Project CERTIFY: Securing the Future of IoT

CERTIFY aims to develop a robust methodology for the security lifecycle management of IoT devices, capable of adapting to the ever-evolving security needs and threats. This involves semi-automated security verification and evidence gathering to support certification processes.

Recognizing the need for heightened security, CERTIFY explores the use of open hardware architectures, such as RISC-V. By leveraging these architectures, the project seeks to build trusted execution environments and integrate cryptographic support to strengthen the security of IoT devices.

A key pillar of CERTIFY's approach is decentralized security architectures. This simplifies the timely sharing of security information among stakeholders involved in the IoT device lifecycle. This collaborative approach ensures a swift and collective response to threats.

To address the challenges of secure deployment, configuration, and software upgrading, CERTIFY incorporates blockchain technology. This not only ensures the integrity and security of these processes but also lays the foundation for a tamper-proof environment.

CERTIFY provides capabilities for continuous security monitoring, intrusion detection, bootstrapping, and runtime integrity verification. This proactive approach ensures a real-time response to potential threats, enhancing the overall security.

The real-world applicability of CERTIFY is tested through pilot demonstrations in diverse use cases, including aircraft, micro-factories, and, notably, artwork tracking with Artwork.ID. These demonstrations serve as tests, validating the effectiveness of the framework across various scenarios.

CERTIFY is not just a research endeavor – it's a commitment to real-world impact. To ensure the project's outcomes are embraced and utilized, CERTIFY actively engages with a range of users, fostering a collaborative ecosystem that extends beyond the research realm.