ENTRUST: ENsuring Secure and Safe CMD Design with Zero TRUST Principles

ENTRUST: ENsuring Secure and Safe CMD Design with Zero TRUST Principles

Started At:
2023-01-01
Title:
ENTRUST: ENsuring Secure and Safe CMD Design with Zero TRUST Principles
Program:
Horizon Europe
Duration:
36 months
Summary:

Aligned with the guidelines of the Cybersecurity Act and the existing guidance on cybersecurity for medical devices, ENTRUST envisions a Trust Management Architecture intended to dynamically and holistically manage the lifecycle of connected medical devices, strengthening trust and privacy in the entire medical ecosystem. Even from the proposal stage, ENTRUST has identified gaps and necessary revisions of the current guidance. Towards that ENTRUST will leverage a series of breakthrough solutions to enhance assurance without limiting the applicability of connected medical devices by enclosing to them cybersecurity features.

The project will introduce a novel remote attestation mechanism to ensure the device’s correct operation at runtime regardless of its computational power; will be efficient enough to run in also resource-constrained real-time systems such as the medical devices. This will be accompanied by dynamic trust assessment models capable of identifying the Required Level of Trustworthiness (RTL) per device and function (service) that will then be verified through a new breed of efficient, attestation mechanisms (to be deployed and executed during runtime). This will also enable us to be aligned with the existing standards on defining appropriate Protection profiles per device (especially considering the heterogeneous types of medical devices provided by different vendors with different requirements) including Targets of Validation Properties to be attested during runtime. The motivation behind ENTRUST is to ensure end-to-end trust management of medical devices including formally verified trust models, risk assessment process, secure lifecycle procedures, security policies, technical recommendations, and the first-ever real-time Conformity Certificates to safeguard connected medical devices.

Consortium:
  • UNISYSTEMS LUXEMBOURG SARL (Luxembrurg)
  • TECHNISCHE UNIVERSITEIT EINDHOVEN (Netherlands) 
  • SINTEF AS (Norway) 
  • UNIVERSIDAD DE MURCIA ES 999844282
  • UNIVERSITY OF PIRAEUS RESEARCH CENTER (Greece)
  • SIEMENS SRL (Romania) 
  • POLARIS MEDICAL SA (Romania)
  • SPACE HELLAS S.A. (Greece)
  • UBITECH (Greece)
  • FUTURE NEEDS (Cyprus)
  • TELLU AS (Norway)
  • RED ALERT LABS (France) 
  • SUITE5 (Cyprus)
  • Kardinero (Turkey)
  • SENTIO LABS (Greece)
  • PARTICLE (Portugal)
  • HESE HOSPITAL (Portugal)
  • MANDAT INTERNATIONAL (Switzerland)
  • UNIVERSITY OF SURREY (UK)


Project website: https://www.entrust-he.eu/


Proud of our Partners

BT
Cisco
Dell Technologies
Microsoft
Oracle
Broadcom
Hyperscale
Airbus
APS
AXIS
BOSCH
Cellebrite
Check Point
Christie
Citrix
Crowd Strike
Epson
Forcepoint
Fortinet
FOX IT
Frequentis
Gamic
Genetec
HIKVISION
Honeywell
HP
HPE
HUAWEI
IBM
iCrypto
Indra
Legrand
Lenovo
LG
Microstep
Ivanti
NEC
NetApp
Novell
palo alto
Panduit
Peerless
Poly
PRIMX
RAD
Radware
Red Hat
Rittal
SΛMSUNG
Solarwinds
Splunk
Symantec
Synamedia
Thales
T Systems
Tufin
Vanguard
Veeam
Veritas
Web-IQ
Zetes
Zoom