BIECO
The general objective of BIECO is to develop a framework that enables measurable, risk-based trust while developing, deploying and operating complex interconnected ICT systems.
The BIECO team is proud to announce

Objectives
We aim to achieve this by handling the reliability and trust aspects of ecosystem participants (ICT systems, ICT system components and actors) within the supply chain.
The following shows the specific SMART (Specific, Measurable, Achievable, Realistic, Time-bound) objectives of the project, taking into account the challenges of this kind of complex ecosystems.
Framework
Providing a framework that allows reinforcing trust in ICT supply chains (WP2).
Vulnerability assessment
Performing advanced vulnerability assessment over ICT supply chains (WP3).
Achieving resilience
Achieving resilience in ecosystems formed by unreliable components (WP4).
Extending auditing
Extending auditing process to evaluate interconnected ICT systems (WP5).
Advanced risk analysis
Provide advanced risk analysis and mitigation strategies that support a view of the complete ICT supply chain (WP6).
Security assurance
Perform evidence-based security assurance and a harmonized certification for ICT systems (WP7).
Industrial validation
Industrial validation of BIECO’s framework within IoT ecosystems (WP8).
Exploitable Results
Extension of the Approach to the Communications within the Whole Supply Chain of the Microfactory
Once the secure communication with a vehicle has been demonstrated for remote FW update, it is straightforward to extend it to general Service-Over-the-Air architecture and even further.
Remote Updating – Upgrading of Vehicle Firmware
Securing remote and in-vehicle communications against cyber-attacks, possibly performed with quantum computers in the near future, is a major goal in the automotive sector. For such a purpose I-FEV focused on a thorough study and an architecture and protocol design to develop and implement a Service Over the Air (SOtA )system, starting from Electronic Control Unit (ECU) firmware update on its electric vehicles from remote.
Time Sensitive Network Simulation
Simulate the real time communication for the distributed based on the Time sensitive network simulation. Additionally, simulate the fail-operation clock synchronization methodology. This simulation will validate the communication stack.
Fail-operation clock synchronization methodology
Domain Specific Language
The domain specific language enables specification of digital twin behaviour in a manner that can enable a predicted evaluation of its trustworthy behaviour in a simulated environment.
Security Testing Tool
GdpR-based cOmbinatOrial Testing (GROOT) is a general combinatorial strategy for testing systems managing GDPR’s concepts (e.g., Data Subject, Personal Data or Controller).
Monitoring Tool
The monitoring tool is an infrastructure in charge of setting up and managing a monitoring component. It is based on event messages and enables the collection of complex events.
Extended MUD File
The extended Manufacturer Usage Description (MUD) file is an extension of the MUD Internet Engineering Task Force (IETF) standard. The MUD specification’s major goal is to limit the threat and attack surface of a certain IoT device by allowing manufacturers to establish network behaviour profiles for their devices. Each profile is built around a set of policies, or Access Control Lists (ACLs), that specify the communication’s endpoints.
Security Evaluation Methodology
Security evaluation methodology to evaluate the security of an ICT system. The methodology is based on standards such as ISO 31000 standard for Risk Management, the ISO 29119 standard for Security Testing or the MUD standard. The methodology defines a set of high-level steps that should be followed by the security evaluator and is intended to serve as a basis for the security certification. Moreover, the proposed methodology is intended to be generic enough to be instantiated though different techniques and tools.
Log Forgery Blocker
Log Forgery Blocker – a brand new product on the market.
AI Investments Platform
Secured AI Investments platform using the outcome of the BIECO project.
ResilBlockly
This exploitation result consists in cybersecurity consultancy services supported by ResilBlockly (former Blockly4SoS), a Model-Driven Engineering tool that has been developed in the context of BIECO.
Fuzzing Tool
Fuzzing Tool will test System Under Test (SUT) security vulnerabilities or inputs not contemplated that could compromise the system; as a black-box process, by using unintended or incorrect inputs and monitoring their corresponding outputs.
Vulnerability Propagation Tool
Vulnerability Propagation Tool will calculate and offer the paths affected by a vulnerability in the source code.
Vulnerability Exploitability Forecasting Tool
Vulnerability Exploitability Forecasting Tool will estimate the probability of a vulnerability to be exploited in the next 3, 6 or 12 months.
Vulnerability Detection Tool
Vulnerability Detection Tool will detect existing vulnerabilities within the source code which may lead to the successful execution of an attack.
Data Collection Tool
Data Collection Tool (DCT) stores information from relevant vulnerability related datasets, providing a single access point to information required by the vulnerability detection and forecasting tools developed in T3.3, as well as for the failure prediction tools developed in T4.2.
BIECO Integrated Platform
BIECO Integrated Platform will integrate the tools in a loosely coupled way.
About BIECO
The rationale behind BIECO’s concept is to deliver a framework for improving trust and security within ICT supply chains. These are complex ecosystems comprising several heterogeneous technologies, processes, actors (e.g., end-users, software or hardware providers and organizations) and resources, all of which generate or exchange data forming extremely complex information management systems.
NEWS

Doctor Honoris Causa – Jose Antonio Barata de Oliveira
Doctor honoris causaTechnical University of Cluj-Napoca UTCN announces the awarding of the title of Doctor Honoris Causa to the university Professor Jose Antonio Barata de Oliveira. Laudatio:professor Petrică Pop Sitar Ceremony26 May 2023 - 11:00 AMTechnical...

BIECO Use Cases Integration Workshop, Pisa 27-28 March 2023 – Day 2
BIECO Use Cases Integration Workshop, Pisa 27-28 March 2023 – Day 2

BIECO Use Cases Integration Workshop, Pisa 27-28 March 2023 – Day 1
BIECO Use Cases Integration Workshop, Pisa 27-28 March 2023 – Day 1

Barcelona IOT Solution World Congress – Official website
Barcelona IOT Solutiona World Congress - Official websitehttps://ecatalogue.firabarcelona.com/iotswc23/exhibitor/205777/detail?lang=en_GB UNINOVA Barcelona Cybersecurity Congress CYBERSECURITY Gran Via, Hall 4, Level 0, Street C, Stand 350 BIECO is an EU...

Barcelona IOT Solution World Congress – Day 3
Barcelona IOT Solutiona World Congress - Day 3

Barcelona IOT Solution World Congress – Day 2
Barcelona IOT Solutiona World Congress - Day 2