< Back to previous page

Project

BY-DESIGN Cyberveilige Digitale Producten
(SECDES)

The SecDes project (in full By-Design Cybersecure Digital Products) focuses on companies dedicatedto building SaaS solutions. These companies, often small/medium-sizedSMEs, are increasinglyusing complex software architectureswithintheirproducts. Thiscomplexitybrings software security challenges. Integratingeffective security measureswithin these complex architectures is often a difficulttask, making the risk of incidentsand data breaches real. At thesame time, many SaaS companies are feeling increasingpressurefromthe market, drivenbylegislationsuch as NIS2 andthe European Cyber Resilience Act toeffectivelydemonstratethattheirsoftware products is cyber-secure enoughto manage theircustomers' oftencritical data. 

 

The overall goal of this project is to help SaaS companies improvethe security of their digital products, even ifthey have relativelylittle cybersecurity experience. Thiswillenablethemtoquicklyandeffectivelyleverage complex new security technologiesthatcanleveragetheirsuccess in the digital economy. 

 

The objectives of theSecDes project are as follows: 

1.Increase awareness of current security issues, understand security requirementsandneedsfor SaaS applications. 

2.Gainfundamentalknowledge of relevant technologiesfor security-by-design, both in design anddeployment. 

3.Gain in-depthknowledge of state-of-the-art security-by-design technologies, as defined in theknowledge building of this project, andintegratetheminto a secure end-to-end solution withconsideration of pros andconsandothertrade-offs. 

4.Develop a concrete approach forby-design security and a security architecturebased on points 1, 2 and 3. 

5.Implementing a secure software architectureandeffectivedeployment (includingtheuse of tools to keep thedeployedapplication secure), anddocumentingandreportingthe security measures (toexternalpartiesifnecessary). 

 

This project starts fromDistriNet'srichtrack record in software security research, complementedbySirris' practical experience. Recent research resultsfromthe fields of threatmodelling, application analysis, andfuzzing are translatedforthis project into relevant blueprintsandcase studiesforthe target group. 

 

Primary target group: SaaS companies 

Secondary target group: Providers of cybersecurity-related services 

Project partners: DistriNet, Sirris 

Date:1 Feb 2024 →  Today
Keywords:cybersecurity, application security, security-by-design, SaaS
Disciplines:Other computer engineering, information technology and mathematical engineering not elsewhere classified

SDG-label by Aurora

Researchers

Project partners

Funding

1 - 1 of 1 results

  • Funding: VLAIO COOCK Collective Research & Development and Collective Knowledge Dissemination(Principal funding)

    Funding party: Flanders Innovation & Entrepreneurship

    Policy level funding: Flemish