28 November 2019
Common Framework for CyberSec4Europe
Part of the work of CyberSec4Europe is to produce a definition of common research, development and innovation in next generation cybersecurity technologies (including dual-use), applications and services. The project is focusing its cybersecurity research activities on horizontal cybersecurity technologies and cybersecurity in critical sectors (e.g. energy, transport, health, finance).
The aim is to provide common research support for the different work packages within the project, especially coordinated with the road mapping and demonstration use case activities, connecting research and innovation with the industrial sectors covered. This first outcome of this work aims to assess the level of originality, detail, sustainability and conformity of the models and results to the CyberSec4Europe vision, providing common ground for their development. The first Common Framework Handbook includes the approach followed in CyberSec4Europe to manage the cybersecurity research activities, and to organise the progress behind the building blocks of the CyberSec4Europe ecosystem. It includes the common templates and cybersecurity taxonomies adopted in the project to describe, in a common and interoperable way, the research activities and assets devised, evolved, implemented and tested in the scope of the project.
The common framework also includes a general global architecture, split into different planes, aimed to organise how the different research activities and cybersecurity enablers fit and interact with each other for holistic cybersecurity and privacy management.
The aforementioned research aims are tackled and implemented across different tasks. The cybersecurity and privacy research topics are:
- Privacy-preservation, TEE and IoT-Edge security
- Software Development Lifecycle (SDL)
- Security Intelligence
- Adaptive Security
- Usable Security
- Regulatory Management
To specify the assets in a common and interoperable way, a template has been designed, which relies on diverse cybersecurity taxonomies and specifications from NIST, the Joint Research Centre (JRC) and the European Union Agency For Cybersecurity (ENISA) to categorise and describe, in a common and interoperable way, those assets and research activities that are going to be implemented and tested in CyberSec4Europe.
The common framework also includes a general global CyberSec4Europe functional architecture, intended to organise how different functional building blocks fit and interact with each other for holistic cybersecurity and privacy control and management. The global architecture is divided into different planes and domains, and categorises the functional blocks in those planes. The functional blocks in the architecture are also analysed by the research activities across different project tasks.
Full information on this Common Research Framework are available here:
Antonio Skarmeta, University of Murcia