Published September 4, 2023 | Version v1
Conference paper Open

Continuous Security Assurance of Modern Supply-Chain Ecosystems with Application in Autonomous Driving

  • 1. Department of Electric and Computer Engineering Technical University of Crete Chania, Crete, Greece
  • 2. Innovation Department Sphynx Technology Solutions AG Zug, Switzerland
  • 3. Capgemini SE Genoble, France
  • 4. Control and Computer Engineering Department Politechnico di Torino Torino, Italy
  • 5. Innovation Department ATOS Spain SA Madrid, Spain


Cyber security always forms a significant aspect of ICT infrastructure, with threats on supply-chain networks gaining greater attention nowadays. The secure autonomous driving domain presents a unique set of challenges for supply- chain security. Autonomous vehicles rely on a complex ecosystem of hardware and software components, many of which are sourced from third-party suppliers. Ensuring the security and reliability of this supply-chain is essential to maintain the safety and viability of autonomous driving as a technology. To address these challenges, a continuous security assurance approach is necessary. This involves ongoing monitoring, assessment, and improvement of security measures to detect and mitigate potential vulnerabilities in the supply chain. Key measures may include regular vulnerability assessments, penetration testing, and security awareness training for employees and contractors, as well as the implementation of security controls such as secure communication protocols, access controls, and intrusion detection systems. By adopting a continuous security assurance approach for supply chain security in the secure autonomous driving domain, organizations can safeguard their operations and ensure the safety of passengers and other road users. This paper presents a security assurance and certification solution for supply-chain services. Security elements are continuously assessed based on AI operations. The proposal is implemented under the EU funded project FISHY and applied in the supply- chain of secure autonomous driving (SADE) pilot with REMOTIS smart vehicles. Nevertheless, it is a generic solution that can be applied in any domain.



Files (839.1 kB)

Name Size Download all
839.1 kB Preview Download

Additional details

Related works

Is published in
Conference paper: 10.1109/CSR57506.2023.10224971 (DOI)


FISHY – A coordinated framework for cyber resilient supply chain systems over complex ICT infrastructures 952644
European Commission
SecOPERA – Secure OPen source softwarE and hardwaRe Adaptable framework 101070599
European Commission
SENTINEL – Bridging the security, privacy and data protection gap for smaller enterprises in Europe 101021659
European Commission
MARVEL – Multimodal Extreme Scale Data Analytics for Smart Cities Environments 957337
European Commission
PUZZLE – Towards a Sophisticated SIEM Marketplace for Blockchain-based Threat Intelligence and Security-as-a-Service 883540
European Commission