The DOSS – Secure-By-Design IoT Operation With Supply Chain Control – project aims to improve the security and reliability of IoT operations by introducing an integrated monitoring and validation framework to IoT Supply Chains, including all the relevant stakeholders. DOSS elaborates on a secure-by-design methodology and implements related technology based on formalized data exchange, component testing, and architecture modeling.
DOSS
DESIGN AND OPERATION OF SECURE IoT SUPPLY CHAIN
The Concept
USPs outline
What is this solution offering that’s different?
End-to-end communication
The DOSS “Supply Trust Chain” connects all relevant stakeholders with a formalized communication flow to facilitate monitoring of the movement of IoT devices from manufacturers all the way to decommissioning.
Multi-level security testing
DOSS establishes a comprehensive testing model covering all IoT components, including the binary testing of IoT devices, black-box analysis of 3rd party applications, vulnerability assessment on open-source applications, and internal developments the result of which will provide solid evidence of the existence or absence of vulnerabilities.
Security modeling in digital twin
DOSS will use an AI-assisted, flexibly configurable cybersecurity digital twin to simulate already in the design phase the architecture of selected IoT operations to identify potential attack scenarios, to analyze their impact, and to elaborate the necessary countermeasures.
Security feedback from operation
The DOSS IoT “Supply Trust Chain” also comprises the highly protected IoT operation itself, which is integrated into the communication loop to provide relevant security-related information to other actors of the IoT supply chain.
Latest news
A mix of research updates, insights, and scientific publications
Nieves Matheu García S, Skarmeta A. 2025. One Passport to Govern Them All: Bringing Order to IoT Security and Compliance. SECON2025
Conference: 2nd MobiSec Special Session on Secure and Cognitive Continuum (SECON 2025) co-located with the 9th International Conference on Mobile Internet Security (MobiSec 2025), 16-18. December 2025, Sapporo, JP Authors: Nieves Matheu García S, Skarmeta A. Abstract: The increasing complexity of the Internet of Things ecosystems has exposed critical gaps…
DOSS at the SECON2025
The 2nd MobiSec Special Session on Secure and Cognitive Continuum (SECON2025) was organized in conjunction with the 9th International Conference on Mobile Internet Security (MobiSec2025), in Sapporo, Japan, in collaboration of the Horizon Europe projects EMPYREAN, CERTIFY, DOSS, RIGOUROUS, TITAN and the Next Generation EU 6GSOC project of Spain. On 18.…
Are Large Language Models (LLMs) the key to accurate Vulnerability Detection?
By Miltiadis Siavvas, Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) The increasing reliance of our everyday lives on software-intensive systems, renders their security an aspect of utmost importance. Hence, there is a strong need for advanced mechanisms for enabling the early identification and elimination of…
