11 October 2021
A New Edition of the Common Framework Handbook
CyberSec4Europe is a project which aims to lead the next generation of challenges and innovations related to cybersecurity.
In particular, it wants to strengthen the research and innovative competencies and capacities at the national and European level. It comprises public and private research centres and universities, whose collaboration will help to investigate the needs of the present in order to devise competitive solutions for the future. This document is the second version of the Handbook, previously published in October 2019.
To meet these project needs, one of the key activities is to research, design and implement cybersecurity components and their lifecycle. These components are conceived with a secure by design approach and from a user’s usability perspective. In the report, partners explore privacy-preserving processing of data and decentralised authorisation and identification mechanisms in trusted execution environments, cloud applications, IoT ecosystems. In addition, the project leads towards solutions for security intelligence, adaptive security, and usability. Another vertical of this research is related to regulatory management in which partners are investigating the best ways to ensure software development compliance with the GDPR. The project’s cybersecurity research activities focus on horizontal technologies and critical sectors (most of them identified in the demonstrator use cases).
Our work defines common research, development and innovation, especially coordinated with the road mapping and use case activities and thus connecting innovation with the different demonstrations and sectors.
As part of this report an update of the common framework has been defined. The common framework proposed a global architecture to encompass the functional components that address the cybersecurity research goals previously identified (see figure below). This architecture is composed of three planes that provide the intelligence and dynamic reaction to the framework. There are two different domains, one for the user of the framework, the other related to the infrastructure – both physical or virtual. A Blockchain Layer provides the capabilities of provenance, auditability and accountability to the framework. Each of these planes, domains and layers holds the functional components required to manage, control and analyse the Managed Domain. The functional components are instantiated by diverse enablers, tools, APIs, models and interfaces.
Figure: CyberSec4Europe global architecture and building blocks
This document aims to describe the collaborative approach followed in CyberSec4Europe to unify, organise and manage the research activities as well as their evolution and development within this project. The document presents the evolution of the collection of assets, the brief modifications done in the common framework to describe this progress, and the synergies among the assets in different ecosystems and environments. In particular, the collaboration between the research and innovation with the project demonstrators is elaborated upon in this report.
Antonio Skarmeta, University of Murcia