EU Critical Infrastructures (CIs) are increasingly at risk from cyber-physical attacks and natural hazards. Research and emerging solutions focus on the protection of individual CIs, however, the interrelationships between Cis has become more complex for example in smart cities and managing the impacts of cascading effects and enabling rapid recovery is becoming more pertinent and highly challenging.

PRECINCT aims to connect private and public CI stakeholders in a geographical area to a common cyber-physical security management approach which will yield a protected territory for citizens and infrastructures, a ‘PRECINCT’ that can be replicated efficiently for a safer Europe and will deliver:

1. A PRECINCT Framework Specification for systematic CIs security and resilience management fulfilling industry requirements.

2. A Cross-Facility collaborative cyber-physical Security and Resilience management Infrastructure enabling CI stakeholder communities to create AI-enabled PRECINCT Ecosystems and enhanced resilience support services.

3. A vulnerability assessment tool that uses Serious Games to identify potential vulnerabilities to cascading effects and to quantify resilience enhancement measures.

4. PRECINCT’s Digital Twins to represent the CIs network topology and metadata profiles, applying closed-loop Machine Learning techniques to detect violations and provide optimised response and mitigation measures and automated forensics.

5. Smart PRECINCT Ecosystems, deployed in four large-scale Living Labs and Transferability Validation Demonstrators, will provide measurement-based evidence of the targeted advantages and will realize Digital Twins corresponding to the CIs located therein, include active participation of emergency services and city administrations with results feeding back to the Digital Twins developments.

6. Sustainability related outputs including Capacity Building, Dissemination, Exploitation, Resilience Strategy, Policy/ Standardisation recommendations

The SPATIAL (Security and Privacy Accountable Technology Innovations, Algorithms, and machine Learning) project seeks to address the challenges of black-box AI and data management in cybersecurity by designing and developing resilient accountable metrics, privacy-preserving methods, verification tools and system framework that will serve as critical building blocks to achieve trustworthy AI in security solutions.

The main objectives include:
1) To develop systematic verification and validation software/hardware mechanisms that ensure AI transparency and explainability in security solution development;
2) To develop system solutions, platforms, and standards that enhance resilience in the training and deployment of AI in decentralized, uncontrolled environments;
3) To define effective and practical adoption and adaptation guidelines to ensure streamlined implementation of trustworthy AI solutions;
4) To create an educational modules that provide technical skills, ethical and socio-legal awareness to current and future AI engineers/developers to ensure the accountable development of security solutions;
5) To develop a communication framework that enables accountable and transparent understanding of AI applications for users, software developers and security service providers.

Besides technical measures, SPATIAL project aims to facilitate generating appropriate skills and education for AI security to strike a balance among technological complexity, societal complexity and value conflicts in AI deployment. The project covers data privacy, resilience engineering, and legal-ethical accountability that are in line with EU top agenda to achieve trustworthy AI. In addition, the work carried out in SPATIAL on both social and technical aspects will serve as a stepping stone to establish an appropriate governance and regulatory framework for AI-driven security in Europe.

VeriDevOps is about fast, flexible system engineering that efficiently integrates development, delivery, and operations, thus aiming at quality deliveries with short cycle time to address ever evolving challenges. Current system development practices are increasingly based on using both off-the-shelf and legacy components which make such systems prone to security vulnerabilities. Since DevOps is promoting frequent software deliveries, verification methods artefacts should be updated in a timely fashion to cope with the pace of the process. VeriDevOps aims at providing a faster feedback loop for verifying the security requirements i.e. confidentiality, integrity, availability, authentication, authorization and other quality attributes of large scale cyber-physical systems. VeriDevOps is focusing on optimizing the security verification activities, by automatically creating verifiable models directly from security requirements, and using these models to check security properties on design models and generate artefacts (such as tests or monitors) that can be used (later on) in the DevOps process.
More concretely, we will develop methods and tools for: 1) creating security models from textual specifications using natural language processing, 2) automatic security test creation from security models using model-based testing and model-based mutation testing techniques and 3) generating (intelligent/adaptive, ML-based) security monitors for the operational phases. This brings together early security verification through formal modelling as well as test generation, selection, execution and analysis capabilities to enable companies to deliver quality systems with confidence in a fast-paced DevOps environment. Overall, VeriDevOps is using the results of formal verification of security requirements and design models created during the analysis and design phase for test and monitor generation to be used to enhance the feedback mechanisms during development and operation phases.

PUZZLE will implement a highly usable cybersecurity, privacy and data protection management marketplace targeted at SMEs&MEs that enables them to monitor, forecast, assess and manage their cyber risks through targeted cybersecurity services, increase their cybersecurity awareness through the efficient heterogeneous information processing, the establishment of knowledge sharing with other SMEs&MEs and extract insights based on advanced analytics. The PUZZLE will track the relationships among the cyber assets of each SME&ME, considering the available network, compute and storage infrastructure and use them to efficiently calculate individual, cumulative and propagated risks, as well as recommend and apply mitigation actions. The PUZZLE will support vulnerabilities and threats assessment in a collaborative manner based on the homogenization of data provided by the SMEs&MEs. Data will be collected by resource handling and monitoring agents applied over Cloud/Edge Computing, IoT and network infrastructure. Such data will be enriched with data provided in relevant open repositories. SMEs&MEs data sharing will take place through blockchain-based technologies for secure data management. Based on the calculated risks and the provided graph topology, the application of resilient defensive strategies will be recommended, considering the type of infrastructure used by the SME&ME. Automated defensive strategies deployment mechanisms are also going to be made available, reducing a lot the complexity and the burden for the deployment of the provided services by cybersecurity managers in SMEs&MEs. Special emphasis will be given on the usability and the rise of competitiveness of the PUZZLE Marketplace, by designing solutions that can be easily on-boarded by external cybersecurity providers and can be seamlessly adopted by the end-users taking into account their preferences. The provided services will be made accessible through the SMEs&MEs Dashboard that will be developed.

The project involves 15 Partners from 8 European countries, and aims to design and develop an analySis software scheme of uNiform statistiCal sampling, aUdit and defence proceSses (SANCUS – an Roman god of trust). The main idea draws on formalising the logic of expressing (for the first time) the notions of cyber security and digital privacy by means of final formulas and fuse them into optimisation strategies to acquire the truly optimum defence recommendation in dynamic manner, i.e., with respect to the runtime changes of the telecommunications network environment. In this respect, SANCUS will dimension the new inclusive Key Performance Indicator metric, namely, the security‐vs‐privacy‐vs‐reliability efficiency trade‐off, for measuring the system network cybersecurity and privacy performance explicitly, flexibly, automatically and agnostically. To realise the heterogeneity of the security and privacy levels across the system network and its supply chain, the proposed scheme sits on six efficient engines, namely, FiV, CiV, SiD, AcE, MiU and GiO, which combine unique modelling of the Internet of Things units, cutting edge methods for automated firmware and software validation and verification, and innovative Artificial Intelligence driven game techniques for the automated optimisation of the control and trust of digital services. Extended evaluations of the project outcomes are also considered by means of developing contemporary network testbed prototype built on latest 5G and cloud‐native system setting and running three pilot use cases for examining the scheme performance across Firmware, Virtualisation and Management software layers. The SANCUS scheme will be delivered as an integrated software suite and it is expected to revolutionise the European research and development efforts, in and out, the cybersecurity regime. All outcomes are planned to be audited and disseminated extensively.

GEIGER will be an innovative solution with associated components and an Education Ecosystem addressing security, privacy and data protection risks of and for Small and Medium-sized Enterprises and Microenterprises (SMEs&MEs) in Europe. GEIGER will be developed in analogy of a GEIGER counter for detecting atomic radiation threatening human life. The GEIGER solution will be used for assessing, monitoring, and forecasting risks and reducing these risks by improving the SMEs’&MEs’ security with well-curated tools, and an education program targeting practitioners-in-practice as “Certified Security Defenders” bringing security expertise sustainably to SMEs&MEs using existing vocational education frameworks. GEIGER consists of a GEIGER Indicator that dynamically summarizes the current level of risk by evaluating measures undertaken for security defences among the participating SMEs&MEs. The GEIGER Indicator can be personalised by registering the enterprise’s profile and supports GDPR-compliant sharing and exchanging data about incidents. The GEIGER Toolbox allows stepwise do-it-yourself assessment and improvement of the SMEs’&MEs’ security, privacy, and data protection with lightweight controls and advice for improved protection at varied levels of sophistication. The included tools offer endpoint, server, and network protection and guide the SME&ME in a personalised manner in data hygiene, including access and security control, data privacy management, and backup practices. The GEIGER Education Ecosystem offers experimental-based training and cyber range-enabled challenges and will be integrated into curricula of diverse professions of non-ICT experts, offering direct impact on SMEs&MEs through target group-oriented education. The GEIGER solution will be demonstrated in three complementary use cases within three countries. GEIGER will achieve sustainable impact by raising awareness of more than one million SMEs&MEs within a period of 2.5 years after start.

For several years, programmability has become increasingly important in network architectures. A first generation of programmable networks was born ten years ago with the Software Defined Networking (SDN) concept and its implementations (OpenFlow) which offers a first level of control plane programmability. Then, the Network Function Virtualization (NFV) was introduced to enable the deployment of software functions. Today, the data plane programmability, mainly instantiated by P4 that further extends the concept of network programmability, is approaching.

In parallel, a new trend to finely split services into micro-services appeared. The expected benefits rely on an easier development and maintenance, better quality, scalability and responsiveness to new scenarios than monolithic approaches, while offering more possibilities for operators and management facilities through orchestration.

As a consequence, it appears that network functions, such as routing/switching, filtering, field translation, etc. can be split in several micro-services, implemented through different means, according to the software environments, and at different topological locations, thus opening the way to fully end-to-end programmable networks.

In this context, the fundamental question of the placement (topological location) and the execution environment (support node, such as a container or P4-based) of network functions, and more specifically micro-services that compose them, arises.

To date, even if some proposals start to include several networking programmable technologies (i.e. ONOS integrating SDN and P4), none of them consider a global end-to-end orchestration providing a multilevel and multi-technology abstract view for the optimization of network services finely cut into microservices, neither offer advanced network service orchestration algorithms.

This need for multi-level and multi-technology orchestration is even more important with the emergence of new services, such as immersive services, which exhibit very strong quality of service constraints (i.e. latency cannot exceed a few milliseconds), while preserving end-to-end security. In the project we will focus on such immersive services, and taking as example the use-case of a telesurgery and a remote drone operation.

In this context, the MOSAICO (Multi-layer Orchestration for Secured and low lAtency applICatiOns) project proposes to design, implement and validate a global and multi-layer orchestration solution, able to control several underlying network programmability technologies to compose micro-services forming the overall network service.

The goal of INSPIRE-5Gplus is to advance security of 5G and Beyond networks via two main approaches: (1) by leveraging/ extending existing assets such as Trusted Execution Environments (TEEs), Remote Attestation/Path Proof/RCA (Root Cause Analysis), and end-to-end liability management between parties, and (2) by introducing novel solutions/paradigms exploiting the potential of new trends including AI/ML and Blockchains. Accordingly, the INSPIRE-5Gplus project will address key security challenges against the concrete and efficient realisation of 5G through vertical applications, ranging from autonomous and connected cars to Critical Industry 4.0 (under specific regulation constraints).

Grounded in an integrated network management system and relevant frameworks, INSPIRE-5Gplus is entirely devoted to improve security at various dimensions (i.e., overall vision, use cases, architecture, integration to network management, assets, and models). It is also committed to deliver actionable results and enablers for all relevant stakeholders at both Program and Community levels. These outcomes will serve the crucial objectives of intelligent security and pervasive trust for future connected systems where Security will not be software-defined only, but will also be governed by Algorithms (AI, ML, Modeling, Optimization) to realize new concepts such as pro-active security while being trustworthy. Through its objectives, INSPIRE-5Gplus will deliver unique assets to achieve intelligent and trusted multi-tenancy (i.e. confident, evidence-based, and liable) across multi-tenants infrastructure, whilst also improving the control of systems, vulnerabilities and compromises for the infrastructure owners and tenants.