The DEFEDGE project aims to define a set of techniques for the development of secure and resilient edge-cloud systems and for their assessment based on a threat-driven approach. The main idea is to leverage the results of a guided threat modeling process to derive both the security controls and mechanisms to enforce as a mitigation for these threats and the security tests to perform in order to verify the effectiveness of controls in place.

In particular, security controls selection and enforcement will follow Moving Target Defense principles, according to which the attack surface of a system is continually and proactively changed to reduce attack success probability.

Security testing will exploit existing threat intelligence and attack patterns knowledge bases to derive a set of general-purpose attack procedures that can be suitably customized to test a target system.

For the generation of attack procedures and their customization, the project will also explore machine learning techniques to infer new attack patterns and scenarios, in order to improve overall testing effectiveness.