Objectives

• KPI 1.1: Availability of the open specifications of CROSSCON stack (D2.1, M12; D2.3, M26; D4.1, M18; D4.3, M31).
• KPI 1.2: Availability of the open-source reference implementation and related documentation available on public repositories (D3.2, M18; D3.4, M31; D4.4, M31).

The achievement of this objective simplifies the development of trusted services and applications for IoT systems, thus reducing the time to market. It also the implementation of security in devices that lack protection, thus reducing the security threats in open source hardware.

WP1 (requirements elicitation), WP2 (design), WP3 (development), WP4 (extension to domain specific hardware architectures)

• KPI 2.1: Availability of a set of isolation technologies and memory protection methods that are not vulnerable to some existing side-channel attacks and mitigate the impact of the others (D3.2, M18; D3.4 M31).
• KPI 2.2: Availability of design specifications of a software-based TEE for bare-metal devices. Covering at least two hardware architectures, two different classes of constrained devices, and of different vendors. (D2.1, M12; D2.3, M26). 
• KPI 2.3: Availability of the open-source reference implementation and related documentation. (D3.2, M18; D3.4, M31)

The achievement of this objective mitigates hardware-related security vulnerabilities. Also, it extends the availability of security primitives to implement Chains of Trust.

WP1 (requirements elicitation), WP2 (design), WP3 (development)

• KPI 3.1: Specification of requirements and validation criteria for secure open-source software and hardware for connected devices (D1.2, M6; D1.3, M9; D1.5, M16; D1.6, M26)
• KPI 3.2: A set of innovative formal techniques and methods supporting “Correct by design” development also in the context of HW/SW co-design. (D2.2, M16; D2.4, M26)
• KPI 3.3: Integration of a tool implementing the novel formal techniques into a Continuous Integration pipeline. (D5.2, M21; D5.5, M33). KPI 3.4: Results of the validation performed by applying the techniques to the development of CROSSCON’s stack and related trusted services. (D5.3, M24; D5.6, M36).

The achievement of this objective generates novel formal verification techniques and a methodology for open specification hardware and software.

WP1 (requirements elicitation), WP2 (assurance), WP5 (integration and validation)

• KPI 4.1: Availability of the open specifications of the innovative trusted services. (D3.1, M18; D3.3, M31; D4.3, M31). KPI 4.2: Availability of an open-source implementation of each innovative trusted service. (D3.2, M18; D3.4, M31; D4.2, M18; D4.4, M31)
• KPI 4.3: Demonstrators highlighting the innovative aspect of each trusted service compared to the state of the art. (D5.2, M21; D5.5, M33) Associated with document Ref. Ares(2022)4525664 - 20P/0a6g/2e0722 Call: HORIZON-CL3-2021-CS-01-Increased Cybersecurity CROSSCON Associated with document Ref. Ares(2022)4525664 - 20P/0a6g/2e082

The achievement of this objective mitigates hardware-related security vulnerabilities. Also, it extends the availability of security primitives to domain-specific hardware architectures.

WP1 (requirements elicitation), WP2 (assurance), WP3 (new trusted services), WP4 (extension primitives for trusted services)

• KPI 5.1: A set of innovative lightweight formal techniques and methods available to evaluate the security assurance at deployment and during operation by considering only the incremental changes while leveraging on existing verification for the unmodified part. (D2.2, M16; D2.4, M26)
• KPI 5.2: A set of techniques and methods to attest security properties in a certificate associated with a hardware/software component and to verify such security properties. (D3.1, M18; D3.3, M31, D5.3, M24; D5.5, M33).

The achievement of this objective makes IoT security management and security service deployment simpler, more automated, easier to understand, and more trusted.

WP2 (design), WP3 (Toolchain), WP5 (validation and integration)

• KPI 6.1: Availability of the integration of the CROSSCON’s stack on devices of at least ten different class types, at least three different hardware architectures, and on at least three different hardware platforms. (D5.2, M21; D5.5, M23).
• KPI 6.2: Availability of the innovative trusted services introduced by CROSSCON on the devices supporting the stack. (D5.2, M21; D5.5, M23).
• KPI 6.3: Availability of the specification of a replicable testbed implementing the 3 use case scenarios selected in WP1. The testbed implements also all necessary additional services required for the validation. The testbed includes all the devices in which CROSSCON ‘s stack and the trusted services have been integrated. (D5.1, M16; D5.4, M29).
• KPI 6.4: Availability of the results of the validation performed according to the criteria specified in WP1. (D5.3, M24; D5.6, M36).
• KPI 6.5: Availability of the security testing results performed for every implemented component of the CROSSCON stack and of the trusted services. (D5.3, M24; D5.6, M36).

The achievement of this objective demonstrates and tests the effectiveness of the innovative security techniques and methods introduced by CROSSCON. It also validates our support to implement secure provisioning, inventory management, device authentication, remote attestation, and the secure management of security patches and updates.

WP1 (validation criteria), WP5 (integration, testing and validation)

• KPI 7.1: Active participation in existing RISC-V working groups (such as RISC-V TEE WG) (D6.2, M3; D6.4, M18; D6.6, M36).
• KPI 7.2: Project results disseminated to the scientific community via peer-reviewed articles, participation in events, presenting tutorials, and organizing a PhD school on the topics of the project. (D6.2, M3; D6.4, M18; D6.6, M36).
• KPI 7.5: Industry representatives reached both bilaterally and through the dissemination of results in targeted events. (D6.2, M3; D6.4, M18; D6.5, M21; D6.6, M36; D6.7, M36).

The achievement of this objective contributes to building European trustworthy platforms and opening the market of TEE applications development. It contributes to creating know- how on the general topic of trusted hardware platforms and trusted firmware. Engage security researchers, security engineers, IoT stakeholders, and open source and open hardware communities.

WP6 (Dissemination, Exploitation and Impact Creation)