The Head of Unit “Trust & Security” in DG INFSO of the European Commission Mr. Jacques Bus presented the ICT priorities in the Seventh Framework Program. He outlined that the main goals of the objective “Trustworthy ICT” is the building of Trustworthy Network Infrastructures and Trustworthy Service Infrastructures which are the way to develop the Future Internet as a conglomerate of heterogeneous networks and systems. The infrastructures of secure and trustworthy networks have to make the Future Internet more secure, to allow for monitoring and managing the security threats, to build secure infrastructures and virtual objects. It is important to make experiments, to pay attention to the societal impact and to the interaction between the technologies and the users. Mr. Bus announced the indicative opening date of the next Call for proposals is 31st July 2009 and the submission deadline is 3rd November 2009.

Useful information and some advice on how to prepare successful project proposals was presented by Mr. Ives Paindaveine from the DG INFSO, Unit 5 “Trust & Security.” He underlined the significance of the well structured consortium and the clear abstract and contents of the proposal. Proposals are submitted only electronically and they can be updated until the deadline. After the deadline the evaluators can read the proposals remotely and check their contents. The final evaluation is done in Brussels where all evaluators give their final marks.

Mr. Paul Drath from Singleimage Ltd., a training company for the European framework programs, gave the audience valuable advice about the preparation of project proposals. He directed the interested participants to web sites and tools where they could search for partners, check the financial indicators of their proposals, and estimate the allocated budget. Some useful notes were given of what to do and what not do in writing a proposal.

The work of the Fair continued in three parallel sessions. The Thematic Session „Secure and Trustworthy Network Infrastructures” was moderated by Dr. Todor Tagarev (IPP-BAS). Six presentations were given of ongoing FP7 projects in the objectives “ICT Security” and “Critical Infrastructure Protection (CIP)” and some past experience. After the introductory notes of Dr. Boyanov (IPP-BAS) about the session and the FORWARD Project, Luigi Romano (University of Naples “Parthenope”) presented the STREP project INSPIRE (Increasing Security and Protection through Infrastructure Resilience). The project objectives are to identify and assess the vulnerabilities of SCADA systems, to determine dependencies among different infrastructures, to propose a self-reconfigurable architecture, and to apply intelligent techniques for reconfiguration. Salvatore D’Antonio (CINI) presented the STREP project INTERSECTION. It is directed to assessment and classification of heterogeneous networks’ vulnerabilities aiming at building a database for them, constructing and applying security techniques, contributing to the standards for information security which could be implemented by all telecommunications operators, and make a roadmap of security-enhancing strategies. Piotr Kijewski (NASK/CERT Polska) presented the IT security projects where NASK and CERT Polska are involved. Based on a sensor network which acquires data from honeypot networks, firewalls, darknets, etc., threat analysis and data enrichment are made in order to develop effective countermeasures. The other goal of the projects is to stimulate information sharing and alerting about incidents and attacks. The WOMBAT Project was presented by Corrado Leita (Symantec Research). Data on attacks is collected, then the attacks are prioritized and the defense level of networks is assessed. The current defense techniques are also estimated. To share his experience from a successfully completed FP6 project, Prof. Miloslav Dusek (Palacky University) presented SECOQC (Development of a Global Network for Secure Communication based on Quantum Cryptography). Quantum cryptography is used to enhance network security. The project has a contribution to the quantum key distribution (QKD) technology, to the development of the network concept, to the development of interfaces. It initiated the QKD standardization. Dr. Tagarev presented a methodology for assessing vulnerabilities and planning measures for critical infrastructure protection (CIP). The methodology is aimed at supporting the decision making process in the CIP. By clear identification of the main sectors and critical assets, identification and classification of the threats, assessment of vulnerabilities, interdependencies, and risks, the best measures and risk mitigation strategies can be sought for and strategy and policy for CIP can be built.

There was an interesting discussion about all presented projects during the thematic session where questions were asked about the applicability of the presented ideas, the difficulties in reaching the goals, the achieved results to date.

At the end of the Fair the outcomes of the three parallel sessions were summarized.

The opinion of the Project Officer Dr. Massimo Ciscato and of the participants was that the Fair on Trust & Security Research was successful. The presentations concerned interesting research areas, useful experience and new questions that require answers from the IT security community. Many useful contacts were made between the participants. Some practical advice was shared about how to prepare a successful project proposal that can pass the EC evaluation procedures.

The event is aimed at fostering partnership and stimulating scientific discussions about research priorities in the area of ICT Trust and Security in view of the upcoming FP7 call for proposals that will be launched in the summer. One of the objectives of the Fair is to stimulate participation to EU-funded research (FP7) in the area of ICT Trust and Security from partners from Central and Eastern European Countries. The Institute for Parallel Processing – Bulgarian Academy of Sciences (IPP-BAS) organizes and chairs the Thematic Session “Secure & Trustworthy Network Infrastructures”. We have speakers from several ongoing FP7 projects on Security and Critical Infrastructures: WOMBAT, INSPIRE, INTERSECTION, as well as representatives from NASK/CERT Polska, Palacky University, and IPP-BAS. They will present their current research activities and the opportunities for future research in the field of ICT Trust & Security.

The project participants from Central and Eastern European EU Member States (EU12) will share their experience and success stories from past EU-funded projects. The session also aims at stimulating discussion on emerging research challenges in the area and exchange ideas for potential proposals for the upcoming call and partnership building among participants in view of the formation of project consortia. Those who are looking for new research opportunities and are willing to participate in the Thematic Session and the ICT Fair can visit the website and register for the event. We are looking forward to seeing you in Olomouc.

The panel discussion revolved around the already defined project WGs:

• Smart environments
• Critical systems
• Malware & fraud

The discussion started with a talk on smart systems, which mainly focused on the threats introduced by the advent of smart devices. Smart-phones and other such mobile smart-devices are slowly replacing the older mobile phones greatly increasing the offered functionality. A smart-phone can be used for accessing email, online banking, e-commerce, etc same as with a PC. Furthermore, new location based services (via GPS) are offered, and plans are made to turn these devices to e-wallets. Also, since a phone is considered highly personal, users tend to store personal items such as photos, PIN and credit card numbers. All the above turn these devices to very attractive targets for attackers, while at the same time users are not even aware of the existence of threats against their new device. Applying already developed security solutions to mobile devices is not always possible, because of their inherent limitations such as limited battery life, and hardware resources. As such additional research is needed to address security in such devices.

Critical systems were discussed second in the panel. Such systems include telecommunications infrastructure, transportation, energy production and distribution, etc. These systems have been using computers for a long time, but in the future there are many plans to allow their management over the Internet. Extending their connectivity can leave them open to a multitude of attacks, if security is not considered early in the design and implementation. Unfortunately, in this case as well, people involved with critical systems are not always aware of the new threats and challenges they will be facing.

A very interesting example from the car industry was brought up. Cars today already include 40-50 computers connected via LAN. Security has not been an issue till today, but with plans to interconnect cars with each other,  or even with the Internet it is made obvious that security will be a prime concern. Failure to introduce security mechanisms could prove catastrophic, not in this example alone but on all critical systems.

The final subject of the panel was malware and fraud. The discussion centred on the new incentives and modus operandi of malware writers today. Malware is no longer written “for fun”, but for profit. One can easily be made aware of this by considering the very successful worms of the past such as CodeRed, Blaster, and Sasser. Even though millions of systems were infected, the damages inflicted were relatively small. Today on the other hand, malware writers are driven by profit, and form groups that resemble traditional crime organisations. Botnets such as the renowned Storm botnet are used to circulate spam e-mail, which is either directly providing income to the botnet “owners”, or is used to perform fraud. Botnets have even been observed being rented out in the cyber underground through IRC channels and web pages. To better understand this new generation of criminals, traditional investigation is needed to provide warning of new attacks and frauds, while at the same time more research is needed on disrupting malware operation and propagation.

The conclusions extracted from the panel discussion can be summarised into that: a) additional security research is needed to address future threats on new technologies, and b) well established industries need to be made aware of the new threats they will be exposed to, because of the interconnection of previously unconnected components.

The FORWARD paper seemed to spark interest in the conference which was mostly  dedicated to analyzing the benefits and applications of Trusted Computing. An interesting proposal posed by the audience was to move beyond technical analysis of future threats into investigating the economy and motives underlying the various malicious activities.

Apart from FORWARD’s paper, we found of particular interest Symantec‘s Richard Archdeacon presentation of today’s malware landscape. An interesting finding on their latest Internet Security Threat report is that the malware market has become much more streamlined than we imagine. Symantec identified trust chains between malware-suplier and malware-users which in some cases are formalized by means of End User Licence Agreements (EULAs), just like mainstream software is. They also hinted for a future switch from blacklisting to whitelisting for protecting from malware.

Overall, the conference was an interesting experience and we hope that FORWARD’s paper has managed to attract the interest of the very active trusted computing community for the project.