WP7 – Security and Privacy Claims
Coordinated by
UMU (M01-M12)
Objective
The main objective of this work package is to develop a security certification methodology combining risk assessment and testing to evaluate a system over a series of security and privacy claims based on objective metrics, allowing harmonisation and mutual recognition based on evidence that quantify the level of trust.
The specific goals of WP7 are to:
- Identify suitable security and privacy metrics and claims to evaluate the security and privacy of a system
- Develop a security certification methodology using the identified security and privacy metrics and claims.
Deliverables
- D7.1 Report on the identified security and privacy metrics and security claims to evaluate the security of a system WP7 (6 – UMU) Report Public M12
- D7.2 Security certification methodology definition WP7 (6 – UMU) Report Public M18
- D7.3 Security certification methodology development WP7 (6 – UMU) Report Public M24
Outcomes
Final review Meeting 28 September 2023
DRAFT AGENDA: Thursday 28th September 2023 13.00 – 17.00 CET AGENDA Overview 13:00 - 13:10Project Overview13:10 - 13:25BIECO Tools13:25 - 14:35BIECO Use Cases,including Demos14:35:15:05WP3 & WP4 Presentations15:05 - 15:15BREAK15:15 - 16:15WP5 - WP8...
BIECO Integrated Platform
BIECO Integrated Platform will integrate the tools in a loosely coupled way.
Data Collection Tool
Data Collection Tool (DCT) stores information from relevant vulnerability related datasets, providing a single access point to information required by the vulnerability detection and forecasting tools developed in T3.3, as well as for the failure prediction tools developed in T4.2.
Vulnerability Detection Tool
Vulnerability Detection Tool will detect existing vulnerabilities within the source code which may lead to the successful execution of an attack.
Vulnerability Exploitability Forecasting Tool
Vulnerability Exploitability Forecasting Tool will estimate the probability of a vulnerability to be exploited in the next 3, 6 or 12 months.
Vulnerability Propagation Tool
Vulnerability Propagation Tool will calculate and offer the paths affected by a vulnerability in the source code.