ENTRUST D3.2 ENTRUST Risk Assessment & Collective Threat Intelligence Framework – Initial Release

Towards providing operational assurance to organizations belonging to the medical domain, ENTRUST aims to ensure that the trustworthiness level of Connected Medical Devices (CMDs) remains at an acceptable level throughout their operational lifecycle. In this regard, this deliverable is dedicated to the detailed description of all components participating in the Trust Assessment process of ENTRUST throughout all three core phases of the ENTRUST action workflow, i.e., the Manufacturing Phase, the Predeployment Phase, and the Runtime Phase. First, we focus on the Formal Verification component, which is responsible for formally verifying the security processes of ENTRUST. Next, we describe the Threat Modeling and Software Verification component, which aggregates information from existing databases and formulates the attack vector for the device. This is forwarded to the Risk Assessment component, which evaluates the risk level for the device and calculates its Required Trust Level (RTL). We then describe the Trust Assessment Framework of ENTRUST (TAF) which is able to evaluate the Actual Trust Level (ATL) of the device. Next, the Digital Twin (DT) is able to emulate any incidents that led to a failed attestation process and identify new threats or vulnerabilities. The Secure Software Update module is then able to securely deploy updates as mitigation measures to patch such vulnerabilities. This document positions all aforementioned components within the overall ENTRUST framework and documents all interactions between them.