An introduction to the DOSS Supply Trust Chain

By November 15, 2023Insights

By András Vilmos, DOSS Project Coordinator

Let us devote the first blog on this website to introducing the Horizon Europe DOSS project. DOSS stands for Design and Operation of Secure Supply Chain.

As the name suggests, we approach the supply chain, and more specifically, the IoT supply chain, in its entirety. We cover all stages along the product life cycle from design, through implementation, distribution, onboarding, operation, and decommissioning.

As a starting point we believe that security can only be assured if we monitor all these stages; if we make the necessary security-relevant information available for all stakeholders; if the various actors can communicate with each other; if product security information is reliable, trusted and readily available; and if the operation provides feedback to the other actors of the supply chain about its security-relevant findings and experiences.

To achieve these goals, we will define the “Device Security Passport”, a machine-processable document that will comprise relevant security-related information of an IoT device. Bases of the document will be certificates if available, SBOM and HBOM, MUD files as well as other relevant information used today in practice. We will identify missing pieces and add the necessary specifications. Our work will be based on current standards and best practices and will make them available, and accessible from a common repository. By all means, stored data will be guarded with robust security and a finely-grained access management policy.

DOSS will not simply trust the Device Security Passport (we extrapolate the Zero Trust concept to the supply chain: never trust, always verify!), but will validate all the components of an IoT architecture in multiple stages.

We will build a unified component tester, which will verify the content of the Device Security Passport as well as test 3rd party apps, open-source software, and also in-house developments.

The validated components will be imported into a cybersecurity twin to be designed and implemented by the project. This module will allow the modelling of diverse service architectures on the same physical infrastructure using infrastructure automation technologies that enable flexible configuration and creation of virtualized environments. High-level models will be extracted from the low-level system descriptions. AI-assisted models will be used to identify relevant threats and attack scenarios and to recommend potential countermeasures.

The models elaborated by the Digital Cybersecurity Twin will be transferred to the Architecture Secure Validator which will assess the model against relevant industry standards and regulatory requirements. This module will transform the baseline requirements into machine-processable documents and will perform automated architecture validation and perhaps even pre-certification of the received configurations.

These modules, providing comprehensive analysis of the IoT modules and the systems built thereof, will be used both at design time to assure that planned concepts do not carry identifiable security risks, as well as for securing architecture updates, and renewals, to avoid importing new threats through the new components and modifications.

The DOSS security concept will also cover the IoT operation.

New components, devices will be integrated into the IoT service environment using an automated onboarding platform. This tool will use the information from the Device Security Passport for device and network configuration and will facilitate the automated configuration of an even larger number of new units.

When the IoT environment is up and running it will be monitored and protected with modules of the IoTAC platform that was implemented by the H2020 IoTAC project. The platform comprises an identity and access management module, AI-based attack detection, honeypots, and a runtime monitoring system, all integrated into a joined data bus and a related management dashboard. Additional malware detection methods will be added.

The IoT operation will provide feedback to the design time modules, and to all relevant stakeholders of the supply chain. We call this structured, formalized, and orchestrated communication the “Supply Trust Chain” that will assure that IoT devices and components can be monitored all through their entire lifespan, all their related security-relevant information will be up-to-date and valid, and all involved stakeholders will have access to vital security information.

We expect that with this complex approach, DOSS will be able to contribute to increasing the security of, and the trust in IoT services and architectures. We plan to submit our research findings to relevant industry organizations and to standards developing organizations.

Prototypes of the modules to be built by the project and the concept of the entire “Supply Trust Chain” will be validated in three IoT domains: automotive, prosumer cell operation, and smart home.

Leave a Reply