HOMECommunication Materials > 2023-06 Newsletter

June  2023 Newsletter

WELCOME TO A NEW EDITION OF MEDINA NEWSLETTER !!!

June 2023

This newsletter is a publication of the MEDINA Project, and aims to provide information on the project’s activities and to showcase the project’s achievements.

The main objective of the Horizon 2020 MEDINA project is to provide access to secure, real-time certified cloud computing. In the future, the MEDINA framework that has been developed by the European project partners strife for enabling continuous certification through a series of efficient tools. Certification is based on the European Cybersecurity Certification Scheme for Cloud Services (EUCS), which has been addressed in the project by means of uniform “assessment rules” – measures, metrics, and measurement procedures. With continuous audits, we can ensure better overall security than with point-in-time audits. +info

Two use cases are being implemented in MEDINA : European Certification of Multi-cloud backends for IoT Solutions by Bosch, and Continuous Audit of SaaS Solutions for the Public Sector by Fabasoft. +info

With only four months left in the project, MEDINA is finalizing the work on integration and validation actions, and is defining sustainability activities for the project outcomes. 

Certification & Standardization

Second release of the MEDINA framework.  A second version of the MEDINA integrated solution with increased functionalities, compared to the initial prototype at M15, has been released. +info

  • Catalogue of Controls and Metrics +info
  • Continuous Certification Evaluation  +info
  • Cloud Security Certification Language  +info
  • Risk Assessment +info

MEDINA Standardization presented at the SWForum webinar. During the SWForum webinar on “Software Technologies and Standards” on 21 February 2023, Jesus Luna (Bosch) discussed the project’s approach to an effective and efficient standardization engagement.+info

MEDINA standardization activities presented at the CYRENE workshop. MEDINA participated (as invited project) in the CYRENE standardization workshop on cybersecurity and supply chain security, focusing on our standardization activities. +info

EUROSCAL previewed at flagship ENISA and NIST events on cloud cybersecurity and certification. EUROSCAL is one of the concrete exploitation results from MEDINA, where an EU-based community of enthusiastic participants will voluntarily exchange know-how and guidelines for supporting the use of NIST OSCAL in topics like EUCS. +info

 

Meetings

 MEDINA consortium met for the 8th GA face to face meeting in Linz.  MEDINA partners joined in the  8th General Assembly on 1 and 2 March 2023. The two days duration meeting was organized by Fabasoft  and took place in Linz, inside one of the buildings of the Tabakfabrik Linz site.  +info

Third Expert Stakeholder Group Meeting. A new edition of MEDINA’s Expert Stakeholder Group online meeting took place on 25 April 2023, with the goal of presenting our approach to a couple of interesting aspects of the project, namely the Catalogue of Metrics and Controls, and MEDINA’s Standardization Roadmap. +info

9th GA in Ljubliana (Slovenia). MEDINA consortium joined during the 9th General Assembly on 13 and 14 June 2023. We met together to work on finalising the project activities and starting to prepare everything for the project`s successful conclusion. +info

Publications

Six MEDINA public deliverables have been released in April 2023: D2.5, D2.8D3.3D3.6D4.3 and D4.5. +info

Publications produced in the context of the MEDINA project. Two papers  have been published:

  • Security in DevSecOps: Applying Tools and Machine Learning to Verification and Monitoring Steps.  Open access version
  • Runtime security monitoring by an interplay between rule matching and deep learning-based anomaly detection on logs.  Open access version

BSc theses produced in the context of the MEDINA project. Two BSc theses produced by Bosch’s students in the context of our MEDINA project. +info

 

Dissemination

MEDINA Lecture at the NECS-PhD Winter school 2023. Our project had the chance to participate on the NECS – PhD Winter School (https://necs-winterschool.disi.unitn.it/) on 6 February 2023, with an invited lecture entitled “MEDINA – Paving the road towards continuous audit-based certification for cloud services in Europe”, given by Jesus Luna Garcia (Bosch). +info

Bitkom meeting on Continuous Monitoring.  MEDINA partners Fraunhofer AISEC (Christian Banse) and Bosch (Jesus Luna) participated on 15 March 2023 in the virtual meeting organized by Bitkom (https://www.bitkom.org/) on the topic of continuous monitoring. +info

Automated Certification at the ENISA AI Cybersecurity Conference 2023. During the ENISA AI Cybersecurity Conference, our MEDINA partner Bosch (represented by Jesus Luna) advocated about the need to introduce automated processes for the cybersecurity assessment of AI systems as a way to make more efficient any upcoming certification scheme. +info

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No: 952633.

Latest Tweets

Contact us

Parque Tecnológico de Bizkaia, C/ Geldo. Edificio 700. E-48160 Derio (Bizkaia)

+(34) 946.430.850

cristina.martinez@tecnalia.com

Follow Us

© 2023 TECNALIA. All rights reserved.
Parque Científico y Tecnológico de Bizkaia – C/ Geldo. Edificio 700. E-48160 Derio (Bizkaia). Tel.:  (+34) 946.430.850