Security Assurance-driven AI-based Security Services for Trustworthy Security Engineering from Left-to-Right
โถSummary
The more complex and critical that many systems becoming nowadays, the more they are developed by integrating different (sub-)components, even third-party hardware/software components. With the pressure of time to market, and the ever-evolving security threats, getting more complicated than ever with the breakthroughs in Generative Artificial Intelligence (GenAI), how to enable more secure development and integrations of critical systems to be assured for security? These huge challenges must be addressed to make โsecure services, processes and products, as well as to robust digital infrastructures capable to resist and counter cyber-attacks and hybrid threatsโ as called for in the ECโs Strategic Plan 2021-2024. Addressing exactly these challenges, the overall objective of SECASSURED is to deliver innovative security engineering solutions with (AI-based) security services to achieve novel holistic assurance-driven security engineering, capable of (1) increasing software, hardware and supply chain security by identifying cybersecurity and regulatory risks while integrating (both commercial and open-source) components, even third party ones, (2) providing virtual, secure environments for the automated assessment of system components including AI components and their secure integration, and (3) continuous assurance-driven security engineering with a holistic toolbox of (AI-based) security services. It paves the way of secure continuous system integration of (third-party) components, including AI components, across the computing continuum, and implements EC's evolving security and privacy regulations, as well as the strategy of human-centric AI.