SANCUS

Objectives

This section outlines the specific objectives of the SANCUS project.
Objective #1: To identify and classify the technical requirements and the EU SELP policy aspects for designing, developing and integrating the proposed system platform and the intended engines, mechanisms and tools.

Identifying the requirements for open‐source platform validation and verification processes, cybersecurity mechanisms for testing and assessment, risk analysis and network unit modelling, as well as a 5G cloud‐native network infrastructure management and orchestration. It will also focus on fine‐tuning the architecture of the proposed scheme, and its validation and optimal usage over cybersecurity and digital privacy threats.

Objective #2: To design and implement methods of automated firmware security validation (FiV) and testing based on wide‐ranging pipeline of analysers and samplers for maximising the surface of vulnerability and risk discovery.

Addressing the vulnerabilities and risks at code-level, by proposing new methods for collecting forensic data evidence at massive‐scale by unpacking OEM firmware images of network devices using extensible pipeline of multiple different unpacking modules. As well as identification of the FiV engine.

Objective #3: To design and develop new method of automated code integrity verification (CiV) by combining taint, fuzzing and symbolic execution analysis for improving security assessment accuracy, efficiency and searching speed.

Developing both static and dynamic analysers that use new methods to evolve current analysis techniques in joint terms of scanning speed, testing precision and validation efficiency. Maximising the amount of certainty in identification of firmware vulnerabilities and risks.

Objective #4: To design and develop new method of automated network security validation and verification (SiD) focusing on open‐source network development environments based on Docker and Kubernetes technologies.

Addressing automated security validation and verification process for open‐source software development environments and builds on the identification of the SiD engine. By introducing new analysis approaches to define the means for applying continuous risk assessment, including aspects of deep packet inspection, vulnerabilities detection and countermeasures at runtime deployment.

Objective #5: To design and develop new network attack configuration and emulation tool (AcE) using state‐of‐the‐ art AI/ML techniques for emulating complex cyber‐attacks and generating traffic in container environments.

Building the AcE engine by creating a sophisticated network and attacker‐defender emulation approach based on AI/ML configuration techniques, and previous findings of project partners for the cyber security of virtualised and distributed communication infrastructures.

Objective #6: To propose revolutionary MiU modelling of the IoT unit for expressing the trade‐off between cyber security, digital privacy and QoS reliability by means of final formulas based on fundamental mathematical theories.

Building on the identification of the MiU engine, this objective seeks to revolutionise the cybersecurity research and development regime by formalising of the logic towards standardising the highly abstracted notions of cybersecurity and privacy as network performance measures.

Objective #7: To design game implicit optimisation (GiO) approach for maximising the security‐vs‐privacy‐vs‐ reliability efficiency subject to the outcomes of Objectives #2‐#6 using effective duality‐free solution methods.

Addressing automated cybersecurity optimisation through the identification of the GiO engine. By coordinating AI/ML intelligent methods with competitive games for tracking the massively displayed heterogeneity of the MiU modelling, and applying standard Lagrangian convex optimisation analysis for deriving the optimal security‐vs‐privacy‐vs‐reliability KPI results accurately and in low complexity.

Objective #8: To design and establish operational cloud‐native network testbed prototype platform that integrates the enabling 5G technologies and the engines, mechanisms, tools, solutions developed in Objectives #2 to #7.

Defining a telecommunications infrastructure supported by the latest 5G virtualisation, infrastructure management and orchestration technologies, to support the functionalities and specificities of the SANCUS’ six proposed engines.

Objective #9: To test and demonstrate the effectiveness, efficiency and complexity of the developed system network and each of its engines, mechanisms and tools by performing thorough testing using specific use case scenarios.

Identifying three high‐impact and diverse large‐scale pilot use cases, to validate and demonstrate the measurable objectives of the proposed SANCUS scheme suite.

Objective #10: To communicate and disseminate the project outcomes, exploit business planning of the outcomes, and contribute specific project outcomes to relevant standardisation bodies.

Presenting the project progress, technologies and results outside the SANCUS Consortium and ensure a wider awareness of the Industrial, Academic, Research and ICT community.