The vision of ASCLEPIOS is to maximize and fortify the trust of users on cloud-based healthcare services by developing mechanisms for protecting both corporate and personal sensitive data. The core idea of the project is derived from two observations. The first is based on an extensive analysis of the market on currently available cloud-based health services that aim to preserve users’ privacy without sacrificing functionality. From this study, we observed the following: “Once data is placed on the cloud in an unencrypted form or encrypted with a key that is known to the cloud service provider, data privacy becomes an illusion”. The second observation is based on the consideration of the latest advancements in cryptography. More precisely, one of the saddest but at the same time most fascinating things about cryptography is how little cryptography we actually use. While researchers have developed many theoretical models that could enhance the security level of healthcare services, only a rudimentary set of techniques are currently in use. ASCLEPIOS is addressing these limitations by utilizing several modern cryptographic approaches to build a cloud-based eHealth framework that protects users’ privacy and prevents both internal and external attacks. ASCLEPIOS also offers the ability to users to verify the integrity of their medical devices prior using them while at the same time receiving certain guarantees about the trustworthiness of their cloud service provider. Furthermore, ASCLEPIOS offers a novel solution through which healthcare practitioners and medical researchers are able to calculate statistics on medical data in a privacy-preserving way. Finally, a list of activities with the aim to raise security awareness within the healthcare industry will be organized by project. All these results will be showcased by three real-life near production quality demonstrators provided by ASCLEPIOS healthcare partners, involving three leading European hospitals.

REWIRE envisions a holistic framework for continuous security assessment of open-source and open-specification hardware and software for IoT devices and the development of cybersecurity certification in accordance with the requirements and guidelines of recent EU regulation Cyber security Act3. The proposed scalable and multifunctional cybersecurity platform will ensure the security throughout the life of the IoT devices with continuous security auditing, trust computing and theorem proofs for defining an hw-based microarchitecture for enhanced protection targeting to open-hardware/software vulnerabilities. A certification procedure of the audited software and hardware components will propose new software security metrics and establish a layer of trust between stakeholders, utilizing Blockchain and smart contracts. REWIRE will expand traditional cyber insurance models to account for both open-source hardware and software assets, by ingesting security auditing results for estimating premium costs. REWIRE will exploit a Knowledge Plane of metadata generated from application behavioral patterns and operations to determine appropriate security policies and properties to enforce on open-source hw/sw to block potentially harmful instructions. REWIRE has invested in three carefully selected pilots (Automotive, Smart Cities, Smart Satellites), which can address the ambitious objectives of the project. - customizable TEE based on RISC-V - micro benchmarking for quick and automated assessment of h/w vulnerability Based on the above description, REWIRE aims to safeguard the entire workflow of secure processing; from the Deployment and Operation of SW-based SoSes to their patch management when new exploits have been identified during run-time, by providing new trust management mechanisms towards the auditability and certification of SW/HW open-source specifications.

The project involves 15 Partners from 8 European countries, and aims to design and develop an analySis software scheme of uNiform statistiCal sampling, aUdit and defence proceSses (SANCUS – an Roman god of trust). The main idea draws on formalising the logic of expressing (for the first time) the notions of cyber security and digital privacy by means of final formulas and fuse them into optimisation strategies to acquire the truly optimum defence recommendation in dynamic manner, i.e., with respect to the runtime changes of the telecommunications network environment. In this respect, SANCUS will dimension new inclusive Key Performance Indicator metric, namely, the security-vs-privacy-vs-reliability efficiency trade-off, for measuring the system network cybersecurity and privacy performance explicitly, flexibly, automatically and agnostically. To realise the heterogeneity of the security and privacy levels across the system network and its supply chain, the proposed scheme sits on six efficient engines, namely, FiV, CiV, SiD, AcE, MiU and GiO, which combine unique modelling of the Internet of Things units, cuttingedge methods for automated firmware and software validation and verification, and innovative Artificial Intelligence driven game techniques for the automated optimisation of the control and trust of digital services. Extended evaluations of the project outcomes are also considered by means of developing contemporary network testbed prototype built on latest 5G and cloud-native system setting and running three pilot use cases for examining the scheme performance across Firmware, Virtualisation and Management software layers. The SANCUS scheme will be delivered as integrated software suite and it is expected to revolutionise the European research and development efforts, in and out, the cybersecurity regime. All outcomes are planned to be audited and disseminated extensively.