Within this framework, IBM will be the example of how a large company can collaborate with an SME. From WS (Worldsensing) perspective, having the expertise of IBM Research contributes substantially to the development of the products with a more security-concerned approach. On the other hand, IBM has the chance to work with cutting-edge IOT technology, keeping an eye on emerging markets.

In this case, IBM contribution is a hardware-based solution working to protect WS architecture against a big percentage of code-injection attacks. We are referring to ROP techniques (Returned Oriented Programming), which are part of the attack vector for code-injection in more than 90% of the times.

ROP is an exploitation technique that allows an attacker to take control of a program flow by smashing the call stack and execute instruction sequences. The attacker borrows gadgets, or small pieces of code, from the hijacked program to execute malicious code.

WS’s effort is focused on integrating this shuffled code within their infrastructure. Actually, the exact location of the solution will be the middle point of our Load-sensing architecture: the gateways. The gateways are connecting the sensors (that are collecting the user data) with the Cloud environment (which is providing with the intelligence on the data and the visualization tools for the end user).

Easy Global Market (EGM) and WS interaction is another example of the collaborations taking place within the project, but in contrast to the previous case, between two SMEs. EGM is providing services regarding validation and testing of WS’s pilots. In this matter, EGM provides advanced tools and methodologies for automated testing systems.

MBT (Model-Based Testing) is at the cutting-edge of automated testing; it is a scalable method for complex development systems that offers reliable results by the deployment of a large cover and fast execution testing environment.

On the other hand, WS aims with the insights of their systems to create a tailor-made set testing strategy that will be an enabler to understand the security levels in the present endpoints, the Loadsensing-connected sensors.

Olmo Rayón
Cybersecurity Manager at Worldsensing