Project description DEENESFRITPL Helping companies manage cybersecurity risks of the fragmented ICT supply chain Most companies developing ICT solutions require the integration or synergy of other ICT components developed by third parties. This can pose a high security risk, hampering the verification of potential vulnerabilities. The EU-funded BIECO project is working on a holistic framework that provides the necessary mechanisms to help companies understand and manage the cybersecurity risks and threats they are subject to when they become part of the ICT supply chain. The framework is composed of a set of tools and methodologies that will address the challenges related to vulnerability management, resilience and auditing of complex systems. Show the project objective Hide the project objective Objective Nowadays most of the ICT solutions developed by companies require the integration or collaboration with other ICT components, which are typically developed by third parties. Even though this kind of procedures are key in order to maintain productivity and competitiveness, the fragmentation of the supply chain can pose a high risk regarding security, as in most of the cases there is no way to verify if these other solutions have vulnerabilities or if they have been built taking into account the best security practices. In order to deal with these issues, it is important that companies make a change on their mindset, assuming an “untrusted by default” position. According to a recent study only 29% of IT business know that their ecosystem partners are compliant and resilient with regard to security. However, cybersecurity attacks have a high economic impact and it is not enough to rely only on trust. ICT components need to be able to provide verificable guarantees regarding their security and privacy properties. It is also imperative to detect more accurately vulnerabilities from ICT components and understand how they can propagate over the supply chain and impact on ICT ecosystems. However, it is well known that most of the vulnerabilities can remain undetected for years, so it is necessary to provide advanced tools for guaranteeing resilience and also better mitigation strategies, as cybersecurity incidents will happen. Finally, it is necessary to expand the horizons of the current risk assessment and auditing processes, taking into account a much wider threat landscape. BIECO is a holistic framework that will provide these mechanisms in order to help companies to understand and manage the cybersecurity risks and threats they are subject to when they become part of the ICT supply chain. The framework, composed by a set of tools and methodologies, will address the challenges related to vulnerability management, resilience, and auditing of complex systems. Fields of science social scienceseconomics and businesseconomicsproduction economicsproductivitynatural sciencesbiological sciencesecologyecosystemsnatural sciencescomputer and information sciencescomputer security Keywords vulnerability management resilience auditing of complex systems risk analysis mitigation strategies security certification harmonization Programme(s) H2020-EU.2.1.1. - INDUSTRIAL LEADERSHIP - Leadership in enabling and industrial technologies - Information and Communication Technologies (ICT) Main Programme Topic(s) SU-ICT-02-2020 - Building blocks for resilience in evolving ICT systems Call for proposal H2020-SU-ICT-2018-2020 See other projects for this call Sub call H2020-SU-ICT-2019 Funding Scheme RIA - Research and Innovation action Coordinator UNINOVA-INSTITUTO DE DESENVOLVIMENTO DE NOVAS TECNOLOGIAS-ASSOCIACAO Net EU contribution € 469 375,00 Address CAMPUS DA CAPARICA QUINTA DA TORRE 2829-516 Caparica Portugal See on map Region Continente Área Metropolitana de Lisboa Área Metropolitana de Lisboa Activity type Research Organisations Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 469 375,00 Participants (11) Sort alphabetically Sort by Net EU contribution Expand all Collapse all FRAUNHOFER GESELLSCHAFT ZUR FORDERUNG DER ANGEWANDTEN FORSCHUNG EV Germany Net EU contribution € 588 412,50 Address HANSASTRASSE 27C 80686 Munchen See on map Region Bayern Oberbayern München, Kreisfreie Stadt Activity type Research Organisations Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 588 412,50 CONSIGLIO NAZIONALE DELLE RICERCHE Italy Net EU contribution € 435 000,00 Address PIAZZALE ALDO MORO 7 00185 Roma See on map Region Centro (IT) Lazio Roma Activity type Research Organisations Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 435 000,00 UNIVERSITATEA TEHNICA CLUJ-NAPOCA Romania Net EU contribution € 431 250,00 Address STR MEMORANDUMULUI 28 400114 Cluj Napoca See on map Region Macroregiunea Unu Nord-Vest Cluj Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 431 250,00 FUNDACION CENTRO TECNOLOXICO DE TELECOMUNICACIONS DE GALICIA Spain Net EU contribution € 441 750,00 Address CARRETERA DO VILAR 58 36214 VIGO See on map Region Noroeste Galicia Pontevedra Activity type Research Organisations Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 441 750,00 UNIVERSIDAD DE MURCIA Spain Net EU contribution € 439 687,50 Address AVENIDA TENIENTE FLOMESTA S/N - EDIFICIO CONVALECENCIA 30003 Murcia See on map Region Sur Región de Murcia Murcia Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 439 687,50 RESILTECH SRL Italy Net EU contribution € 408 750,00 Address VIA B GIGLI 27 LATIGNANO PISA 56021 Cascina See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Centro (IT) Toscana Pisa Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 408 750,00 HOLISUN SRL Romania Net EU contribution € 429 375,00 Address STRADA CARBUNARI 8 430397 Baia Mare See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Macroregiunea Unu Nord-Vest Maramureş Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 429 375,00 TTTECH AUTO AG Austria Net EU contribution € 292 755,00 Address OPERNGASSE 17-21 1040 Wien See on map Region Ostösterreich Wien Wien Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 420 382,50 Third-party Legal entity other than a subcontractor which is affiliated or legally linked to a participant. The entity carries out work under the conditions laid down in the Grant Agreement, supplies goods or provides services for the action, but did not sign the Grant Agreement. A third party abides by the rules applicable to its related participant under the Grant Agreement with regard to eligibility of costs and control of expenditure. TTTECH COMPUTERTECHNIK AG Austria Net EU contribution € 127 627,50 Address SCHONBRUNNER STRASSE 7 1040 Wien See on map Region Ostösterreich Wien Wien Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 127 627,50 7BULLS.COM SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA Poland Net EU contribution € 395 000,00 Address AL ARMII LUDOWEJ 26 00-609 WARSZAWA See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Makroregion województwo mazowieckie Warszawski stołeczny Miasto Warszawa Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 395 000,00 INTERACTIVE FULLY ELECTRICAL VEHICLES SRL Italy Net EU contribution € 540 625,00 Address VIA CARLE 1 12048 Sommariva Del Bosco Cn See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Nord-Ovest Piemonte Cuneo Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Total cost € 540 625,00
