R&D Projects


CITADEL

R&D Projects


CITADEL

CITADEL stands for CRITICAL INFRASTRUCTURE PROTECTION USING ADAPTIVE MILS

CITADEL is an Innovation Action project partly funded by the Horizon 2020 Program of the European Union under grant agreement no. 700665. The consortium includes 14 partners from 10 EU countries.
CITADEL project will build on the MILS technology accomplishments of D-MILS and Euro-MILS, and perform the research and development necessary to create adaptive MILS systems. We use adaptive MILS in new and evolving adaptive systems contexts having strategic focus within the EU, such as Critical Infrastructures and the Internet of Things, where adaptability is a crucial ingredient for the safety and security of future systems, and where the rigorous construction and verification made possible by MILS holds particular promise.

The project expects to achieve in its final phase the demonstration of the capabilities of the adaptive MILS technology in several industrial contexts and application scenarios, and lay the technical foundations for a certification framework for the use of adaptive MILS components and systems in critical infrastructure applications.

A key product of the project will be the implementation of Adaptive MILS Platform, i.e. a MILS platform that is 1) dynamic, implementing a full and flexible ability to change its configuration during runtime; 2) adaptive, including mechanisms to monitor its operation and its interaction with the environment, and mechanisms to utilize its dynamic reconfiguration capabilities to maintain safe and secure operation, and to maintain its ability to fulfill its mission in the face of environment change or internal failures.

PikeOS will be the part of Adaptive MILS Platform along with the TSN networking stack provided by TTTech. The key role of PikeOS in the MILS Platform is to act as a high assurance separation kernel providing the fundamental isolation and information flow control properties. PikeOS and other commercials separation kernels in their state-of-the-art can only be used to build a static system where the partition’s resource allocation and information flow policies are statically defined. In CITADEL, we strive to progress beyond the state-of-the-art by allowing extending PikeOS with the following features that helps to build an adaptive and dynamic system:

  • Ability to modify the resources such as memory, CPU time, cores allocated to partitions during runtime
  • Ability to modify the information flow channels between partitions during runtime
  • Ability to create and export the representation of the current kernel runtime configuration
  • Extensions to the exiting PikeOS configuration tools to configure the adaptive system built using PikeOS

This progression beyond the state-of-the-art makes PikeOS world’s first certifiable dynamically configurable separation kernel.

For more information please visit the official project website.