HORIZON EUROPE
Europeo
Expected Impact:The outcomes should contribute to:
A stronger, more competitive, and technologically independent European Defence Technological and Industrial Base (EDTIB) when it comes to solutions for cybersecurity penetration test automatisation and capability to test the security posture of operational computer networks and emulate threat agents during training, exercises, and system tests.Enhanced security for EU Member States and EDF Associated Countries and more capable and interoperable forces performing cyber defence operations,Promote cooperative efforts in this area leveraging the implementation of EU Policy on Cyber Defence (EPCD) Objective:Unmanned vehicles (UxV) such as drones, ground vehicles, and surface/underwater vessels are bound to become an integral part of military operations. Advanced autonomous capabilities are being developed for these systems to enable them to carry out different missions, both with and without human intervention, thus increasing efficiency and minimising risk. From a security perspective, this poses various new challenges that need to be properly resolved to deploy these vehicles in real missions and exploit their full potent...
ver más
Expected Impact:The outcomes should contribute to:
A stronger, more competitive, and technologically independent European Defence Technological and Industrial Base (EDTIB) when it comes to solutions for cybersecurity penetration test automatisation and capability to test the security posture of operational computer networks and emulate threat agents during training, exercises, and system tests.Enhanced security for EU Member States and EDF Associated Countries and more capable and interoperable forces performing cyber defence operations,Promote cooperative efforts in this area leveraging the implementation of EU Policy on Cyber Defence (EPCD) Objective:Unmanned vehicles (UxV) such as drones, ground vehicles, and surface/underwater vessels are bound to become an integral part of military operations. Advanced autonomous capabilities are being developed for these systems to enable them to carry out different missions, both with and without human intervention, thus increasing efficiency and minimising risk. From a security perspective, this poses various new challenges that need to be properly resolved to deploy these vehicles in real missions and exploit their full potential.
The cyber-physical nature of UxVs affects security in various way. It brings the attack surface of a typical computer (network) into a new context where successful cyber-attacks can have serious consequences in the physical world, while imposing new physical and operational constraints on available and well-established cyber security controls. New attack vectors emerge, and threat models need to be revised. If autonomous capabilities that rely heavily on sensor data to make their decisions are employed, the environment itself can become a new attack vector, as it can be manipulated to exploit vulnerabilities in these new capabilities. Sensors themselves become a new part of the threat model, and the protection of confidentiality of data on the vehicles needs to be weighed against the protection of the availability of effectors and actuators and the integrity of control information.
Specific objective
Designing appropriate security controls for UxVs requires capabilities to identify and evaluate complex trade-offs between data protection, cybersecurity and assured autonomy to best support a mission. Automating parts of the analysis process is necessary to handle the complexity of this task, including processing large amount of data, reducing costs and risks associated with testing physical systems, and producing structured and traceable documentation.
Existing security and safety approaches may be tailored to suit UxVs so that they can be made both secure and robust against well-known deliberate and accidental threats, however new solutions are expected. An additional challenge is whether UxVs can be made resilient in the sense that they can still react in a way that minimises the consequences, and possibly allows for alternative ways to complete the mission autonomously, in the presence of a successful cyber-attack.
This call topic contributes to the STEP objectives, as defined in STEP Regulation, in the target investment area of deep and digital technologies.
Scope:The capability of UxVs to be resilient so that they can minimise the consequences of an cyber-attack, and allowing for alternative ways to complete the mission autonomously, is called in this context autonomous cyber defence, which is consisting of four main components: monitoring, detecting, reacting, and reconfiguring (or learn). A central part of this capability is the ability to monitor the system and detect potentially harmful anomalies, but also to understand the risk associated with both their impact and possible responses. For instance, if a malware was detected on a UxV trying to exfiltrate classified data, and the source was a malicious component critical for flight, the system might have to evaluate the risk and feasibility associated to either: preventing a breach of confidentiality by shutting down the malicious component and crash onto the ground, thus possibly damaging people or infrastructure; accepting the loss of data to prevent the UxV from crashing; or reconfiguring itself to perform an emergency landing while gradually shutting down the rotors in time to prevent significant data leakage.
A “risk-evaluation engine” is central to this capability to generate risk-based courses of actions (CoA) that take into consideration the effect of each action on the various assets connected to the UxV that need to be protected. This includes the mission goals the UxV supports, the confidential information on the UxV and the safety of the UxV itself and its surroundings. This presupposes a sufficient understanding of the UxV´s systems, its interactions, the environment and the dependencies between the UxV´s capabilities and the mission. Additionally, the anomalies should be detected with a high degree of precision to estimate their potential effect before they compromise the UxV beyond repair.
Types of activities
The following types of activities are eligible for this topic:
Types of activities
(art 10(3) EDF Regulation)
Eligible
(a)
Activities that aim to create, underpin and improve knowledge, products and technologies, including disruptive technologies, which can achieve significant effects in the area of defence (generating knowledge)
Yes
(mandatory)
(b)
Activities that aim to increase interoperability and resilience, including secured production and exchange of data, to master critical defence technologies, to strengthen the security of supply or to enable the effective exploitation of results for defence products and technologies (integrating knowledge)
Yes
(mandatory)
(c)
Studies, such as feasibility studies to explore the feasibility of new or upgraded products, technologies, processes, services and solutions
Yes
(mandatory)
(d)
Design of a defence product, tangible or intangible component or technology as well as the definition of the technical specifications on which such design has been developed, including partial tests for risk reduction in an industrial or representative environment
Yes
(mandatory)
(e)
System prototyping of a defence product, tangible or intangible component or technology (prototype)
No
(f)
Testing of a defence product, tangible or intangible component or technology
No
(g)
Qualification of a defence product, tangible or intangible component or technology
No
(h)
Certification of a defence product, tangible or intangible component or technology
No
(i)
Development of technologies or assets increasing efficiency
across the life cycle of defence products and technologies
No
The following tasks must be performed as part of the mandatory activities of the proposals:
Generating knowledge: Develop suitable military scenarios where autonomous vehicles are applied, including mission objectives and mission risks.Attack modelling and catalogue of threats/attacks suitable for both the vehicles and given scenarios.Catalogues of assets/functionality/capabilities required to perform the mission/scenario.Catalogue of security controls and measures; both to prevent attacks and to detect and respond. These are to be cyber-physical and may be both in the cyber and physical domain. Integrating knowledge: Develop and/or enhance simulation environments (digital twins) in order to simulate scenarios, including applying attacks and defensive measures (both in cyber and physical domain).Development, adaption and/or enhancement of suitable preventive security measures/controls for autonomous cyber defence.Development of monitoring and detection capabilities, possibly based on AI, for autonomous cyber defence.Development of capabilities to understand and contextualise detected incidents, events and produce suitable response based on risk and mission goal, which can be autonomously applied to environment. Studies Ethical and legal considerations for autonomous cyber defence in such cyber-physical domain.Understand effect and limitation of preventive security measures. Design Proof of concept implementation of autonomous cyber defence with both preventive measures and abilities to detect and respond to cyber-attacks.Test of implementation in realistic military operational scenarios and/or military exercises. Functional requirements
The proposals should meet the following functional requirements:
Improve robustness and resilience of UxVs against threats and attacks in the cyber domain.Improve knowledge of the effects and limitations of both preventive security measures and capabilities to detect and respond autonomously to attacks in the cyber domain.
ver menos
Características del consorcio
:
La ayuda es de ámbito europeo, puede aplicar a esta linea cualquier empresa que forme parte de la Comunidad Europea.
Características del Proyecto
Los costes de personal subvencionables cubren las horas de trabajo efectivo de las personas directamente dedicadas a la ejecución de la acción. Los propietarios de pequeñas y medianas empresas que no perciban salario y otras personas físicas que no perciban salario podrán imputar los costes de personal sobre la base de una escala de costes unitarios
Los otros costes directos se dividen en los siguientes apartados: Viajes, amortizaciones, equipamiento y otros bienes y servicios. Se financia la amortización de equipos, permitiendo incluir la amortización de equipos adquiridos antes del proyecto si se registra durante su ejecución. En el apartado de otros bienes y servicios se incluyen los diferentes bienes y servicios comprados por los beneficiarios a proveedores externos para poder llevar a cabo sus tareas
La subcontratación en ayudas europeas no debe tratarse del core de actividades de I+D del proyecto. El contratista debe ser seleccionado por el beneficiario de acuerdo con el principio de mejor relación calidad-precio bajo las condiciones de transparencia e igualdad (en ningún caso consistirá en solicitar menos de 3 ofertas). En el caso de entidades públicas, para la subcontratación se deberán de seguir las leyes que rijan en el país al que pertenezca el contratante
Características de la financiación
Proposal page limits and layout: described in Part B of the Application Form available in the Submission System.
2. Eligible Countriesdescribed in section 6 of the call document.
3. Other Eligible Conditionsdescribed in section 6 of the call document.
4. Financial and operational capacity and exclusiondescribed in section 7 of the call document.
5a. Evaluation and award: Submission and evaluation processesdescribed section 8 of the call document and the Online Manual.
5b. Evaluation and award: Award criteria, scoring and thresholdsdescribed in section 9 of the call document.
5c. Evaluation and award: Indicative timeline for evaluation and grant agreementdescribed in section 4 of the call document.
6. Legal and financial set-up of the grantsdescribed in section 10 of the call document.
Call document and annexes: Call document
Application form templates
Standard application form (EDF) — the application form specific to this call is available in the Submission System
Detailed budget table (EDF LS RA)
Participant information (EDF)
List of infrastructure, facilities, assets and resources (EDF)
Actual indirect cost methodology declaration (EDF) 
Ownership control declaration 
PRS declaration (EDF) 
Model Grant Agreements (MGA)
EDF, ASAP and EDIRPA... Conditions1. Admissibility Conditions: Proposal page limit and layoutdescribed in section 5 of the call document.
Proposal page limits and layout: described in Part B of the Application Form available in the Submission System.
2. Eligible Countriesdescribed in section 6 of the call document.
3. Other Eligible Conditionsdescribed in section 6 of the call document.
4. Financial and operational capacity and exclusiondescribed in section 7 of the call document.
5a. Evaluation and award: Submission and evaluation processesdescribed section 8 of the call document and the Online Manual.
5b. Evaluation and award: Award criteria, scoring and thresholdsdescribed in section 9 of the call document.
5c. Evaluation and award: Indicative timeline for evaluation and grant agreementdescribed in section 4 of the call document.
6. Legal and financial set-up of the grantsdescribed in section 10 of the call document.
Call document and annexes: Call document
Application form templates
Standard application form (EDF) — the application form specific to this call is available in the Submission System
Detailed budget table (EDF LS RA)
Participant information (EDF)
List of infrastructure, facilities, assets and resources (EDF)
Actual indirect cost methodology declaration (EDF) 
Ownership control declaration 
PRS declaration (EDF) 
Model Grant Agreements (MGA)
EDF, ASAP and EDIRPA Lump Sum MGA 
Additional documents: EDF Annual Work Programme
EDF Regulation 2021/697
EDF Programme Security Instruction (PSI)
 
EU Financial Regulation 2024/2509
Rules for Legal Entity Validation, LEAR Appointment and Financial Capacity Assessment 
EU Grants AGA — Annotated Model Grant Agreement 
Funding & Tenders Portal Online Manual 
Funding & Tenders Portal Terms and Conditions 
Funding & Tenders Portal Privacy Statement
Información adicional de la convocatoria
Otras ventajas
