Radically increase IT and AI trustworthiness
Promote the creation and wide adoption of new multi-stakeholder cybersecurity certification body, and an compliant open computing base and ecosystem, that radically-exceed state-of-the-art in user-trustworthiness of IT and AI systems, while increasing public safety, cyber-investigation capabilities and economic growth.
Cybersecurity is purely a governance problem
All and every software, hardware and processes that are critically involved in an IT service provisioning or lifecycle – from CPU design to fabrication, from hosting room access to standard setting – are subject to extreme verification relative to complexity, or to extremely resilient cyber-social oversight, based on offline citizen-witness or citizen-jury processes. We reconceptualize the cybersecurity of a given critical IT system as the by-product of the intrinsic resilience, accountability, and competency of organizational and cyber-social processes.
Why a new Certification Body and open ecosystem?
Even the most secure IT certifications and technologies available today offer levels of trustworthiness – and trustworthiness measurability – that are radically-lower than what is required by many narrow- or wide-market critical societal use cases. This problem extends to critical AI systems, which rely on such IT for their most critical sub-systems.
A Quest for Freedom within & through IT
Trustless Computing Association and its spin-off startup TRUSTLESS.AI are primarily the fruit of 17 years of the single-minded quest by Rufo Guerreschi to realize the potential of ICT to radically improve individual civil freedoms and democratic participation, by founding multiple NGOs and startups in the areas of e-participation, free software, and bleeding-edge privacy-enhancing technologies and standards. In 2013, he crossed path with Roberto Gallo, on a similar quest with similar determination – and highly complementary skills -creating a steel bond that lasts to this day.
Extreme accountability and competency
The statute of the Trustless Computing Association and its planned Trustless Computing Certification Body are conceived to ensure they will sustainably remain extremely user-accountable, citizens-accountable, ethical and technically-proficient. By statute, it’s decision-making power will be transferred to a mix of end-users, informed random-sampled citizens, democratic nations, and top ethical cybersecurity experts.
Certification Body & CivicNet
Architecture of the Trustless Computing Certification Body and the TC-compliant CivicvNet IT service
Since 2013, we have been building a new Trustless Computing Certification Body which will constitute a new high-level cybersecurity certification body. to deliver ultra-high levels of assurance by being rooted on (1) a governance with extreme levels of citizen accountability, independence and technical proficiency, including the wide utilization of citizen-witness and citizen-jury oversight processes throughout the service lifecycle, (2) and extreme levels of ethical security-review in relation to complexity of all tech and processes critically-involved in the entire lifecycle. In parallel, and an initial compliant low-royalty open target architecture, computing base, ecosystem and IT service, CivicNet, will be built by the Association R&D and governance partners and the Association spin-off startup TRUSTLESS.AI.
While initially a certification scheme for transactions and communications with ultra-high assurance of confidentiality, integrity and non-repudiability, the Trustless Computing Certification Body will expand to other sub-domains, to ultra-high availability use cases, and strongly promote downward compatibility in respect to EU Secret, eIDAS Qualified, Common Criteria EAL4, SOG-IS, and the inspire future certification schemes produced by the European Cybersecurity Certification Framework. It will be complementary, synergic and inspirational for existing and upcoming cybersecurity certifications, aiming to eventually be adopted as their highest assurance level at some point in the future.
5 Action Lines
1.Case & Plan for Certification Body & CivicNET"
POSITION PAPER (PDF)
A 1-pager Manifesto and a comprehensive 15-pager scientific Case in support of the Trustless Computing Certification Body, and its unique binding Trustless Computing Paradigms.
A global event series, ongoing since 2015, it has been held already in Brussels, New York, and Brazil, and has attracted amazing world-class speakers. Its sole stated purpose has been to create a wide consensus on the need, feasibility, and nature of a new cybersecurity certification body, with the characteristics of the Trustless Computing Certification Body. Next edition will be held in Berlin on May 4th 2018. Join us as audience, panelist or sponsor!
Its the startup spinoff of the Association – based in Luxembourg, Berlin and Rome. It is building (a) a TC-compliant open computing base, (b) a resilient TC-compliant Supply Chain, (b) and an initial compliant IT services, called CivicNet and CivicChain, that includes a 2mm-thin Wifi handheld device, called CivicPod, aimed initially at the most critical communication, negotiations and transactions of high-profile enterprises and individuals. It is pursuing fundraising of $6M in equity and/or $6-35M via token sale.
It is is a proposed public-private initiative – co-funded by EU, local and nations public funding – to jump start in the Rome, Berlin and Vienna regions, the World’s leading research and competence centre for leading-edge cybersecurity security for communication, cyber-physical and artificial intelligence systems, by offering an unmatched array of scientific, quality of life and economic incentives to the very best talents, researchers, startups, accelerators and companies in such sectors.
5. Research initiatives
On 5/2018, we will submit H2020 SU-ICT-03-2018, a proposal based on our Cluster and Campus proposal, see above.
On 4/2016, we submitted a 4M€ proposal to H2020 DS-01-2016 RIA (113-pager PDF) titled “TRUSTLESS socio-technical systems for ultra-high assurance ICT certifications, and a compliant open target architecture, life-cycle and ecosystem, for critical societal use cases and consumer adoption“. Included an ultra-resilient binding conditional MoU among key R&D partners including licensing, patenting and non-compete under Swiss law.
On 4/2016, we submitted a 1M€ proposal to H2020 DS-01-2016 CSA (80-pager PDF) to build the Certification Body, titled: “TRUSTLESS: Facilitating the evolution to uniquely comprehensive and comparable certification of ICT services and lifecycles“.
On 9/2015, we submitted a 4M€ proposal to H2020 FET-Open (44-pager PDF): “ Trustless sociotechnical systems for trustworthy critical computing and organizations”