Public Deliverables

D5.2 follows up the D5.1 contributions to deliver the first version of the CONNECT orchestrator and the mechanisms for secure data exchange. The here-in reported work cov- ers the task-offloading logic and the implementation details of the CONNECT orchestartor software. Lastly, the work is completed with the Blockchain architecture and data handling principles to facilitate the CONNECT accountable attestation and monitoring (when combined with the D5.1 claims).

Deliverable D4.2 documents the high-level design of the complete CON- NECT security architecture as developed by Workpackage WP4. Com- pared to D4.1 we refine and add users stories and designs for the Multi- Access Edge Cloud (MEC). We also add detailed cryptographic protocols that implement the trust assessment of the services of CONNECT. Fi- nally, we detail the concepts and interactions for secure migration and up- grade of TEE-protected workloads. This is the technical foundation for Se- cure Task Offloading. The key questions that this deliverable answers are “How can the Multi-access Edge Cloud (MEC) be architected to provide robust security and privacy guarantees?”, “How can cryptography help to remotely assess trust of services while maintaining sound privacy guar- antees?”, and “How can vehicle and edge collaborate while maintaining security?”

This deliverable builds upon D3.1 and describes major build- ing blocks for the standalone trust assessment framework (TAF), the federated TAF and the digital twin version TAF-DT. For the standalone TAF, a fine-grained architecture underlying our current prototype is provided, federated TAF and TAF-DT are described as high-level architectures.

This deliverable presents the CONNECT dissemination, communication, clustering, standardization, and exploitation activities up to M18. Furthermore, it contains information highlighting open-source contributions and workshop organization activities.

Deliverable D4.1 documents the initial results of Workpackage 4. It speci- fies the core security architecture of CONNECT revolving around the use of HW-based trust anchors for supporting both the continuous trust as- sessment of the CCAM-wide continuum as well as the secure lifecylce management of all comprised devices. D4.1 refines the architecture (com- ponents and flows) presented in D2.1 and puts forth a deteiled description of all interactions and sequence of actions with the underlying Trusted Computing Base for providing node- and data-centric trustworthiness ev- idence. Furthermore, it documents user stories that specify desired fea- tures, and finally outlines the key hierarchy and formalized requirements. This overarching TEE architecture will guide the design of all security pro- tocols and cryptographic mechanisms to be documented in D4.2.

D5.1 paves the way to the CONNECT orchestration im- plementation by first defining the task migration/offloading problem and then presenting a comprehensive analysis of the state-of-the-art. Derived insights suggest candidate ap- proaches for the CONNECT implementation. Furthermore, the document explores identity management and proposes verifiable and presentation claims to verify a CONNECT en- tity’s attributes or identity. The involved data model to hold the needed information is finally introduced.

Deliverable D2.1 defines the technical requirements of CONNECT, alongside the specification of the conceptual reference architecture, the functional components, and interfaces between them. It also provides an analysis and point of reference for CONNECT in relation to the use cases and reference scenarios including an analysis of the trust models, that need to be considered for capturing the security and privacy requirements of each of the target CCAM services, and the trusted computing anchors to be further investigated and deployed as part of all actors – both at the MEC and Edge. Its purpose is to define the parameters for the rest of the CONNECT project and provide the necessary input for the design and implementation of all security enablers and models towards the dynamic trust assessment of complex CCAM ecosystems.

This Project Quality Plan constitutes a set of project templates and explanations on the project management process, review process, quality checks and meeting organisation, which are communicated to all partners. It further includes the risk assessment plan and shows how potential risks are assessed and mitigated.

Deliverable 3.1 presents initial work towards the Trust Asssessment Framework (TAF). It includes definition of core terminology for trust assessment, a state of the art analysis and requirements engineering which motivates our decision for a TAF based on Subjective Logic. Subsequently, an ap-proach to trust modeling is described including a methodol- ogy for deriving trust relationships and examples for such trust relationships and trust sources are given based on the four CONNECT use case. Finally, a high-level architecture of the TAF is presented and first considerations for the evaluation of the TAF are described.

This deliverable presents the CONNECT communication kit including the project’s visual identity as well as communication and dissemination material to be used within the project. Furthermore, a detailed standardization plan is documented constituting a guideline for the liaison and further dissemination of the CONNECT project to external target groups and related standardization working groups. A timeline of short- and long-term dissemination activities is presented.