Home

The AsCoT-SCE project aims at defining methodologies and tools to define, assess, and certify the cybersecurity and safety risks associated with functionalities of IoT devices. While focused mainly on smart home environments, the proposed methodologies can be easily generalized to other environments and settings, where IoT is a main enabling technology. Leveraging on the results of the Horizon 2020, SIFIS-Home (GA n. 952652) project, AsCoT-SCE aims at exploiting ontologies and formal methods to express the risk types and possibly quantify them, either through quantitative or qualitative indexes.

Two main enabling technologies—explored and extended in the project⁠—will be the Attribute Based Access Control (ABAC) and the Contract-Based Security. ASCOT will thus provide proof-of-concept tools to assign risk to existing APIs for IoT devices, extract a model of the behaviour of the device in a contract format, and define user-level policies specifying the accepted behaviours.