jtsec collaborates in ENJAMBRE project supporting to embrace security into the product design and compliance to the LINCE certification.

Blog

16
- Jan
2023
Posted by: José Ruiz
[Cybersecurity cases]
jtsec collaborates in ENJAMBRE project supporting to embrace security into the product design and compliance to the LINCE certification.

Some weeks ago, we started a very special project, called ENJAMBRE and we are very proud to collaborate with valuable companies such as Fidesol, Nazaries Intelligenia, Grupo Trevenque, Smart City Cluster and Ontech. The first stage, the one explained in this blog, will end by 28 April 2023.

What is ENJAMBRE?

The objective of this project is to validate through a proof of concept and a pre-prototype a modular solution that incorporates tools, technologies and knowledge, beyond the reach of SMEs, to facilitate a sustainable digitalization process.

This modular solution aims to combine concepts and tools of Artificial Intelligence (autonomous learning), cybersecurity, Industry 4.0 and cyber-intelligence to identify the infrastructure and components of the IT/OT network, maintain a dynamic inventory, prevent specific threats, know their status, provide intelligence in risk management and facilitate the automation and monitoring of the behavior of IIoT devices. This qualitative, quantitative and sustainable leap in the digitization of SMEs will improve their competitiveness, security, efficiency and resilience.

The project is divided into 10 work packages, which have been marked so that its evolution is adequate and reaches a successful conclusion. jtsec takes part in three of them.

These packages are as follows:

  • Management and coordination.

  • Communication and dissemination.

  • Inventory of industrial assets.

  • Research on learning systems and predictive modelling.

  • Incorporation in security design and LINCE certification compliance.

  • Network traffic module.

  • Cyber intelligence module.

  • E-commerce module.

  • Alerting module.

  • IT/OT device CMDB module.

    • jtsec participation in ENJAMBRE project

    jtsec participation in ENJAMBRE focuses on incorporating the LINCE methodology into the security design and compliance, enhancing the cybersecurity of ENJAMBRE from its creation phase, which will affect its design decisions. Advice will also be offered when designing the laboratory and simulation environments. Vulnerability, interface and attack vector analysis will be carried out on the pre-prototypes. Our participation is divided into three main activities:

  • Vulnerability Analysis.

  • Analysis of interfaces and attack vectors.

  • Security Target development.
    •

    Conclusions

    This is only the first of the two stages set out in the roadmap for the creation of ENJAMBRE. jtsec will carry out evaluation according to the LINCE methodology in the second phase.

    Collaborate in improving the cybersecurity of a pioneering project for helping the SMEs to their digitalization process is a great step and a honor for us.

    tags
    José Ruiz/CTO

    Jose is an expert consultant on the Common Criteria standard with more than 10 years of experience. Jose has a wide background in other security assurance standards in the field of the information technology as Common Criteria, FIPS 140-2, FIPS 140-3, GP TEE, PCI-PTS, LINCE. Jose has served as an evaluator, Technical Leader and CC Consultant for Epoche&Espri and as CC lab manager and Cyber Security Service Manager for Applus+. His experience has led him to participate as a speaker in various editions of the ICCC (International Common Criteria Conference) and ICMC (International Cryptographic Module Conference). He has been the “Chairman” of a subgroup within the ISCI WG1 Eurosmart Initiative to develop the CC Methodology. He is also member of different working groups as ISO SC27 or Global Platform TEE and an active member of the group ERNCIP “IACS Cybersecurity certification“.

    In 2017 he founded with Javier what is now known as jtsec. He is currently in charge of promoting the commercial expansion of the company from its headquarters in Madrid as CTO. In addition, he represents jtsec in various national and international forums and is responsible for quality.


    Contact

    Send us your questions or suggestions!

    By sending your data you allow us to use it to resolve your doubts by sending you commercial information of interest. We will delete it when they are no longer necessary for this matter. Know your rights in our Privacy Policy.
    RECENT POSTS
    jtsec & Applus+ Laboratories at ICCC24
    Nov 14, 2024
    jtsec & Applus+ Laboratories at ICCC24
    How to use the CCN product catalog to improve your company's security
    Oct 14, 2024
    How to use the CCN product catalog to improve your company's security
    Common Criteria Statistics 2023
    June 17, 2024
    Common Criteria Statistics 2023
    How to enter ENS category high, stay in the catalog and add new versions of my product
    April 23, 2024
    How to enter ENS category high, stay in the catalog and add new versions of my product
    jtsec - Our LINCE 2023
    Febr 6, 2024
    jtsec - Our LINCE 2023
    We wish you a happy and cybersecure 2024
    Dec 19, 2023
    We wish you a happy and cybersecure 2024
    How to Prepare Your Products and Services for the Quantum Era and Ensure Their Certification?
    Dec 14, 2023
    How to Prepare Your Products and Services for the Quantum Era and Ensure Their Certification?
    How to include your product or service in ENS ALTA.
    Oct 31, 2023
    How to include your product or service in ENS ALTA.
    Certifications and cybersecurity methodologies are generating interest among companies and organizations at both the national and international levels.
    Sept 19, 2023
    Certifications and cybersecurity methodologies are generating interest among companies and organizations at both the national and international levels.
    Legal framework in which the CPSTIC CCN - STIC 105 catalogue is included in the sphere of Public Administration
    Augst 23, 2023
    Legal framework in which the CPSTIC CCN - STIC 105 catalogue is included in the sphere of Public Administration
    CATEGORIES