Security Testing Tool
Coordinated by
CNR
GdpR-based cOmbinatOrial Testing (GROOT) is a general combinatorial strategy for testing systems managing GDPR’s concepts (e.g., Data Subject, Personal Data or Controller).
Description
Describe the innovation content of the result:
GROOT tool is leveraging Combinatorial Testing for assessing mechanisms and tool processing Personal Data with respect to the GDPR’s demands.
Who will be the customer?
Public and private Companies using ICT systems and authorization systems for managing protected resources and personal data.
What benefit will it bring to the customers?
A data protection by design solution for improving the compliance with the currently applicable legal framework concerning the protection of personal data.
When is the expected date of achievement in the project (Mth/yr)?
08/2023
When is the time to market (Mth/yr)?
At the end of the project
What are the costs to be incurred after the project and before exploitation?
After finishing BIECO, GROOT will be ready for use without further investment. However, further research, based on it, will need to be framed on other innovation projects..
What is the approximate price range of this result/price of licences?
Open Source
What are the market size in Millions € for this result and relevant trend?
According to recent survey, the GDPR Services market was valued at € 1042.97 million in 2020 and is expected to reach € 3846.12 million by 2026
How will this result rank against competing products in terms of price/performance?
We have applied data protection by design and by default approach, by incorporating GDPR concepts at the early stage of developing GROOT, differentiating this result from the existing security solutions.
Who are the competitors for this result?
Other security testing tools based on combinatorial approaches.
How fast and in what ways will the competition respond to this result?
Incorporating GDPR concepts into existing methodologies and tools is not a straightforward task. We estimate that pairing security and privacy in a unique framework takes at least one year.
Who are the partners involved in the result?
CNR
Who are the industrial partners interested in the result (partners, sponsors, etc.)?
Unknown at the moment
Have you protected or will you protect this result? How? When?
GROOT has been presented at ICTSS7 2021, and the first related research contribution8 will be available soon. We are planning to prepare an extended contribution for a journal article by the end of the project.
Other results
Vulnerabilities Forecasting Tool
The Vulnerabilities Forecasting Tool (VFT) provides historical vulnerability data and projections for time intervals of 1, 2, 3, 6, and 12 months for several major software components.
Failure Prediction Tool
The Failure Prediction Tool (FPT) performs failure predictions by monitoring the logs of the applications that make up a system. It has a REST interface through which it receives in real time the log messages from the monitored applications.
safeTbox
The pre-existing tool safeTbox (www.safetbox.de) has been extended to support interoperation with the ResilBlockly tool for combined safety and security analysis.
Conditional Safety Certificates for ICT
Conditional Safety Certificates (ConSerts) have been applied to support resiliency of ICT infrastructures. Support for deployment and execution of ConSerts in ICT infrastructure according to use case needs was provided additionally.
SafeML based reliability assessment
In earlier work, a statistical distance-based measure (SafeML) is proposed for machine learning components. In BIECO project, we propose extension of it with the use of Statistical Distance Dissimilarity across time series to obtain SDD based reliability and robustness estimate (StadRE and StadRO).
