WP5 – Methods and Tools for Auditing complex systems
This work package will focus on the development of techniques, methods and tools supporting the audit activity in the BIECO framework. Auditing includes retrieval of data from the field, such as data regarding the usage mode of an ICT system subject to runtime adaptation through the delivery of software updates. The main goal is to provide ecosystem trustworthiness’s evaluation leveraging executable simulation environments and runtime monitoring facilities. The monitoring results aim to provide useful feedback for setting up the simulation environment.
This work package has the following objectives:
- Definition of the executable simulation models and of the parameters against which the behavior of the ICT systems and their interacting actors within an ecosystem is judged as being trustworthy or not.
- Definition of monitoring methodologies and tools detecting malicious behaviors of ICT systems and interacting actors within the ecosystems and assessing the validity of the simulation models.
- Developing monitoring tools able to validate through real-time data of systems sensors and actuators the validity of simulation decisions.
- D5.1 Definition of the simulation model and monitoring methodologies WP5 (3 – CNR) Report Confidential, only for members of the consortium (including the Commission Services) M12
- D5.2 First version of the simulation environment and monitoring solutions WP5 (3 – CNR) Report Public M24
- D5.3 Final version of the simulation environment and monitoring tools WP5 (2 – Fraunhofer) Report Public M30
DRAFT AGENDA: Thursday 28th September 2023 13.00 – 17.00 CET AGENDA Overview 13:00 - 13:10Project Overview13:10 - 13:25BIECO Tools13:25 - 14:35BIECO Use Cases,including Demos14:35:15:05WP3 & WP4 Presentations15:05 - 15:15BREAK15:15 - 16:15WP5 - WP8...
BIECO Integrated Platform will integrate the tools in a loosely coupled way.
Data Collection Tool (DCT) stores information from relevant vulnerability related datasets, providing a single access point to information required by the vulnerability detection and forecasting tools developed in T3.3, as well as for the failure prediction tools developed in T4.2.
Vulnerability Detection Tool will detect existing vulnerabilities within the source code which may lead to the successful execution of an attack.
Vulnerability Exploitability Forecasting Tool will estimate the probability of a vulnerability to be exploited in the next 3, 6 or 12 months.
Vulnerability Propagation Tool will calculate and offer the paths affected by a vulnerability in the source code.