Inspiration
Machine builders face increasing pressure to secure their devices and comply with evolving cybersecurity regulations. We created a tool to help them proactively identify vulnerabilities and assess compliance with standards like NIS2, ISO/IEC 27001, and the Cyber Resilience Act.
What it does
Our tool scans the official NIST CVE database to identify vulnerabilities relevant to a specific machine—such as DDoS-related risks. Results are ranked by severity and delivered to the user through a Telegram chatbot. The user can also opt to check which cybersecurity regulations may apply to their machine (e.g., NIS2, Cyber Resilience Act).
To support short presentations and raise awareness about the importance of machine-level security, we designed and 3D-printed two robotic "arm" models. Each is equipped with an RFID chip. Scanning a chip triggers a simulation that displays the robot’s digital identity and associated component details.
How we built it
We used n8n for automation, fetching data from the NVD API and processing it with JavaScript nodes. The Telegram bot lets users trigger scans and receive summaries in real time. We also explored OpenAI tools and pentesting agents for extended functionality.
Challenges we ran into
Connecting to the Raspberry.
Building decision flows for security vs. compliance
Managing dynamic CVE filtering and ranking
Accomplishments Fully working Telegram-based scan assistant
Accurate CVE extraction and classification
Dual support for vulnerability scanning and regulation awareness
Accomplishments that we're proud of
What we learned
What's next for Arm dran.
Built With
- blender
- cenelec
- javascript
- n8n
- nist
- pentesting
- raspberry-pi
- supabase
- three.js
- vercel
Log in or sign up for Devpost to join the conversation.