ELASTIC External Expert Advisory Board Kick-off Meeting: Key Insights and Discussions

The ELASTIC project recently convened its first External Expert Advisory Board (EEAB) meeting, a key milestone in ensuring that the project receives valuable external feedback and expert guidance. The meeting, which took place online on March 14, 2025, brought together a diverse group of stakeholders, including researchers, industry experts, and technology leaders, to discuss the project’s objectives, challenges, and technological advancements.

Setting the Stage: ELASTIC’s Goals and the Role of the EEAB

Prof. Sotiris Ioannidis (TUC), ELASTIC’s Project Coordinator, opened the meeting by emphasizing the importance of external advisory input to avoid groupthink and maximise the project’s impact. He outlined the agenda, which included a general overview of ELASTIC, technical discussions, demonstrator presentations, and insights into Work Packages (WPs). The EEAB’s role in providing feedback, guiding strategic direction, and promoting ELASTIC’s achievements was highlighted.

The ELASTIC project aims to enhance security, efficiency, and orchestration in edge-cloud computing for 6G networks. Key technical challenges discussed included secure execution, workload orchestration, privacy-preserving mechanisms, and efficient resource utilization. The project’s current status was also reviewed, with ongoing developments in demonstrator implementation and technical refinements.

ELASTIC External Expert Advisory Board Members

The EEAB consists of distinguished experts who provide external guidance to the project:

Mike Bursell, Director of P2P Consulting & Development Ltd
Vera Stavroulaki, Co-Owner & Technology Developer at WINGS ICT Solutions, Greece
Antonio Escobar, Senior R&D Engineer at Infineon Technologies, Munich, Germany
Stefano Salsano, Professor at University of Rome Tor Vergata, Italy

Their expertise and insights are instrumental in ensuring the project’s alignment with industry needs and technological advancements.

Scientific and Technical Advancements

Dr. Dhouha Ayed (THS), ELASTIC’s Scientific & Technical Manager, provided a comprehensive technical overview, highlighting key technologies such as WebAssembly (Wasm), serverless Function-as-a-Service (FaaS), confidential computing, and eBPF/XDP for network optimization. These technologies collectively enable ELASTIC to achieve its goals of portability, security, and efficient deployment in edge environments.

ELASTIC’s architecture is organised into five core blocks:

Management & Orchestration: Oversees services across cloud-fog-edge infrastructures, optimizing scalability, efficiency, and security.
Isolation: Safeguards data by leveraging Trusted Execution Environments (TEEs) and hardware abstraction layers in conjunction with Wasm and eBPF tools.
Communication: Ensures secure, efficient data exchange through encryption and accelerated microservices.
Trust & Access Control: Guarantees authorized access to sensitive data through remote attestation and robust access control mechanisms.
Monitoring & Detection: Provides continuous security monitoring, enabling the identification and reporting of cybersecurity threats.

Key innovations were discussed, with ongoing efforts focused on refining interfaces, integrating security mechanisms, and preparing for demonstration phases.

Demonstrators: Real-world Applications of ELASTIC Technologies

Demonstrator #1: An IoT data fabric as a native 6G infrastructure capability

Rajat Kondoi (ERF) provided an overview of the upcoming demonstrator, which introduces an IoT data fabric designed to function as a native capability within 6G infrastructures. The concept focuses on data-oriented enablers that improve accessibility and usability for application developers. Specific manufacturing use cases were discussed, such as predictive maintenance and offloading computational tasks to edge devices. The demonstrator aims to simplify IoT system management, enhance data integration, and support secure, real-time applications in industrial settings.

Demonstrator #2: IT/OT – Privacy-preserving confidential computing platform to migrate on-premise sensitive IT services to the cloud

Joel Demarty (THD) introduced the second demonstrator, which focuses on migrating sensitive on-premises IT workloads to the cloud while maintaining privacy and compliance. Key use cases include managing employee security badges, smart card production logs, and visitor access requests. The approach leverages confidential computing and Wasm to enhance security, eliminate vendor lock-in, and facilitate multi-cloud deployments. This work is expected to drive new business opportunities and align with sustainability goals.

Key Work Packages: Advancements and Challenges

WP1: Efficient, Portable and Secure Executable Isolation

WP1, presented by Dr. Lachlan Gunn (AAL), focuses on enhancing workload isolation to ensure security, efficiency, and portability throughout the application lifecycle. The work integrates WebAssembly (Wasm) and eBPF to achieve secure and low-latency isolation, addressing issues like stack smashing and micro-architectural side-channel attacks. Key results include improvements in stack smashing protection, Control Flow Integrity (CFI), and eBPF vulnerability detection. Future work will focus on developing migration protocols for secure workload transitions, benchmarking eBPF performance, and integrating eBPF with FPGA for real-time intrusion detection.

WP2: Serverless FaaS Orchestration with Architecture-agnostic In-network Execution

WP2, presented by Prof. Bruno Volckaert (IMEC), focuses on serverless FaaS orchestration using WebAssembly (WASM), eBPF, and confidential computing. Key advancements include the Propeller Orchestrator for managing WebAssembly workloads, confidential AI for secure data collaboration, and WASI interfaces for hardware acceleration. The work also explores WebAssembly operators for Kubernetes, security risks in serverless functions, and eBPF for enhanced microservice communication. Future steps include building observability prototypes and continuing research on eBPF protocols and access control.

WP3: Privacy-preserving, Portable and Efficient Execution Using Confidential Computing

Prof. Christian Gehrmann (LUN), Dusan Boravcanin (UVC) and Anne-Marie Praden (THD) presented the work that is performed under WP3 which focuses on privacy-preserving, portable execution using confidential computing for secure WebAssembly workloads. Key efforts include developing a hardware abstraction layer for multi-platform secure workloads, evaluating WASM runtimes in Trusted Execution Environments (TEEs), and enhancing remote attestation mechanisms. The team is working on improving cross-platform execution, testing alternative TEE implementations, and optimizing cryptographic security, with next steps focused on finalizing HAL reference architecture and enhancing attestation protocols.

WP4: Efficient, Portable and Secure Edge Workload Orchestration

WP4, presented by Dr. Fionn Mc Inerney (TID), focuses on efficient, portable, and secure orchestration of edge workloads in far-edge IoT environments. Key objectives include supporting secure execution using WASM, eBPF, and TEEs on resource-constrained IoT nodes, and developing lightweight ML workloads with hardware acceleration. The project also explores Federated Learning (FL) for secure, privacy-preserving distributed ML. Key developments include an optimized hardware-based Intrusion Detection System (IDS) on FPGA and ongoing research on attestation and eBPF/XDP offload mechanisms. Future work will focus on enhancing security frameworks, optimizing runtime environments, and refining ML models for edge deployment.

Roundtable Discussion and Future Collaborations

The meeting concluded with a roundtable discussion, allowing participants to explore collaboration opportunities. Key discussions included:

Engaging with the Confidential Computing Consortium (CCC) to promote ELASTIC’s work and explore synergies.
Organizing a technical workshop with CCC to discuss WP3 technical topics and foster collaboration.
Investigating HSM-TEE synergies for improved security in attestation and key management.
Addressing challenges in applying solutions commercially, particularly with abstraction layers, hardware limitations, and attestation in multi-party scenarios.

Participants also discussed the feasibility of integrating secure elements into edge devices to enhance data protection, particularly in resource-constrained environments.

Conclusion

The ELASTIC EEAB kick-off meeting provided valuable insights and expert feedback to guide the project’s development. Discussions reinforced the importance of external collaboration, standardization efforts, and practical deployment considerations. Moving forward, the project will continue refining its demonstrators, optimizing its security mechanisms, and fostering partnerships with key industry stakeholders to maximize impact.