With the emergence of the digitization of information, ICT infrastructure and communications gave an unprecedented push towards the realization of truly interconnected passenger transport ecosystems at city-level. The emerging notion of multimodality supports a plethora of diverse transport services, typically offered from a central location. There however, the complex interconnected infrastructures ease the cyber-threats propagation while the underlying mosaic of fleets, personal hand-held devices and non-standardized data types increase the system's attack surface and require the authorities collaboration to proactively handle severe incidents. CitySCAPE leverages the skills and mature technology of its 15-partner consortium to systematically explore all different cybersecurity dimensions of multimodal transport. These dimensions will drive a characterization of the cyber-threats in the ICT multimodal transport, extended to the close-by power and financial sector. Innovative software tools will be introduced to estimate the threats propagation in the system. Then, CitySCAPE will realize a modular software toolkit enabled to be seamlessly integrated into any multimodal transport system to: a)detect suspicious traffic-data values and identify persistent threats; b)evaluate an attack's impact in technical and notably in financial terms; c)combine external knowledge and internally-observed activities to enhance the predictability of zero-day attacks; d)instantiate a networked overlay to circulate informative notifications to CERT authorities and support their interplay. The CitySCAPE solution will be tested over a timely set of use-cases involving ticketing applications, cyber-fraud and location data in the regional transport system of two European cities, where extensive experiments will showcase its effectiveness. The findings will steer training sessions of expert/non-expert audience and shape a strong standardization contribution to security (labelling) protocols.

The FORESIGHT project aims to develop a federated cyber-range solution to enhance the preparedness of cyber-security professionals at all levels and advance their skills towards preventing, detecting, reacting and mitigating sophisticated cyber-attacks. This is achieved by delivering an ecosystem of networked realistic training and simulation platforms that collaboratively bring unique cyber-security aspects from the aviation, smart grid and naval domains. The proposed platform will extend the capabilities of existing cyber-ranges and will allow the creation of complex cross-domain/hybrid scenarios to be built jointly with the IoT domain. Emphasis is given on the design and implementation of realistic and dynamic scenarios that are based on identified and forecasted trends of cyber-attacks and vulnerabilities extracted from cyber-threat intelligence gathered from the dark web; this will enable cyber-security professionals to rapidly adapt to an evolving threat landscape. The development of advanced risk analysis and econometric models will prove to be valuable in estimating the impact of cyber-risks, selecting the most appropriate and affordable security measures, and minimising the cost and time to recover from cyber-attacks. Innovative training curricula, guiding cyber-security professionals to implement and combine security measures using new technologies and established learning methodologies, will be created and employed for training needs; they will be linked to professional certification programs and be supported by learning platforms. Aside from the development of skills, the project aims at a holistic approach to cyber-threat management with the ultimate goal of cultivating a strong security culture. As such, the project puts considerable emphasis on research and development (i.e. research on cyber-threats, development of novel ideas, etc) as the key to increasing training dynamics and awareness methods for exceeding the rate of evolution of cyber-attackers

Over 25 million European SMEs/MEs, central within EU enterprise policy, face multiple challenges related to personal data protection; ranging from awareness, to a clear and practical roadmap to compliance, the most prominent one is the fact that, unlike larger enterprises, SMEs/MEs lack access to enterprise-grade cybersecurity technology and capacity-building for compliance, making them increasingly often victims of costly data breaches. Although, according to studies, small and micro businesses declare openness to invest in regulatory compliance, including for consultants and technology, millions of European SMEs/MEs still fail to comply with GDPR while their managers are confused about basic data security concepts, like data stewardship, encryption and secure communication. This presents a clear gap between cybersecurity- and privacy-related spending and its actual effect in personal data protection compliance. SENTINEL aspires to bridge this gap by boosting SMEs/MEs capabilities in this domain through innovation, at a cost-effective level. SENTINEL will integrate tried-and-tested modular cybersecurity technologies with fresh, ambitious ones, such as a novel Identity Management System for human-centric data portability, enabling a unified “European Data Space” and an end-to-end digital personal data protection compliance self-assessment framework for SMEs, into a unified digital architecture. The data from these modules will then undergo disruptive Intelligence for Compliance through SENTINEL’s digital core, featuring machine learning-powered recommendations, policy drafting & enforcement for compliance and a ‘one-stop-shop’ incident response centre. Combined with a well-researched methodology for application, an open knowledge sharing hub and a wide-reaching plan for experimentation, SENTINEL will catalyse adoption of market-leading security tech among SMEs/MEs and help safeguard their and their customers’ assets.

ICT4CART, totally aligned with the work programme, is providing an ICT infrastructure to enable the transition towards road transport automation. To meet this high level objective ICT4CART is bringing together, adapting and improving technological advances from different industries, mainly telecom, automotive and IT. It adopts a hybrid communication approach where all the major wireless technologies, i.e. cellular, ITS G5 and LTE-V, are integrated under a flexible “sliced” network architecture. This architecture will ensure performance and resilience for different groups of applications according to the needs of higher levels of automation (L3 & L4). On top of that, a distributed IT environment for data aggregation and analytics will be implemented. This offers seamless integration and exchange of data and services between all the different actors, allowing 3rd parties to develop, deliver and provide innovative services, thus creating new business opportunities. Cyber-security and data privacy aspects will be duly considered throughout the whole ICT infrastructure. In addition, novel accurate localisation services, exploiting the cellular network and information from other sources, such as on-board sensors, especially in complex areas (e.g. urban), will be addressed. Standardisation and interoperability are of high interest within ICT4CART in order to ensure the impact of the project towards enabling the transition to higher levels of automation. In this context issues related to the frequency spectrum will be investigated, while through the organisation of relevant workshops the engagement of policy makers and public authorities is ensured. To achieve its objectives ICT4CART, instead of working in generic solutions with questionable impact, it builds on four specific high-value use cases (urban and highway) which will be demonstrated and validated under real-life conditions at the test sites in Austria, Germany, Italy and across the Italian-Austrian border.

SeCoIIA aims at securing digital transition of manufacturing industry towards more connected, collaborative, flexible and automated production techniques. It fosters user-driven application cases from aeronautics, automotive and naval construction sectors. Collaboration is considered from Organization to Organization (O2O), but also from Machine to Machine (M2M), Machine to Human (M2H) and Human to Human (H2H) perspectives. Enhanced process monitoring, optimization and control is achieved by intelligent use digital twin technology, Industrial IoT, Cloud Manufacturing (CMfg), collaborative robotics and Industrial AI. The collaborative approach triggers a virtuous cycle of growth and innovation, irrigating the full value chain, from very large to very small actors. Now reaching this step requires due diligence to security implications. The transition from hierarchized supply chains to collaborative networks of smart factories opens an attack surface so far never reached. Manufacturing operators are untrained to the manipulation of vulnerable cyber-physical assets. The deployment of smart sensors over distributed shop floors requires time sensitive communication security measures. Enhanced collaboration on manufacturing activities may not safely apply without collaborative security monitoring and incident response. Last but not least, the increased reliance on machine-learning based decision making sets a technical challenge in terms of security assurance and a legal challenge in terms of accountability and law enforcement. These are the challenges that SeCoIIA intends to address through the development of 12 key capabilities which will be assessed in various configurations through 3 ambitious demonstration campaigns lead by pilot users. With 4 large strategic industry players, 4 highly innovative SMEs and 4 highly recognized research centres, SeCoIIA consortium is best suited to achieve enhanced competitiveness and resilience for European manufacturing industry.