Skip to main content

Programme Category

Programme

Article available in the folowing languages:

Intelligent security and privacy management


Proposals are invited to address one of the sub-topics below. In addition, it would be an asset for proposals to include solutions for hands-on and state-of-the-art training, such as cybersecurity exercises.

Four pilot projects are launched under Horizon 2020 LEIT ICT, as a result of the call H2020-SU-ICT-2018, topic SU-ICT-03-2018 “Establishing and operating a pilot for a Cybersecurity Competence Network to develop and implement a common Cybersecurity Research & Innovation Roadmap”. Proposals should therefore foresee actions to collaborate with these four projects and also with similar ongoing projects funded under H2020, and take account of the results and work done in other relevant H2020 projects on cybersecurity/privacy.

SME participation is strongly encouraged.

(a): Dynamic governance, risk management and compliance

Proposals should develop and integrate beyond state-of-the-art approaches to security and privacy management which are: automated, dynamic and adaptive, allowing to identify the vulnerabilities, threats, such as advanced persistent threats, and attacks (including zero-day attacks).

Proposals should include pilots with significant scale involving complex ICT systems and addressing some or more of the following: forecasting, risk-based situation awareness, evidence-based system and software assessment, visualisation techniques, real-time monitoring and alerts with high level of accuracy, support to fair automated decision-making, run-time adaptation and autonomous recovery from faulty states.

Proposals should address the technical, operational, financial and ethical dimensions of cybersecurity. Concrete application cases should be foreseen. Adapted tools, techniques and formats for collaborative security/privacy event management and reporting should be proposed. Solutions involving advanced, highly representative simulation environments (cyber-ranges) might be proposed.

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 7; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 2 and 5 million would allow this specific challenge to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Innovation Action

(b): Cyber-threat information sharing and analytics

Proposals should develop and test threat detection frameworks, which should to the extent possible include: (i) collaborative, open, and dynamic repositories of information on threats and vulnerabilities; (ii) build on and update existing ontologies, taxonomies and models; (iii) dynamic tools for automated detection with advanced analytic capabilities, and where possible response and recovery; (iv) accountability and audit techniques; and (v) synchronised real time self- encryption/decryption schemes with recovery capabilities.

Novel technologies enabling collaboration in cyber threat intelligence and alerting should be proposed, taking into consideration not only technical aspects, but also human aspects such as behavioural patterns, gender differences, privacy, ethics, sovereignty, psychology, linguistic and cultural boundaries.

The tools and services that will be developed should be in a position to support the operations of CERTs/CSIRTs and networks of CERTs/CSIRTs. Proposals should develop incident response tools and test respective processes for coordinated response to large-scale cross-border cybersecurity incidents and crises in line with Commission Recommendation (EU) 2017/1584 of 13 September 2017 on coordinated response to large-scale cybersecurity incidents and crises.[[https://eur-lex.europa.eu/legal-content/GA/TXT/?uri=CELEX:32017H1584]]

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 7; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 2 and 5 million would allow this specific challenge to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Innovation Action

(c): Advanced security and privacy solutions for end users or software developers

Proposals should develop automated tools for checking the security and privacy of data, systems, online services and applications, in view to support end users or software developers (possibly including developers of AI solutions) in their efforts to select, use and create trustworthy digital services. Proposals should address real application cases and at least one of the following services: automatic code generation, code and data auditing, trustworthy data boxes, forensics, certification and assurance, cyber insurance, cyber and AI ethics, and penetration testing.

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 6; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 2 and 5 million would allow this specific challenge to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Research and Innovation Action

(d): Distributed trust management and digital identity solutions

With particular consideration to IoT contexts, applicants should propose and test/pilot innovative approaches addressing both of the following points: (i) distributed, dynamic and automated trust management and recovery solutions; and (ii) developing novel approaches to managing the identity of persons and/or objects, including self-encryption/decryption schemes with recovery ability. Proposals should address real application cases.

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 5-6; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 3 and 6 million would allow this area to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Research and Innovation Action

In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy management in a holistic and dynamic way. Organisations must constantly forecast, monitor and update the security of their ICT systems, relying as appropriate on Artificial Intelligence and automation, and reducing the level of human intervention necessary.

Security threats to complex ICT infrastructures, which are multi-tier and interconnected, computing architectures, can have multi-faceted and cascading effects. Addressing such threats requires organisations to collaborate and seamlessly share information related to security and privacy management.

The increasing prevalence and sophistication of the Internet of Things (IoT) and Artificial Intelligence (AI) broadens the attack surface and the risk of propagation. This calls for tools to automatically monitor and mitigate security risks, including those related to data and algorithms. Moreover, storage and processing of data in different interconnected places may increase the dependency on trusted third parties to coordinate transactions.

Advanced security and privacy management approaches include designing, developing and testing: (i) security/privacy management systems based on AI, including highly-automated analysis tools, and deceptive technology and counter-evasion techniques without necessary human involvement; (ii) AI-based static, dynamic and behaviour-based attack detection, information-hiding, deceptive and self-healing techniques; (iii) immersive and highly realistic, pattern-driven modelling and simulation tools, supporting computer-aided security design and evaluation, cybersecurity/privacy training and testing; and (iv) real-time, dynamic, accountable and secure trust, identity and access management in order to ensure secure and privacy-enabling interoperability of devices and systems.


In the short term, project outcomes should make relevant contributions to the following:

  • reduced number and impact of cybersecurity incidents;
  • efficient and low-cost implementation of the NIS Directive and General Data Protection Regulation;
  • effective and timely co-operation and information sharing between and within organisations as well as self-recovery;
  • availability of comprehensive, resource-efficient, and flexible security analytics and threat intelligence, keeping pace with new vulnerabilities and threats;
  • availability of advanced tools and services to the CERTs/CSIRTs and networks of CERTs/CSIRTs;
  • an EU industry better prepared for the threats to IoT, ICS (Industrial Control Systems), AI and other systems;
  • self–recovering, interoperable, scalable, dynamic privacy-respecting identity management schemes.

In the medium to long term, project outcomes should make relevant contributions to the following:

  • availability of better standardisation and automated assessment frameworks for secure networks and systems, allowing better-informed investment decisions related to security and privacy;
  • availability and widespread adoption of distributed, enhanced trust management schemes including people and smart objects;
  • availability of user-friendly and trustworthy on-line products, services and business;
  • better preparedness against attacks on AI-based products and systems;
  • a stronger, more innovative and more competitive EU cybersecurity industry, thus reducing dependence on technology imports;
  • a more competitive offering of secure products and services by European providers in the Digital Single Market.