security by design

With the rapid proliferation of IoT technologies, security concerns have increased due to the opaque nature of supply chains. Operators often lack comprehensive knowledge about the security status of their devices. The DOSS framework addresses this gap by providing a system that facilitates transparency, reliability, and timely security information exchange…

By Roland Atoui, Red Alert Labs Sitting in the meeting room in Brussels, surrounded by some of the most influential cybersecurity experts and policymakers in Europe, I couldn’t help but feel the weight of the moment. The Cyber Resilience Act (CRA) is no longer a draft on paper - it’s…

By András Földvári and András Pataricza, Budapest University of Technology and Economics  In today’s connected world, complex IoT systems play a critical role in several critical industries, where cybersecurity intrusions affecting the IT part may lead to severe or catastrophic consequences amplified by the controlled physical process. Here, the assurance…

Paul Gedeon, Red Alert Labs The Internet of Things (IoT) has become a cornerstone of modern life, connecting devices across industries, homes, and entire cities. As we head towards an era of unprecedented connectivity, where trillions of devices will interact autonomously, the demand for secure, resilient IoT systems has never…

asvin GmbH On October 10, 2024, the Council of the European Union adopted the European Cyber Resilience Act (CRA). It was published in the Official Journal of the European Union on November 20, 2024, and will apply from December 11, 2027, with some provisions at an earlier stage. The Council…

By András Vilmos, DOSS Project Coordinator The Supply Chain Security Challenge In today's interconnected world, businesses and individuals increasingly rely on IoT devices, software, and services from a variety of sources, making supply chain security critical. The complexity and opacity of modern supply chains, combined with the implicit trust placed…

By Miltiadis Siavvas,  Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) Problem Statement The early identification and mitigation of software vulnerabilities is critical for the development of secure software. To facilitate the vulnerability identification and mitigation process, several tools and techniques have been proposed over the…

By Gábor Pék, CrySyS Lab, Budapest University of Technology and Economics  Automated penetration testing is one of the recent challenges of cyber-security with the visionary goal of discovering and exploiting system- and software vulnerabilities with no human involvement at all. Over the last couple of years various automated and semi-automated…