EU-Funded Projects

LAZARUS

LAZARUS is a three-year research and innovation project that aims to heal many of the security issues that befall modern software during its development lifecycle. The recently introduced area of DevSecOps – in medium to large companies – unfortunately lacks automated security tools, while most existing solutions are targeting only one narrow step of the SDLC process but miss a much needed holistic overview of the global security solution. LAZARUS innovates by intervening in multiple steps of the SDLC, performing targeted security checks and collecting valuable information and intelligence from each step, and exploiting advanced ML and AI methods to convert this intelligence into actionable insights and recommendations. The main innovations of LAZARUS are illustrated in the figure below. Moreover, we provide advanced features for developers, that employing our tools would be able to deploy more intelligent and distributed solutions through dedicated APIs. LAZARUS follows an open-source approach for the core functionality, which is supported by a realistic and viable business model for the sustainability and further exploitation of the project after it reaches the end of this financing phase.

 

Objectives

 

Design, develop, test, and validate a novel intelligent framework for the development of secure applications. Automatically apply self-healing to a system which undergoes an attack. Develop new methods for discovering vulnerabilities in an information system. Integrate AI tools and automation in DevSecOps.

LOCARD: “LAWFUL EVIDENCE COLLECTING AND CONTINUITY PLATFORM DEVELOPMENT”

The exponential increase in the volume of generated data together with the systems decentralisation open a wide window of opportunity in the field of cybercrime. This is one of the most important concerns of governments, societies and people, and it implies a high expense and risk for any society, weakens confidence in the Communication and Information Technologies and threatens international peace and stability.

In its fight against cybercrime, one of the most difficult challenges for the European Union is to homogenise the jurisdictions of the Member States. The procedure needed to obtain digital evidence, as well as its recognition in a court of justice, should follow a standardised procedure accepted by most countries within the Union. This procedure should guarantee the origin of the evidence and the integrity of the chain of custody.

Digital evidence is nowadays an integral part of criminal investigations and it is not only focussed on cybercrime specific cases, but also on determining criminal behaviour such as financial fraud, theft of intellectual property, industrial espionage and terrorist networks that constantly use the Internet and cyberspace. Given the ubiquity of digital devices, the correct management of digital evidence is extremely important.

LOCARD aims to develop a holistic platform aimed at ensuring the chain of custody throughout the flow of forensic analysis. It is a distributed and trusted platform that allows the storage of digital evidence metadata using blockchain.

Each node of LOCARD will independently establish its own permission policies and will selectively share access to digital evidence with other nodes (if necessary), and with the required authorisation. Thus, the developed platform will be modular since it will allow different agents to adapt the platform to their specific needs and their role in the digital forensic workflow, from preparation to compilation, analysis and reporting.

In addition, the platform will provide a collection resource module aimed at collecting citizens’ information related to certain law violations, as well as a tracker to allow the detection and correlation of certain deviations based on behavioural patterns. It will also define a set of tools focused on investigators to allow them to collect digital evidence both online and offline.

All this will be managed through an identity management system that will protect privacy and allow access to evidence data, using a Trusted Execution Environment. The blockchain technology will not only guarantee the non-manipulation of information but its interoperability without requiring the services of third parties.

This project has received financial support from the European Union Horizon 2020 Programme under grant agreement no. 832735.

TRUESSEC.EU

TRUESSEC.eu is a CSA on certification and labelling of trustworthiness properties from a multidisciplinary SSH-ICT perspective and with emphasis on human rights.

TRUESSEC.EU aims at exploring the situation, the barriers, and the benefits of security and privacy labels; engaging stakeholders in the discussions, and issuing recommendations that may foster the adoption and acceptance of labels

More information

https://truessec.eu/

VIVET

A European consortium with partners from Bulgaria, Spain, Italy and Germany created a cross-sectoral repository collecting and delivering vocational videos from all countries in Europe and beyond.

To introduce the videos into vocational training, the consortium developed a collaborative learning platform allowing users to work directly online with videos and other learning resources.

The platform is open for all trades and for everyone. Particularly, we are creating online courses in four areas: Cyber Security, Environment Protection, Organic Agriculture and Health Care.

 

Download the PDF file of the project
MORE INFORMATION

https://vivet.education/