CRITISEC (2019 – ongoing) – a CELTIC-PLUS project: The core idea of the CRITISEC project is to develop novel security products, services, and standards for edge networks in critical infrastructures, where the edge networks are a heterogeneous set of networks connected to the edge of a core production network.
These services will make it possible to connect edge networks to control systems in a secure and robust way, and to secure the edge network itself when it is the critical infrastructure that requires protection (e.g., the 5G network).
The challenges that CRITISEC will be addressing are: 1) the heterogeneity of the edge networks and of the systems they are connected to; 2) the resource-constrained nature of devices (e.g. battery power) and even of networks as a whole (packet loss, low bandwidth); 3) the scale of the edge networks, that can be composed of huge numbers of (resource-constrained) devices, so requiring efficient and highly scalable security solutions; 4) the predominant presence of open/shared platforms, where multiple applications share access to a common network of edge devices; 5) the presence of legacy devices and platforms, for which secure update procedures are often scarce, if any.
The main results of this project will be novel security standards, solutions, products, and services that can be used by providers of critical infrastructures to secure edge networks connected to their production systems. This will reduce the risk of malicious service disruption and preserve availability, reliability, and safety in the provisioning of societal services. itrust has been, among other things, designing and developing tools for IDS within the framework of this project.
itrust consulting is currently implementing an efficient and light-weight IDS tool designed to cope with the limitations of IoT settings, with clients already interested in acquiring the technology. This tool, intended for integration into our existing TRICK risk management and monitoring system, is undergoing active development revolving around clustering algorithms and classifiers that resist malicious adversarial training of datasets aimed at evading detection. itrust continues research and development work towards improving its ongoing development in terms of being able to cope with the curse of dimensionality, which impedes the performance of clustering algorithms as the number of dimensions increases to account for additional features used for clustering.