The project envisions to develop a decentralized and contextual Trust and Identity Management Framework for resource-restricted IoT environments following a self-sovereign approach. The project intends to enable the automated lifecycle monitoring of the devices, strengthening trust, identities, and resilience in the entire IoT ecosystem, supporting the enforcement of the NIS directive, GDPR, and Cybersecurity Act.
The overall vision of ERATOSTHENES is to provide core cybersecurity features to be adopted by IoT solution providers and manufacturers as baseline certification elements in the production of devices and throughout their entire lifecycle. ERASTOSTHENES will leverage a series of breakthrough solutions:
- The first-ever enclosure of cybersecurity features in IoT devices through the deployment of the Trust Agents and continuous trust evaluation within the network in a contextual and social approach.
- Decentralized identity management mechanisms to conciliate the requirements of self-sovereignty and privacy preservation in a distributed and transparent trust model along with disposable identities.
- Self-encryption/decryption at device-level with an automated recovery process after an attack based on a multi-layer recovery model.
- Threat-analysis models based on federated learning and edge execution to continuously monitor devices, proactive assess threats and weaknesses and detect attacks.
- Collaborative IoT threat intelligence sharing across ledgers to adapt detection and defence mechanism to the evolving security conditions and assist the IoT lifecycle.
- Integration of Physical Unclonable Functions in trust framework and distributed ledgers.
- Finally, ERATOSTHENES will support enforcement of the CSA and NIS directive with a security information sharing mechanism based on inter-ledger technologies to support the exchange of trust information and security information among stakeholders, enhancing the collaboration, the responsible vulnerabilities’ disclosure and the secure management of software updates.
Industrial use cases
The industrial use cases where the technologies of ERATOSTHENES are developed and tested in real-world production are Connected Vehicles (IDIADA Automotive Technology S.A.), Smart Health (Tellu IoT AS), and Industry 4.0 (Digital Worx Gmbh).
ERATOSTHENES project aims to create synergies in view of knowledge, common practice and information exchange as well as international cooperation and linking with related EU- funded projects, in the field of IoT, cybersecurity and identity/trust management.