CASTOR Objectives

OB1 >
OB2 >
OB3 >
OB4 >
OB5 >
OB6 >
OB7 >

OB1

Design and validation of a novel Trust Management Framework for secure service-centric orchestration.

The framework enhances security and core trust properties across multiple domains and heterogeneous environments, focusing on both node-centric and data-centric trust. It employs a federated trust quantification mechanism to maintain real-time trust scores, enabling trust-aware Traffic Engineering path calculations. By leveraging device behavioural knowledge, CASTOR ensures formal verification of trust throughout the continuum.

OB2

Provision of secure and certifiable mechanisms for Distributed Root-of-Trust in multi-node environments.

CASTOR looks to develop advanced composable attestation services to enhance edge trusted computing:  

  • The TrustGrid Extensions focus on establishing a chain of trust across nodes, integrating Trusted Execution Environments (TEEs) for verifiable remote computing. These extensions utilize Verifiable Credentials to ensure device correctness and safety, surpassing existing remote attestation schemes. 
  • An architecture for trusted I/O virtualization, promoting interoperability among diverse hardware security elements. 
  • CASTOR builds open-source SW stack (OSS) trust extensions that simplifies the trust relationships between all layers in the continuum, providing strong security.

OB3

Intelligent and security-aware modelling abstraction for adaptive, optimized service dataflow orchestration.

CASTOR will introduce two functional capabilities:

  • Device Behaviour Signature Profiles: This creates a manageable representation of a device’s nominal behaviour using formal state-based learning and merging techniques. 
  • Dynamic Configuration of Runtime Tracers: Configures tracers to securely monitor state transitions and assess behavioural deviations.

OB4

Enhancing data trust through IDS-certified connectors for sovereign, secure and trusted sharing; endure continuous compliance with industry standards and regulations.

  • Conversion of IDS-certified Data Connector for use in CASTOR’s execution container, through a device agnostic deployment and dynamic identity attestation.
  • Provision of an E2E security policy management mechanism
  • Trust-aware continuous authentication and authorization based on verifiable credentials for sovereign data sharing.

OB5

Implementation of CASTOR capabilities as an Open Source Software Stack applicable in vendor agnostic computing elements, across all layers of the continuum.

CASTOR’s technical outcomes will be provided as open-source software, supporting the EU’s strategic vision for an “open autonomous marketplace.” This initiative will enable the extension of trust across the entire continuum.

OB6

Simulation, validation and evaluation of CASTOR framework through real-world experiments and custom simulators.

  • CASTOR realizes lab-based experiments with real-world Proofs of Concept (PoCs), based in four use cases, involving seven scenarios. 
  • These activities will be complemented with simulators to manage trust path establishment for dynamic workflows across multiple nodes at scale.

OB7

Communication, exploitation, and standardization strategy to enhance the EU's ability to adopt CASTOR outcomes in decentralized zero trust architectures.

  • Increase awareness on CASTOR activities and outcomes through media relations, social media, attendance to events, webinars and synergies with other projects
  • Dissemination of technical work through associations and initiatives related to edge & cloud computing (AIOTI), security & identity management (GSA Trusted IoT Ecosystem Security (GSA TIES), Decentralized Identity Foundation), and 5G/6G (6G-IA, 5GPP).
  • Standardization via development of trust specifications in the context of networking (e.g., ISO, ITU-T) and technical proposals based on CASTOR trust extensions.