The 2STiC consortium aims to increase the security of the (future) Internet infrastructure and to further strengthen the research and operator communities in this space in the Netherlands, Europe, and worldwide. To accomplish this, the 2STiC partners embed their research in collaborative projects, which enable them to design and evaluate new Internet security mechanisms based on the partners' joint knowledge and evaluate the added value of these mechanisms through joint testbeds, demonstrators, pilots, and papers. The 2STiC partners (co-)developed the following collaborative projects:

Jump to:

User-driven Path Verification and Control for Inter-domain Networks (UPIN)

The goal of UPIN is to develop and evaluate a scalable distributed system that enables users to cryptographically verify and easily control the paths through which their data travels through an inter-domain network like the Internet, both in terms of router-to-router hops as well as in terms of router attributes (e.g., their location, operator, security level, and manufacturer). UPIN will thus provide the solution to a very relevant and current problem, namely that it is becoming increasingly opaque for users on the Internet who processes their data (e.g., in terms of service providers their data passes through as well as what jurisdictions apply) and that they have no control over how it is being routed. This is a risk for people's privacy (e.g., a malicious network compromising a user's data) as well as for their safety (e.g., an untrusted network disrupting the operation of a remotely controlled robot).

Key figures:
  • Consortium: University of Twente, University of Amsterdam, SIDN, SURF, and NLnet Labs
  • Researchers: Rodrigo Bazo (University of Twente) and Leonardo Boldrini (University of Amsterdam)
  • Supervisors: Cristian Hesselman (University of Twente) and Paola Grosso (University of Amsterdam)
  • Project lead: Aiko Pras (University of Twente)
  • Duration: Sep 2020 through Sep 2024
  • Website:

UPIN received funding from the Dutch Research Council (NWO).

Remote Attestation of IoT Deployments in Open Programmable Networks (RATIO)

The Internet of Things (IoT) promises to make the Dutch and European society safer, smarter, and more sustainable, for instance through smart homes and connected industrial control systems like energy grids, intelligent transport systems, and windmill farms. However, the IoT's proliferation also reveals the absence of systems that can automatically attest and manage the trustworthiness of IoT deployments in terms of their devices, remote services, network connections, and operators. This introduces risks for users, for instance in terms of their safety when IoT devices that act upon their physical space (e.g., through connected door locks or intelligent traffic lights) get compromised or experience network problems over a single-path connection.

The goal of RATIO is to contribute to solving this problem by developing and evaluating new functions that help users to better assess the trustworthiness of IoT deployments, with a particular focus on the networks that connect IoT devices to remote services. For example, RATIO will enable users to verify the level of "AS-disjointness" of multi-path connections over time so users can respond to changes. RATIO focuses on safety-critical use cases and will consider the suitability of new inter-domain network architectures such as SCION. The work will build on open programmable networks (e.g., P4-based networks), which are currently becoming commercially available, and which form an important enabler for developing and deploying advanced inter-domain network functions.

Key figures:
  • Consortium: University of Twente and SIDN
  • Researchers: 1 Ph.D. student, job description available soon on the University of Twente's site
  • Supervisors: Cristian Hesselman (University of Twente)
  • INTERSCT project lead: prof.dr. Sandro Etalle (Eindhoven University of Technology)
  • Duration (expected): Sep 2022 through Sep 2026
  • Website:

RATIO is part of the INTERSCT project, a public private partnership funded by the Dutch National Research Council, Grant NWA.1160.18.301.

Controllable, Accountable, Transparent: the Responsible Internet (CATRIN)

The goal of CATRIN is to start up the Responsible Internet, a novel security-by-design concept and extension to the Internet infrastructure that enhances the range of actions users have at their disposal to share information securely and confidentially, thus enabling higher levels of trust and autonomy for users, organizations, and societies.

The Responsible Internet is a transformational undertaking: it fundamentally changes the way digital societies communicate because it allows users (e.g., providers of critical services or individuals) to request descriptions of the chains of network operators that handle their data flows, for instance in terms of their security and administrative properties and their interrelations (transparency). Based on these details, users can request network operators to handle their data flows in a particular way, for example by allowing them to only pass through operators whose equipment and geolocations they have specified (controllability). The Responsible Internet also allows users to verify whether operators act as they declared and to trace incidents and attacks to their root cause (accountability).

The Responsible Internet addresses the urgent problem of declining digital autonomy, which is that governments, institutions, companies, and citizens around the world, and especially in Europe, are increasingly concerned about the foundations of their digital economies being operated or manufactured elsewhere, without users having any insight in, or control over how they depend on the underlying systems. This poses a risk to public values of security and trust, may hinder innovation, and stands in the way of societies developing their own digital distinctiveness.

CATRIN integrates technology, economics, and public research to deliver two key outcomes: (1) a first operational multi-operator Responsible Internet based on the prototype technology developed in CATRIN and (2) an initial ecosystem of players around it (e.g., users and network operators), based on the incentive mechanisms, business models, and use cases that CATRIN develops and evaluates.

Key figures:
  • Consortium partners from the Netherlands: University of Twente, Eindhoven University of Technology, University of Amsterdam, TU Delft, Waag Society, NLnet Labs, SIDN, KPN, TRIMM, SURF
  • Consortium partners from other EU member states: Universität Duisburg-Essen, Universität der Bundeswehr München, Telefonica Research
  • International partners: University of Oxford, RENCI, University of Illinois at Urbana Champaign, University of Kentucky, ESnet/LBNL, University of Kentucky, University of Chicago, George Mason University, Ciena, CTO Group, CAIDA, University of California
  • Researchers: 7 Ph.D. students, the first few job description are online on the sites of the University of Twente, University of Amsterdam, Delft University of Technology, and Eindhoven University of Technology
  • Supervisors: to be confirmed
  • Project lead: Dr. Ralph Holz (University of Twente)
  • Duration: Sep 2021 through Sep 2026
  • Website:

CATRIN received funding from the Dutch Research Council (NWO) as part of the NWA Cybersecurity Program, Grant NWA.1215.18.003.