NOTE! This site uses cookies and similar technologies.

If you not change browser settings, you agree to it. Learn more

I understand

Learn more about cookies at : http://www.aboutcookies.org/Default.aspx?page=1

August 4, 2020 | Papyrus keeps an eye on digital systems

papyrus 150Of the many cybersecurity tools developed for industrial software users by CEA List, a CEA Tech institute, the open-source Papyrus platform is a key technology. Not only can Papyrus be used to guide the development of software that protects users’ personal data, but it can also model risk analyses.

In a world where digital technology is ubiquitous, the demand for powerful data protection and cybersecurity solutions will only increase. Therefore, the quality of data protection and cybersecurity specifications will become a decisive factor in the development of complex systems. CEA List, a member of the Carnot Network, has leveraged its expertise in model-driven engineering, through its Papyrus software development platform, for several projects.

CEA List researchers have developed a methodology and the associated tools to ensure that personal data protection regulations (GDPR) are factored in from the initial system design phases. The tool developed by CEA List in research for the EU PDP4E project allows legal obligations to be expressed as functional requirements and technical constraints, so that a system architecture can then be built in a way that guarantees that these obligations are met. The next step will be to test the tools on partner companies’ use cases to ensure that they are robust.

In research being conducted for the ModSecAéro project in partnership with the French Directorate General for Armament, CEA List researchers are developing a methodological framework to assess the resistance of embedded aeronautics systems to cyberattacks. The tools, which leverage the Papyrus platform, will be capable of modeling risk analyses utilizing a methodology that is compliant with the industry’s standards. With the tools being developed, critical components and the associated threats will be identified, the possible attacks on these vulnerable elements will be determined, and countermeasures will be implemented. These functions will be integrated into a model that will improve the analysis over time. A partnership between software developer Trialing and CEA List is expected to lead to the commercialization of the tools.

Read article at http://www.cea-tech.fr/