The methodologies and tools provided by BIECO’s framework will be evaluated in three use cases from different sectors:

USE CASE 1

USE CASE 1: ICT Gateway

The ICT gateway is a component intended for Smart Grids that acts as mediator between data sourcing and actuation subsystems and domain applications. It supports data and configuration/control flows for all applications, as for example applications on grid outage diagnosis, grid efficiency and voltage quality. Its main functionalities are ICT monitoring, and early detection and diagnosis of anomalies.

The system is divided into four layers: the Adapters Layer that connects the ICT Gateway to the smart grid; the Domain Logic Layer handles interactions with actuation subsystems and contains basic attack and fault detection mechanisms; the Service Layer specifies how the ICT Gateway communicates with other components and applications; and the Application Layer that includes a GUI. Besides these layers, the gateway includes a Resilient Local Clock that implements a low-intrusive software clock in charge of synchronizing local time to a master time reference.

ICT Gateway, data flows and interactions with the smart grid

In BIECO the ITC gateway will be used to demonstrate the application of several technologies and methodologies developed in the project. In particular, it will focus on:

  • detecting more accurately software vulnerability that might exist in the software, and determine how a possible vulnerability of the gateway could propagate to the smart grid (WP3)
  • performing self-checks that allow to detect residual vulnerabilities, software and hardware failures; using simulation tools that enable a virtual evaluation when an adversary is influencing clock synchronization (WP4)
  • auditing and monitoring the integration with other third party systems and components, as well as the correct runtime behaviour of the gateway and its subsystems (WP5)
  • performing a risk assessment and threat modelling of the status of the system, taking into account also how a gateway vulnerability could impact the smart grid (WP6)
  • obtaining guarantees that certify the adherence of the software to its expected behaviour (WP7)

These features will allow to improve the attack and fault detection mechanisms of the software, enhancing its diagnosis capabilities thanks to the advanced security monitoring tools provided by BIECO. After detecting a malicious behavior, it will allow to trigger the necessary actions to bring the system into a safe state, avoiding hazardous situations and reducing the probability of propagation to the smart grid.

USE CASE 2

USE CASE 2: Investment portfolio optimization platform

This use case aims at providing security guarantees to a Machine Learning based platform that is used for investment portfolio optimization within a financial ecosystem. This kind of complex ICT environments need to be secure and trustworthy, as they manage sensitive data which is typically used to improve the investment decisions of companies, and if there were compromised they could impact significantly the investors’ economic health.

The investments optimization platform provides two applications. The first one is related to the training of machine learning models, mostly complex neural networks, in order to offer support to investment funds and companies, to make their investment decisions more effective. The second one is used for conducting predictions in near real-time.

Technical implementation of the investments’ platform

Employing BIECO’s framework will ensure continuous control and improvement of security related processes within the investments’ platform. In concrete, it will provide the following:

  • detecting more accurately software vulnerability that might exist in the software, and determining how a possible vulnerability could propagate across the platform (WP3)
  • performing self-checks that allow to detect residual vulnerabilities and software failures; predicting malicious behaviour of the software components; and bringing the system back to a secure state, in case that the platform was the target of a cyberattack (WP4)
  • predicting the behaviour of the platform regarding security, based on a simulation environment; monitoring the integration with third party components and changes in the environmental or operational conditions (WP5)
  • performing a risk assessment and threat modelling of the status of the platform (WP6)
  • enforcing the platform security during the whole lifecycle (WP7)

The use of these technologies will provide advanced security properties and will demonstrate the trustworthiness of the platform, which are both essential aspects in order to have a competitive advantage in the financial market.

USE CASE 3

USE CASE 2: Smart Microfactory     

I-FEVS will provide a smart microfactory platform that is used to produce urban electric vehicles. The smart microfactory represents an ongoing evolution from traditional factories to a fully connected, flexible and reconfigurable systems that can learn, self-adapt and self-optimize in real or near real-time to frequently changing product and production requirements. These manufacturing facilities interact and are typically controlled by a number of distributed and networked computing elements, as well as human users. In these environments, having a reliable and adaptable communication infrastructure is critical for achieving agile production systems that enable a high productivity, which impacts directly on the business competitiveness.

The smart microfactory approach to secure the supply chain

In order to achieve this, IFEVS aims at implementing and testing a quantum secured E-E environment for connected electric vehicles, addressing also the possibility to extend the solutions to secure the full microfactory and the supply chain. Therefore, the idea is ensuring the factory assets, so that information is only made available and disclosed to authorized microfactories, and it is fully protected from unauthorized requests. In order to do this, the smart microfactory use case will rely on the following technologies of BIECO’s framework:

  • detecting accurately vulnerabilities that can be hidden in any of the ICT components of the microfactory, and their propagation across the supply chain (WP3)
  • performing self-checks that allow to detect residual vulnerabilities, software and hardware failures and predicting malicious behaviour of the software components (WP4)
  • predicting the behaviour of the microfactory regarding security, based on a simulation environment; assessing the trustworthy runtime behavior of the ICT systems of the microfactory; and analyzing how vulnerabilities can propagate through the supply chain (WP5)
  • performing a risk assessment and threat modelling of the status of the smicrofactory, including also safety aspects (WP6)
  • obtaining guarantees that certify the adherence of the ICT components of the microfactory to their expected behaviour (WP7)

Thanks to BIECO, the smart microfactory will obtain a set of advanced security mechanisms that will allow to demonstrate the reliability of its subsystems, especially when they are interacting with the full supply chain. In this case, the relation between security and safety in cyber-physical systems (CPS) will also be demonstrated.