The VESSEDIA project is planned to run for 36 months. It is organized into seven work packages (WP) with significant dependencies and expected synergies between them which are described shortly in the following:

WP1: Safety and Security Verification Methodologies

This WP will develop the methodologies for using the toolbox developed in WP2. This includes the definition of specific aids and methods adequate for the use-cases of the project as well as GUI (Graphical User Interface) developments to support them.

WP2: Integrated Verification Toolbox development

WP2 is in charge of developing the tools for the V&V (Verification & Validation) of safety and security properties of C and C++ source code and can be seen as the core part of the project. This is also expressed by the highest number of effort foreseen in this WP. The different tools are integrated into a single toolbox that will be packaged and distributed by the project (in WP5).

WP3: High-level models for software verification

The WP3 defines new models for representing the different items handled during a software development and verification activity. This includes design models, specifications and proofs models.

WP4: Quality assurance and certification

This WP is in charge of developing metrics for the quantitative assessment of security V&V objectives and results for software development projects using the verification tools developed in WP2. It will also analyze VESSEDIA impacts on quality assurance, security evaluation and certification, from tooling and methodological standpoints.

WP5: Use-cases

WP5 demonstrates how the above tools and methodologies apply to industrial applications with well identified security and safety requirements. We will perform several medium-scale use-cases to measure quantitatively and qualitatively the efficiency and effectiveness of the tools, methodologies, and metrics.

WP6: Dissemination, Communication, Exploitation, Standardisation and Training

This WP will develop 1) a standardisation plan that aims at building a new standard for the safety and security in critical software domains, 2) an exploitation plan to formalise the promotion of the tools, and 3) several communication, dissemination as well as training activities.

WP7: Project, Risk, and Innovation Management

WP7 is devoted to project risk and innovation management to ensure progress at the technical level as well as administrative management allowing proper steering of the project and interactions with the EC.