Anticipating the new European regulatory framework and an increasingly complex landscape of digital threats, the consortium is developing a project focused on embedded software. Embedded software is the computer program that controls the internal workings of industrial machines, equipment, or devices. It manages critical processes such as machine safety, production line control, or the operation of railway signaling systems. "This type of software must be extremely reliable and secure, as a failure can directly impact industrial operations," the consortium emphasizes.
Led by Orbik, the consortium developing the project includes CAF Signalling, Fagor Automation, Mondragon Assembly, and Ormazabal as the lead companies. Joining them from the Basque Science and Technology Network are the GAIA Cluster, Ikerlan, Koniker, CAF, Fagor, and Ormazabal, forming a multidisciplinary team that combines industrial, technological, and applied research capabilities. ABEDI emerged in a context marked by the digitalization of the industrial sector and the exponential increase in cyberattacks targeting critical infrastructure. Adding to this threat is the imminent entry into force of the European Cyber Resilience Act (CRA) in 2027, which will require manufacturers to guarantee new cybersecurity standards.
“The ABEDI project will enable the automation of compliance testing, boosting its application on an industrial scale and strengthening the adoption of cybersecurity, with the goal of enabling Basque industry to make significant progress in regulatory compliance and the cybersecurity of its products,” highlights Borja Pérez, product director at Orbik. “Our challenge,” he explains, “is to develop an innovative solution that changes the way companies test, protect, and update their industrial systems. With ABEDI, we are investigating a model that will allow for faster, more precise, and more efficient responses to new digital threats.” Thus, the project—which has a budget of €5,131,000—will investigate a novel system based on high-fidelity virtualized environments, enabling remote, automated, and proactive cybersecurity testing without the need to send physical equipment to external laboratories.
This virtualization will replicate up to 95% of the real-world operation of industrial systems. Furthermore, new over-the-air (OTA) remote update mechanisms will be investigated to enable the continuous evolution of software and firmware without interrupting industrial operations and without requiring manual intervention. Priority technologies for the project include: Artificial Intelligence, Big Data and Data Science; Cyber-Physical Systems; Cybersecurity and advanced virtualization. Technical objectives and industry impact are also outlined.
The project has set ambitious goals that will represent a significant technological leap, such as: 99% availability in industrial systems thanks to cyber-secure designs and secure OTA updates; an 80% reduction in response time to cybersecurity incidents; a 70% decrease in manual intervention in security management; the elimination of physical equipment transport, replaced by a high-fidelity virtualized laboratory; and a 50% reduction in certification costs and time, guaranteeing full compliance with European CRA regulations.
