Authors:
Sotiris Ioannidis
1
;
Cristiano Giuffrida
2
;
Ioannis Sourdis
3
;
Vassilis Prevelakis
4
;
Christos Strydis
5
;
John Thomson
6
;
Dmitry Pidan
7
and
Martin Böhner
8
Affiliations:
1
Foundation for Research and Technology - Hellas (FORTH), Greece
;
2
Vrije Universiteit Amsterdam (VUA), Netherlands
;
3
Chalmers Tekniska Högskola (CTH), Sweden
;
4
Technische Universit¨at Braunschweig (TUBS), Germany
;
5
Erasmus University Medical Center (NEU), Netherlands
;
6
OnApp Limited (ONAPP), United Kingdom
;
7
IBM - Science and Technology LTD (IBM), Israel
;
8
Elektrobit Automotive GmbH (EBA), Germany
Abstract:
Developing new security paradigms, architectures and software, for
more secure and trustworthy ICT systems and services has clear social, scientific
and market motivation. This motivation is becoming stronger due to the changing
threat landscape; over the past decade we are witnessing an ever-increasing
amount of cyberattacks on the Internet. We believe that to advance the field of
cybersecurity, we must act proactively and in synergy, instead of being reactive
to cyberattacks.
We propose SHARCS, a framework for designing, building and demonstrating
secure-by-design applications and services, that achieve end-to-end security for
their users. SHARCS achieves this by systematically analyzing and extending,
as necessary, the hardware and software layers in a computing system. This holistic
approach is necessary, as no system can truly be secure unless every layer
is secured, starting from the lowest one. We measure the effectiveness of the
SHARCS framework by using it on a diverse set o
f security-critical, real-world
applications. The applications have been chosen from three different domains,
medical, cloud and automotive, to demonstrate the platform independence capabilities
of SHARCS. SHARCS provides a powerful foundation for designing and
developing trustworthy, secure-by-design applications and services for the Future
Internet.
(More)