open-source code and reduce the code attack surface; and a security enhancement process to harden the OSS/OSH solution (iii) an updating/patching mechanism so that the SecOPERA open-source flows remain secure even if their open-source code starting points are vulnerable. On top of that, SecOPERA hub provides (iv) an open-source repository for secure modules that is used in the security enhancement mechanism of open-source solutions; and (v) an open-source repository of security hardened OSS/OSH solutions and their security guarantees.Status
SIGNEDCall topic
HORIZON-CL3-2021-CS-01-02Update Date
09-02-2023
Images
No images available.
Geographical location(s)
Structured mapping
Unfold all
/
Fold all