The Concept

The IoTAC – Security By Design IoT Development and Certificate Framework with Front-end Access Control – project aims to deliver a secure and privacy-friendly IoT architecture that will facilitate the development of more resilient IoT service environments. Our system, comprising of a secure gateway, runtime security applications and cloud-based service platforms, will provide comprehensive protection for service environments of various industry domains. The technology will not only protect new deployments but can also enhance the security level of legacy operations.

Read more

USPs outline

What is this solution offering that’s different?
Advanced security

The IoTAC architecture comprises high security level components and solutions like the use of chip cards, PKI encryption, root of trust, secure booting, audit logs and many more. Security is assured all through the design, implementation and operation phases.

Modular architecture

The IoTAC architecture comprises multiple hardware and software components which will allow flexible configuration options to support diverse service environments of various security levels. Underlying core features will be supported with optional add-ons.

Multi-layer approach

Security countermeasures will be implemented both at hardware- and at software-level, comprising a secure gateway, front-end access control, honeypots, checkpointing, AI&ML algorithms and a runtime monitoring system.

The IoTAC framework

The IoTAC framework comprises the Security Baseline as the foundation, the IoTAC Software Security by Design (SSD) principles and the Security Assurance Model (SAM) platform, which will unite in a formal Certification procedure exposed as a service.

Use Cases

Proof of domain independence 


use case

Smart home

Industrial /


use case

Prosumer cell


use case

Drone operation



use case

Automated car

Latest news

Mix of research updates, blog content and white papers

Press Release No. 5 – Barcelona Cybersecurity Congress

EU H2020 Research and Innovation projects demonstrate their research results at the Barcelona Cybersecurity Congress   24. January 2023 – The European Research Innovation for Cybersecurity (ERICyB cluster) is proud to announce that seven of its projects will be jointly exhibiting at the Barcelona Cybersecurity Congress, taking place between January…

Could mobile communication devices be used as secure storage of sensitive information?

There is the potential that the secure element(s) in the smartphones could in the not-very-distant future be used by any of us as secure storage of sensitive information, digital keys, and even applications. This would be a transformative change in securing our businesses and private lives. Let’s look at the…

ETSI Technical Committee MTS plenum takes place at the CERTH premises in Thessaloniki

The ETSI (European Telecommunications Standards Institute) Technical Committee MTS (Methods for Testing and Specification) will be holding its next plenum at the location of one of our IoTAC project partners, CERTH in Thessaloniki, Greece from January 24th-25th. The purpose of this meeting is, among other things, to present and discuss…


Stay in the know and receive all the latest updates straight to your inbox.