Website Twitter LinkedIn Youtube
Uptake of IoT and AI driven ICT systems in Europe is crucial for our common future, but it is dependent on our strategic ability to protect these systems from cyber threats and attacks on their privacy.
IRIS addresses this challenge with a collaborative-first approach centered around CERTs/CSIRTs. From a technological perspective, it deploys
(i) autonomous detection of IoT and AI threats, enriched with
(ii) privacy-aware intelligence sharing and collaboration, and
(iii) advanced data protection and accountability. Crucially, IRIS introduces
(iv) the first dedicated online training and cyber exercises to prepare CERTs/CSIRTs to collaboratively protect critical infrastructures and systems against cross-border AI and IoT threats.
IRIS concept is proposed as a federated threat intelligence architecture that instates three core technological and human-centric components into the threat intelligence ecosystem:
-
The Collaborative Threat Intelligence forms the nexus of the IRIS framework and core component of the architecture enhancing the capabilities of the existing MeliCERTes platform by introducing Analytics Orchestration, an Open Threat Intelligence interface and an intuitive Threat Intelligence Companion. All this supported by a Data Protection and Accountability module;
-
The Automated Threat Analytics collects and supply key threat and vulnerability assessment telemetry and respond to received intelligence, initiating autonomous response and self-recovery procedures:
-
The Cloud-based Virtual Cyber Range delivers an immersive virtual environment for collaborative CERT/CSIRT training exercises based on real-world environment platforms (and Digital Twin Honeypots), providing representative adversarial IoT & AI threat intelligence scenarios and hands-on training
Objectives:
-
To identify the user, technical and business requirements and design the architecture of an AI threat reporting and incident response system to support the operations of CERTs/CSIRTs towards minimizing the impact caused by cybersecurity and privacy risks in IoT platforms and AI-provisions
-
To analyse the relevant ethics principles and legal framework on privacy concerns, as well as to understand relevant stakeholders’ behaviour to identify the main legal, ethics and social enablers for the IRIS solution
-
To design and implement an automated threat analytics framework capable of detecting and responding to cyber threats targeting IoT and AI-driven ICT systems, while exhibiting advanced recovery capabilities
-
To develop a collaborative threat intelligence and information sharing toolkit that allows ICT stakeholders and European CERTs/CSIRTs to create and seamlessly share context-rich information about cyber threats targeting IoT and AI-driven ICT systems
-
To design and implement a data protection and accountability module to establish trust and enable the protection of data necessary for the successful operation of IoT and AI-enabled ICT systems
-
To design and implement a virtual cyber range platform for training cybersecurity professionals to fight against adversarial AI and machine learning attack
-
To demonstrate and validate the integrated IRIS platform across three realistic pilot demonstrators in three smart cities
-
To ensure wide communication and scientific dissemination of the IRIS results to the research, academic, and CERT/CSIRT community, efficient exploitation and business planning of the IRIS concepts and solutions to the market, and contribution of specific project results to relevant standardisation bodies
Impact:
-
Reduced number and impact of cybersecurity incident
-
Efficient and low-cost implementation of the NIS Directive and General Data Protection Regulation
-
Effective and timely co-operation and information sharing between organisations as well as self-recovery
-
Availability of comprehensive, resource-efficient, and flexible security analytics and threat intelligence, keeping pace with new vulnerabilities and threats
-
Availability of advanced tools and services to the CERTs/CSIRTs and networks of CERTs/CSIRTs
-
An EU industry better prepared for the threats to IoT, ICS, AI and other systems
-
Availability of better standardisation and automated assessment frameworks, allowing better-informed investment decisions
-
Availability and widespread adoption of distributed, enhanced trust management schemes
-
Availability of user-friendly and trustworthy on-line products, services and business
-
Better preparedness against attacks on AI-based products and systems
-
A stronger, more innovative and more competitive EU cybersecurity industry, reducing dependence on tech imports
-
A more competitive offering of secure products and services by European providers in the Digital Single Market