ODSI / On Demand Secure Isolation

ODSI (project TRL: 3 to 5) will deliver new security models with the properties and the benefits of both hardware and software approaches. These models deliver only certified and proved (CC) minimal properties for isolation, with the goal of being used in mass production (low-cost and constrained CPU) in all approaches that require context isolation: M2M, IoT, network infrastructure sharing etc. Management systems of these isolated contexts offer the opportunity to qualify and authenticate the security level of remote devices using standardized protocols.

ODSI solutions will guarantee / certify the lowest common subset of software and hardware with the goal to prove the isolation property. ODSI project ambition provides to the industry:

    • New Models and Security Standards: a model of hardware / software security, leaving to the industry the choice of their strategies to distribute security objectives between both parts of their platforms; a minimal software standardized interface (API) allowing the industry to implement their services in the isolated environments and a communication protocol allowing to propagate the isolation properties from a first isolated context towards a second isolated context.
    • The definition of the evaluation framework and the necessary elements for Common Criteria certifications (e.g. protection Profiles) allowing to reach a global security assurance level of the delivered isolation models and derived solutions (hardware / software). This framework will include two aspects, the certification of the elementary bricks at the highest logical/physical assurance level and the “lego methodology” to reach a global assurance level for the system when combining the certified bricks.
    • USEs CASEs as technical evidence of ODSI concepts.
  • Dissemination of ODSI high-level models, Protection Profiles and open source use cases implementation, as well as the standardization of the interfaces proposed for the IoT and M2M sectors. ODSI deliverables shall be neutral regarding the industrial strategies of implementation.

Focus is on models and security – Add the delivery of on-demand isolated, secure and dedicated environments of services over electronic equipment.

Financial contract Nr. 63 from 14/06/2017

Project ID: C2014/2-12

Deposit code: PN-III-P3-3.5-EUK-2016-0039

The total value of the budget: 1.519.200,00 Lei

The total value of the contract: 2.249.240,00 Lei

The total value of the co-founding: 730.040 Lei

The start date of the contract: 14/06/2017

The end date of the contract: 31/07/2022

Coordinator: B&S RESO NET SRL

Partner: BEIA Consult International

Project Director (coordinator): Cristian Spiescu

Project Director (partner): George Suciu (george [at] beia [dot] ro, Peroni 16, Bucharest, Romania, Tel: +40374104901, Fax: +40213323006)

Project financed by UEFISCDI through the European and International Cooperation Program

[ Project Leaflet ]

More information on ODSI in Romania or ODSI in Europe

Celtic Eureka project site

To achieve the proposed objectives, the project activity is structured as it follows:

Phase I – State of the art analysis technical and scientific. Modeling of security for minimum isolation. Defining solution for communication between components 

  • A1.1 State of the art (correlated with T4.1 from the European project)

In this activity, it was considered the state of the art in security models having the features and benefits of both hardware and software approaches. These models deliver only certified and proved (Common Criteria – CC) minimal properties for isolation, with the goal of being used in mass production (low-cost and constrained CPU) in all approaches that require context isolation: M2M, IoT, network infrastructure sharing etc. In addition, analyzes of these contexts management systems insolation, offer the opportunity to qualify and authenticate the security of remote devices using standard protocols. This analysis is the basis for ODSI solutions to guarantee/ certify the lowest common subset of software and hardware in order to prove ownership of isolation. In this activity we have been presented and analyzed the most common methods of secured isolation. This analysis of the current state of technology has been accompanied by a brief description of the framework in which these technologies are implemented. 

  • A1.2 Abstract model of the isolation manager (correlated with T1.1 from the European project)

Activity 1.2 realised the following objectives:

    • Compliance management for insolation in the general concept of safety management;
    • Definement of an abstract model for isolation management as part of security management
  • Procedural components in isolation management application for secure networks.
  • A1.3 Definition of validation for isolation manager (correlated with T1.2 and T1.3 from the European project)

Activity 1.3 realised the following objectives:

    • Analysis of the test solutions of the software components contained within the isolation entities and presentation of the concepts underlying the test;
  • Defining a procedural validation flow for isolation management and definition of general criteria to determine the need for a test plan of a formal acceptance for a particular change;
  • A1.4 Definition of criteria for performance evaluation of isolation (correlated with T1.6 from the European project)

The safety performance indicators have been defined, that characterize quantitatively the strength of intrusion detection mechanisms implemented for the isolation strategies. In general, these performances are analyzed in relation to application-specific thresholds, given the sensitivity of the data generated, stored and transmitted in the remote areas of the support network for IoT applications, smart city, etc.

  • A1.5 Modeling communication between virtual machines  (correlated with T2.1 from the European project)

Activity 1.5 realised the following objectives:

    • Communication models between virtual machines;
  • Communication models between virtual machines in the context of isolation on request (principles and specific issues) 
  • A1.6 Definition of the authentication protocol (correlated with T2.2 from the European project)

This activity shows the approach of the authentication protocol proposed in ODSI to ensure secure communication based on mutual identification of two different entities. This will be done in an operational environment characterized by certain limitations, such as small autonomous systems, in which there is no human interaction, and where the devices present limitations in terms of storage and processing resources. It is specified the use of the symmetric key, called pre-shared keys (PSK), previously shared by the communicating parties to establish a secure M2M connection of the transport. This is useful in application environments having constraints of performance, reduced processing capabilities, such as ODSI use cases.

Phase description: In this phase we completed market study, research reports and technical specification.

Phase I was completed on December 31st, 2017.

Phase II – Developing solution  for communication between components. Project for ODSI system management

  • A2.1 Definition of requirements for system management (correlated with T3.1 from the European project)

This activity aims to identify and define ODSI platform constraints for system management applied in M2M, IoT use cases, industrial control and automation systems. It also includes the proposed architecture of the ODSI platform.

  • A2.2 Security model of the system (correlated with T3.2 from the European project)

This activity described the security model specifications of the ODSI system. Activity 2.2 realised the following objectives:

    • Defined mechanisms for remote management of isolation facilities;
    • Ensuring that only authorized and legitimate device management commands are being considered by the device without undermining in terms of security isolation model;
    • Ensuring end-to-end security between device management at client level (either web application used by a person or a domain in a device for that management actions have been delegated) and the device or the given area;
  • defining the type of intelligence necessary to achieve the objectives and how they are achieved by the system
  • A2.3 Testing communications (correlated with T2.3 and T3.3 from the European project)

This activity intends to provide a dynamic environment for testing communications in which different applications can be tested under secure conditions with the implementation of a single device through isolation and secure communication. The aim is to provide a complex architecture in which a device can perform various processes, isolated from each other, so whenever one is compromised or shows an irregular operation of the requirements, it should not affect the others. On the other hand, the management is designed to interact with different devices, extending the isolation from a network of hosts that provide a service in a coordinated way, but isolated from other elements that share the network or certain hardware resources. The complete solution is described, by first describing the general architecture as it has been developed. The second part provides a more detailed description of each item, component and system function. The last part presents a technical approach for testing the communication interfaces provided at different levels.

Phase description: In this phase we completed technical specification, model for the system prototype, testing report

Phase II was completed on July 31st, 2018.

Phase III – Common criteria certification

  • A3.1 Defininig the architecture and security profiles (correlated with T4.2 and T4.5 from the European project)

This activity presents the overall architecture, aimed at designing a generic model that meets all the properties offered by the ODSI platform. For any deployment that meets this specification, the ODSI functionality is guaranteed. The technical requirements (OS, protocols, crypto-layer) should be minimal in order to provide experts freedom in implementation and allow the ODSI platform to be used in a variety of contexts. Protection profiles are also defined, which represent documents used for the certification process in accordance with ISO/IEC 15408 and Common Criteria (CC).

As a visual result of the activity performed in this phase, it is illustrated the dashboard interface that represents the evolution of the technical data of the utilized infrastructure components.

  • A3.2 Developing the Lego certification methodology for the specific use cases (correlated with T4.3 and T4.6 from the European project)

Phase description: This phase is ongoing and will result in GUI and testing report.

Phase III was completed on December 31st, 2018.

Phase IV – Testing the system and assessing use cases

  • A4.1 Use cases definition (correlated with T5.5 and T5.6 from the European project)

This activity aims to present use cases developed by the consortium partners in Romania. The use case of BEIA is a system of agro-meteorology, while the B&S Reso Net use case is represented by implementing the ODSI solution in an airport’s operations control environment to improve the security level of data communication in these areas using M2M and IoT equipment.

  • A4.2 Demonstration of the functionality and utility of the system (correlated with T5.5 and T5.6 from the European project)

This activity describes the system architecture developed on the use cases of BEIA and B&S Reso Net, together with their functionality and utility. The utilized components are presented along with security devices and solutions developed to implement advanced use cases.

  • A4.3 Identifying and protecting intellectual property rights (correlated with T6.1, T6.2, T6.3 and T6.4 from the European project)

The activity aims to establish identifiers to protect intellectual property rights on technologies and solutions developed within the ODSI project.

  • A4.4 Defining the architecture and security profiles – Phase 2 (correlated with T4.2, T4.4 and T4.5 from the European project)

This activity represented the second stage in the development of the overall architecture of the ODSI solution and of the protection profiles used in the process of certification with ISO/ IEC 15408 and Common Criteria (CC). An important element of this activity is described in the intensively presented standardization methods, Common Criteria being the central component for ODSI equipment evaluation.

  • A4.5 Development of the Lego certification methodology for specific use cases(correlated with T4.3 and T4.6 from the European project)

This activity presented the concepts of the Lego methodology, developed in order to increase system security,  and has identified the sources of threats specific to each use case. The Lego methodology offers a flexible evaluation that can be applied towards the end-to-end security in heterogeneous systems whose configuration and functionality may be updated dynamically.

Phase IV was completed on 30 September 2019.

Phase V – report the economic and financial activity till July 2020

Phase VI – report the economic and financial activity till July 2021

Phase VII – report the economic and financial activity till July 2022


  • FABULOUS Conference – Bucharest, Romania – 12 – 14 October 2018 (presented article: “Integrated Software Platform for Mobile Malware Analysis”); www.fabulous-conf.org
  • World Conference on Information Systems and Technologies – Naples, Italy – 27 – 29 March 2018 (presented article: “Cyber-Attacks–The Impact Over Airports Security and Prevention Modalities”) www.worlcist.org
  • 8th International Conference from Scientific Computing to Computational Engineering (8th IC-SCCE) – Athens, Greece – 4 – 7 July 2018 (presented article: “Artificial Intelligence for Malware Analysis on Android Mobile Phones”) www.scce.gr
  • The 9th edition of the International Conference “Advanced Topics in Optoelectronics, Microelectronics and Nanotechnologies” (ATOM-N) – Constanta, Romania – 23 – 26 August 2018 (presented article: “On Demand Secure Isolation using Security Models for Different System Management Platforms”) www.atom-n.ro
  • ELSE 2019: Suciu, G., Anwar, M., & Istrate, C. (2019). Mobile Application and Wi-Fi Network Security for e-Learning Platforms. In The International Scientific Conference eLearning and Software for Education(Vol. 1, pp. 393-399). ” Carol I” National Defence University.
  • WorldCIST: Suciu, G., Istrate, C., Petre, I., & Scheianu, A. (2019, April). Lego Methodology Approach for Common Criteria Certification of IoT Telemetry. In World Conference on Information Systems and Technologies (pp. 165-174). Springer, Cham.
  • WorldCIST: Suciu, G., Scheianu, A., Petre, I., Chiva, L., & Bosoc, C. S. (2019, April). Cybersecurity Threats Analysis for Airports. In World Conference on Information Systems and Technologies(pp. 252-262). Springer, Cham.
  • Global IoT Summit (GIoTS) 2019: Suciu, G., Istrate, C. I., & Diţu, M. C. (2019, June). Secure smart agriculture monitoring technique through isolation. In 2019 Global IoT Summit (GIoTS)(pp. 1-5). IEEE.

Project meetings

F2F meeting

BEIA Consult hosted the F2F meeting with all ODSI partners on 17-19 October 2019 in Bucharest, Romania.