DOSS
DESIGN AND OPERATION OF SECURE IoT SUPPLY CHAIN
The Concept
The DOSS – Secure-By-Design IoT Operation With Supply Chain Control – project aims to improve the security and reliability of IoT operations by introducing an integrated monitoring and validation framework to IoT Supply Chains, including all the relevant stakeholders. DOSS elaborates on a secure-by-design methodology and implements related technology based on formalized data exchange, component testing, and architecture modeling.
Read more
USPs outline
What is this solution offering that’s different?
End-to-end communication
The DOSS “Supply Trust Chain” connects all relevant stakeholders with a formalized communication flow to facilitate monitoring of the movement of IoT devices from manufacturers all the way to decommissioning.
Multi-level security testing
DOSS establishes a comprehensive testing model covering all IoT components, including the binary testing of IoT devices, black-box analysis of 3rd party applications, vulnerability assessment on open-source applications, and internal developments the result of which will provide solid evidence of the existence or absence of vulnerabilities.
Security modeling in digital twin
DOSS will use an AI-assisted, flexibly configurable cybersecurity digital twin to simulate already in the design phase the architecture of selected IoT operations to identify potential attack scenarios, to analyze their impact, and to elaborate the necessary countermeasures.
Security feedback from operation
The DOSS IoT “Supply Trust Chain” also comprises the highly protected IoT operation itself, which is integrated into the communication loop to provide relevant security-related information to other actors of the IoT supply chain.
Latest news
A mix of research updates, insights, and scientific publications
The DigiCert 2024 State of Digital Trust Report examined four specific digital trust areas, one of them being IoT & Connected Devices. Survey participants represented companies that manufactured and sold IoT devices or connected devices to customers. 93% of those surveyed had experienced data breaches. Many of these occurred because…
On 7 May 2024, at 14:00-15:00 (CEST), the ECCC, together with ECCO (European Cyber Security COmmunity project) will organize a knowledge-sharing webinar focused on the certification processes in the supply chain. The webinar will provide a comprehensive vision around the certification processes for the secure management of systems’ lifecycle and…
By Miltiadis Siavvas, Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) The definition of software requirements, both functional and non-functional, is the first step of the Software Development Lifecycle (SDLC). The correct specification of these requirements is critical for the production of high-quality and dependable software…
