In a world where digital technology is ubiquitous, the demand for powerful data protection and cybersecurity solutions will only increase. Therefore, the quality of data protection and cybersecurity specifications will become a decisive factor in the development of complex systems. CEA-List, a member of the Carnot Network, has leveraged its expertise in model-driven engineering, through its Papyrus software development platform, for several projects.
CEA-List researchers have developed a methodology and the associated tools to ensure that personal data protection regulations (GDPR) are factored in from the initial system design phases. The tool developed by CEA-List in research for the EU PDP4E project allows legal obligations to be expressed as functional requirements and technical constraints, so that a system architecture can then be built in a way that guarantees that these obligations are met. The next step will be to test the tools on partner companies’ use cases to ensure that they are robust.
In research being conducted for the ModSecAéro project in partnership with the French Directorate General for Armament, CEA-List researchers are developing a methodological framework to assess the resistance of embedded aeronautics systems to cyberattacks. The tools, which leverage the Papyrus platform, will be capable of modeling risk analyses utilizing a methodology that is compliant with the industry’s standards. With the tools being developed, critical components and the associated threats will be identified, the possible attacks on these vulnerable elements will be determined, and countermeasures will be implemented. These functions will be integrated into a model that will improve the analysis over time. A partnership between software developer Trialing and CEA-List is expected to lead to the commercialization of the tools.
Read article at http://www.cea-tech.fr/