Abstract

The objective of the research project RAMONES is to develop and evaluate innovative solutions for the protection of IoT/IIoT infrastructures, significantly enhancing their security and resilience. The project encompasses three complementary proposals for IoT/IIoT: dynamic authentication; study of the impact of deployment of post quantum cryptography (PQC); and the modeling, detection and prediction of threats assisted by AI. To achieve this, RAMONES will evaluate different aspects and applications of PQC, and develop novel strategies for device update and dynamic replacement of insecure algorithms, and will propose and experiment with self organized IIoT models for improving the security taking into account energy efficiency. Dynamic authentication of IoT/IIoT devices and permanent and ephemeral services (O1): This objective focuses on implementing advanced methods for the dynamic authentication of microservices in architectures supporting IoT/IIoT devices. Innovative techniques such as the adaptation of DNSSEC and DANE with chameleon signatures will be investigated to dynamically create resource records, thereby minimizing authentication traffic and offloading DNSSEC servers. Additionally, new possibilities offered by post-quantum algorithms, including trapdoor functions based on ideal lattices, will be explored to enhance dynamic authentication and other security protocols. Improving security, confidentiality, and resilience in quantum-resistant data transport (O2): The second objective addresses the protection of transport protocols and the interconnection between IoT/IIoT devices against the threat of quantum computing. Post-quantum algorithms, such as Kyber, BIKE, Dilithium, and Falcon, will be analyzed and evaluated in security protocols like TLS and DTLS. Furthermore, hybrid cryptographic solutions combining conventional algorithms with post-quantum algorithms will be developed for a secure and gradual transition. This objective also includes defining strategies for the remote and secure updating of IoT/IIoT devices, considering their computing and energy resource limitations, as well as developing mechanisms to efficiently disable insecure algorithms. Detection, prediction, and risk modeling in IIoT security systems (O3): The third objective focuses on improving the detection and prediction of cybersecurity threats in IIoT infrastructures. Using models and systems based on artificial intelligence, the project aims to identify potential network traffic anomalies early and characterize the tactics, techniques, and procedures of cyberattackers. This approach will enable the parameterization of threats according to risk models and scenarios, providing advanced support for decision-making and recommending effective countermeasures. Additionally, the integration of post-quantum primitives in industrial protocols such as OPC UA and QUIC will be pursued, ensuring mutual authentication and compatibility with existing standards. "

Publications

More Information