Horizon 2020 Security

Similar documents
Cybersecurity & Digital Privacy in the Energy sector

13967/16 MK/mj 1 DG D 2B

Secure Societies Work Programme Call

H2020 & THE FRENCH SECURITY RESEARCH

H2020 WP Cybersecurity PPP topics

Security and resilience in Information Society: the European approach

EU policy on Network and Information Security & Critical Information Infrastructures Protection

ENISA EU Threat Landscape

Cybersecurity Package

Information sharing in the EU policy on NIS & CIIP. Andrea Servida European Commission DG INFSO-A3

Cyber Security in Europe

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

ERCI cybersecurity seminar Guildford ERCI cybersecurity seminar Guildford

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

Shaping the Cyber Security R&D Agenda in Europe, Horizon 2020

European Union Agency for Network and Information Security

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

The NIS Directive and Cybersecurity in

Call for Expressions of Interest

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

H Work programme SC7 Secure Societies. October 2017, Trondheim

Societal Challenge

Research Infrastructures and Horizon 2020

European Directives and reglements for Information security

Big Data Value cppp Big Data Value Association Big Data Value ecosystem

Directive on security of network and information systems (NIS): State of Play

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Package of initiatives on Cybersecurity

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe

5972/17 GT/cb 1 DG G 3 C

The Future of Solid State Lighting in Europe

ehealth Ministerial Conference 2013 Dublin May 2013 Irish Presidency Declaration

Khoen LIEM. Industrial Policy. A systematic approach for Civil Security: From EU Security- Research Policy

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

COUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593

CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''

RESOLUTION 130 (Rev. Antalya, 2006)

NIS-Directive and Smart Grids

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Horizon 2020 Info Days

ESFRI Strategic Roadmap & RI Long-term sustainability an EC overview

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18

H2020 Opportunities in the Area of Security and Critical Infrastructure Protection

Opportunities in H2020 Secure Societies. Michael Murphy PhD. 12 th Dec 2016

Leading the Digital Transformation from the Centre of Government

THE CYBER SECURITY ENVIRONMENT IN LITHUANIA

The EuroHPC strategic initiative

Recommendations on the Future of Security Research Towards Framework Programme 9

Digital Security. Rafael Tesoro Carretero DG CNECT, Unit H1 - Cybersecurity & Digital Privacy

Discussion on MS contribution to the WP2018

Cyber Security Beyond 2020

Secure Societies in 2015

Commonwealth Cyber Declaration

Securing Europe's Information Society

GENERIC CONTROL SYSTEM ARCHITECTURE FOR CRITICAL INFRASTRUCTURE PROTECTION

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

CHAIR S SUMMARY: G7 ENERGY MINISTERS MEETING

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

Between 1981 and 1983, I worked as a research assistant and for the following two years, I ran a Software Development Department.

ENISA s Position on the NIS Directive

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

Birgit Morlion. DG Communications Networks, Content and Technology (DG CONNECT)

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

NIS Directive : Call for Proposals

RESOLUTION 130 (REV. BUSAN, 2014)

Striving for efficiency

European Cybersecurity PPP European Cyber Security Organisation - ECSO November 2016

EU LEIT-ICT program and SE position on FP9

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

EISAS Enhanced Roadmap 2012

HORIZON 2020 WORK PROGRAMME I: INFORMATION AND COMMUNICATION TECHNOLOGIES

RESOLUTION 45 (Rev. Hyderabad, 2010)

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

Summary. Strategy at EU Level: Digital Agenda for Europe (DAE) What; Why; How ehealth and Digital Agenda. What s next. Key actions

Angela McKay Director, Government Security Policy and Strategy Microsoft

***I DRAFT REPORT. EN United in diversity EN. European Parliament 2018/0328(COD)

Cyber Security in Europe and CEER s new PEER initiative

Experience of the Tunisian Participation to the EU s Horizon 2020 Framework Programme as an Associated Country

Interoperability and transparency The European context

ESRIF & Working Group Innovation WG 9. Alois J. Sieber Chairman ESRIF WG # 9

EU Security research in support to Critical Infrastructure Protection

Cyber Security in Smart Commercial Buildings 2017 to 2021

Directive on Security of Network and Information Systems

Position Paper of the ASD Civil Aviation Cybersecurity Taskforce

Global cybersecurity and international standards

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

EU Research for Secure Societies

The UK s National Cyber Security Strategy

IGF 2018 Workshop Proposals Pre-Evaluation Figures

Digital Platforms for 'Interoperable and smart homes and grids'

GDPR - How it may clear up the digital market. Anett Mádi-Nátor, Cyber Services Plc.

MOTION FOR A RESOLUTION

Digitising European industry

Regional Development Forum For the Arab States(RDF-ARB) 2018

The commission communication "towards a general policy on the fight against cyber crime"

Future-Proof Security & Privacy in IoT

German Research Strategy in the Area of Civil Security Research

Transcription:

Horizon 2020 Security Best Practices for Security Proposal Writing Armand Nachef Coordinator of the French Security NCP Consortium, CEA armand.nachef@cea.fr

KEY MESSAGES FOR PUTTING TOGETHER A HORIZON 2020 PROPOSAL 1. Understand the real political reasons of the call for proposals (especially for the security calls) 2. Think at a holistic SYSTEM level 3. Start your proposal by writing the expected impact and after having a very clear idea about How to impact. The impact part of the proposal should be written by the practitioners 4. Structure your consortium to respond to all expected impacts 2

1. Political reasons of the call for proposals 3

SU-INFRA PROTECTING THE INFRASTRUCTURE OF EUROPE AND THE PEOPLE IN THE EUROPEAN SMART CITIES

GENERAL INFORMATION ON THE CALL/TOPIC Year Topic (Type of Action) Title Budget (M ) Deadline SU-INFRA01-2018-2019-2020 (IA) SU-INFRA02-2019 (IA) Combined physical and cyber threats Soft" targets in Smart Cities 22,0 16,0 22 Aug 2019

THE REASONING BEHIND THE INFRA CALL Threats against crowded areas and disruptions in the operation of our countries' infrastructure. Reducing the vulnerabilities of critical infrastructure and increasing their resilience is one of the major objectives of the EU. An adequate level of protection must be ensured and the detrimental effects of disruptions on the society and citizens must be limited as far as possible. Recent terrorist attacks have shown a focus on so-called soft targets, which may have less longterm physical impact but which may be highly damaging in terms of victims and subsequent psychological and sociological impacts.

POLICY CONTEXT - CIP CIP Policy: Directive 2008/114/EC Identification and designation of EU Critical Infrastructure European Programme for CI Protection (COM (2006) 786) NIS Directive (UE) 2016/1148 Main priorities on CIP: Identification of tools, including indicators, to protect CIs from Hybrid Threats; Methods and tools for addressing insider threats to CI, such as background checks and awareness raising in cooperation with relevant authorities; New challenges to CIP and emerging threats (e.g. cyber, insider threats, drones ) Other: CI Risk assessment methods, transnational cooperation, civ-mil cooperation / cooperation with international orgs.

POLICY CONTEXT - PROTECTION PUBLIC SPACES COM(2017) 612 Action Plan protection of public spaces Guidance material and Exchange of best practices to support MS. Improving cooperation between local actors and the private sector Increased financial support: 18.5 million from the ISF. Further 100 million from the Urban Innovative Actions. COM(2018) 845 final - SU Progress Report, Dec. 2018 State of play Main priorities on Protection of Public Spaces Focus on known threats but also on emerging threats (e.g. drones, CBRN attacks) Enhance cooperation between public actors, private actors and citizens. New solutions to protect EU cities while maintaining their openness and not creating new vulnerabilities. Consider the human factor. SRE 2018 Panel on Protection of Public Spaces Take a look at the conference proceedings!!

SU-DS DIGITAL SECURITY CYBERSECURITY AND DIGITAL PRIVACY

SU-DS : 2018 2020 Year Topic (Type of Action) Title Budget (M ) Deadline SU_DS03-2019-2020 (IA) SU-DS05-2018-2019 (RIA) SU-DS05-2018-2019 (IA) Digital Security and privacy Critical sectors: Privacy Accountability Critical sectors: Privacy Accountability 18,0 10,0 10,0 22 Aug 2019

EVOLVING THREAT LANDSCAPE IN CYBERSECURITY Proliferation of (poorly secured) IoT devices Blurring lines between state and non-state actors Hybrid attacks on western democracies Fake news Evolving cybercrime business models Cyber espionage on the rise Dependence on foreign security technologies Persisting critical infrastructure vulnerabilities Attempts to promote new internet governance model Vulnerabilities of third countries 11

POLICY CONTEXT (1/5) Digital Single Market Strategy COM(2015) 192; European Agenda for Security COM(2015) 185; 12

POLICY CONTEXT (2/5) NIS Directive Directive (EU) 2016/1148 of 6/7/2016 concerning measures for a high common level of security of network and information systems across the Union; eidas Regulation (EU) 910/2016 of 23.7.2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC; General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679 of 27.4.2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data; Communication on "Strengthening Europe's Cyber Resilience System and Fostering a Competitive and Innovative Cybersecurity Industry" COM(2016) 410 of 5.7.2016; Contractual Public-Private Partnership on Cybersecurity July 2016; 13

POLICY CONTEXT (3/5) Proposal for an e-privacy regulation concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) - COM(2017) 10 of 10.1.2017; State of the Union 2017 - speech of the President of the Commission (13/09/2017) cyber-attacks can be more dangerous to the stability of democracies and economies than guns and tanks; there is a need for a Europe that protects, empowers and defends; the priority is to better protect Europe in the digital age; Cybersecurity Package 2017 (13/09/2017) Joint Communication JOIN(2017)450: The Commission announced the intention to create a Cybersecurity Competence Network with a European Cybersecurity Research and Competence Centre. 14

POLICY CONTEXT (4/5) Conclusions from the Tallinn Digital Summit (29/09/2017): "We should make Europe a leader in cybersecurity by 2025, in order to ensure the trust, confidence, and protection of our citizens, consumers and enterprises online and to enable a free and law-governed internet." "Europe needs a common European approach to cybersecurity. Europe has to function as a single European cyberspace and a single cybersecurity market, including in terms of world-class and state-of-the-art security certification and joint standards, operational capacity, and collective crisis response." 15

POLICY CONTEXT (5/5) Council Conclusions (20 November 2017) "21. WELCOMES the intention to set up a Network of Cybersecurity Competence Centres to stimulate the development and deployment of cybersecurity technologies and to offer an additional impetus to innovation for the EU industry on the global scene in the development of next-generation and breakthrough technologies, such as artificial intelligence, quantum computing, blockchain and secure digital identities; 22. STRESSES the need for the Network of Cybersecurity Competence Centres to be inclusive towards all Member States and their existing centres of excellence and competence and pay special attention to complementarity and with this in mind NOTES the planned European Cybersecurity and Research Centre, which should, as its key role, focus on ensuring complementarity and avoiding duplication within the Network of Cybersecurity Competence Centres and with other EU agencies;" 16

2. Think at a holistic SYSTEM level 17

THE 5 PRINCIPLES IN SYSTEM ARCHITECTURE Every system has a mission All stakeholders and concerns should be identified Every system component should have an owner A high-level model should describe the system Data is important and should be considered 18

ISO 42012 standard Requirements for Describing System, Software and Enterprise Architectures aims to standardize the practice of architecture description by defining standard terms 19

MAIN BENEFITS OF USING ARCHITECTURAL DESCRIPTIONS 1. Communicate among clients, acquirers, suppliers and developers as a part of contract negotiations; 2. Communicate among parties involved in the development, production, deployment, operation and maintenance of a system; 3. Analyze and evaluate alternative architectures; 4. Establish criteria for certifying implementations for conformance to an architecture

FIVE MAIN ACTORS IN HORIZON 2020 SECURITY PROJETS: 1. Policy makers o o Define the policy objectives and provide the overall strategic direction Topics in the security research calls are supporting the implementation of the different policies in the different domains 2. Practitioners o Define the operational requirements to ensure achievement of intended policy objective 3. Researchers (RTOs and Academia) o o 4. Industry o o o 5. Citizens o o o o Understand underlying phenomena Look beyond the state-of-the-art Private and public sector to work hand in hand in developing a vision for tomorrow's security ecosystem Without the commitment of security industry, innovative solutions would remain trapped in endless cycles of research A strong EU security market is fundamental to increase the competitiveness of the industrial base and the level of confidence in the security of supply for strategic technologies All Calls have a Human Factor embedded within. A better integration of the societal dimension means more trust and resilience A better societal consideration into technological requirements means socially compatible solutions. Understanding of causes and societal roots of a an event and of human behavior (anticipation).

THE MAIN ROLES OF PRACTITIONERS IN THE SECURITY PROJECTS Identify the innovation needs and requisites: o System functional features o capabilities, and behaviour o Expected operational impact o Ethics & legal aspects Verify & Validate the requirements and possibly the architecture Define use case scenarios Provide human and material resources to build Pilots / Demos Perform tests: o functional testing, o smoke and sanity testing, o test scenarios Validate the solution Dissemination activities It s very important to know your role in the V-Model 22

V-MODEL V-Models are still pertinent universal graphical representations of a systems development lifecycle There are many V-Models o 2 examples of V-Models: The role of practitioners is on the top of the V-Model 23

V-MODEL AND METHODOLOGIES V-models can fil with all methodologies: agile, formal, semi-formal, traditional, 24

3. The impact part of the proposal should be written by the practitioners/operators. Start your proposal by writing the expected impact and after having a clear idea about how-to-impact 25

Writing the impact part Define the architecture as a whole (high level view) Describe the value chain and all stakeholders Define how the results will impact each stakeholder Describe how the new system will affect its environment Define the steps needed to achieve the mid-term and long-term impacts 26

4. Structure your consortium to respond to all expected impacts 27

Build your consortium Choose the most relevant partners in the set that you have described in the impact part Choose partners according to the TRLs to reach 28

PARTNER SEARCH Your own network Annual Security Information Day, Brokerage event, & SMI2G in Brussels Events organised by the National Contact Points (NCPs) NCP Personalised support & assistance in partner search SEREN4 SEREMA Enterprise Europe Network (EEN) cooperation opportunities database EC Partner search site CORDIS partner search platform 29

STRICTLY FOLLOW THE PROPOSAL TEMPLATE 30

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback