Cyber security

The digitization of our society and our economy has led to a dependency on information and communication technologies and thus to serious risks related to our cyber security. Until recently risks were, in general, restricted to information security, network security and application security ensuring the confidentiality, the availability and the integrity of data, but with the Internet-of-Things (IoT) we are seamlessly connecting the cyber and the physical worlds extending the risk area to safety requiring a broader perspective on security.

IoT is turning out to be one of the weakest spots in our infrastructure. With billions and in the near future potentially trillions of devices, the security risks are growing at great rates. Our economic and societal forces are creating a perfect storm, a pervasive infrastructure of trillions of IoT devices which on one hand will oversee our lives and economy, and on the other hand will be completely unmanageable from a security perspective. To compound the risk, IoT systems are often devised and engineered in places where we have no control on, and unless we want to basically surrender our digital sovereignty by only relying on foreign solutions for our national cyber security, we need to find a way to secure them regardless of provenance and built-in malicious intents.

We are at a watershed moment in history and unless we take action immediately, we run the risk of being overcome by technology that will fundamentally and irreversibly undermine our cyber security and our safety. It is not just a matter of achieving an acceleration of technological innovations, it is actually a matter of achieving a transformative change in society.

INTERSECT partners

Secure things

To secure something we cannot manage, we need to re-think the security paradigm, delegating part of the security management to the system that needs to autonomously adapt to the changing environment, while remaining under our supervision, and re-think accordingly all our security technologies. We need to be able to design, develop, manufacture and deploy IoT systems-of-systems in a fundamentally different way enabling the overall system to become robust, resilient and trustworthy, even in the presence of individual IoT devices that are insecure or even compromised in a ε-trust environment and providing the right ecosystem for their wide adoption within industry.

We actually need to be able to design, develop, manufacture and deploy new types of IoT devices with security-by-design, security-by-default, robustness and resilience in mind; while continuously preserving all safety requirements, these devices must pro-actively manage their security, actively respond to attacks, recover from attacks, resume and restore themselves to a predefined level of operation following an attack etc., that is provide an appropriate product-level service continuity.

When building these properties into the devices themselves is not possible (e.g. because we have no control over their engineering), we must have capabilities (e.g. regulations, technologies) ready to find, isolate, and neutralize potential threats. We see it as our mission to produce a paradigm shift in the engineering of Secure IoT systems, by introducing autonomously adaptive security as a new evidence-driven paradigm for system design, development, and maintenance. We will develop a new system life cycle model and relevant enabling systems that allows us to effectively and efficiently design, develop and manufacture such devices (robust and resilient and trustworthy in a ε-trust environment). We will provide industry with the incentives and instruments to adopt these new methods and manufacture IoT systems accordingly, so that governments and citizens can adopt them, thereby enabling the birth and the growth of an Internet of Secure Things. This will eventually have a profound societal impact.

Website

Visit our INTERSCT website