CERTIFY Workshop with other research projects
About Ensuring Cybersecurity in Connected Devices
The rapid evolution of embedded systems has led to a world filled with smart, connected devices - from home appliances and wearables to industrial systems. While this connectivity enables convenience and innovation, it also opens new doors to cyber threats such as data theft, remote hijacking, and botnet attacks.
To counter these risks, the European Union introduced key regulations including NIS2, the Cyber Resilience Act (CRA), and the Cyber Security Act (CSA). These aim to ensure cybersecurity across the entire product lifecycle, promote collaboration in threat monitoring and information sharing, and establish a robust EU-wide certification framework for connected devices.
About the CERTIFY Project and Its Continuous Certification Approach
The Horizon EU CERTIFY project introduces a new methodology for continuous cybersecurity certification of IoT devices. Unlike traditional one-time assessments, CERTIFY focuses on maintaining trust throughout a product’s lifetime by leveraging evidence already generated by manufacturers.
By extending the IETF Manufacturer Usage Description (MUD) standard and integrating it into the CyberPass platform, CERTIFY enables automated validation of product security. CyberPass signs MUD files that link certification details, device behavior, and secure configurations - ensuring that every update or mitigation from the manufacturer is traceable and verified.
About the Benefits and Future of Continuous Cybersecurity
CERTIFY simplifies the re-certification process while strengthening trust between manufacturers, evaluators, and end users. Its evidence-based approach ensures that security measures evolve with new vulnerabilities, keeping connected devices compliant and resilient.
Built on Zero-Trust and security-by-design principles, CERTIFY supports zero-touch enrollment, runtime assessment, and collaborative threat response. The project represents a major step toward a future where embedded systems can detect, evaluate, and respond to cyber threats - ensuring devices remain secure not just at launch, but throughout their entire lifecycle.
CERTIFY European Projects
CERTIFY had workshops with European projects like
- ENTRUST: Dimitris Karras (UBITECH) approach, use cases, demos
- TELEMETRY: Robert Seidl (NOKIA) approach, use cases, demos
- SCRIN: approach, use cases, demos
There we showcase use cases and CERTIFY approach
