CYRUS

Context and Objectives

The project is motivated by the increasing connectivity (5G soon) of these industrial systems, which makes them more vulnerable to the threats of cyber attacks. It will take into account the evolution of the regulatory (European Cybersecurity Act) and normative contexts in cybersecurity. It constitutes the first phase of an ambitious project aiming to develop and set up, in Wallonia, a cybersecurity test laboratory dedicated to this type of system in a wide range of industrial fields.

Cyber-physical systems (CPS), in particular the industrial ones, present specific challenges in terms of cybersecurity in comparison to traditional IT systems, due to their specific characteristics:

• combination of physical components, networks and interconnected software,
• distributed and heterogeneous nature, from a technological point of view and in terms of available resources, of these various communication components, protocols and technologies (wired, wireless, sometimes non-standard / proprietary)
• real-time operation with interactions on the physical world inducing strong constraints in terms of safety

Due to these characteristics, cybersecurity testing methods for traditional software cannot be applied as such to CPS and therefore need to be significantly adapted.

The CYRUS project aims, for this type of system, at defining a security test procedure and architecture as well as select, integrate and implement appropriate test tools for this architecture within a demonstrator. It will produce a coherent and productive framework, including tools which enable as much as possible the automation and repeatability of the test activities. The demonstrator will allow the performance of several types of tests: functional security tests, fuzzing tests, penetration tests. It will be validated on three case studies of connected industrial systems supplied by the partners, in different fields of application (see below).

The project will also produce recommendations and a roadmap for the further development and evolution of this test laboratory.

Partnership and role of CETIC

The research will be carried out by GUARDIS, CETIC and UCLouvain on the basis of the needs and case studies provided by ALSTOM (railway sector), AISIN (automotive sector) and ALX Systems (drones sector).

CETIC brings its expertise in software and security engineering, in particular its expertise in software testing, the development of software engineering platforms and its knowledge of cybersecurity standards and the evolving certification context at European level (SPARTA project).

CETIC plays a transversal role in this project: it participates in the drafting of the state of the art, in the development of the platform and the overall test procedure and in the realization of the demonstrator. It is involved in the operational dimension of the tests for the three case studies of the project. It is closely interested in the research questions and the scientific and technical challenges surrounding this project.

CETIC and GUARDIS wish to position themselves as key players for the industrialization of the demonstrator and the eventual creation of the Walloon cybersecurity testing center for CPS.

Added value for the Walloon entreprises

As explained above, the CYRUS project constitutes the first phase of an ambitious project aiming to develop and set up, in Wallonia, a cybersecurity test laboratory for Cyber-Physical Systems (CPS) which are developed and deployed in all industrial domains.

An Advisory Board has been set up in order to involve in this research other Walloon players concerned by the topic.

This project is also part of the strategy of the CPSET innovation platform dedicated to Cyber-Physical Systems in the fields of Energy conversion and Transport. This platform aims at consolidating and perpetuating a new R&D eco-system in Wallonia centered on cyber-physical systems around several thematic axes of common interest. It was founded in mid-2018 by several large Walloon industrialists (including ALSTOM and AISIN) and 2 research centers (including CETIC). It is open, beyond its founding members, to Walloon players (industrials, research centers, academia) concerned by cyber-physical systems, in particular to SMEs. It aims, among other things, to promote the submission of collaborative research projects involving these different actors.

The forecast exploitation for the results goes beyond Walloon borders. The target market is indeed international and multi-domain: all companies producing or using CPS have growing needs for cybersecurity testing. The main reasons are the increasing connectivity of these systems (soon with 5G), the evolving regulatory and normative contexts on the cybersecurity of these systems (including in terms of certification) and also the demands of the customers of these companies. More and more, the latter formulate security requirements at the level of specifications such as compliance with these new standards, the provision of precise information and evidence on the level of protection and the risk incurred by these systems. They also require cybersecurity testing to be performed by organizations independent of CPS vendors to verify and ensure the level of protection of the proposed CPS.