WP3 is responsible for definition of common research, development and innovation in next generation cybersecurity technologies (including dual-use), applications and services; focus should be on horizontal cybersecurity technologies and cybersecurity in critical sectors (e.g. energy, transport, health, finance). WP3 will provide the common research support for the different WPs especially coordinated with WP4 and WP5 to connect the research and innovation with the demonstration and industrial sector to be covered. The WP will create synergies between experts from various cybersecurity domains, providing a mass of researchers and results strengthening its scientific and technological bases by achieving a European research area of cybersecurity. WP3 will run aligned with the two cycles design of CyberSec4Europe providing a first result to be used on the first deployment of WP5 and feedback providing an enhancement on its outcomes.
Link to 3.1 folder
This task addresses the project lifecycle and how the activities, results and community built and gathered by the project compose into an overall CyberSec4Europe ecosystem of cyber-security development. The working technical space of this task is in structuring progress and features to emerge as components of the developed systems. These activities are to be distributed throughout the project as timely efforts, diverse disciplines and results rendered and formulated by the initiatives of the community engaged via CyberSec4Europe. The task aim to assess the level of originality, detail, sustainability and conformity of the models and results towards the CyberSec4Europe vision, providing a common ground for their development. Hence, this task will formulate the realistic progress of the project, impact potential, define the feedback for the project activities and communicate and organise the progress behind the building blocks of the CyberSec4Europe ecosystem.
Link to 3.2 folder
This task will oversee the identification of the horizontal cross sectoral security and privacy enablers, the design of the operational technological components and the identification and research on common technologies like blockchain, identity management, PET and the advance over state of art. The main objective is to develop core innovative cybersecurity building blocks for the CyberSec4Europe project, providing pioneering technologies on top of innovative tools to enhance the security and privacy of services. This task also includes identity management and authentication solutions over multiple non-federated providers, security and privacy services to deploy a basic Edge Computing platform, identify technologies to reduce the system attack surface, design security mechanisms based on Trusted Execution Environments (TEE) and design a framework for TEE-based cloud data processing, IoT Privacy Preserving Middleware Platform, improve integrated Security & Privacy by Design approaches, decentralized evidence-based authorization and distributed access control using blockchain, addressing applications in IoT and investigate approaches that achieve extreme privacy- and integrity-preserving storage and processing of critical data with long-term protection requirements.
Link to 3.3 folder
This task aims at identifying research challenges, requirements and approaches in all stages of the lifecycle of software: early stages (security requirements, modelling and analysis, security design patterns); risk analysis and management (including tool support and empirical methodologies to validate the efficacy in practice); implementation (programming and code, testing and tool support); and deployment (configuration, operations, monitoring). The task will focus on secure-by-design and proactive methodologies, supported by (semi)automated tools reduce security vulnerabilities and risks, and paving the way to the reactive security solutions used in late stages. We will also consider certification of security products to cope with the dynamicity of security. We will further focus on the issue of the software supply chain and identify screening methods (and tools) to identify vulnerabilities in previous versions of industry deployment of open source software. Special focus will be put on software components for the enablers of Task 3.2, namely software for improved privacy and trust in pervasive infrastructures and technologies such as the IoT, cloud and fog, edge.
Link to 3.4 folder
We will enhance the state of the art for reliability, safety and privacy guarantees of security intelligence techniques based on artificial intelligence, machine learning and data analytics. The objective is to define the requirements and mechanisms to share digital evidence between the different expert systems, providing solutions to allow interoperability, either through the unification of languages, formats and interfaces, or through trusted intermediate translators systems respecting the privacy, business requirements and the regulations of the different countries. We will investigate mechanisms capable of interacting with Threat Intelligence Information Services to capture evidence of malware activity at early stages. We will also address research challenges on log and event management, threat detection and security analytics with privacy-respecting big-data analytics. Additionally the goal is to enable security intelligence in defensive systems, by making sure the underpinning intelligence systems are fortified.
Link to 3.5 folder
This task will explore the development of flexible security solutions that can quickly adapt security controls in response to security changes such as new attacks or changes in security requirements. To improve the modelling and analysis of dynamic systems, we will provide tools and techniques to support elicitation and representation of assets, security requirements and threats, focusing on interconnected systems in various domains (e.g., cloud systems and Internet of Things). This task will also provide scalable architectures supporting security situation computation and risk assessment, and also selection and deployment of security controls that could satisfy security requirements and policies, also enabling awareness of the current system status. Finally, the acceptance of adaptive systems by stakeholders will be addressed developing techniques to provide explanations (assurances) about why certain security controls should be adapted.
Link to 3.6 folder
This task formulates and develops recommendations and guidelines on how to incorporate usability requirements in security design, as well as a tool-supported method for assessing the effectiveness factor of usability. We will specify a unified validation framework to test both usability and security requirements of biometric-based and multimodal user authentication mechanisms and we will design of new behavioural-based user authentication mechanisms including countermeasures and defences against attackers, validated through some of the demonstration cases. The task will also provide users and administrators with awareness mechanisms to support visualisation of the system status and security risks, enabling effective and usable security controls. Key challenges include automation and AI to help users on their security and privacy decisions, secure and usable authentication, complexity assessment for new security policies, user informed consent on privacy policies and best ways to visualise security and privacy information.
Link to 3.7 folder
With the intent to drive innovation, the goal of the task includes the design of best practices for innovative and GDPR compliant user experience (Task 3.6) and the investigation of the compliance for identity technologies interoperability (e.g. eIDAS, GDPR, ePrivacy). We will also investigate legitimacy of technologies used and processing of personal data in cross-border and cross-sector dimensions and contribute to the design of a common “blueprint”, making reference to other regulations relevant for the market. Dynamically changing environments will lead to the investigation of compliance issues of personal data processing purpose limitation (Task 3.5). An adequate development methodology can address those issues, so the investigation of compliance of proposed software development lifecycle (SDL) methods with EU regulation in light of privacy by design (Task 3.3) and privacy by default requirements is required.
Link to 3.8 folder
This task will support the rest of the projects by analysing technologies, system designs and implementations to determine whether the combination of cybersecurity technologies in use achieve the desired security goals, allowing to compare different systems. The task will design a security framework capable of formally defining cyber-physical attack incidents, detecting an intrusion at different levels (physical or cyber), provide a resiliency policy and generate a forensics analysis. It will be based on the work of meta-schema for certification defined by ECSO, the ARMOUR project methodology and the NIST CPS. The testing and validation work will be also coordinated with WP7 infrastructure to define a common strategy. Finally, combing Task 3.3 with other methods, we can prove the security of the whole system.
Link to 3.9 folder
This task will monitor the trends in the cybersecurity field to identify innovative approaches that could change the rules of the game or at least provide a competitive advantage to the early adopters. This will impact the roadmap development in WP4 and provide to demonstration cases in WP5 food for thoughts and for benchmarking. The task will rely on the expertise of the participants, voluntary contributions from researchers all over the world and cooperation with other cybersecurity competence centres (e.g., ENISA, EuroPol, national cybersecurity agencies, NIST). Finally, we will experiment with automatic text analysis to identify innovations.
Link to 3.10 folder
The objective of this task is to advance the state of the art by developing a novel security awareness conceptual model, monitoring and enhancement methods with international applicability. This task will be devoted to analyse and identify efficient measures and methods for the continuous enhancement of societal security awareness, which should be held regularly to ensure that the staff is knowledgeable regarding the up-to-date security solutions, referring to private usage of digital technologies, human aspects of information security, professional practice and competence-development, governance, management and achievement of results and use of serious games for privacy and security awareness rising.