The borderless nature of infrastructures such as the Internet of Things (IoT) and cloud computing, and the associated threats involved means that any vulnerability or security incident in one country can have disastrous consequences across the whole European Union. A vulnerability can easily affect more than one system and can be propagated very quickly.  While Europe is leading large initiatives to guarantee the security of these systems, such as the Cybersecurity Act, it is still not yet clear how to deal with vulnerability dependencies in such a complex environment.

The certification of products and services helps to systematically test and assess the security targets, and the certificate provides a degree of assurance to consumers. However, there are very many different standards and protection profiles out there to choose from and the results are often not easy to comprehend by someone not involved in the process. Moreover, the assurance reports and resulting certificates present the information as free text, and are, therefore, difficult to process automatically. The dependencies to other products and certificates are static, and when something happens to the connected certificate, the issue is often not propagated.

Hence, the rationale for the development of SURFACE, an integrated approach for the process of certifying and rectifying. SURFACE brings together solutions from the EUCC scheme, the ECSO meta-scheme, the ARMOUR methodology and NIST SP 800-137. We have combined the solutions in such a way that they complement each other at different steps. The ECSO meta-scheme allows the integration of certification schemes or standards. The ARMOUR methodology supports SURFACE in establishing the context, testing and communication of the result processes. NIST SP 800-137 supports continuous monitoring for patches or updates. SURFACE supports incremental certification, which reduces the cost and time taken for recertification. SURFACE uses the EUCC guidelines throughout the process starting from the selection of assets to the recertification process. Hence, it is in accordance with articles of the Cybersecurity Act.

SURFACE also takes advantage of the cybersecurity certificates information and the MUD (manufacturer usage description) files to manage security dependencies and provide mitigations. This way the dependencies can be traced when a new threat is discovered. On the one hand, the certificate indicates certified subcomponents that the system has, and on the other hand, the MUD file indicates the connections with other services not certified or not considered in the certificate. Knowing the affected services, we can apply fast mitigations before a patch or update is released by the manufacturer.

SURFACE also provides a template for a structured certification report which will make the result more easily analysable and helps discover dependencies between certificates. If a new vulnerability occurs and a certificate is revoked, other affected certificate holders can automatically be notified.

If you’re interested in more details of how SURFACE could improve the robustness of your systems or infrastructure to new threats, the CyberSec4Europe report will be available soon. Or contact us for a link to the published report [email protected]