Use cases

Software-defined Telecom use case

Introduction: This use case demonstrates how SECASSURED enhances cybersecurity assurance across the Software Development Life Cycle (SDLC) of telecom services in Orange Romania’s 5G-enabled, IoT–edge–cloud environment. It focuses on the Smart Tracking platform, an end-to-end vehicle fleet management solution developed by AROBS and deployed within Orange Romania’s complex B2B supply chain.

Business challenge: Smart Tracking relies on a multi-vendor supply chain involving software and hardware providers, system integrators, and operators. The platform serves enterprises, public authorities, and critical infrastructure operators, all subject to strict security and regulatory requirements. Ensuring secure-by-design development, preventing malicious or non-compliant code, and validating systems before deployment are major challenges across the SDLC.

SECASSURED-based solution: SECASSURED integrates security-aware Digital Twins (SecDevTwin and SecOpsTwin) and AI-based security services into Orange Romania’s Telco Cloud. This enables automated vulnerability discovery and repair, detection of non-compliant coding practices, and simulation of advanced threat scenarios such as code poisoning and unauthorized access. SECASSURED also supports operator-in-the-loop security operations and strengthens supply-chain risk monitoring throughout development and operations.

Impact and KPIs: The use case targets improved software, hardware, and supply-chain security across cloud, edge, and on-premise environments. Expected impacts include at least 30% reduction in time to identify non-compliance, 25% reduction in effort to repair vulnerabilities during design, and 15% improvement in overall system resilience, addressing daily threats such as malware, ransomware, DDoS, and IoT vulnerabilities.

Manufacturing 4.0 use case

Introduction: This use case demonstrates how SECASSURED supports secure digitalization in the aerospace manufacturing sector. It focuses on ITP Aero’s digitalization strategy, where industrial machines are connected through SmartBox edge devices to enable real-time data collection, advanced analytics, and AI-driven services for process optimization and predictive maintenance, in collaboration with IDEKO and SAVVY Data Systems.

Business challenge: The digital manufacturing environment introduces cybersecurity challenges at multiple levels, including machines, IIoT devices, infrastructure, and human factors. Ensuring the cybersecurity of edge-based applications and AI models, as well as secure communication between edge devices and on-premises platforms, is critical. These challenges are amplified by the need to comply with relevant cybersecurity standards in a highly regulated aeronautical industry.

SECASSURED-based solution: SECASSURED integrates SecDevTwin and SecOpsTwin with AI-based security services to provide a secure infrastructure for ITP Aero’s digitalization platform. The solution supports standard identification, automated assurance case generation, and continuous compliance checking using AI-assisted tools. It also strengthens the cybersecurity of AI models deployed at the edge, enables anomaly detection, and supports attack simulation to proactively assess threats and design protective measures across the digital manufacturing ecosystem.

Impact and KPIs: The use case targets enhanced software, hardware, and supply-chain security in Manufacturing 4.0 environments. It operates across edge devices, on-premises servers, and industrial machines, addressing threats such as malware, ransomware, DDoS, and IoT vulnerabilities. Expected KPIs include 25% reduction in time to identify non-compliance with security standards and 25% increase in automated secure integration and integration testing.

Renewable energy use case

Introduction: This use case demonstrates how SECASSURED supports secure, resilient operation of renewable prosumer energy systems in smart city environments. It builds on the work of the Urban Institute Hungary (UIH), in collaboration with municipalities and SafePay, to develop secure, data-driven energy solutions aligned with Zero Trust principles for decentralized local energy cells.

Business challenge: Prosumer energy cells contribute an increasing share of energy generation and consumption but are often built on legacy technologies with limited cybersecurity protection. These decentralized systems are typically operated with constrained security expertise, making them vulnerable to large-scale, coordinated cyberattacks that could impact not only local operations but also the wider energy grid. There is a strong need for guided, built-in security at both component and system level, as well as continuous runtime protection.

SECASSURED-based solution: SECASSURED provides a framework for validating identity, access control, devices, and applications across the prosumer cell architecture. By integrating SecDevTwin and SecOpsTwin, the solution enables continuous security assessment at both architecture and component level. AI-based services support vulnerability discovery in software and hardware, validate all new components and updates before deployment, and simulate known and emerging attack scenarios. Runtime protection is enhanced through AI-based anomaly detection, strengthening operational security and resilience against advanced threats.

Impact and KPIs: The use case targets improved protection of both local energy operations and the wider grid across edge, on-premises, and communication layers under a Zero Trust Architecture. Expected impacts include over 50% reduction in compliance checking and documentation effort, more than 30% faster vulnerability discovery and repair, regular simulation of new attack types, identification of previously hidden vulnerabilities, and an increase in overall security level from 7 to 9 out of 10.

Remote patient monitoring use case

Introduction: This use case demonstrates how SECASSURED supports secure and trustworthy eHealth services delivered across IoT, edge, and cloud environments. It focuses on Tellu, a leading provider of eHealth and welfare services in Norway, and its TelluCare platform, which enables remote monitoring and follow-up of elderly and chronically ill patients, supporting care at home and scalable service deployment.

Business challenge: Modern eHealth services rely on large-scale data collection from IoT devices and wearables, combined with cloud-based analytics and AI-driven services. This creates challenges related to scalability, efficient development and operation, advanced data exploitation, and strict data management requirements. Ensuring end-to-end security and privacy across IoT, edge, and cloud layers, while complying with demanding healthcare regulations, is a critical challenge, especially for large-scale deployments of remote patient monitoring solutions.

SECASSURED-based solution: SECASSURED enhances assurance-driven security and privacy engineering throughout the development and operation of Tellu’s eHealth services. During development, SECASSURED tools support secure code quality, automation of SecDevOps processes, and continuous validation and traceability to health-sector compliance requirements. AI-based services strengthen the assessment of trustworthiness and cybersecurity for AI-driven components and enable proactive security impact analysis. During operation, security-aware Digital Twins enable continuous compliance and security assessment, runtime anomaly detection, and AI-assisted selection and evaluation of optimal responses to security incidents.

Impact and KPIs: The use case targets protection of sensitive health data, high service availability, and strong data integrity across large-scale eHealth deployments. Operating across IoT, edge, and cloud environments, SECASSURED supports AI-assisted security and compliance in the health and welfare sector. Expected KPIs include assessment of at least two potential incompliances in running and simulated configurations and 20% reduction in security incidents, demonstrated through prevention of applicable threats.

Smart EV charging use case

Introduction: This use case demonstrates how SECASSURED strengthens the security and trustworthiness of AI-driven smart charging infrastructures. It focuses on PPC, the largest EV charging station operator in Greece, which operates thousands of chargers nationwide and uses AI-based analytics provided by K3Y to optimise charging operations, support grid balancing, and detect anomalies and cyberattacks.

Business challenge: AI software plays a critical role in managing and forecasting EV charging loads and supporting grid services. This software is exposed to multiple threats, including adversarial attacks, evasion techniques, and data poisoning, particularly in distributed and federated learning settings. Ensuring reliable operation, resilience against AI-specific threats, and transparency in model behaviour, such as explainability, fairness, and accuracy, is essential to maintain trust and secure the AI supply chain.

SECASSURED-based solution: SECASSURED integrates SecDevTwin and SecOpsTwin with AI-based security services to ensure the robustness and supply-chain security of AI models delivered to PPC. The solution supports compliance with privacy, cybersecurity, and AI standards and strengthens the trustworthiness of AI software through robustness assessment and vulnerability mitigation. Threat simulation enhances preparedness against adversarial attacks, while runtime monitoring, anomaly detection, and automated response mechanisms provide live protection against AI-related threats across development and operational phases.

Impact and KPIs: The use case targets improved software and supply-chain security in AI-enabled EV charging infrastructures operating across edge, on-premises, and cloud environments. Expected KPIs include simulation of at least seven types of adversarial attacks, automatic testing of at least 50% of relevant adversarial machine learning threats, and mitigation of at least 80% of adversarial attacks, strengthening resilience in large-scale smart charging deployments.