Chapter 13 Towards a Framework and Methodology Adherent to the EU Cyber Resilience Act  The CERTIFY Project (Extended Version)

Sara Nieves Matheu Garcia; Stefano Sebastio; Matteo Molé; Roberto Cascella; Antonio Skarmeta

Chapter 13 Towards a Framework and Methodology Adherent to the EU Cyber Resilience Act The CERTIFY Project (Extended Version)

By Sara Nieves Matheu Garcia, University of Murcia, Computer Science Faculty, 30100, Murcia, Spain, saranieves.matheu@um.es | Stefano Sebastio, Collins Aerospace Ireland, Ltd, Cork, T23 XN53, Ireland, stefano.sebastio@collins.com | Matteo Molé, European Cyber Security, Organisation (ECSO), Bruxelles, 1000, Belgium, matteo.mole@ecs-org.eu | Roberto Cascella, European Cyber Security Organisation (ECSO), Bruxelles, 1000, Belgium, roberto.cascella@ecs-org.eu | Antonio Skarmeta, University of Murcia, Department of Information and Communication Engineering, University of Murcia, 30100, Murcia, Spain, skarmeta@um.es

Downloaded: 162 times

Published: 07 May 2025

Abstract

Comprehensive overview of the CERTIFY project, a research initiative focused on establishing a robust framework for IoT security throughout the entire device lifecycle. The chapter details CERTIFY’s lifecycle methodology, encompassing secure design, bootstrapping, continuous monitoring, update management, and decommissioning, highlighting its alignment with the EU’s Cyber Resilience Act (CRA). It also presents a use case of a connected cabin system to illustrate the practical application of the framework in a high-connectivity environment.