ENTRUST D4.2 Runtime Assurance & Certification Framework – First Release

The deliverable outlines the Trusted Computing Abstractions developed by ENTRUST to facilitate dynamic trust assessment within a Connected Medical Device (CMD) ecosystem, aiming for secure lifecycle management. This initial version of the Runtime Assurance and Certification Framework lays the foundation for trust bootstrapping, covering secure boot processes and runtime trust assessment, to safeguard all operational phases of CMDs. Key contributions include the documentation of Zero-Touch Onboarding (ZTO) processes, incorporating Verifiable Credentials and Signcryption schemes for secure device enrollment, and the introduction of Verifiable Credentials for identity and system attributes management. The deliverable also defines a Trusted Computing Base (TCB) using Trusted Execution Environments (TEEs) for high-end CMDs and Physical Unclonable Functions (PUFs) for low-end CMDs, ensuring secure, versatile infrastructure and comprehensive attestation evidence. It covers secure lifecycle management enablers, including cryptographic schemes continuous trust assessment.