Vulnerabilities Forecasting Tool
Coordinated by
UTC
The Vulnerabilities Forecasting Tool (VFT) provides historical vulnerability data and projections for time intervals of 1, 2, 3, 6, and 12 months for several major software components. Based on historical vulnerability data and future predictions, designers can make informed decisions regarding the selection of the system’s underlying components, optimizing for both functionality and security. The frequency of discovered vulnerabilities also serves as an indicator of the level of attention that should be paid to periodic updates and patches.
Description
Describe the innovation content of the result:
VFT uses advanced algorithms to predict the expected number of vulnerabilities that will be discovered within specific timeframes. It focuses on forecasting vulnerabilities across various software products, specifically targeting operating systems, database management servers, and web servers. It provides valuable information on potential security flaws that may occur in these categories of software. The tool’s accurate predictions help proactively manage risk, allowing organizations to allocate appropriate resources and prioritize their security efforts effectively.
Who will be the customer?
Software developers, IT security teams, system administrators, risk management professionals and security auditors/consultants
What benefit will it bring to the customers?
It enables proactive risk management, resource optimization, improved security measures, informed decision-making and improved compliance and audit processes.
When is the expected date of achievement in the project (Mth/yr)?
Month 30.
When is the time to market (Mth/yr)?
At the end of the project.
What are the costs to be incurred after the project and before exploitation?
Hosting costs and probably further developments and maintenance.
What is the approximate price range of this result/price of licences?
The usage of the product is free of charge.
What are the market size in Millions € for this result and relevant trend?
N/A
How will this result rank against competing products in terms of price/performance?
To our best knowledge, there is no similar product on the market.
Who are the competitors for this result?
No known competitors.
How fast and in what ways will the competition respond to this result?
Unknown at the moment.
Who are the partners involved in the result?
UTC
Who are the industrial partners interested in the result (partners, sponsors, etc.)?
ICT GW, 7Bulls, IFEVS
Have you protected or will you protect this result? How? When?
VFT was presented at CISIS-ICEUTE 2022. The extended contribution was submitted to Logic Journal of the IGPL.
Other results
Ontology Manager Tool
Ontology Manager is a Framework responsible for managing the Core Ontology used in BIECO, called DAEMON. It aims to support organizing concepts and their relationships related to System of Systems (SoS), Internet of Things (IoT), and System Components management and Monitoring.
Failure Prediction Tool
The Failure Prediction Tool (FPT) performs failure predictions by monitoring the logs of the applications that make up a system. It has a REST interface through which it receives in real time the log messages from the monitored applications.
safeTbox
The pre-existing tool safeTbox (www.safetbox.de) has been extended to support interoperation with the ResilBlockly tool for combined safety and security analysis.
Conditional Safety Certificates for ICT
Conditional Safety Certificates (ConSerts) have been applied to support resiliency of ICT infrastructures. Support for deployment and execution of ConSerts in ICT infrastructure according to use case needs was provided additionally.
SafeML based reliability assessment
In earlier work, a statistical distance-based measure (SafeML) is proposed for machine learning components. In BIECO project, we propose extension of it with the use of Statistical Distance Dissimilarity across time series to obtain SDD based reliability and robustness estimate (StadRE and StadRO).
