Network & Devices

The deliverable

Document "State of the art in Network & Devices"

Key findings :

Existing formal security analysis approaches describe small isolated security solutions like cryptographic protocols, providing verification results detached from the complexity of current systems and communication infrastructures. The results ignore dependencies between different S&D solutions and heterogeneous network components. Therefore, existing approaches cannot be directly applied to SERENITY.
Yet, these approaches provide results the work in this activity can rely on. Verification and validation of cryptographic protocols is a research field that gained much attention in the last 20 years. Authentication logics, model checking, inductive analysis have gained a high level of tool support and have delivered important and relevant results. Based on these, the Network and Devices activity will extend methods and tools successfully applied to cryptographic protocols to cover complex network infrastructures, as well as to automated attack simulation in dynamic IT infrastructures.
A major challenge is the complexity of the anticipated pilot scenario definitions. They include complex infrastructures and strong security requirements, thus tools will have to be very efficient in order to be able to deal with these complex scenarios. Further, legal and privacy requirements can result in contradictory security and dependability properties and solutions. These contradictions need to be found and possibly resolved by sophisticated security solutions, e.g. zeroknowledge based protocols. Further, combinations and dependencies between different security solutions need to be considered.