TRL-7 Evidence — Foritech Secure System
Goal: Demonstrate system prototype in an operational environment (beyond lab).
Version: v0.6.0 (Investor-ready)
Date: (auto)
Scope: PQC-first X.509/PKI toolkit (ML-KEM/Kyber + Dilithium), hybrid certificates, CLI/SDK.
1. Operational Environment
- Pilot A (Internal): service-to-service mTLS в корпоративна мрежа (UFW deny-by-default, Fail2Ban, SFTP chroot).
- Pilot B (Internet-facing): публичен endpoint с reverse proxy (OQS-OpenSSL), хибридни сървърни и клиентски сертификати.
- Логове, policy, key/cert rotation playbook; backup + test-restore.
2. Use Cases (Demo Scenarios)
1) Hybrid X.509 issuance: Root→SubCA→Leaf (ML-KEM + Dilithium), chain verify. 2) mTLS handshake: клиент/сървър, взаимна автентикация, падане към класически fallback при нужда. 3) Key/Cert rotation: ротация на услуга и клиент в <10 мин; нулева загуба на достъп. 4) Compliance snapshot: 13+2 базова хардeнинг политика; CodeQL High/Critical=0/≤2.
3. Evidence to Collect
- Скрийншоти и лога (issuance, verify, mTLS, rotation).
- Pilot_Demo_Report.md (подписан) и кратко видео ≤3 мин (unlisted линк).
- Release bundle checksum (SHA256).
- Verification_Report.md (подписан) с PASS/FAIL срещу KPIs.
4. Verification & Acceptance
- Тест план T-01…T-10 (виж Test_Plan.md).
- Acceptance = GREEN ако:
- Hybrid cert issuance < 60 s (T-02).
- mTLS success ≥ 99% върху 100 последователни handshake-а (T-05).
- Rotation lead time < 10 min (T-07).
- CodeQL Critical = 0; High ≤ 2 (T-08).
- Docs completeness ≥ 90% (T-10).
- Traceability matrix в края на Test_Plan.md.
5. Security & Compliance
- 13+2 baseline (UFW, Fail2Ban, SFTP, TLS hardening, Docs).
- CodeQL включен; dependency audit.
- DPIA (lite) и NIS2/ISO27k чеклист.
6. Release & CI
- Daily PROGRESS.md digest.
- Reproducible release bundle (scripts/release_bundle.sh + GH Action „release-evidence“).
7. Sign-off
- Pilot A lead: _____ Date: __
- Pilot B lead: _____ Date: __
- Security/QA: _____ Date: __
8. Funding & Cash-Flow (S-tier €81k; 50% grant)
- Instrument: Simple Grant (EU funds 50% of eligible costs; 7% indirect).
- Cash flow model: prefinancing → interim → final (prefinancing % set in GA; assume 20% of EU grant here for planning).
- EU grant: €40,500; Co-funding: €40,500.
Monthly baseline (indicative, 6 months)
| Month | Direct costs (€) | EU inflow (prefin. share) | Net cash need (€) | Notes |
|---|---|---|---|---|
| 1 | 13,000 | 8,100 | 4,900 | Setup, equipment, kick-off docs |
| 2 | 12,000 | 0 | 12,000 | Packaging, tests, CI |
| 3 | 12,500 | 0 | 12,500 | Pilot A |
| 4 | 13,000 | 0 | 13,000 | Pilot B, interop |
| 5 | 12,500 | 0 | 12,500 | Verification, video |
| 6 | 12,701 | 0 | 12,701 | Release bundle, dissemination |
| Sum (direct) | 75,701 | 8,100 | 67,601 | Indirect 7% = €5,299 (auto) |
Prefinancing share and interim payments are subject to the Grant Agreement; adjust in Annex 1 if different.