The project envisions to develop a decentralized and contextual Trust and Identity Management Framework for resource-restricted IoT environments following a self-sovereign approach. The project intends to enable the automated lifecycle monitoring of the devices, strengthening trust, identities, and resilience in the entire IoT ecosystem, supporting the enforcement of the NIS directive, GDPR, and Cybersecurity Act.
Concept
ERASTOSTHENES will leverage a series of breakthrough solutions:
- The first-ever enclosure of cybersecurity features in IoT devices through the deployment of the Trust Agents and continuous trust evaluation within the network in a contextual and social approach.
- Decentralized identity management mechanisms to conciliate the requirements of self-sovereignty and privacy preservation in a distributed and transparent trust model along with disposable identities
- Self-encryption/decryption at device-level with an automated recovery process after an attack based on a multi-layer recovery model
- Threat-analysis models based on federated learning and edge execution to continuously monitor devices, proactive assess threats and weaknesses and detect attacks
- Collaborative IoT threat intelligence sharing across ledgers to adapt detection and defence mechanism to the evolving security conditions and assist the IoT lifecycle
Objectives
The ERATOSTHENES project will:
- Design a Trust Framework and a Reference Architecture to ensure end-to-end trust and identity management in distributed IoT networks, suited for resource-restricted environments, critical and industrial applications.
- Design and develop a lightweight, distributed, and dynamic Trust Manager to enhance the trust in large-scale distributed networks of heterogeneous IoT devices covering each layer and cross-layer of the network.
- Design a decentralised, scalable, efficient and privacy preserving IoT identity management to conciliate the requirements of self-sovereignty and privacy preservation in a distributed, interoperable and transparent trust model, including self-encryption/decryption schemes and IoT identity recovery.
- Build the lifecycle management and the overall governance layer of the trust network on novel Distributed Ledger Technologies and a hybrid consensus protocol. Implement Smart Contracts for enforcing access policies and sharing trustworthiness within the network guaranteeing their transparency, integrity, authenticity, and authority. Design of Inter-ledger Cyber-Threat Information Sharing, and automated Recovery Solutions based on a multi-layer approach.
- Integrate and Validate the approach through real-world pilots to assess its effectiveness and organize hands-on training through realistic cybersecurity exercises.
- Deliver knowledge via dissemination and capacity building, supporting the enforcement of the Cybersecurity Act and standardization activities and build a robust exploitation plan and market positioning.
This project has received funding from the European Union’s Horizon 2020 Research and Innovation Programme under Grant Agreement number 883335.