Self-driving cars can no longer be viewed as a single system. These are cars with complex computer systems that independently make countless connections with the driver, with other vehicles, with the immediate environment and with various communication systems and networks. We want to be sure that these connected systems are reliable. As a result, IT Security Architects must work in a more intricate manner, as the interconnected networks are becoming too complex to oversee as a whole.
Decentralised design on the basis of zero trust.
Go straight to information on:
Decentralised design on the basis of zero trust
By decentralising the design of an IT architecture and thus dividing the design into a number of clear sub-divisions (each with its own responsibilities), an overview can be created. This provides certainty regarding the security of each sub-part, the connections which are relevant to this sub-part and how they can be protected. In this way, an organisation can get a better grip on possible attacks because they can already monitor them within a smaller sub-part. All of this is done on the basis of the Zero Trust philosophy. The foundation for Zero Trust is ‘never trust, always verify’. Whereas certain connections were always open to certain users in the past, a Zero Trust design has no prior assumptions on the degree of reliability regarding those who want access – regardless of whether this concerns organisations, users, hosts or datasets.
Implied trust zones methodology
Dividing an IT design into sub-parts
In the TNO Implied Trust Zones methodology, an IT architecture goes from a centralised process (with one architect at the helm) to a decentralised process with several responsible parties. The relationships and connections are clearly visualised and the system is set up through a series of separate Implied Trust Zones. As an example from the automotive industry, take a car that communicates with surrounding cars, traffic lights, road information, weather information and traffic information in order to drive safely and autonomously in as optimal a manner as possible (or: to support the driver). While this is very complex as a whole, the individual parts can remain clear with the right methodology.
Due to the decentralised design, individual components can now also be tested and validated separately. In other words, a smart traffic light can be deemed secure without the need to test all other connected systems (cars, other infrastructure) as well.
The method is currently being tested in the automotive industry within the SECREDAS project, and a healthcare case is being developed.
Potential impact for organisations
More secure and resilient: This methodology offers major advantages because the architecture becomes clear, processes remain transparent and responsibilities are straightforward. An architecture with a decentralised design conducts analyses more easily and acts faster and more effectively in the event of possible attacks. The Implied Trust Zones methodology ensures that the impact of an incident is kept to a minimum.
Better designs lead to a safer and more flexible environment: The method helps to identify and correct ‘errors’ and shortcomings in IT designs from the outset AND helps to better plan urgent measures to be taken, including where they best fit into the architecture.
Application areas
The Implied Trust Zones methodology is applicable in many areas of cybersecurity:
- For more secure information transactions, such as for financial or governmental organisations.
- For chain partners: organisations that have to work together and where information is frequently passed on, particularly when privacy and security are important.
- For organisations where the design of an IT architecture is large and complex, which could concern policy, people, suppliers, digital services, etc.
But the methodology also quickly helps to provide answers to questions such as:
- How do you debug a security architecture?
- Systems-of-systems: is the security solution in the right place?
- Secure and flexible infrastructures: how do you design them?
Collaboration
TNO has the unique expertise needed to advise you on customised solutions.
If you would like to collaborate with us and/or learn more about the Implied Trust Zones methodology?
Please contact Mark Buningh
10 cyber security challenges and innovations
What steps do we need to take to improve cyber security in the Netherlands? What cyber threats lie ahead of us? TNO works with organisations to address not just today’s cyber security challenges, but... Read more
Carefree entrepreneurship thanks to security monitoring and detection
Technology, data and data-driven solutions are becoming increasingly important to the functioning of our society. The Netherlands is experiencing rapidly growing digitalisation in terms of processes... Read more
Optimising care by encrypting patient data
Healthcare costs in the Netherlands amount to 100 billion euros annually (10% of GDP) and are expected to rise to over 170 billion euros by 2040. It is essential to continue improving care and to keep... Read more
Cybersecurity by quantum - safe crypto
Picture this: a quantum computer exists which can handle complex problems that are practically unsolvable for today’s computers as the calculations would take centuries. Which contributes to new products... Read more
The Digital Resilience of The Netherlands
Our Dutch defence and security organisations, including the national police and the NCTV, are jointly responsible for our national security – including in the digital domain. In addition to the sea, land,... Read more
- Artificial Intelligence
- Application areas
- Use cases
- Program line 1: Safe autonomous systems in an open world
- Program line 2: Responsible human-machine interaction
- Secure learning in money laundering detection
- Fair decision making in the job market
- Secure learning in diabetes-2 advice
- Diagnosing for printer maintenance
- Subsidence monitoring
- Fair decision making in justice
- Augmented worker for smart industry
- Energy balancing for smart homes
- Secure learning in oncology research
- Innovation monitoring in policy
- News
- Defence, Safety & Security
- Roadmaps
- Operations & Human Factors
- Climate Chambers for Research into Human Performance
- Desdemona: The ultimate motion simulator
- LT Lab: the TNO learning technology laboratory
- Performance and health monitoring
- Motion sickness and performance
- The neurobiology of Stress
- NetForce Command: an alternative to hierarchical command and control
- Operational military performance in a virtual world
- SUPRA
- Simulation Live Virtual and Constructive
- Concept Development & Experimentation
- IAMD: Integrated Air & Missile Defence
- JROADS
- FACSIM
- Helicopter studies
- Replacement of the F-16
- MARVEL / Comprehensive Approach
- TNO ACE: Advanced CD&E Environment
- Integrated approach to Dutch Royal Navy patrol ships
- Operational analysis during military operations
- SketchaWorld: from sketch to virtual world
- Camouflage
- Information & Sensor Systems
- Digital Resilience of The Netherlands
- LFAS - Low Frequency Active Sonar
- Tanker Remote Vision System
- Platform signatures
- TNO shapes the future of MMICs and RFICs
- CARPET: Computer-Aided Radar Performance Evaluation Tool
- Underwater Warfare and Security
- Wide Area Motion Imagery WAMI
- SAKAMATA: sonar and marine mammals
- PARANOID: rapid information processing
- Mine analysis and threat evaluation
- Ship acoustics and underwater acoustic signatures
- PERSEUS Wind Turbine Radar Interference Assessment tool
- Electromagnetic security
- Operating safely at sea
- Operations at sea
- Ocean Space
- National Security
- A new vision on modernizing the emergency reporting process
- Social media in the security sector
- Automatic Video Compilation and Analysis System (AVACS)
- The Dutch Cyber Cube Method: Improving Human Capital for SOCs and CSIRTs
- Concealed weapon detection
- FP7 Project IMPACT Europe
- Critical Infrastructure Protection (CIP) policies in Europe
- @MIGO: border control
- Smarter Surveillance, man, machine, synergy
- Cyber Security of Industrial Control Systems
- Privacy enhancing techniques in cyber security data sharing
- Driving Innovation in Crisis Management with DRIVER+
- Crisis management: new challenges, new opportunities
- The learning professional: resilient and deployable for the long term
- Protection, Munitions & Weapons
- Weapons systems control and analysis
- Weapon Effects & Protection Center
- Firepower
- Protection and survivability of vehicles
- Naval protection and survivability
- Infrastructure protection and survivability
- World-class ballistics research
- Countering Explosive Threats
- Materials for protection concepts
- Processing of Propellants, Explosives and Pyrotechnics
- Ammunition Safety
- Ballistic Performance and Personal Protection
- Chemical, Biological, Radiological and Nuclear (CBRN) Protection
- Anticipating accidents, incidents and threats
- Protecting those who protect us
- Process Safety Solutions: Expertise in Handling Hazardous Conditions Safely
- Expertise groups
- Acoustics and Sonar
- Chemical, Biological, Radiological and Nuclear (CBRN) Protection
- Electronic Defence
- Energetic Materials
- Explosions, Ballistics and Protection
- Human Behaviour and Organisational Innovation
- Human Machine Teaming
- Human Performance
- Intelligent Autonomous Systems
- Intelligent Imaging
- Military Operations
- Modelling, Simulation and Gaming
- Networked Organisations
- Radar Technology
- Weapon Systems
- Energy Transition
- Roadmaps
- Renewable electricity
- Towards large-scale generation of wind energy
- The important of support structures
- Wind turbines, fully in motion
- Innovation towards 10-20 MW offshore wind turbines
- Modeling 10MW+ turbines aerodynamically
- Design for Reliable Power Performance (D4REL)
- Optimised wind blade tip design
- Vortex-wake models in wind turbine design
- Modelling improvement wind turbine blades
- Converters for Clean, Low Cost Electricity
- Haliade X: largest wind turbine ever
- New research on blade tip improvements
- Less production per wind turbine, still higher yield
- Logistics innovative strength at home and abroad
- Wind turbine management and maintenance
- Wind farms in synergy with the environment
- Innovative methods for wind measurements
- Keeping the electricity grid stable when there’s a surplus of wind and solar
- Innovation and the rise of solar energy
- Solar farms respecting landscape and nature
- Solar panels on farmland
- Research innovative solar parks
- Better design of solar parks
- Savings on solar farm operations and maintenance
- Floating solar panels on inland waterbodies
- Offshore solar energy
- National Consortium Solar in Landscape
- National Consortium Solar on Water
- Field lab floating solar
- Research into environmental effects of solar, wind energy
- Solar energy on buildings and infrastructure
- Solar panels in façades
- Solar windows
- More focus on safety of solar systems
- Solar heat and PV-T
- Roofs for solar energy
- Noise barriers producing solar energy
- Solar energy in road surfaces and crash barriers
- Solar panel energy generated on dikes
- Solar and infrastructure
- Outdoor test facility for BIPV(T)
- Solar Highways
- Solar-powered cars
- Mass customization
- Solar panel efficiency
- New technologies make PV more versatile
- Webinar: Innovations in solar energy technologies
- Putting Europe back in the lead in solar panel production
- System transition
- The social aspects of the energy transition
- TNO facilities for research into environmental effects of solar and wind energy
- Effective interventions to increase energy efficiency and reduce energy poverty
- Green and Ease under one roof
- Capacity building programme for energy efficiency in industry
- Zooming in on the future to make the right choices
- Scenarios for a climate-neutral energy system
- A fair system without energy poverty
- Financing the energy transition
- LAUNCH
- Successful neighbourhood approach: motivate residents
- Towards a reliable, affordable and fair energy system
- Towards CO2 neutral industry
- Reducing CO2 emissions through capture, use and storage
- SEWGS: revolutionary CO2-reduction technology and blue hydrogen production
- STEPWISE and FReSMe: CO2 reduction solutions for the steel industry
- 3D-printing for CO2 capture productivity increase
- Multi-partner ALIGN-CCUS project
- CEMCAP
- Reduce emissions steel industry
- CO₂ capture with AVR
- On-site CO₂ Capture Services: reducing emissions cost effectively
- SEDMES: Efficient technology to convert CO2 to useful product
- Hydrogen for a sustainable energy supply
- Optimising production hydrogen
- Hydrogen storage and transport
- Hydrogen, fuel and feedstock
- H-vision: blue hydrogen to accelerate carbon-low industry
- 15 things you need to know about hydrogen
- World first: Green hydrogen production in the North Sea
- New research centre for hydrogen production
- Identifying the future international chain of green hydrogen
- Opportunities for green hydrogen for the manufacturing industry investigated
- Hydrogen from offshore wind: optimising the electricity grid
- Faraday lab: optimising and scaling up electrolysis
- Blue hydrogen paves the way for green hydrogen
- Biomass to fuels and feedstock
- ARBAHEAT - Sustainable future for coal-fired power stations possible through conversion to biomass
- AMBITION Advanced biofuel production from lignin rich residues
- BECOOL EU Brazilian cooperation on advanced biofuels
- Horti-BlueC - a new EU cooperation on reducing Bio-waste and CO2-footprint in horticulture
- UNRAVEL - valorization of lignocellulosic biomass
- MacroFuels advanced biofuels from seaweed
- BRISK2 Biofuel Research Infrastructure for Sharing Knowledge
- New facility for seaweed processing
- TORWASH technology successful for waste water treatment and recycling plastics
- Biofuels lab: Making transport more sustainable with biofuels
- Take-Off: Sustainable aviation fuels from CO2, water and green energy
- HEREWEAR: Circular textiles from locally-sourced bio-based materials
- Transition to e-fuels: a strategy for HIC Rotterdam
- Re-use of existing infrastructure to accelerate the energy transition
- Sustainable Industrial Heat System
- 4 pioneering routes to a CO2 neutral industry
- Research facility Industrial Electrification accelerates greening of Rotterdam port
- Mollier facility: innovating in industrial drying technology
- Research facility for negative CO2 emissions
- Carnot lab accelerates sustainable industrial heat management
- Using energy and raw materials efficiently in industry
- e-Missi0n MOOI: TNO supports Dow and Shell in electric cracking
- CO2 reduction requires improvement of industrial processes
- Making the industrial energy transition feasible and affordable
- Sustainable subsurface
- Geological Survey of the Netherlands
- Geological Survey of the Netherlands
- 100 years of geological mapping
- GeoTOP
- Sand, gravel and clay extraction
- GIS and other tools for interactive planning
- DINO, Data and Information of the Dutch Subsurface
- BRO: the Dutch Key Register of the Subsurface
- Sustainable use and management Flemish-Dutch subsurface
- Petroleum Geological Atlas of the Southern Permian Basin
- 3D Subsurface mapping of the Dutch offshore
- Geological Survey of the Netherlands across borders
- Towards an energy-producing environment
- Expertise
- Industry
- Roadmaps
- Flexible & Free-form Products
- Space & Scientific Instrumentation
- Semiconductor Equipment
- Smart Industry
- Expertise groups
- Buildings, Infrastructure & Maritime
- Roadmaps
- Safe and Sustainable Living Environment
- Infrastructure
- Sustainable buildings: towards an energy-producing built environment
- Building innovation
- Greenhouse design
- Digitisation in construction
- Smart megastructures
- Expertise groups
- Circular Economy & Environment
- Roadmaps
- Circular economy
- Environment & Climate
- Sustainable Chemical Industry
- Expertise groups
- Healthy Living
- Roadmaps
- Health Technology & Digital Health
- Biomedical Health
- Work
- Youth
- Expertise groups
- Traffic & Transport
- Roadmaps
- SMART and Safe Traffic and Transport
- Societal impact for accessibility and liveability
- Decision-making information based on facts for municipalities
- Making disruptive technologies practicable
- Accessible, healthy and vibrant cities
- CITYkeys – Performance evaluation framework for smart cities and projects
- Big data ecosystems: collaborating on data-controlled cities
- Knowledge mediator puts an end to bickering
- Intact – Climate resilient critical infrastructure
- Organising mobility
- Smart mobility and logistics
- Smart vehicles
- Smart Mobility Research Centre SMRC
- Sustainable Traffic and Transport
- Sustainable Mobility and Logistics
- Improving air quality by monitoring real-world emissions
- Emission factors for road traffic
- Measuring the emissions of powered two wheelers
- Emissions of particulate matter from diesel cars
- Random Cycle Generator
- EnViVer: model traffic flow and emissions
- Measuring real-world emissions with TNO’s Smart Emissions Measurement System (SEMS)
- Measuring the emissions of trucks and buses
- Reducing Greenhouse Gas Emissions in Commercial Road Transport
- Measuring the emissions of non-road mobile machinery
- Emission measures in practice
- The transition to CO2-neutral mobility in 2050
- Sustainable Vehicles
- Innovative technologies for zero-emission vehicles
- CO2 reduction by high-efficiency Flex Fuel technology with extremely low emissions
- Actual energy consumption and emissions
- Automotive Battery Research
- Making transport more sustainable by means of electric vehicles
- Energy Efficient Electric Bus E3Bus
- eCoMove
- How hydrogen can accelerate energy transition in the transport sector
- Green performance of ships
- Expertise groups
- Information & Communication Technology
- Roadmaps
- Fast open infrastructures
- Data sharing
- Trusted ICT
- Efficiency, effectiveness, quality and the costs of systems
- Expertise groups
- Strategic Analysis & Policy
- Expertise groups
- Strategic Business Analysis
- Strategy & Policy
- Orchestrating Innovation
- Tech Transfer
Mark Buningh BSc
Send a question to Mark Buningh BSc
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.
Mark Buningh BSc
Send a question to Mark Buningh BSc
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.