Mollymawk is a business process assurance (BPA) SaaS solution that provides complete continuous business process-oriented software testing. Mollymawk is different from numerous software testing tools that are already successfully used in the enterprise. While existing solutions focus on validating individual features in specific applications, Mollymawk ensures that the complete business processes continue to work without disruptions to the enterprise’s customers. Mollymawk is designed to work in large-scale complex enterprise environments (with a large variety of desktop, web, mobile applications, both custom-made & off-the-shelf). It ensures that the enterprise business process objectives & KPIs (defined by senior management) are shared by the development/QA teams and drive the development, testing & roll-out of new features & fixes. By creating transparence about the business processes through the full application footprint, it increases testing & validation efficiency of teams by up to 800%—defects that might have a disruptive impact on the enterprise’s customers get eliminated at the earliest stage. Mollymawk is developed by Smartesting—a French SME with strong market traction in model-based testing tools & continuous automated testing processes. Smartesting has released Yest—a workflow-based test design tool for enterprise IT systems and CertifyIt—a model-based testing tool for security component testing. Mollymawk is designed by Bruno Legeard—a recognized global expert on IT quality assurance. Mollymawk is the first continuous business process assurance platform on the market aimed at 10,000+ users by 2023 (€15m+ & 3%+ BPA market share) and 100,000+ users by 2027 (€120m+ & 24%+ BPA market share). In this Phase 1 project Smartesting will work on a report that contains an in-depth BPA market assessment, price point analysis, IP protection approach & first commercialization partnership agreements.

The DApIA project aims at developing capabilities to detect False Data Injection Attacks (FDIA) using Machine Learning components on air surveillance data from the ADS-B protocol. The objective of FDIA attacks is to corrupt the semantics of the surveillance data while preserving the correct syntax and the logical consistency of the messages. The attacker's goal is to corrupt the overall state of the system under control via subtle and intelligent falsification (deletion, modification or addition) of the data logic. Many critical infrastructure control systems are vulnerable to FDIA attacks, but this need is heightened in the context of air surveillance, both civilian and military, by the increasing use of the ADS-B protocol. This aircraft messaging protocol is unencrypted and FDIA attacks are achievable with accessible means, especially in the context of state threats. The consequences of this type of attack can be disruptions to air surveillance, even to the point of blocking traffic. DApIA is a maturation project that builds on the results of the ASTRID project GeLeaD - Generate, Learn and Detect - finalized in February 2022. GeLeaD has developed a tool chain at TRL 4 that combines the acquisition of ADS-B air surveillance data, the generation of alterations on these data to simulate attacks, and anomaly detection models. These detection models use supervised and unsupervised deep learning algorithms, which have been adapted to obtain efficient detection results on the experiments performed. Based on these results, the DApIA project aims at maturing to TRL 6 and extending the obtained results in three main ways: (1) taking into account any ADS-B track, for any flying object, and in particular taking into account low-altitude traffic such as drones and helicopters; (2) strengthening the performance and coverage of attack scenarios of the detection ML (Machine Learning) models both at the supervised and unsupervised levels and their implementation in real time to allow their integration in air traffic control environments; (3) the modularization of the detection chain, to facilitate its adaptation in the different contexts of civil and military use and its evolutivity according to the evolution of the threat. As a result, the ASTRID Maturation DApIA project will provide detection capabilities for false data injection attacks adapted to the contexts of low altitude traffic and high altitude air traffic. It will provide a set of components ranging from data acquisition from real or simulated sources, preparation for supervised and unsupervised learning, and wide-field detection of alterations in surveillance data.

The Internet-of-Things (IoT) is rapidly heading for large scale meaning that all mechanisms and features for the future IoT need to be especially designed and duly tested/certified for large-scale conditions. Also, Security, Privacy and Trust are critical elements of the IoT where inadequacy of these is a barrier to the deployment of IoT systems and to broad adoption of IoT technologies. Suitable duly tested solutions are then needed to cope with security, privacy and safety in the large scale IoT. Interestingly, world-class European research on IoT Security & Trust exists in European companies (especially SME) and academia where even there are available technologies that were proven to work adequately in the lab and/or small-scale pilots. More, unique experimental IoT facilities exist in the EU FIRE initiative that make possible large-scale experimentally-driven research but that are not well equipped to support IoT Security & Trust experiments. But notably, Europe is a leader in IoT Security & Trust testing solutions (e.g. RASEN toolbox, ETSI Security TC, etc.) that can be extended to large-scale testing environments and be integrated in FIRE IoT testbeds for supporting experimentations. The ARMOUR project is aimed at providing duly tested, benchmarked and certified Security & Trust technological solutions for large-scale IoT using upgraded FIRE large-scale IoT/Cloud testbeds properly-equipped for Security & Trust experimentations. To this, ARMOUR will: (1) Enhance two outstanding FIRE testbeds (> 2700nodes; ~500users) with the ARMOUR experimentation toolbox for enabling large-scale IoT Security & Trust experiments; (2) Deliver six properly experimented, suitably validated and duly benchmarked methods and technologies for enabling Security & Trust in the large-scale IoT; and (3) Define a framework to support the design of Secure & Trusted IoT applications as well as establishing a certification scheme for setting confidence on Security & Trust IoT solutions.

The PHILAE project aims to automate the creation and maintenance of automated functional tests by using model inference and machine-learning techniques, leveraging existing execution traces and software development meta-data. The aim is to dramatically reduce the cost of regression testing in agile software projects (typically 25% of development costs). This will be achieved through a 4-step iterative and incremental process: 1. Execution traces coming from the system in operation but also from manual and automated test execution are used to select trace candidates as new regression tests. Search-based and algorithms and coverage metrics will be used to classify and select traces; 2. From selected traces and existing workflows, active model inference is used to infer updated workflow models, which align with the current state of the implementation; 3. Reduced regression test suites are generated from the updated workflows, and these are then executed on the current system implementation; 4. Based on the test execution results, the defects detected, and development meta-data (such as commits in the code repository), a smart analytics and fault reporting system provides information on the quality of the system. The expected results of the PHILAE project are to produce an automated testing technology for web applications developed in an agile lifecycle development at technology maturity level TRL 4. This technology will be structured in four components (one for each objective) supporting a smooth test creation and maintenance process. The PHILAE technology will be developed and assessed on the basis of three use cases from the partners, providing data from real-size projects. The novelty of the PHILAE approach lies in the generalization and association of machine learning, model inference and automated test generation techniques to automatically invent, update and evolve functional automated regression tests. More precisely, the PHILAE technology is using low-level test execution traces, user execution traces, test meta-data and scripts and high-level workflow elements. Firstly, these artefacts will be connected together via multi-level learning models trained by selecting relevant features of the available data. Dedicated clustering methods will enable us to raise the abstraction level of tests by grouping together execution traces and to detect anomalies by automatic classification. Thirdly, bridging the abstraction gap in this way will allow us to automatically infer prototypes of the test adaptor code that makes high-level tests executable. Combined with passive extraction of models from artefacts, active inference based on derived tests will improve high-level test models. These techniques will be used iteratively in continuous integration processes, learning to update, select, prioritize and schedule the execution of test cases. The PHILAE project consortium is composed of 6 partners – 4 labs – UFC/FEMTO-ST, UGA/LIG, USC and SRL/CERTUS, 1 large enterprise – Orange Labs Services, and 1 Innovative SME – Smartesting Solutions & Services, with strong scientific complementary expertise. The project is decomposed into six workpackages: WP1- Select traces as new regression test candidates WP2- Abstract workflows from traces WP3- Generate updated executable test suites WP4- Smart analytics and fault reporting WP5- Case studies and evaluation WP6- Project Management, Dissemination and exploitation These workpackages are organized in four phases defining four milestones at dates T0+6, T0+18, T0+28 and T0+36 (End of the project). In terms of dissemination and innovation transfer, the strategy of the PHILAE consortium is to provide the resulting tool-set as open-source software, freely and publicly available from the PHILAE source code and version control repository.

European industry faces stiff competition on the global arena. Electronic Components and Systems become more and more complex, thus calling for modern engineering practices to be applied in order to better tackle both productivity and quality. Model-based technologies promise significant productivity gains, which have already been proven in several studies and applications. However, these technologies still need more enhancements to scale up for real-life industrial projects and to provide more benefits in different contexts. The ultimate objective of improving productivity, while reducing costs and ensuring quality in development, integration and maintenance, can be achieved by using techniques integrating seamlessly design time and runtime aspects. Industrial scale system models, which are usually multi-disciplinary, multi-teams and serving to several product lines have to be be exploited at runtime, e.g. by advanced tracing and monitoring, thus boosting the overall quality of the final system and providing lessons-learnt for future product generations. MegaM@Rt brings model-based engineering to the next level in order to help European industry reducing development and maintenance costs while reinforcing both productivity and quality. To achieve that, MegaM@Rt will create a framework incorporating methods and tools for continuous development and runtime validation to significantly improve productivity, quality and predictability of large and complex industrial systems. MegaM@Rt addresses the scalability challenges with advanced megamodelling and traceability approaches, while runtime aspects will be tackled via so-called “models@runtime”, online testing and execution traces analysis. MegaM@Rt brings together a strong international consortium involving experts from France, Spain, Italy and Finland. The partners cover the whole value chain from research organizations to tool providers, including 9 end-users with large industrial case studies for results validation.