security by design

By Gábor Pék, CrySyS Lab, Budapest University of Technology and Economics  Automated penetration testing is one of the recent challenges of cyber-security with the visionary goal of discovering and exploiting system- and software vulnerabilities with no human involvement at all. Over the last couple of years various automated and semi-automated…

By Joana Gracia and Leonardo Gonzalez, Tecnalia, Dimitrios Tsoukalas, Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) and György Rácz, Budapest University of Technology and Economics (BME) Connected Car The Connected Car demonstration will involve a control station and multiple vehicles, both real ones and simulated…

By Sascha Hackel, Martin Schneider, Ramon Barakat and Luca Jungnickel, Fraunhofer FOKUS Introduction and motivation IoT devices surround us every day, whether they are integrated into cars, medical devices, smart home applications, or critical infrastructure. These devices are an integral part of our daily lives, and the need for secure…

By Gaelle Le Gars, asvin GmbH   As we approach the end of the Von der Leyen commission mandate, now feels like the appropriate time to review just how much the EU regulatory landscape has changed in the last four years and how these new rules will materialise as they…

By Miltiadis Siavvas,  Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) The definition of software requirements, both functional and non-functional, is the first step of the Software Development Lifecycle (SDLC). The correct specification of these requirements is critical for the production of high-quality and dependable software…

What we learnt at the DOSS IoT Day Roundtable 2024 By Gaelle Le Gars, asvin GmbH   The joint EU-US CyberSafe Products Action Plan The Action Plan builds on the EU Cyber Resilience Act framework and the U.S. cybersecurity labelling programme U.S. Cyber Trust Mark. At the beginning of 2024,…

The European Common Criteria-based cybersecurity certification scheme (EUCC) By Roland Atoui and Ayman Khalil, Red Alert Labs   With the introduction of the European Common Criteria-based cybersecurity certification scheme (EUCC), the European Commission makes a significant advancement in a time when cybersecurity threats are more serious than ever. Supported by…

By Erol Gelenbe, Institute of Theoretical and Applied Informatics of the Polish Academy of Sciences (IITIS-PAN) The IITIS-PAN team has obtained some recent results as part of the DOSS project, regarding the analysis of the behaviour of real (non-virtual) IoT Gateways, in order to determine the salient features of these…

By Levente Buttyán, CrySyS Lab, Budapest University of Technology and Economics  Digital twins are virtual copies of physical devices or entire systems that can be used to address various challenges in the design, testing, and operation of those devices and systems. During the design phase, a digital twin can, for…