The CUSTODES system will discover and translate certification information of the Building Blocks of the composite ICT products or Services under evaluation, will provide Certification information to the interested parties and will share information on newly identified vulnerabilities related to the specific blocks or composite products as needed increasing transparency, re-usability and trust. It will also utilize a Restricted & Trusted Execution (RTE) Environment, to ensure the chain of custody of the product under assessment.
CUSTODES will be validated in three pilots, a) one of two Class I composite products with digital elements, b) one of an ICT product with an embedded AI component and c) a final one of the as-a-service functionality through EIT Digital extensive digital ecosystem.
The CUSTODES project is built on a collaboration of 17 organisations from 11 EU member states and third countries. The Consortium which includes 3 Conformity Assessment Organizations is composed by 10 SMEs, 3 large industry partners, 2 research organizations, and 2 public organizations/associations. The Consortium is led by RISE which has extensive experience in national and European research projects, and numerous collaborations with industrial partners.
The aim of the CUSTODES project is to enhance trust in ICT through versatile cybersecurity certification.
CUSTODES project objectives is to scale agile certification, define and assess TOEs, ensure conformity, trust, sustainability, and transparency.
Promote the scalable, agile and verifiable certification of Composite Targets of Evaluation (TOE) , towards ensuring and fostering the protection, resilience of the ICT products, ICT services and ICT processes, converting Europe into a Trustworthy Certified Digital Ecosystem.
Facilitate the accurate definition, evaluation and classification of complex and highly interconnected (Composite) TOE.
Optimize, automate and facilitate the conformity assessment of Composite TOE ensuring compliance and mitigating potential compliance breaches.
Establish and guarantee the trust relationships in the Certification process.
Enable robustness and sustainability of the self-assessment (i.e. audit/testing) throughout TOE Lifecycles.
Promote and enable the trustable and transparent sharing and reuse of certification related information.
Development, validation and demonstration of CUSTODES framework through its application to large-scale real scenarios/conditions – Market validation and Roll out.
Provide tailored certification-related recommendations.
p-NET will contribute a complete 5G testbed as a use case for the performance of security certification. It will lead WP5 and Task T5.2 and participate in all activities from use case definition and materialization to evaluation and validation to feedback collection and the solution’s successful commercialization and the long-term sustainability of the framework. p-NET will also contribute to the development of a certification ecosystem to be created with the collaboration of the different CUSTODES instances deployed in the various certification stakeholders and participate in dissemination & communication, engagement and community building as well as in business planning and road to market activities.