Self-driving cars can no longer be viewed as a single system. These are cars with complex computer systems that independently make countless connections with the driver, with other vehicles, with the immediate environment and with various communication systems and networks. We want to be sure that these connected systems are reliable. As a result, IT Security Architects must work in a more intricate manner, as the interconnected networks are becoming too complex to oversee as a whole.
Decentralised design on the basis of zero trust.
Go straight to information on:
Decentralised design on the basis of zero trust
By decentralising the design of an IT architecture and thus dividing the design into a number of clear sub-divisions (each with its own responsibilities), an overview can be created. This provides certainty regarding the security of each sub-part, the connections which are relevant to this sub-part and how they can be protected. In this way, an organisation can get a better grip on possible attacks because they can already monitor them within a smaller sub-part. All of this is done on the basis of the Zero Trust philosophy. The foundation for Zero Trust is ‘never trust, always verify’. Whereas certain connections were always open to certain users in the past, a Zero Trust design has no prior assumptions on the degree of reliability regarding those who want access – regardless of whether this concerns organisations, users, hosts or datasets.
Implied trust zones methodology
Dividing an IT design into sub-parts
In the TNO Implied Trust Zones methodology, an IT architecture goes from a centralised process (with one architect at the helm) to a decentralised process with several responsible parties. The relationships and connections are clearly visualised and the system is set up through a series of separate Implied Trust Zones. As an example from the automotive industry, take a car that communicates with surrounding cars, traffic lights, road information, weather information and traffic information in order to drive safely and autonomously in as optimal a manner as possible (or: to support the driver). While this is very complex as a whole, the individual parts can remain clear with the right methodology.
Due to the decentralised design, individual components can now also be tested and validated separately. In other words, a smart traffic light can be deemed secure without the need to test all other connected systems (cars, other infrastructure) as well.
The method is currently being tested in the automotive industry within the SECREDAS project, and a healthcare case is being developed.
Potential impact for organisations
More secure and resilient: This methodology offers major advantages because the architecture becomes clear, processes remain transparent and responsibilities are straightforward. An architecture with a decentralised design conducts analyses more easily and acts faster and more effectively in the event of possible attacks. The Implied Trust Zones methodology ensures that the impact of an incident is kept to a minimum.
Better designs lead to a safer and more flexible environment: The method helps to identify and correct ‘errors’ and shortcomings in IT designs from the outset AND helps to better plan urgent measures to be taken, including where they best fit into the architecture.
Application areas
The Implied Trust Zones methodology is applicable in many areas of cybersecurity:
- For more secure information transactions, such as for financial or governmental organisations.
- For chain partners: organisations that have to work together and where information is frequently passed on, particularly when privacy and security are important.
- For organisations where the design of an IT architecture is large and complex, which could concern policy, people, suppliers, digital services, etc.
But the methodology also quickly helps to provide answers to questions such as:
- How do you debug a security architecture?
- Systems-of-systems: is the security solution in the right place?
- Secure and flexible infrastructures: how do you design them?
Collaboration
TNO has the unique expertise needed to advise you on customised solutions.
If you would like to collaborate with us and/or learn more about the Implied Trust Zones methodology?
Please contact Mark Buningh
Contact
Theme
More tech? Smarter Cybersecurity!
Picture this: autonomous vehicles that only make secure connections to their environment; always receiving the best treatment in hospital while your privacy is guaranteed; carefree online business in which... Read more
Our work
Carefree entrepreneurship thanks to security monitoring and detection
Technology, data and data-driven solutions are becoming increasingly important to the functioning of our society. The Netherlands is experiencing rapidly growing digitalisation in terms of processes... Read more
Roadmap
Multi-party computation: optimising care by encrypting patient data
Healthcare costs in the Netherlands amount to 100 billion euros annually (10% of GDP) and are expected to rise to over 170 billion euros by 2040. It is essential to continue improving care and to keep... Read more
Our work
Cybersecurity by quantum - safe crypto
Picture this: a quantum computer exists which can handle complex problems that are practically unsolvable for today’s computers as the calculations would take centuries. Which contributes to new products... Read more
Our work
The Digital Resilience of The Netherlands
Our Dutch defence and security organisations, including the national police and the NCTV, are jointly responsible for our national security – including in the digital domain. In addition to the sea, land,... Read more
- Artificial Intelligence
- Application areas
- Use cases
- Program line 1: Safe autonomous systems in an open world
- Program line 2: Responsible human-machine interaction
- Secure learning in money laundering detection
- Fair decision making in the job market
- Secure learning in diabetes-2 advice
- Diagnosing for printer maintenance
- Subsidence monitoring
- Fair decision making in justice
- Augmented worker for smart industry
- Energy balancing for smart homes
- Secure learning in oncology research
- News
- Defence, Safety & Security
- Roadmaps
- Operations & Human Factors
- Climate Chambers for Research into Human Performance
- Desdemona: the next generation in movement simulation
- LT Lab: the TNO learning technology laboratory
- Performance and health monitoring
- Motion sickness and performance
- The neurobiology of Stress
- NetForce Command: an alternative to hierarchical command and control
- Operational military performance in a virtual world
- SUPRA
- Simulation Live Virtual and Constructive
- Concept Development & Experimentation
- IAMD: Integrated Air & Missile Defence
- JROADS
- FACSIM
- Helicopter studies
- Replacement of the F-16
- MARVEL / Comprehensive Approach
- TNO ACE: Advanced CD&E Environment
- Integrated approach to Dutch Royal Navy patrol ships
- Operational analysis during military operations
- SketchaWorld: from sketch to virtual world
- Information & Sensor Systems
- Digital Resilience of The Netherlands
- LFAS - Low Frequency Active Sonar
- Tanker Remote Vision System
- Platform signatures
- TNO shapes the future of MMICs and RFICs
- CARPET: Computer-Aided Radar Performance Evaluation Tool
- Underwater Warfare and Security
- Wide Area Motion Imagery WAMI
- SAKAMATA: sonar and marine mammals
- PARANOID: rapid information processing
- Mine analysis and threat evaluation
- Ship acoustics and underwater acoustic signatures
- PERSEUS Wind Turbine Radar Interference Assessment tool
- Electromagnetic security
- National Security
- A new vision on modernizing the emergency reporting process
- Social media in the security sector
- Automatic Video Compilation and Analysis System (AVACS)
- The Dutch Cyber Cube Method: Improving Human Capital for SOCs and CSIRTs
- Security Mission Information & Innovation Group (SMI2G)
- Concealed weapon detection
- FP7 Project IMPACT Europe
- Critical Infrastructure Protection (CIP) policies in Europe
- @MIGO: border control
- Smarter Surveillance, man, machine, synergy
- Cyber Security of Industrial Control Systems
- Privacy enhancing techniques in cyber security data sharing
- Protection, Munitions & Weapons
- Weapons systems control and analysis
- Weapon Effects & Protection Center
- Firepower
- Protection and survivability of vehicles
- Naval protection and survivability
- Infrastructure protection and survivability
- World-class ballistics research
- Countering Explosive Threats
- Materials for protection concepts
- Processing of Propellants, Explosives and Pyrotechnics
- Ammunition Safety
- Ballistic Performance and Personal Protection
- Chemical, Biological, Radiological and Nuclear (CBRN) Protection
- Anticipating accidents, incidents and threats
- Protecting those who protect us
- Process Safety Solutions: Expertise in Handling Hazardous Conditions Safely
- Expertise groups
- Intelligent Imaging
- Intelligent Autonomous Systems.
- Acoustics and Sonar
- Weapon Systems
- Explosions, Ballistics and Protection
- Chemical, Biological, Radiological and Nuclear (CBRN) Protection
- Energetic Materials
- Human Behaviour and Organisational Innovation
- Networked Organisations
- Training and Performance Innovations
- Perceptual & Cognitive Systems
- Military Operations
- Modelling, Simulation and Gaming
- Electronic Defence
- Radar Technology
- Energy Transition
- Roadmaps
- Renewable electricity
- Towards large-scale generation of wind energy
- The importance of support structures
- Wind turbines, fully in motion
- Innovation towards 10-20 MW offshore wind turbines
- Modeling 10MW+ turbines aerodynamically
- Design for Reliable Power Performance (D4REL)
- Optimised wind blade tip design
- Vortex-wake models in wind turbine design
- Modelling improvement wind turbine blades
- Converters for Clean, Low Cost Electricity
- Haliade X: largest wind turbine ever
- Less production per wind turbine, still higher yield
- Logistics innovative strength at home and abroad
- Wind turbine management and maintenance
- Wind farms in synergy with the environment
- Innovative methods for wind measurements
- Innovation and the rise of solar energy
- Solar farms with respect for nature
- Solar panels on farmland
- Research innovative solar parks
- Savings on solar farm operations and maintenance
- Floating solar panels on inland waterbodies
- Offshore solar energy
- National Consortium Solar in Landscape
- National Consortium Solar on Water
- Research into environmental effects of solar, wind energy
- Unique research floating solar panels
- Solar energy on buildings and infrastructure
- Solar panels in facades
- Solar windows
- More focus on safety of solar systems
- Solar heat and PV-T
- Roofs for solar energy
- Noise and crash barriers produce solar energy
- Solar energy in road surfaces and crash barriers
- Solar panel energy generated on dikes
- Solar and infrastructure
- Outdoor test facility for BIPV(T)
- Solar-powered cars
- Mass customization
- Solar panel efficiency
- New technologies make PV more versatile
- System transition
- Towards a reliable, affordable and fair energy system
- The social aspects of the energy transition
- TNO facilities for research into environmental effects of solar and wind energy
- Effective interventions to increase energy efficiency and reduce energy poverty
- Green and Ease under one roof
- Capacity building programme for energy efficiency in industry
- Zooming in on the future to make the right choices
- Scenarios for a climate-neutral energy system
- A fair system without energy poverty
- Financing the energy transition
- LAUNCH
- Successful neighbourhood approach: motivate residents
- Towards CO2 neutral industry
- Reducing CO2 emissions through capture, use and storage
- Hydrogen for a sustainable energy supply
- Optimising production hydrogen
- Hydrogen storage and transport
- Hydrogen, fuel and feedstock
- H-vision: blue hydrogen to accelerate carbon-low industry
- Ten things you need to know about hydrogen
- World first: an offshore pilot plant for green hydrogen
- New research centre for hydrogen production
- Identifying the future international chain of green hydrogen
- Opportunities for green hydrogen for the manufacturing industry investigated
- Hydrogen from offshore wind: optimising the electricity grid
- Faraday lab: optimising and scaling up electrolysis
- Biomass to fuels and feedstock
- ARBAHEAT - Sustainable future for coal-fired power stations possible through conversion to biomass
- AMBITION Advanced biofuel production from lignin rich residues
- BECOOL EU Brazilian cooperation on advanced biofuels
- Horti-BlueC - a new EU cooperation on reducing Bio-waste and CO2-footprint in horticulture
- UNRAVEL - valorization of lignocellulosic biomass
- MacroFuels advanced biofuels from seaweed
- BRISK2 Biofuel Research Infrastructure for Sharing Knowledge
- New facility for seaweed processing
- TORWASH technology successfully tested on pilot scale
- Biofuels lab: Making transport more sustainable with biofuels
- Take-Off: Sustainable aviation fuels from CO2, water and green energy
- Re-use of existing infrastructure to accelerate the energy transition
- Sustainable Industrial Heat System
- 4 pioneering routes to a CO2 neutral industry
- Research facility Industrial Electrification accelerates greening of Rotterdam port
- Mollier facility: innovating in industrial drying technology
- Research facility for negative CO2 emissions
- Carnot lab accelerates sustainable industrial heat management
- Using energy and raw materials efficiently in industry
- Sustainable subsurface
- Geological Survey of the Netherlands
- Geological Survey of the Netherlands
- 100 years of geological mapping
- GeoTOP
- Sand, gravel and clay extraction
- GIS and other tools for interactive planning
- DINO, Data and Information of the Dutch Subsurface
- BRO: the Dutch Key Register of the Subsurface
- Sustainable use and management Flemish-Dutch subsurface
- Petroleum Geological Atlas of the Southern Permian Basin
- 3D Subsurface mapping of the Dutch offshore
- Geological Survey of the Netherlands across borders
- Towards an energy-producing environment
- Expertise
- Industry
- Roadmaps
- Flexible & Free-form Products
- Space & Scientific Instrumentation
- Semiconductor Equipment
- Sustainable Chemical Industry
- Smart Industry
- Expertise groups
- Buildings, Infrastructure & Maritime
- Roadmaps
- Buildings & Infrastructure
- Infrastructure
- Sustainable buildings: towards an energy-producing built environment
- Building innovation
- Greenhouse design
- Digitisation in construction
- Maritime & Offshore
- Expertise groups
- Circular Economy & Environment
- Healthy Living
- Roadmaps
- Health Technology & Digital Health
- Biomedical Health
- Work
- Youth
- Expertise groups
- Traffic & Transport
- Roadmaps
- SMART and Safe Traffic and Transport
- Societal impact for accessibility and liveability
- Decision-making information based on facts for municipalities
- Making disruptive technologies practicable
- Accessible, healthy and vibrant cities
- CITYkeys – Performance evaluation framework for smart cities and projects
- Big data ecosystems: collaborating on data-controlled cities
- Knowledge mediator puts an end to bickering
- Intact – Climate resilient critical infrastructure
- Organising mobility
- Smart mobility and logistics
- Smart vehicles
- Sustainable Traffic and Transport
- Sustainable Mobility and Logistics
- Improving air quality by monitoring real-world emissions
- Emission factors for road traffic
- Measuring the emissions of powered two wheelers
- Emissions of particulate matter from diesel cars
- Random Cycle Generator
- EnViVer: model traffic flow and emissions
- Measuring real-world emissions with TNO’s Smart Emissions Measurement System (SEMS)
- Measuring the emissions of trucks and buses
- Reducing Greenhouse Gas Emissions in Commercial Road Transport
- Measuring the emissions of non-road mobile machinery
- Emission measures in practice
- The transition to CO2-neutral mobility in 2050
- Sustainable Vehicles
- Innovative technologies for zero-emission vehicles
- CO2 reduction by high-efficiency Flex Fuel technology with extremely low emissions
- Actual energy consumption and emissions
- Hydrogen and the fuel cell
- Automotive Battery Research
- Making transport more sustainable by means of electric vehicles
- Energy Efficient Electric Bus E3Bus
- eCoMove
- Hydrogen for internal combustion engines in heavy equipment
- Expertise groups
- Information & Communication Technology
- Roadmaps
- Fast open infrastructures
- Data sharing
- Trusted ICT
- Efficiency, effectiveness, quality and the costs of systems
- Expertise groups
- Strategic Analysis & Policy
- Tech Transfer
Contact
Send question to Mark Buningh BSc
×
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.
Contact
Mark Buningh BSc
Send question to Mark Buningh BSc
×
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.