CIES
Cybersecurity assessment and certification methodologies and tools
- Duration: 01/01/2021 to 31/12/2022
Cybersecurity certifications ensure that products, applications, and services meet a set of security requirements, thereby reducing the likelihood of vulnerabilities and cyberattacks that could compromise these technologies.
The CIES project was carried out in collaboration with DEKRA Testing and Certification, S.A.U., focusing on the analysis and development of methodologies and tools for cybersecurity certification.
At the technical level, efforts were centered on developing methodologies and tools for cybersecurity assessment in three areas: (i) hardware devices or components, (ii) mobile devices, and (iii) automotive systems.
The main tangible outcomes of the project include the exploitation of various vulnerabilities in commercial hardware devices, the development of the AndroCIES tool [1] for the automated analysis of security requirements in mobile applications, and the implementation of mechanisms for conducting fuzzing attacks.
References
- (2022): AndroCIES: Automatización de la certificación de seguridad para aplicaciones Android. In: XVII Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2022), pp. 192-197, Ediciones Universidad Cantabria Ediciones Universidad Cantabria, Santander, Spain, 2022.
[…] with DEKRA Testing and Certification, S.A.U., serving as a continuation of the work initiated in the CIES project. The primary objective of this collaboration is to research and develop solutions for […]