Sanctus: An Architecture for Trusted Products

Main Article Content

Malcolm Shore
Sherali Zeadally
Andy Clark


Cybersecurity, Balkanization, trust


The last two decades have seen a fundamental shift in the manufacturing, sourcing and operation of technology, which has raised concerns in state security agencies about the cybersecurity risk to government and critical infrastructure. Sophisticated cyber attacks continue to be launched by state actors worldwide, while the engineering practices in common use have failed to deliver a commensurate improvement in technology cyber security. Cyber attacks continue to be successful against commercial networks, leading the US Government to encourage government agencies to look towards models such as zero-trust networking and tailored trustworthy spaces. There has been progress in product engineering, with formal methodologies such as Correctness by Construction (CbyC) successfully producing commercial products with increased trustworthiness. However, the adoption of these techniques has been limited, and governments are now increasingly resorting to an approach of technology Balkanization, where import and use of products and components may be restricted based on their country of origin. Even in the early stages of this strategy, the effect upon the economy is significantly adverse. We propose an alternative to technology Balkanization by combining trustworthy engineering approaches with the use of a national security component we call a sanctum which together can deliver sovereign trust.


Download data is not yet available.
Abstract 367 | 197-PDF-v7n3pp58-84 Downloads 16


Alcaraz, C., & Zeadally, S. (2015). Critical infrastructure protection: Requirements and challenges for the 21st century, International Journal of Critical Infrastructure Protection, 8, 53-66, January. DOI: 10.1016/j.ijcip.2014.12.002
Amin, S. M. (2011). Smart Grid: Overview, Issues and Opportunities. Advances and Challenges in Sensing, Modeling, Simulation, Optimization and Control, European Journal of Control, 5(6), 547-567. DOI: 10.3166/EJC.17.547–567.
Anderson, R., & Fuloria, S. (2011). Smart meter security: a survey. Available at: Accessed 26 March 2019.
Anderson, R., Barton, C., Böhme, R., Clayton, R., van Eeten, M. J. G., Levi, M., Moore, T., & Savage, S. (2013). Measuring the Cost of Cybercrime. In: Böhme, R. (ed), The Economics of Information Security and Privacy, Berlin: Springer. Available at: Accessed 19 March 2019. DOI: 10.1007/978-3-642-39498-0_12
Bodeau, D. J., Graubart, R. D., Picciotto, J., & McQuaid, R. (2012). Cyber Resiliency Engineering Framework, MITRE Technical Papers. Available at: Accessed 26 July 2019.
CANDU. (1999). Standard CE-1001-STD, Revision 2, Standard for Software Engineering of Safety Critical Software, CANDU Computer Systems Engineering Centre of Excellence, December. Available at: Accessed 23 March 2019.
Chandhok, R. (2014). The Internet of Everything, 2014 IEEE Hot Chips 26 Symposium, 1-29. DOI: 10.1109/HOTCHIPS.2014.7478826
Chanias, S., & Hess, T. (2016). Understanding Digital Transformation Strategy Formation: Insights from Europe's Automotive Industry, 20th Pacific Asia Conference on Information Systems, Chiayi, Taiwan, June 2016.
Chappell, W. (2017). A Technology-Enabled New Trust Approach, DARPA presentation. Available at: Accessed 26 March 2019.
Clark, D. (2015). U.S. Agencies Block Technology Exports for Supercomputer in China, The Wall Street Journal, 9 April. Available at: Accessed 23 March 2019.
Collins, K., & Hautala, L. (2017). Hackers hid malicious code in popular CCleaner software, CNET, 19 September. Available at: Accessed 26 March 2019.
Common Criteria. (no date). Common Criteria Web Portal. Available at: Accessed 27 August 2019.
Croxford, M., & Chapman, R. (2005). Correctness by Construction: A Manifesto for High-Integrity Software, Crosstalk: Journal of Defense Software Engineering, December. Available at: Accessed 27 August 2019.
DarkTrace. (2019). The Enterprise Immune System. Available at: Accessed 27 August 2019
Eschenauer, L., Gligor, V., & Baras, J. (2002). On Trust Establishment in Mobile Ad-Hoc Networks, Lecture Notes in Computer Science 2845, September. DOI: 10.1007/978-3-540-39871-4_6
Geetha, A., & Sreenath, N. (2016). Byzantine Attacks and its Security measures in Mobile Adhoc Networks, International Journal of Computing, Communications & Instrumentation Engineering, 3(1), 42-47. DOI: 10.15242/IJCCIE.AE0116013
Gehrke, M., Pfitzmann, A., & Rannenberg, K. (1992). Information Technology Security Evaluation Criteria (ITSEC) – a Contribution to Vulnerability?, Proceedings of the 12th IFIP World Computer Congress on Education and Society - Information Processing 92, II. Available at: Accessed 27 August 2019.
Goyal, S., & Sharma, V. (2014). Byzantine Attack on Wireless Mesh Networks: a Survey, International Journal of Science, Engineering and Technology Research, 3(12), 3260-3264, December. Available at: Accessed 27 August 2019.
Grandison, T., & Sloman, M. (2000). A Survey of Trust in Internet Applications, IEEE Communications Surveys & Tutorials, 3(4), 2-16, January. DOI: 10.1109/COMST.2000.5340804
Han, K., Ravindran, B., & Jensen, E. D. (2007). Byzantine-Tolerant Point-to-Point Information Propagation in Untrustworthy and Unreliable Networks, September 2007. Available at: Accessed 26 August 2019.
Henderson, H. (2007). Mercury introduces better systems after Muliaga death, New Zealand Herald, 2 July. Available at: Accessed 27 August 2019.
IEC. (1986). IEC60880: Software for computers in the safety systems of nuclear power stations, International Electrotechnical Commission. Available at: Accessed 27 August 2019.
IEC. (2010). IEC61508: Functional safety of electrical/electronic/programmable electronic safety-related systems, International Electrotechnical Commission. Available at: Accessed 27 August 2019.
IEC. (2014). IEC62645: Nuclear power plants - Instrumentation and control systems - Requirements for security programmes for computer-based systems, International Electrotechnical Commission. Available at: Accessed 27 August 2019.
ISO/IEC [International Organization for Standardization/International Electrotechnical Commission]. (no date). ISO 27000 Series of Standards. Available at: Accessed 26 August 2019.
Jayaswal, B. K., & Patton, P. C. (2006). Design for Trustworthy Software: Tools, Techniques, and Methodology of Developing Robust Software. Upper Saddle River, NJ: Prentice Hall. ISBN 978-0131872509.
Katwala, A. (2019). Here’s how GCHQ scours Huawei hardware for malicious code, Wired, 22 February. Available at: Accessed 26 August 2019.
Kourie, D. G., & Watson, B. W. (2012). Correctness-By-Construction Approach to Programming. Springer. ISBN 9783642279195.
Letts, S. (2019). China policy on Australian coal is ‘as dark and impenetrable as night’ and that’s how it wants it, ABC News, 25 February. Available at: Accessed 23 March 2019.
Lipovsky, R., & Cherepanov, A. (2016). BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry, welivesecurity. Available at: ( Accessed 26 March 2019.
Marsh, S. P. (1994). Formalising Trust as a Computational Concept, PhD Thesis, University of Stirling. Available at: Accessed 23 March 2019.
Matt, C., Benlian, A., & Hess, T. (2015). Digital Transformation Strategies, Business & Information Systems Engineering, 57(5), 339-343, October. DOI: 10.1007/s12599-015-0401-5
Microsoft. (2019). Get instantaneous behavioral analytics and anomaly detection, 2 April. Available at: Accessed 27 August 2019.
Miller, D. (2019). Information Dominance: The Philosophy, GPF: Global Policy Forum, 29 December. Available at: Accessed 23 March 2019.
Mimoso, M. (2017). Platinum APT First to Abuse Intel Chip Management Feature, Threatpost News Wrap, 9 June. Available at: Accessed 23 March 2019.
Mühleisen, M. (2018). The Long and Short of The Digital Revolution, Finance & Development, 55(2), 4-8, June.
National Journal. (2018). The Balkanization of Global Tech, National Journal, 30 April. Available at: Accessed 23 March 2019.
NDIA [National Defense Industrial Association]. (2017). Team 2 Summary: Trustable Access to Leading Edge Technology, NDIA Trusted Microelectronics Joint Working Group, July. Available at: Accessed 23 March 2019.
Ning, S., & Wu, H. (2017). China: Cybersecurity 2017. Available at: Accessed 27 August 2019.
NSTC [National Science and Technology Council]. (2011). Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program. Available at: Accessed 27 August 2019.
OECD. (2016). The Economic Impact of Local Content Requirements. Available at: Accessed 27 August 2019.
Otuoze, A., Mustafa, M. W., & Larik, R. M. (2018). Smart grids security challenges: Classification by sources of threats, Journal of Electrical Systems and Information Technology, 5(3), 468–483, December. DOI: 10.1016/j.jesit.2018.01.001
Palo Alto. (2014). Getting Started With a Zero Trust Approach to Network Security, 25 March. Available at: Accessed 27 August 2019.
Park, D., Summers, J., & Walstrom, M. (2017). Cyberattack on Critical Infrastructure: Russia and the Ukrainian Power Grid Attacks, University of Washington, The Henry M. Jackson School of International Studies, 11 October. Available at: Accessed 23 March 2019.
Qiang, C. Z.-W., Rossotto, C. M., & Kimura, K. (2009). Economic Impacts of Broadband, World Bank Report, Chapter 3. Available at: Accessed 23 March 2019.
Saadi, R., Rahaman, M. A., Issarny, V., & Toninelli, A. (2011). Composing Trust Models towards Interoperable Trust Management. In: Wakeman, I., Gudes, E., Jensen, C. D., & Crampton, J. (eds), Trust management V. IFIPTM 2011, IFIP Advances in Information and Communication Technology, 358, 51–66. Berlin: Springer. DOI: /10.1007/978-3-642-22200-9_7
Sen, J. (2010). A Distributed Trust Management Framework for Detecting Malicious Packet Dropping Nodes in a Mobile Ad-hoc Network, International Journal of Network Security & Its Applications, 2(4), 92-104, October. DOI: 10.5121/ijnsa.2010.2408
Sherwood, J., Clark, A., & Lynas, D. (2005). Enterprise Security Architecture: A Business-Driven Approach, CRC Press. ISBN:9781578203185
Sindhuja, K., Nasrinbanu, A., & Elavarasi, K. (2015). Survey on Malicious Node Detection and Reliable Data Fusion in MANET, International Journal of Scientific Research Engineering & Technology, 4(3), 202-205, March.
Skopik, F., Ma, Z., Bleier, T., & Gruneis, H. (2012). A Survey on Threats and Vulnerabilities in Smart Metering Infrastructures, International Journal of Smart Grid and Clean Energy, 1(1), 22-28.
Speicher, C. (2011). Security Fabric – Tailored Trustworthy Space, Part1: Flexibility Based on Policy Management, Grid Interop Forum 2011. Available at: Accessed 26 March 2019.
Teikari, O., & Nevalainen, R. (2014). Comparison of software safety standards IEC 61508-3 and IEC 62138, VTT Research Report VTT-R-03820-14. Available at: Accessed 23 March 2019.
US DoD. (1983). Department of Defence Trusted Computer System Evaluation Criteria. Available at: Accessed 26 August 2019.
Varghese, S. (2019). Huawei cyber testing centre rejection by Australia ‘an old story', ITWire, 6 March. Available at: Accessed 26 March 2019.
Volz, D. (2017). Trump signs into law U.S. government ban on Kaspersky Lab software, Reuters, 13 December. Available at: Accessed 23 March 2019.
Wlodarczak, P. (2017). Cyber Immunity - A Bio-Inspired Cyber Defense System, Lecture Notes in Computer Science, 10209, April. DOI: 10.1007/978-3-319-56154-7_19
Worstall, T. (2013). If Apple Brought iPhone Manufacturing To The US It Would Cost Them $4.2 billion, Forbes, 25 September. Available at: Accessed 23 March 2019.
Zeadally, S., Pathan, A-S. K., Alcaraz, C., & Badra, M. (2013). Towards Privacy Protection in Smart Grid, Wireless Personal Communications, 73(1), 23-50, November.
Zhang, D. (2017). Intrusion Tolerance for CT Cloud Security, RSA Conference, Abu Dhabi.
Zouridaki, C., Mark, B. L., & Hejmo, M. (2007). Byzantine Robust Trust Establishment for Mobile Ad-hoc Networks, Telecommunications Systems, 35(3-4), 189-206, August. DOI: 10.1007/s11235-007-9047-z
Zouridaki, C., Mark, B. L., Hejmo, M., & Thomas, R. K. (2007). HERMES: A Quantitative Trust Establishment Framework for Reliable Data Packet Delivery in MANETs, Journal of Computer Security, Special Issue on Security of Ad-Hoc and Sensor Networks, 15(1), 3-38, January. DOI: 10.3233/JCS-2007-15102

Most read articles by the same author(s)