Skip to main content

Coordination action on Risks, Evolution of threatS and context assessment by an Enlarged Network for r&D rOadmap

Final Report Summary - CRESCENDO (Coordination action on Risks, Evolution of threatS and context assessment by an Enlarged Network for r&D rOadmap)

Executive Summary:
Building on the experience of the Preparatory Action for Security Research SeNTRE and STACCATO networks of users and experts, the CRESCENDO Coordination Action goal is to respond to the strong request of the users and the experts who attended the first workshops (organised by the two previous coordination actions) to continue working together and to enlarge their activities, by involving new Member States, associated countries and additional SMEs.

The objective of the CRESCENDO project is also to improve the innovation process, to study how to create a real European security market and how to strengthen European competitiveness by closing the loop between academia and industry, including SMEs, and the end-users.

CRESCENDO also supported the work of the European Security Research & Innovation Forum (ESRIF) by integrating their recommendations in the final strategic R&D roadmap.

CRESCENDO focused its activities on the following objectives:
. Operation of an enlarged security network comprising public stakeholders, industries,
SMEs, RTOs, think tanks and academia in the EU 27, with a specific focus on the new
Member states, as well as in the Associated Countries,
. Deeper analysis of the Security environment
o The evolution of societal security (threats and risks).
o Policies, regulation and standardization analysis in order to define processes for harmonized, ubiquitous, clear and unambiguous, regulations and policies and standards.
. Recommendations for a Comprehensive Innovation Process aiming at identifying the best
possible structure for the “security supply chain”, i.e. the European Security and
Technological Industrial Base (STIB),
. A strategic R&D Roadmap aiming at supporting the EC, ESRIF working groups and EU
Member States in preparing European and national research programs,

The CRESCENDO Consortium always paid attention to consolidate a continuous dialogue provided recommendations for future development and acquisition programmes at European and national levels paving the way towards a European Security Equipment Market (ESEM).

Project Context and Objectives:
Crescendo is a coordination action built on the experience of two previous networks SeNTRE and STACCATO.
The first project SeNTRE (PASR 2004) has identified capability needs in 10 missions and has determined technological capabilities with a top-down approach (from the consortium) and a bottom-up approach (through the organization of specific workshops).
The second project STACCATO (PASR 2006) has enlarged the network created by SeNTRE in the new Member States of the European Union and has enlarged the objectives taking into account the supply chain and the market conditions.
CRESCENDO is a follow on of these projects with a focus on:
- The analysis of the future capability needs and possible new threats scenario.

- The identification of technological solutions/priorities to address the capability needs (existing and future solutions) leading to a technology oriented research strategy.

- The analysis of current interoperability of the existing technological solutions of the different Member States and Associated Countries.

- The continuity of the mapping of European competencies initiated in STACCATO

- The update list of national, regional, European and international research programmes initiated in STACCATO, identification of possible synergies and further cooperation opportunities leading to a comprehensive strategic R&T roadmap to guide, orientate and underpin all these different research programmes.

- The support for the definition of new standards (in strong cooperation with CEN and in line with its activities and processes)


The organization of the Work packages was built in order to reach the 5 following objectives (WP2 to WP6)
More in details, the Coordination action CRESCENDO Consortium has worked in order to
- Strengthen, enlarge and render sustainable the network of users, stakeholders, industries including SMEs, RTO and Academia in the EU 27 with additional representatives from the new Member States as well as the Associated Countries. For this purpose the Consortium has organized several workshops in Brussels on the 9 Staccato missions
o Critical infrastructures and networks protection
o CBRNE (including decontamination)
o Crisis Management
o Movement of People
o Movement of goods
o Wide area surveillance
o Human Factors
o Standardization
o Interoperability


In addition the Consortium has organized local workshops in Israel, Estonia, Czech Republic, Poland and Serbia in order to enlarge the networks and give the floor to experts that could not afford to pay travels for attending the workshops in Brussels.


- Analyze the evolutions (threats and risks) of the Society Security and the perception of these threats by the Member States. An additional objective was also to take into account the Public perception vis a vis the political priorities of countermeasures. Following this analysis, the perception of identified threats has been translated into security policies and a model has been proposed. Furthermore some cultural factors have been studied the example of body scanners.

- Define process and networks for regulatory harmonization and security standardization proposals. Standards not only help bring products on the market, they also promote product adoption by end-users as well as cost efficiency by allowing interoperability between solutions or products. The objective was to suggest methods in order to identify these regulations and create a mapping of available standards in the security domain. The experts of Crescendo consortium has provided recommendations in terms of interoperability vs standardization and analyzed the role of some EC bodies as well as recommendations in order to build up a network to enhanced cross border collaborations

- Analyze the technological innovation process in order to speed up the transformation from R&T results to real products with an access to this new market. For this purpose the Consortium has analyzed the demand, the links between the supply chain and the regulations, the ways to improve the relationships between the academic sector, the industries (including SMEs) and the service sector. An additional objective was also to identify the current limitations and gaps to overcome in order to create an early awareness process and a European “marketplace” for Innovation.

- Structure a strategic and integrated R&D roadmap for the future Security Research Agenda and elaborate recommendations to the EC for some key themes for the Security Research Programme such as emerging technologies, maturity of current systems and areas of improvement, evolution of standards to enhance systems connectivity and regulatory issues across the EU27 and associated countries.

Project Results:

In this report we describe the main results of the CRESCENDO project according to the 5 main objectives of the project:
- Objective 1: Strengthen and enlarge the existing network of users and stakeholders, industries, SMEs, RTOs and academia in the EU27 with additional representatives from the new EU Member States as well as the Associated Countries. To create a broader consultation through the organization of workshops around 9 missions
o Critical infrastructures and networks protection
o CBRNE (including decontamination)
o Crisis Management
o Movement of People
o Movement of Goods
o Wide area surveillance
o Human factors
o Standardization
o Interoperability
- Objective 2:Analyze the evolution of Society security (threats and risks) and translate it into security policies
- Objective 3: Analyze the issues of policies, regulation and standardization in order to suggest working methods proposals
- Objective 4: Analyze the innovation process in order to speed up the transformation from R&T results to real products with an access to this “fragmented” market
- Objective 5: to develop an integrated R&D roadmap taking into account recommendations from ESRIF, national or European initiatives.

Objective 1: Enlarging the existing network by organizing workshops
2 types of workshops have been organized
- Centralized workshops in Brussels (Borschette building)
- Localized workshops in the 5 following countries Israel, Estonia, Czech Republic, Poland and Serbia
In addition a questionnaire was sent to participants of all the workshops in order to gather inputs form experts.
This questionnaire was made of four parts.
The first part asked the person to specify the Organization he/she works for, his/her country and his/her function and role.
The second part assessed the thematic addressed by CRESCENDO and in particular if they were relevant for their country/organizations, if it was so in the short, mid or long term and which specific policy of their country was concerned by the project in their view.
The third part investigated more in detail the assessment of CRESCENDO project itself. This part assessed if all relevant security issues were addressed by the project. If no, which specific security issue was missing and they wished to be addressed in the European Security Research Program (ESRP) in order to make it more relevant for their country/Organization. Lastly, it was questioned if a priority of thematic should be set up and why.
The final part was related to the involvement of the respondent in the project and more largely in the ESRP: it was asked if they wished to be further contacted and how do they wished to be involved.
The questionnaire was short and the purpose of this decision was not to discourage European stakeholders and end users with long questionnaires that they might not have the time to answer to.
We estimate that stakeholders and end-users were in the position to answer to those questions since they had participated to CRESCENDO workshops, where they had the chance to know the project, to be in contact with members of the consortium and where documentation on the European Security Research Program and activities was made available to them.
We highlight here the most important results of this questionnaire.

The following missing security topics were highlighted:

– Support to new and innovative sensor technologies.
– Cyber security.
– Marine environment security.
– Energy security.
– Decontamination (development of technologies but attention also to the practical – and not only theoretical – dimension). Need to clarify also ‘how clean is clean’ (looking at the experience of the USA after the anthrax incidents: many problems raised in getting Governmental Agencies to agree when a building can be considered clean, and when the public can accept it).
– Human Behavior and Ethical issues (from a societal point of view, the damage of sections of society directly involved in a CB incident/attack could have far reaching consequences, at national and by definition European level).
– Protection of security research specifications and outcomes (the identification of standards for testing security means could introduce a weakness in the security chain).
– Defining European best practices of translating threat assessment and security policies into R&D strategies that would help to unify various EU MS approaches.

In more general terms, some constructive critics have been highlighted with regard to CRESCENDO project:

– Architectural framework to shape user needs and constraints in technological developments should be developed.
– A more scientific methodology and approach to assess gaps between official and public threats should be used.
– To the follow up of CRESCENDO project, and to future projects in general, it is advised to be more focused in terms of purpose and scope.
– Assessment of the EU projects’ efficiency: accessing EU R&D investments is difficult, timely and administratively very expensive. Too long administrative process for acceding to EU grants is not compatible with short term evolution of needs.

About priorities, it was demanded to give priority to the following issues:

– International and inter-organizational interfaces for the disasters management
– Simplify and improve the efficiency of EU research process (see above)
– Often the focus is on the “organization of security, including IT”. Prior to the organization of the information flaw, the information must be created. Priority should be given to the creation of information: sensor equipment, biometric technologies, and forensic technologies.
– Assessment of threats and risks and their translation into security policies should have a priority, rather than prioritizing technological developments.

1/ Centralized workshops in Brussels

The workshops program was organized in the following way:
1. General presentation of the Crescendo project by the project coordinator.
2. Presentation of the objectives of each workshop and the key issues to be addressed by the workshop coordinator.
3. Presentations of some participants on the key topics of the workshop.
4. Questions and answers session after each presentation.
5. Discussion on the presentations and the key issues of the workshop as presented by the coordinator in the beginning of the meeting.
6. Time for socializing, such as coffee breaks/lunch, was included in the schedule.
7. Round table for a final assessment on the issues discussed.

After the workshop, a report was produced by the workshop coordinator and was circulated to all participants for additional comments and validation.
For the sake of enhancing networking, a list of the participants as well as of the presentations and the final report were provided to the participants after the workshop.
Around 200 participants have attended these workshops in Brussels.
Even if it is difficult to summarize shortly the results of all these workshops we highlight here the key issues and recommendations proposed by the participants
Domain of CBRNE, including decontamination
– Promote therapeutic approach in CBRN research
– Maintain an incentive effort for development of new technologies by Member States: a kind of “Made in UE”
– Work on “scenario based technologies”
 Globalize and enhance works on scenario / expression of needs /
 System integration (networks of sensors & data fusion)
 Examples (non limitated)
• Supply chain
• Public critical infrastructures (e.g. crowded places,…)
• Mass transportation (already included in the FP7 project SECUR-ED)
– Develop a common methodology for CBRN risk assessment (application of EURAM European Risk Assessment Methodoloy)
– Support technological transfer to European industry (Lead Market Initiative for CBRN issues)
– Animate and support through adequate fundings, existing expertise networks (such as CREATIF network for example)
– Standardization
 Networks of reference labs
 Round robin exercises
 Necessary conditions to build and implement standards
– ESRIF WG 6 recommendations
– Dedicated EU CBRN expert-centers to:
 Help maintain resilience by gathering, analyzing, and distributing information
 Design doctrines
 Co-ordinate multi-disciplinary R&D and knowledge management
 Educate EU citizens on how to prepare for and respond to crises
 Create a network of laboratories (for forensics, standardized testing and evaluation, etc.)
– EU commission should promote a complete system-of-systems approach to CBRN(E) counterterrorism that follows the full security cycle
– Specific recommendations on standardization
– Create financial platform for stake holders to participate
– Participate in the existing forums on Standardization
– Financing of small projects must be improved ( secretariat- coordination )
– Look and focus on Chain / ensample solutions for EMS users.
– Invest in Ergonomic features of equipment used
– Support the proposals in effort and finance
– Prioritise on detection solutions, decontamination, cleanup-phase
– Think and initiate discussion on large scale protection

Crisis Management
– Promote business innovations in the field of connecting citizens and first responders.
– Exploitation of available research and appropriate utilization of project results.
– Set a standard unique European crisis management system within EU Member States by:
 Identifying common areas of corresponding national systems.
 Conducting common cross-border exercises.

Wide area surveillance
– The problems encountered were not as much technological as integration of the existing systems and technologies. Issues addressed were:
 Increase of the performance of cameras and sensors.
 Increase of the surveillance beyond the cost.
 Longer endurance of platforms.
 UAV, satellite performance.
 Real time data.

– Regarding the sharing of information, some questions were arisen:
 What information should be shared among surveillance systems?
 How to share efficiently the information without overdosing?
 Who should share the information with?

The recommendation to cover these questions was the establishment of a common information sharing system. Another issue that came up during the discussion was the necessity of system architecture. At the moment, lots of people are working on that.

Movement of people
In general experts saw developments in several directions for the future:
- smart ways of processing large amounts of persons through the border checks process with clear benefits (facilitation) for EU citizens
- wider use of biometrics for verification/identification purposes, e.g. by adding biometric identifier to existing information systems. A recommendation was done on putting the emphasis on who you are (person) than what you are (nationality)
- improving e-Document security with regard to the issuance process and source documents

Experts underlined the need to come to the development of guidelines and best practices in order to establish European standards for deployed technical solutions. As end-to-end Identity Management is crucial, the whole chain of identity management (from issuance of an id-document to a control infrastructure) needs to be taken into account.
Border Surveillance was not the primary answer to the problem of illegal migration. Increasing border checks to detect illegal migration does reduce the inflow of illegal migrants, but we should not forget the 50% of the illegal over stayers (i.e. 4 millions of persons) have entered the EU legally. There is a necessity to improve the national capabilities of individual members states to detect illegal over stayers and establishing more effective follow-up procedures once illegal over stayers they have been detected. As people can travel freely within the EU countries a better cooperation between the EU members states on exchanging data of illegal over stayers and follow-up actions are needed. Investing in border control infrastructure therefore will not pay off fully, if those national measures will not be taken.

Standardization and interoperability
When “governments” constitute the markets, they should be involved in standardization activities (this is the typical case for security).
Member States and European Commission should contribute to the acceptance of an independent laboratory and performance testing center.

– Organisational and ”cultural” interoperability are key enablers, and the key obstacles. Technical interoperability can be complicated but it is manageable.
– Some competencies should be shared, some others are supporting the whole security field.
– Interoperability requires dedicated actions, such as coordination.
– The link with standards is important, as they can obstruct or facilitate interoperability. Interoperability can be understood as an enhancement to standards.
– The link between interoperability and security is not simple. They can be synergetic or enter into conflict.
– Interoperability is of strong interest by the industry and by the end user because of of strategic and economic reasons.



Human Factors
Experts underlined these issues
– Importance to disseminate the right Information
– Do not distribute the poor, truncated, imprecise and too much spaced information.
– The pure information is anarchic, outbid by unbridled media.
– Some information has an ambivalent indeed contradictory character; we must change them and modulate them according to the perception.
– There is a need to permanently identify the differences concerning publics or susceptible to be concerned because of the crossed situation as well as a need to stay conscious that the objective level of the crisis is different of the subjective.
Regarding these abovementioned issues, the good answer could be given through:
– The formulation of a first wait message based on the information available and validated: Communicate only about the facts in order to avoid being contradicted by the history and be more reassuring.
– The preparation, based on the wait message, of a list of questions/answer probably to be asked by the media. The speech can’t be improvised. The bad interlocutor at the bad moment can disrupt the communication management.
– The elaboration of a wait press release in case of diffusion of the information before the official announcement.

It could be useful at European level to create a European system of information for the population in case of emergency situation. Indeed a lack of information or different assessment of the crisis situation by national newspapers, radio or television create a loss of confidence and frustration to the citizens .A sharing of responsibility between national Authorities and the European Commission could create a positive and credible atmosphere instead of having different and very often contradictory messages published in the different medias resulting to more trouble for a population in an emergency situation.

2/ Localized workshops

Again it is a difficult exercise to summarize the results of the workshops as the perception of threat and risks were quite different in all these countries.
We try to highlight the main driving forces that have been suggested by the participants
For Israel the reference for future policies will be quality over quantity, this strategic aim of the Israel strategy is to face numerical inferiority with qualified superiority in technology and science. For this reason, Israel has invested significant efforts over the years in promoting scientific research and defence technology and developed indigenous defence industries. The goal, although tough, it has been decisive to create a very strong domestic defence industry. Its peculiar story shaped also its features: with a compulsory and reserve military service, a network of relations, shared experience and friendship is created and maintained. The defence industry works very closely with the military, but it also gain a strong incentive thought these relations that single individuals develop in their lifetime, shortening the gap between private and public sector. A second alluded feature, indirectly previously mentioned, is the high degree of individual mobility between the different sectors. Employers of defence industries bring their own personal experience from the compulsory military service, and through network the cooperation with the Military forces persists.
Serbia might also receive a single assessment, more so the report stresses the point that the country still has to confront institutional issues and that development of security technology is in its infancy. Besides EU driving force with regional police cooperation, the Minister of Defence is the internal driving force. It has invested in specific defence areas and military academic. Serbian specialisation deals with new types of threats, as atomic, biological and chemical defence it has attempted to create a regional Centre, and currently it is also working with UN. As for Academic, the Minister has invested in the Military-Medical Academic and developed one of the biggest Military Hospital of the world. Serbia's police has also been able to strengthen and innovate its border management through foreign funds, as the Technical Assistance and Information Exchange (TAEIX), whom aim is to tackle organized crime, corruption and general trafficking. At last the country also signed an agreement with the Russian Federation, back in 2009, to develop a shared Emergency Centre in Nic. Nevertheless there has been an on-going debate on the real nature of the Centre, hinting also conspiracy theories, the most plausible answer suggests it would keep track of the “South Stream”, ensuring functioning and immediate reaction in case of emergency. Driving forces for evolution in security technologies still have to come and shape the situation.
Czech Republic, Poland and Estonia face similar issues in security technologies, the outcome of such strains is the purchase of standard high-tech, ready-made solutions, with internal structural problems in R&D and coordination with strategies. In Poland there seems to be a lack of investments for R&D, in 2007 it was around 0,56% of its GDP and more than half of it came from the governmental funds. Of the remaining, 30% from the private sector and 7% from the academia. The Polish funding is capsize the EU scenario, were most of the R&D support comes from the private sector. This peculiarity also strains the research on a further level, the public sector only appoints annual research programmes, therefore multi-annual projects are not easy to elaborate with a national fund. Research centres are in some case also described as under staffed and using out of date equipment, the short-term finance bridles centres to develop new technologies and to compete on open market. The private sector does not participate to supportive programmes, small and medium companies are not prepared to invest on a long-term project, while big companies sometimes rely on research centre, but mainly for internal needs. The final result is a national weak R&D, compared to foreign technologies, ready for use.
Estonia deals with the same challenge, but in a different prospective, in 2007 it released a document with a five year strategy dealing with Research, Development and Innovation (RD&I). Three fields were qualified as priority: ICT, biotechnology and materials technologies, and for security and defence the creation of a national R&D programme (inter-agency) and of specific R&D programmes. The general framework did not deal with details, during the RD&I draft, Minister of Defence, not Minister of Interns were called to give an opinion or participate, therefore R&D did not reflect the real innovation needs in security technology. The national R&D programme in security and defence was never adopted, nor the inter-agency platform, two out of three national programmes currently in place may indirectly include some kind of threats, as cyber security and energy. At last none of the state actors, entitled of strategic policies or operational-technical issues have a medium – long term R&D programme to support their strategies. Consequently, although different extend of problems, the Polish and Estonian cases are pretty similar in lacking of structured and analytical planning, nor as policy-makers, nor as executers. The on-the-shelf technologies are appealing and do not require investments and organization risks, nevertheless probably a national R&D strategy could fulfil coordination and allow tailor fit technologies. Nevertheless it has been stressed that in the case of Estonia, there is not much interest, neither from the research centres, neither from the private sector, that does not seem to have the capability of utilizing results of R&D projects for commercial purposes. While for Poland the necessities of Police, Fire Service and Boarder Guards are fulfilled with calls for applicants, therefore specific technologies and needs cannot be formulated and the final result is a standard technology. The Minister of National Defence, jointly with the Defence Forces should run projects, creating a real driving force, but these are, once again, under-financed and scarce. The real spin-off in Poland is the National Centre for Research and Development (NCRD), and the Polish Academic of Science, this last actor counts 70 cells, all entitled of researching in various different areas, even if they present the above mentioned structural problems, these seem to have a real potential that could be developed.
Czech Republic is not immune to such general complications. Some specific industries have a strong and competitive position on the defence market due to their high level of specialisation, the lacking features are under-financed research and development and the inability/unwillingness to participate to international projects. The report stressed the point that there is a diverge between the defence industry and strategic documents.
On the oppose side, all these considerations need to be adapt to opportunities, these three reports all emphasis the EU recent major input in national R&D programmes, and generally speaking as a future driver for security technology. The EU 7th Framework Programme has activated many different kind of joint initiatives: European Cooperation in Science and Technology (COST) projects and European Space Agency programmes, but also European Defence Agency's projects have allowed Poland, but not only, to participate to top research programmes. Other kind of EU driving forces have been qualified in ESRIF and ESRAB, to the extent that in Czech Republic the government has started a reform adopting two kind of multiannual programmes. The first one tackles Security Research for the Need of the State in 2010 – 2015, the second is program of the Security Research in the Czech Republic in 2010 – 2015. These type of cooperation have allowed all states to fill the missing strategic planning in R&D and also to concentrate on soft security areas. Another very positive driving force, with a European origin are the technological platforms, in the Polish report it was emphasised the enthusiasm towards them, to the extent of creating 26 different national platforms. Each of them develops a peculiar topic, threat or challenge though cooperation among private players, research centres and public field. Accomplishing the platforms there are also technological parks, both these two structures should shape future R&D.
Last but not least it must be noticed how Israel shaped its structure in a persistent development of human capabilities, on the opposite side Serbia still needs to put into place strategies in technological research. The three EU members are fairly young countries, the iron curtain has fell more than twenty years ago, but the defence industry and research are so peculiar, compared to any other market or sector, that the learning curve of such countries is still high and there is plenty of time to establish new national driving forces.

Objective 2: Analyzing the evolution of Society security (threats and risks) and translate it into security policies

There was a lot of discussion regarding the evolution of threats and risks due to recent events in terms of terrorist attacks or natural catastrophes. The translation of threat scenarios into policies was considered as fully dependent on the perception of threat among experts, authorities and various interest groups and public opinion.
Three very different examples have been studied
- The failed attack at Northwest Airlines Flight 253 from Amsterdam to Detroit on 25 December 2009
It raised questions on the adequateness of security measures at airports and especially the use of body scanners. Body scanners already exist at some airports but they are not used due to the lack of EU level agreement. Body scanners are claimed to cause health and privacy risks which have hindered the use of these technologies for security aims. Similar confrontations have been seen on various fields where the understanding of threats and their evolution vary among experts and different authorities.

- H1N1 epidemic
It caused an information flow on the necessity and safety of the vaccines, which has leaved individuals to wonder what is true and who to believe. EU member states have made different decisions based on their own judgement to provide vaccines to their citizens. The priorities set by the countries seemed to be different. Purchased number of vaccinations has varied from nil to two per citizen, and it has also been affected by the national economic situation. There have been plenty of arguments on the safety of the vaccines and the real risk of the H1N1 virus. Public opinion within countries has varied from hysteria to refusal, and people have even been fighting for vaccines while others have refused to get one even though they are considered as belonging to a risk group. Media and internet has been full of information pro and against the H1N1 vaccines provided both by recognised experts and various non-official interest groups.

- The event of 9/11 and other recent terror attacks,
The interest on emergent technologies of biometrics has increased among experts and responsible authorities. On one hand, biometrics has been considered as a major contributor to the security of modern society. On the other hand, it has also been seen as a sign for erosion of personal privacy and societal liberty, and there have been fears that biometrics could be used to xenophobic discrimination too.


The following template has been developed and suggested in order to help policy makers to translate threat into policies.

Identification of threats and estimation of the consequences and probabilities – Scenario descriptions from the scenario building processes
– Trusted information sources
– Expert evaluations
– Require procedures for the information sharing in a coherent, quick and effective way to all the stakeholders involved (not to the public yet)
Acceptability of the threat – Criteria for acceptability required – national or EU level
– Low acceptability – forceful and active countermeasures; high acceptability – weaker and passive countermeasures
– Some directives and national legislations already exist
Defining possible countermeasures – Defining the aim of the countermeasures: prevention/ mitigation/protection/restoring
– Alternatives need to be presented
– Possible overlapping with existing countermeasures to be checked
Acceptability of the countermeasures – Possible conflicts with current policies
– Conflicts with public opinion
– Expected achievements vs. constraints to normal life and operations
– Assessment of the juridical impact of the new policy on citizens and their rights, services and goods
Criteria for new policies or policy change – Understanding of the existing regulations, their intention and the real meaning of the suggested/identified changes
 Considering lessons learned from the past policies/countermeasures
 Do the existing regulations already cover the required countermeasures?
 Can the countermeasures in other countries be taken as a model?
– Assessment of juridical aspects: does the new policy need modifications in national/European legislation/regulations?
– Assessment of the intervention level e.g. from the geographic and administrative point of view
– Estimation of the time from enactment to react effectively, and the time necessary to produce and implement the policy

Clarifying the aim of the policy – Prevention/mitigation/protection/restoring
– Security vs. privacy/human rights/health
– Assess financial means required
Structuring the policy – Short term or permanent?
– Financial means and distribution of costs
– Communication strategy: how to communicate to the public in order to inform about the threat and its consequences and to make countermeasures acceptable
– Assessment of the coherence of the countermeasure with those of the neighbouring/involved countries in order to open the possibility of cooperation
– Define a command and control chain to launch and manage a countermeasure
Evaluation phase – Assessment and review of the adopted policy (effectiveness, efficiency, coherence)
– Modification of the policy if needed
– Establishment of a procedure to use lessons learned for the generation of future policies
In addition a model has been designed to construct a security policy process.
This model is designed to give an overall picture of the policy-making environment, and it can be used as a starting point for a policy formulation. However, it should always be supplemented with situation-specific information on details of legislative system, stakeholders as well as information on actual threats and risks in question. In this regard, the model should be seen more as a flexible structure than as a comprehensive model.
Last but not least in terms of policy recommendations 3 main points have been suggested:
- In terms of security needs, it is important to further analyze the threats, to define priorities, taking into account urgent needs, towards a common set of security requirements at EU level. Therefore it has been suggested to establish permanent and structured dialogue between customer and supplier, including with the support of simulation tools (“living labs”), through potential EC support actions (process to support the definition of needs).
The creation of a common European threat analysis capability is important as it represents a step towards common European security requirements
- In terms of “market” it has been suggested to create dedicated budget lines for acquisition of equipment, systems and services in the budgets of the European agencies involved in security matters (ex. FRONTEX). The question on a “single European agency” for security procurement was discussed during the Final Forum. This is today not envisaged but could be potentially discussed at ministerial and EC level, future group; related agencies already exist and (for example FRONTEX) could be considered and developed in this direction.

- In terms of transformation of research into products it has been suggested to even more focus research activities on the large scale demonstrations in the future.


Objective 3: Analyzing the issues of policies, regulation and standardization in order to suggest working methods proposals

The purpose of this work package was not to try to define an exhaustive catalogue of standardization needs, but to understand where should be the priorities in terms of categories of standards and identification of relevant networks.
Main standardization efforts have originally been focused on products requirements. Furthermore, a lot of management standards exist (and associated certification schema) in the area of security sometime competing but only some of those have achieved a global recognition like ISO 27001 for the Security of the Information System or ISO 31000 for the Risk Management.
We would like to highlight two examples of pre/co-normative R&D needs as a result of this study
a/ Video-protection and sensors
– Some standardization is still in progress regarding interoperability of video data (including some metadata)
– Sensors may concern a broad panel of technologies including ultra-sound, video (visible and IR), sound, radar, etc.
– Potential Applications are not limited to detection of intrusion : sensors may be used as safety devices in cars, or in a network for preventing risks for critical infrastructures (detection of smog…)
Identified needs: Evaluation/measurement of performance is missing (may be related to perception and/or detection performance criteria)

b/ Non-Invasive inspection Systems including Whole Body Imaging (WBI) comprising
– Ionizing Radiation Technologies
– Non Ionizing Radiation Technologies (Millimeter Wave & Passive Infra red Panel)
– Metal detection
– Automated Target Recognition (ATR) System Panel
– Fast moving technologies: There is not a final solution for the future technology for Non Invasive Inspection Systems (including detection systems) yet.
Identified needs: Issues are related to Privacy (especially regarding WBI), health protection, detection performance and evaluation (lack of harmonized regulations, lack of standards)
We summarize hereby some recommendations issues by this work package
– Regarding standardisation, there is a need to establish networks including both research and standards makers :
 Development of a network/expert body for standardisation and regulations harmonisation proposals.
 Some mechanisms should be developed to involve better participation of some stakeholders.
– There is an Increasing demand for :
 Standards addressing technical systems (or sub-system) in order to facilitate interoperability at the application level
 Performance standards, once technical and business standards have been agreed.
– Interoperability might facilitate the structuring and development of standards demand by
 Positively influencing the market positions of the producers of security solutions,
 Consolidating existing markets and
 Smoothing the opening of new markets
– A better coordination between regulation and standardization should be achieved (eg Body scanners and security equipment)

Objective 4: Analyzing the innovation process in order to speed up the transformation from R&T results to real products with an access to this “fragmented” market
In order to speed up the innovation process, to create short links between the research world, industry (including SMEs) and end-users, to structure the European Security and Technological industrial base, the following recommendations have been provided:

Simplification, flexibility and programme management

In addition to the awareness of the suppliers for the new RTD and innovation programmes for security, it is necessary as requested by the Research Commissioner to proceed to a real simplification of the FP processes and instruments. The evaluation and negotiation timescales should be reduced to allow a quicker delivery to the market of the products and results of research. For the new technologies, this means a more flexible and lighter programme, with continuously open calls and light evaluations several times per year. The scheduling should be adapted and synchronized with the national and regional (especially with EU structural funds) programmes. An articulation with these programmes should be planned to move quickly from the FP pre-competitive projects to innovation competitive projects. For large projects, more delegation should be given to the consortia to manage bigger parts of the programme involving since the beginning the whole supply chain with competitive solutions. For the definition of the FP future calls, the supply chain should be actively involved in the proposals for new themes and topics.
After ESRAB and ESRIF, Crescendo project and the IMGS proposals already demonstrate the importance of involving the whole community. Top down requirements from users, if any, must be discussed and improved with the supply chain at all levels.
Indeed, the techno push is not enough to drive innovation and guarantee the success on the market, but the demand pull either is likely to be too conservative or even worse absent.

Links with the public sector and public procurement

As recognized by the EC in its communication on public pre-commercial procurement, the public sector can and must play a key role in encouraging and benefiting from the innovative products, systems and services developed by the ESTIB. The PPP approach is under definition.
At that stage, we can recommend that some funding (from the EC FP8 new instruments, the EIB and the regional funds for instance) is planned to support the first public customers to take risk in procuring these new products and systems. The procurement must of course respect the competition rules and be based on innovation and costs criteria.
Such “financial engineering” would encourage to take some risks and to allow a real scale validation of the products. It is applicable at all levels from low level equipment to larger systems.
This public customers awareness and involvement would also in a second step allow to better define the future RTDI programmes for the future.

Commercial and public standards: the toolbox concept

The interoperability and standards/regulations issues have been widely addressed in the workshops. There are different hurdles to overcome to reach a critical mass for the market: between regions, between MS and then globally.
Public customers have the capability to identify jointly with industry the gaps and synergies possible. In a PPP approach and if several MS are involved, this would be a major feedback.
However, industry/service providers, as suppliers or customers have also a federating role to play.
The whole supply chain should contribute from local to global actions using national standardisation bodies (AFNOR, CEN etc) and also federating and structuring projects.
In such projects, it could be interesting to develop a toolbox concept as planned for CBRN crisis management or demining where many player are involved by generating a “catalogue” of the products, their interfaces, simulating or using real equipment and developing training kits.
The toolboxes can be fed by an open platform of suppliers and proposed to end users.
Such a collaborative tool, including existing or planned modules, can be a one stop shop for the customers and to link the different suppliers and contractors.

Links with education (knowledge triangle)

To develop the future supply chain from universities to industry, it is key to train scientists, engineers, provide them also with some project management education and generate attractiveness for innovation.
The European Institute of Technology is an important vector. A KIC (knowledge and innovation community) on security would be recommended.
“Shortcuts” between the researchers and the market must be encouraged, especially among the young students and scientists. Industry should also participate actively in the training by “providing” experienced experts and managers and participating in the scientific steering boards.

New instruments to support innovation

Until FP7 included, the development of the supply chain and innovation is not really a criterion of evaluation. One of the criteria addresses exploitation of the results but is not measured a posteriori.
FP8 will also address innovation and will so have to go beyond the current DPs, even for small products.
For these large projects, beyond the demonstration projects (targeted in FP8), innovation on the market and development of the supply chain should be a major point in the evaluation.

Objective 5: Developing an integrated R&D roadmap taking into account recommendations from ESRIF, national or European initiatives.
The Roadmap CRESCENDO includes several inputs:
1. All the outputs collected during the activities and the outputs of the Crescendo Work packages
2. Outputs of ESRIF work, In line with what reported into the DOW“CRESCENDO activities want to support the ESRIF working groups in preparing future national and European collaborative programmes, providing users requirements and technology providers future solutions, in a comprehensive vision.”
3. Synergies with the IMG-s SRR (Strategic Research Roadmap)


Due to the fact that the DOW was written while ESRIF was still active and that instead CRESCENDO was funded only after the end of ESRIF, we decided to support the ESRIF activities giving an added value to what already done.
The basic Idea is that ESRIF Working Groups did a lot of work and defined a number of Capability and Technology needs that are still not used by European Commission. So we decided to consider to take into account only the technology WGs and to analyse the priorities they identified.
The final roadmap is represented both in structure of a table and in graphical views.
The meaning of the table titles are listed below:
• CRESCENDO code: is the unique CRESCENDO ID of the table
• Christmas Tree mission ref.: is the mission of the Christmas tree that we identified as more relevant for the identified capability/technology.
• ESRIF WG: is the WG number that have identified that specific capability/technology.
• Capability: is the “capability” we identified in the ESRIF matrix among the “What”; Why” and “How” columns
• Technology: is the “technology” we identified in the ESRIF matrix among the “What”; Why” and “How” columns
• Timeline: is the expected timeline (short, medium, long term).
• Estimated research cost: is the estimated cost indicated with the type of EU FP7 funding instrument.

Detailed information (figure, tables, images and schemes) are provided through the deliverable "Final Management Report"
Potential Impact:
By nature the Crescendo project was built to provide a strong impact, to allow large dissemination and to provide the European Commission and the Policy makers with a lot of recommendations to improve efficiency in the Security area.
The organization of the work packages was created for this purpose too:
Organization and operation of the network in Brussels as well as in 5 countries: objectives were to strengthen and enlarge the network already created thanks to 2 projects in the Preparatory Action for Security Research, to allow the audience expresses their view in terms along the 9 following missions
- Security of infrastructures and utilities
o Critical Infrastructures and networks protection/ Cyber security
- Security of Citizens
o CBRNE (including decontamination)
- Restoring security in case of crisis
o Crisis Management (focus on information and communication issues)
- Intelligent surveillance and enhancing border security
o Movement of People
o Movement of Goods
o Wide Area Surveillance
Transversal missions:
o Human Factors
o Standardization
o Interoperability
The experts participating were invited to discuss and contribute in the following topics related to the other Crescendo work packages:
• Society security evolutions (threats and risks)
• Policies, regulation and standardization
• Demand structuring and development
• Link regulation and supply chain
• ESTIB structuring and supply chain development
• R&D implementation (link with FP7, regional, national, international R&D programmes)
• Other initiatives and programmes (beyond R&D)
• Key issues & recommendations
Workshops coordinators provided workshops reports in line with the above mentioned topics
To illustrate the impact, the dissemination and the potential exploitation of the results we can take the example of the workshop “Crisis Management”
- Facts discussed by the audience:
 Organized societies have developed emergency response mechanisms in order to deal with critical incidents or generalized crises.
 These response mechanisms consist of properly trained and equipped professionals (policemen, firemen, medical staff, etc) functioning under a concrete legislative and regulatory framework.
 On the other side, civilians involved in emergencies/crises tend to assume a passive role.
- Rising issues expressed by the audience:
 Insufficient response from the state
 Citizen panic
 No room for active citizen involvement
 Citizen inability to follow instructions
 Citizen reluctance to take action on an occurring emergency when no responders are present.
- Recommendations suggested by the audience:
 Enhance the quality of interpersonal interactions among responders.
 Practice common citizen-responder exercises
 Appropriate citizen warning of existing and new types of threat.
 Utilization of the supportive role of citizens
 Train responders in citizen interaction/handling.

In addition to these “centralized workshops” five local workshops have been organized which is as far as we know the first time that this process has been done
The objectives were to understand the Security approach in these countries, to give the floor to people that have not necessary the opportunity to express themselves in this domain and to enlarge the global community
The discussions were extremely interesting and sometimes very free around the following items:
- Security definition issue
- Actors and structures in charge of the threats/risks assessment
- Priority threats/risks identification
- Response guiding principles identification (strategies and policies)
- Security technologies drivers for evolution

It is obvious that the project CRESCENDO due to this specific methodology had a strong impact in terms of addressing the community as well as strong dissemination in a lot of countries.

Regarding the exploitation of the results, through the final conference but also due to the nature of the work performed during the project Crescendo has built an original process to improve the R&D roadmap in the Security field.

Indeed, the Roadmap CRESCENDO includes several inputs:
1. All the outputs collected during the activities and the outputs of the Crescendo Work packages (including the recommendations issued through the workshops)
2. Outputs of ESRIF work, In line with what reported into the DOW“CRESCENDO activities want to support the ESRIF working groups in preparing future national and European collaborative programmes, providing users requirements and technology providers future solutions, in a comprehensive vision.”
3. Synergies with the IMG-s SRR (Strategic Research Roadmap) which represent a large community (industries, RTO, end-users etc…)

This has been done in a double direction approach
- Top-down approach
 Analysis of the ESRIF-ESRAB result
 Analysis of the workshops results (mission input)
 Analysis of the new threat and risks…
- Bottom-up approach
 Analysis of the ESRIF matrix
 Analysis of the questionnaire result
 Analysis of the workshops results (technology input)
 Cooperation with the IMG-s SRR



Last but not least a specific web site has been created (still on line) with a lot of information available to the community.

List of Websites:
www.crescendo-project.org
Contact details:
Coordinator: jean-louis.szabo@cea.fr