WELCOME TO A NEW EDITION OF MEDINA NEWSLETTER !!!
This newsletter is a publication of the MEDINA Project, and aims to provide information on the project’s activities and to showcase the project’s achievements.
The main objective of the Horizon 2020 MEDINA project is to provide access to secure, real-time certified cloud computing. In the future, the MEDINA framework that has been developed by the European project partners strife for enabling continuous certification through a series of efficient tools. Certification is based on the European Cybersecurity Certification Scheme for Cloud Services (EUCS), which has been addressed in the project by means of uniform “assessment rules” – measures, metrics, and measurement procedures. With continuous audits, we can ensure better overall security than with point-in-time audits. +info
Two use cases are being implemented in MEDINA : European Certification of Multi-cloud backends for IoT Solutions by Bosch, and Continuous Audit of SaaS Solutions for the Public Sector by Fabasoft. +info
With only four months left in the project, MEDINA is finalizing the work on integration and validation actions, and is defining sustainability activities for the project outcomes.
Certification & Standardization
Second release of the MEDINA framework. A second version of the MEDINA integrated solution with increased functionalities, compared to the initial prototype at M15, has been released. +info
- Catalogue of Controls and Metrics +info
- Continuous Certification Evaluation +info
- Cloud Security Certification Language +info
- Risk Assessment +info
MEDINA Standardization presented at the SWForum webinar. During the SWForum webinar on “Software Technologies and Standards” on 21 February 2023, Jesus Luna (Bosch) discussed the project’s approach to an effective and efficient standardization engagement.+info
MEDINA standardization activities presented at the CYRENE workshop. MEDINA participated (as invited project) in the CYRENE standardization workshop on cybersecurity and supply chain security, focusing on our standardization activities. +info
EUROSCAL previewed at flagship ENISA and NIST events on cloud cybersecurity and certification. EUROSCAL is one of the concrete exploitation results from MEDINA, where an EU-based community of enthusiastic participants will voluntarily exchange know-how and guidelines for supporting the use of NIST OSCAL in topics like EUCS. +info
MEDINA consortium met for the 8th GA face to face meeting in Linz. MEDINA partners joined in the 8th General Assembly on 1 and 2 March 2023. The two days duration meeting was organized by Fabasoft and took place in Linz, inside one of the buildings of the Tabakfabrik Linz site. +info
Third Expert Stakeholder Group Meeting. A new edition of MEDINA’s Expert Stakeholder Group online meeting took place on 25 April 2023, with the goal of presenting our approach to a couple of interesting aspects of the project, namely the Catalogue of Metrics and Controls, and MEDINA’s Standardization Roadmap. +info
9th GA in Ljubliana (Slovenia). MEDINA consortium joined during the 9th General Assembly on 13 and 14 June 2023. We met together to work on finalising the project activities and starting to prepare everything for the project`s successful conclusion. +info
Publications produced in the context of the MEDINA project. Two papers have been published:
- Security in DevSecOps: Applying Tools and Machine Learning to Verification and Monitoring Steps. Open access version
- Runtime security monitoring by an interplay between rule matching and deep learning-based anomaly detection on logs. Open access version
BSc theses produced in the context of the MEDINA project. Two BSc theses produced by Bosch’s students in the context of our MEDINA project. +info
MEDINA Lecture at the NECS-PhD Winter school 2023. Our project had the chance to participate on the NECS – PhD Winter School (https://necs-winterschool.disi.unitn.it/) on 6 February 2023, with an invited lecture entitled “MEDINA – Paving the road towards continuous audit-based certification for cloud services in Europe”, given by Jesus Luna Garcia (Bosch). +info
Bitkom meeting on Continuous Monitoring. MEDINA partners Fraunhofer AISEC (Christian Banse) and Bosch (Jesus Luna) participated on 15 March 2023 in the virtual meeting organized by Bitkom (https://www.bitkom.org/) on the topic of continuous monitoring. +info
Automated Certification at the ENISA AI Cybersecurity Conference 2023. During the ENISA AI Cybersecurity Conference, our MEDINA partner Bosch (represented by Jesus Luna) advocated about the need to introduce automated processes for the cybersecurity assessment of AI systems as a way to make more efficient any upcoming certification scheme. +info
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No: 952633.
Parque Tecnológico de Bizkaia, C/ Geldo. Edificio 700. E-48160 Derio (Bizkaia)