Innovating Works
SU-DS02-2020
SU-DS02-2020: Intelligent security and privacy management
Specific Challenge:In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy management in a holistic and dynamic way. Organisations must constantly forecast, monitor and update the security of their ICT systems, relying as appropriate on Artificial Intelligence and automation, and reducing the level of human intervention necessary.
Sólo fondo perdido 18M €
Europeo
Esta convocatoria está cerrada Esta línea ya está cerrada por lo que no puedes aplicar. Cerró el pasado día 27-08-2020.
Se espera una próxima convocatoria para esta ayuda, aún no está clara la fecha exacta de inicio de convocatoria.
Por suerte, hemos conseguido la lista de proyectos financiados!
Presentación: Consorcio Consorcio: Esta ayuda está diseñada para aplicar a ella en formato consorcio.
Número mínimo de participantes.
Esta ayuda financia Proyectos: Objetivo del proyecto:

Specific Challenge:In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy management in a holistic and dynamic way. Organisations must constantly forecast, monitor and update the security of their ICT systems, relying as appropriate on Artificial Intelligence and automation, and reducing the level of human intervention necessary.

Security threats to complex ICT infrastructures, which are multi-tier and interconnected, computing architectures, can have multi-faceted and cascading effects. Addressing such threats requires organisations to collaborate and seamlessly share information related to security and privacy management.

The increasing prevalence and sophistication of the Internet of Things (IoT) and Artificial Intelligence (AI) broadens the attack surface and the risk of propagation. This calls for tools to automatically monitor and mitigate security risks, including those related to data and algorithms. Moreover, storage and processing of data in different interconnected places may increase the dependency on trusted third parties to coordinate transactions.

Advanced security... ver más

Specific Challenge:In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy management in a holistic and dynamic way. Organisations must constantly forecast, monitor and update the security of their ICT systems, relying as appropriate on Artificial Intelligence and automation, and reducing the level of human intervention necessary.

Security threats to complex ICT infrastructures, which are multi-tier and interconnected, computing architectures, can have multi-faceted and cascading effects. Addressing such threats requires organisations to collaborate and seamlessly share information related to security and privacy management.

The increasing prevalence and sophistication of the Internet of Things (IoT) and Artificial Intelligence (AI) broadens the attack surface and the risk of propagation. This calls for tools to automatically monitor and mitigate security risks, including those related to data and algorithms. Moreover, storage and processing of data in different interconnected places may increase the dependency on trusted third parties to coordinate transactions.

Advanced security and privacy management approaches include designing, developing and testing: (i) security/privacy management systems based on AI, including highly-automated analysis tools, and deceptive technology and counter-evasion techniques without necessary human involvement; (ii) AI-based static, dynamic and behaviour-based attack detection, information-hiding, deceptive and self-healing techniques; (iii) immersive and highly realistic, pattern-driven modelling and simulation tools, supporting computer-aided security design and evaluation, cybersecurity/privacy training and testing; and (iv) real-time, dynamic, accountable and secure trust, identity and access management in order to ensure secure and privacy-enabling interoperability of devices and systems.


Scope:Proposals are invited to address one of the sub-topics below. In addition, it would be an asset for proposals to include solutions for hands-on and state-of-the-art training, such as cybersecurity exercises.

Four pilot projects are launched under Horizon 2020 LEIT ICT, as a result of the call H2020-SU-ICT-2018, topic SU-ICT-03-2018 “Establishing and operating a pilot for a Cybersecurity Competence Network to develop and implement a common Cybersecurity Research & Innovation Roadmap”. Proposals should therefore foresee actions to collaborate with these four projects and also with similar ongoing projects funded under H2020, and take account of the results and work done in other relevant H2020 projects on cybersecurity/privacy.

SME participation is strongly encouraged.

(a): Dynamic governance, risk management and compliance

Proposals should develop and integrate beyond state-of-the-art approaches to security and privacy management which are: automated, dynamic and adaptive, allowing to identify the vulnerabilities, threats, such as advanced persistent threats, and attacks (including zero-day attacks).

Proposals should include pilots with significant scale involving complex ICT systems and addressing several of the following: forecasting, risk-based situation awareness, evidence-based system and software assessment, visualisation techniques, real-time monitoring and alerts with high level of accuracy, support to fair automated decision-making, run-time adaptation and autonomous recovery from faulty states.

Proposals should address the technical, operational, financial and ethical dimensions of cybersecurity. Concrete application cases should be foreseen. Adapted tools, techniques and formats for collaborative security/privacy event management and reporting should be proposed. Solutions involving advanced, highly representative simulation environments (cyber-ranges) might be proposed.

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 7; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 2 and 5 million would allow this specific challenge to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Innovation Action

(b): Cyber-threat information sharing and analytics

Proposals should develop and test threat detection frameworks, which should to the extent possible include: (i) collaborative, open, and dynamic repositories of information on threats and vulnerabilities; (ii) build on and update existing ontologies, taxonomies and models; (iii) dynamic tools for automated detection with advanced analytic capabilities, and where possible response and recovery; (iv) accountability and audit techniques; and (v) synchronised real time self- encryption/decryption schemes with recovery capabilities.

Novel technologies enabling collaboration in cyber threat intelligence and alerting should be proposed, taking into consideration not only technical aspects, but also human aspects such as behavioural patterns, gender differences, privacy, ethics, sovereignty, psychology, linguistic and cultural boundaries.

The tools and services that will be developed should be in a position to support the operations of CERTs/CSIRTs and networks of CERTs/CSIRTs. Proposals should develop incident response tools and test respective processes for coordinated response to large-scale cross-border cybersecurity incidents and crises in line with Commission Recommendation (EU) 2017/1584 of 13 September 2017 on coordinated response to large-scale cybersecurity incidents and crises.[1]

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 7; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 2 and 5 million would allow this specific challenge to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Innovation Action

(c): Advanced security and privacy solutions for end users or software developers

Proposals should develop automated tools for checking the security and privacy of data, systems, online services and applications, in view to support end users or software developers (possibly including developers of AI solutions) in their efforts to select, use and create trustworthy digital services. Proposals should address real application cases and at least one of the following services: automatic code generation, code and data auditing, trustworthy data boxes, forensics, certification and assurance, cyber insurance, cyber and AI ethics, and penetration testing.

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 6; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 2 and 5 million would allow this specific challenge to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Research and Innovation Action

(d): Distributed trust management and digital identity solutions

With particular consideration to IoT contexts, applicants should propose and test/pilot innovative approaches addressing both of the following points: (i) distributed, dynamic and automated trust management and recovery solutions; and (ii) developing novel approaches to managing the identity of persons and/or objects, including self-encryption/decryption schemes with recovery ability. Proposals should address real application cases.

The outcome of the proposal is expected to lead to development up to Technology Readiness level (TRL) 5-6; please see Annex G of the General Annexes.

The Commission considers that proposals requesting a contribution from the EU of between EUR 3 and 6 million would allow this area to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Type of Action: Research and Innovation Action


Expected Impact:

In the short term, project outcomes should make relevant contributions to the following:

reduced number and impact of cybersecurity incidents;efficient and low-cost implementation of the NIS Directive and General Data Protection Regulation;effective and timely co-operation and information sharing between and within organisations as well as self-recovery;availability of comprehensive, resource-efficient, and flexible security analytics and threat intelligence, keeping pace with new vulnerabilities and threats;availability of advanced tools and services to the CERTs/CSIRTs and networks of CERTs/CSIRTs;an EU industry better prepared for the threats to IoT, ICS (Industrial Control Systems), AI and other systems;self–recovering, interoperable, scalable, dynamic privacy-respecting identity management schemes. In the medium to long term, project outcomes should make relevant contributions to the following:

availability of better standardisation and automated assessment frameworks for secure networks and systems, allowing better-informed investment decisions related to security and privacy;availability and widespread adoption of distributed, enhanced trust management schemes including people and smart objects;availability of user-friendly and trustworthy on-line products, services and business;better preparedness against attacks on AI-based products and systems;a stronger, more innovative and more competitive EU cybersecurity industry, thus reducing dependence on technology imports;a more competitive offering of secure products and services by European providers in the Digital Single Market.
Cross-cutting Priorities:Socio-economic science and humanitiesContractual Public-Private Partnerships (cPPPs)CybersecurityGender


[1]https://eur-lex.europa.eu/legal-content/GA/TXT/?uri=CELEX:32017H1584

ver menos

Temáticas Obligatorias del proyecto: Temática principal:

Características del consorcio

Ámbito Europeo : La ayuda es de ámbito europeo, puede aplicar a esta linea cualquier empresa que forme parte de la Comunidad Europea.
Tipo y tamaño de organizaciones: El diseño de consorcio necesario para la tramitación de esta ayuda necesita de:

Características del Proyecto

Requisitos de diseño: Duración:
Requisitos técnicos: Specific Challenge:In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy management in a holistic and dynamic way. Organisations must constantly forecast, monitor and update the security of their ICT systems, relying as appropriate on Artificial Intelligence and automation, and reducing the level of human intervention necessary. Specific Challenge:In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy management in a holistic and dynamic way. Organisations must constantly forecast, monitor and update the security of their ICT systems, relying as appropriate on Artificial Intelligence and automation, and reducing the level of human intervention necessary.
¿Quieres ejemplos? Puedes consultar aquí los últimos proyectos conocidos financiados por esta línea, sus tecnologías, sus presupuestos y sus compañías.
Capítulos financiables: Los capítulos de gastos financiables para esta línea son:
Personnel costs.
Los costes de personal subvencionables cubren las horas de trabajo efectivo de las personas directamente dedicadas a la ejecución de la acción. Los propietarios de pequeñas y medianas empresas que no perciban salario y otras personas físicas que no perciban salario podrán imputar los costes de personal sobre la base de una escala de costes unitarios
Purchase costs.
Los otros costes directos se dividen en los siguientes apartados: Viajes, amortizaciones, equipamiento y otros bienes y servicios. Se financia la amortización de equipos, permitiendo incluir la amortización de equipos adquiridos antes del proyecto si se registra durante su ejecución. En el apartado de otros bienes y servicios se incluyen los diferentes bienes y servicios comprados por los beneficiarios a proveedores externos para poder llevar a cabo sus tareas
Subcontracting costs.
La subcontratación en ayudas europeas no debe tratarse del core de actividades de I+D del proyecto. El contratista debe ser seleccionado por el beneficiario de acuerdo con el principio de mejor relación calidad-precio bajo las condiciones de transparencia e igualdad (en ningún caso consistirá en solicitar menos de 3 ofertas). En el caso de entidades públicas, para la subcontratación se deberán de seguir las leyes que rijan en el país al que pertenezca el contratante
Amortizaciones.
Activos.
Otros Gastos.
Madurez tecnológica: La tramitación de esta ayuda requiere de un nivel tecnológico mínimo en el proyecto de TRL 5:. Los elementos básicos de la innovación son integrados de manera que la configuración final es similar a su aplicación final, es decir que está listo para ser usado en la simulación de un entorno real. Se mejoran los modelos tanto técnicos como económicos del diseño inicial, se ha identificado adicionalmente aspectos de seguridad, limitaciones ambiéntales y/o regulatorios entre otros. + info.
TRL esperado:

Características de la financiación

Intensidad de la ayuda: Sólo fondo perdido + info
Fondo perdido:
0% 25% 50% 75% 100%
1. Eligible countries: described in Annex A of the Work Programme.
A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon 2020 projects. See the information in the Online Manual.
 
2. Eligibility and admissibility conditions: described in Annex B and Annex C of the Work Programme. 
 
Proposal page limits and layout: please refer to Part B of the proposal template in the submission system below.
 
3. Evaluation:
Evaluation criteria, scoring and thresholds are described in Annex H of the Work Programme. 
Submission and evaluation processes are described in the Online Manual.
Grants will be awarded to proposals according to the ranking list. However, for the 2020 topics only, in order to ensure a balanced portfolio of supported actions, at least the highest-ranked proposal per sub-topic will be funded provided that it attains all thresholds.
 
4. Indicative time for evaluation and grant agreements:
Information on the outcome of evaluation (single-stage call): maximum 5 months from the deadline for submission.
Signature of grant agreements: maximum 8 months from the deadline for submission. 
 
5. Proposal templates, evaluation forms and model grant agreements (MGA):
Research and Innovation Action:...
1. Eligible countries: described in Annex A of the Work Programme.
A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon 2020 projects. See the information in the Online Manual.
 
2. Eligibility and admissibility conditions: described in Annex B and Annex C of the Work Programme. 
 
Proposal page limits and layout: please refer to Part B of the proposal template in the submission system below.
 
3. Evaluation:
Evaluation criteria, scoring and thresholds are described in Annex H of the Work Programme. 
Submission and evaluation processes are described in the Online Manual.
Grants will be awarded to proposals according to the ranking list. However, for the 2020 topics only, in order to ensure a balanced portfolio of supported actions, at least the highest-ranked proposal per sub-topic will be funded provided that it attains all thresholds.
 
4. Indicative time for evaluation and grant agreements:
Information on the outcome of evaluation (single-stage call): maximum 5 months from the deadline for submission.
Signature of grant agreements: maximum 8 months from the deadline for submission. 
 
5. Proposal templates, evaluation forms and model grant agreements (MGA):
Research and Innovation Action:
Specific provisions and funding rates
Standard proposal template
Standard evaluation form
General MGA - Multi-Beneficiary
Annotated Grant Agreement
Innovation Action:
Specific provisions and funding rates
Standard proposal template
Standard evaluation form
General MGA - Multi-Beneficiary
Annotated Grant Agreement
 
6. Additional provisions:
Horizon 2020 budget flexibility
Classified information
Technology readiness levels (TRL) – where a topic description refers to TRL, these definitions apply
Members of consortium are required to conclude a consortium agreement prior to the signature of the grant agreement.
8. Additional documents:
1. Introduction WP 2018-20
14. Secure societies – protecting freedom and security of Europe and its citizens WP 2018-20
 
General annexes to the Work Programme 2018-2020
Legal basis: Horizon 2020 Regulation of Establishment
Legal basis: Horizon 2020 Rules for Participation
Legal basis: Horizon 2020 Specific Programme
 
 
7. Open access must be granted to all scientific publications resulting from Horizon 2020 actions.
Where relevant, proposals should also provide information on how the participants will manage the research data generated and/or collected during the project, such as details on what types of data the project will generate, whether and how this data will be exploited or made accessible for verification and re-use, and how it will be curated and preserved.
Open access to research data
The Open Research Data Pilot has been extended to cover all Horizon 2020 topics for which the submission is opened on 26 July 2016 or later. Projects funded under this topic will therefore by default provide open access to the research data they generate, except if they decide to opt-out under the conditions described in Annex L of the Work Programme. Projects can opt-out at any stage, that is both before and after the grant signature.
Note that the evaluation phase proposals will not be evaluated more favourably because they plan to open or share their data, and will not be penalised for opting out.
Open research data sharing applies to the data needed to validate the results presented in scientific publications. Additionally, projects can choose to make other data available open access and need to describe their approach in a Data Management Plan.
Projects need to create a Data Management Plan (DMP), except if they opt-out of making their research data open access. A first version of the DMP must be provided as an early deliverable within six months of the project and should be updated during the project as appropriate. The Commission already provides guidance documents, including a template for DMPs. See the Online Manual.
Eligibility of costs: costs related to data management and data sharing are eligible for reimbursement during the project duration.
The legal requirements for projects participating in this pilot are in the article 29.3 of the Model Grant Agreement.
 
Garantías:
No exige Garantías
No existen condiciones financieras para el beneficiario.

Información adicional de la convocatoria

Efecto incentivador: Esta ayuda tiene efecto incentivador, por lo que el proyecto no puede haberse iniciado antes de la presentación de la solicitud de ayuda. + info.
Respuesta Organismo: Se calcula que aproximadamente, la respuesta del organismo una vez tramitada la ayuda es de:
Meses de respuesta:
Muy Competitiva:
No Competitiva Competitiva Muy Competitiva
El presupuesto total de la convocatoria asciende a
Presupuesto total de la convocatoria.
Minimis: Esta línea de financiación NO considera una “ayuda de minimis”. Puedes consultar la normativa aquí.

Otras ventajas

Sello PYME: Tramitar esta ayuda con éxito permite conseguir el sello de calidad de “sello pyme innovadora”. Que permite ciertas ventajas fiscales.
H2020-SU-DS-2018-2019-2020 Intelligent security and privacy management Specific Challenge:In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy m...
Sin info.
SU-DS03-2019-2020 Digital Security and privacy for citizens and Small and Medium Enterprises and Micro Enterprises
en consorcio:
Cerrada hace 2 años | Próxima convocatoria prevista para el mes de
SU-DS04-2018-2020 Cybersecurity in the Electrical Power and Energy System (EPES): an armour against cyber and privacy attacks and data breaches
en consorcio:
Cerrada hace 4 años | Próxima convocatoria prevista para el mes de
SU-DS02-2020 Intelligent security and privacy management
en consorcio: Specific Challenge:In order to minimise security risks, ICT systems need to integrate state-of-the-art approaches for security and privacy m...
Cerrada hace 4 años | Próxima convocatoria prevista para el mes de
SU-DS05-2018-2019 Digital security, privacy, data protection and accountability in critical sectors
en consorcio:
Cerrada hace 5 años | Próxima convocatoria prevista para el mes de
SU-DS01-2018 Cybersecurity preparedness - cyber range, simulation and economics
en consorcio: Specific Challenge:The digital infrastructure, upon which other sectors, businesses and society at large critically depend, must be resilien...
Cerrada hace 6 años | Próxima convocatoria prevista para el mes de