Organisations across the sectors significantly benefit from digital transformation to support evolving business models, services and customer experience. Despite the benefits of digital infrastructure adoption, there are numerous security challenges that could pose any digital disruption and risks for the critical service delivery and overall business continuity. There is a need to understand the overall digital infrastructure context and analyse and predict the possible threats and incidents in real-time so that quick and accurate responses can be taken into consideration for ensuring resilience of service delivery. Additionally, collaborative response and sharing of threat intelligence information is necessary to create overall awareness and increase the response capability of all stakeholders within the ecosystem. CyberSecDome will integrate advanced virtuality reality (VR) to extend the capability of the security solutions aiming to enhance security, privacy and resilience of the Digital Infrastructure. The project will consider AI-enabled security solutions to provide a better prediction of cybersecurity threats and related risks towards an efficient and dynamic incident management and optimise collaborative response among the stakeholders within the Digital Infrastructure ecosystem. CyberSecDome project is built on a collaboration of 15 organisations from 6 EU member states (IT, DE, IE, SE, EL, CY) and 2 affiliated countries (UK, CH), which is composed by 5 industrial partners, 6 scientific partners and 5 SMEs. The project will be coordinate by MAGGIOLI SPA.

The contemporary AI landscape demands a holistic framework ensuring security across the supply chain and entire AI lifecycle. Despite existing adversarial attack techniques, a comprehensive end-to-end flow for identifying threats and vulnerabilities with associated risks is lacking. The EU, through initiatives like the AI Act, emphasizes safety and trustworthiness in AI applications but lacks a system managing weaknesses in a networked AI-supply chain. The CoEvolution project integrates its architecture components to create an end-to-end Security, Trust, and Robustness (STR) assessment solution, generating context-aware AI models characterized by their AI Model Bill of Materials (AIMBOM). The goal is a universal hub providing a coherent STR risk assessment and security assurance flow, aligning with MLDevOps and EU AI regulatory frameworks. The paradigm includes novel AI model descriptions, AIMBOM management, security monitoring, and context awareness. CoEvolution introduces a new STR paradigm based on Bills-of-Materials, offering a unified approach to describing AI models in supply chains, ensuring STR compliance with EU directives on trust, fairness, data governance, and GDPR guidelines. Open source trusted datasets and CoEvolution-developed AI models enhance the hub's capabilities, aiming for a robust, adaptable risk analysis and security assessment framework aligned with evolving AI cybersecurity threats.

SYNAPSE aims to design, develop & deliver an Integrated Cyber Security Risk & Resilience Management Platform, with holistic Situational Awareness, Incident Response & Preparedness capabilities. The proposed platform will encompass: (i) Incident Response through process automation and orchestration mechanisms, also covering organisational/business aspects (e.g., business continuity processes); (ii) AI-enhanced Situational Awareness, encompassing extraction & analytics of actionable and pertinent Cyber Threat Intelligence (CTI), along with attack early warning & threat hunting systems; (iii) Preparedness through cybersecurity, privacy & business continuity training, covering different training delivery means, allowing it to tailor the delivery method to the content; (iv) Technical & economic risk management, integrating outputs of (i)-(iii) above and supporting risk-benefit analyses (including what-if scenarios) to inform decision-making and enable risk transfer schemes with Smart Contract-enabled cybersecurity insurance; (v) Continuous feedback between (i)-(iv) above, along with standards-based sharing, alerting & reporting (intra- & inter- Member State), based on outputs of (i)-(iii) above, thus enabling the establishment of shared situational awareness, coordinated response and joint preparedness

As Internet of Things (IoT) and IoT-Edge-Cloud continuum technologies advance, physical environments are becoming increasingly equipped with sensors, fuelling the development of smart space ecosystems. Massive quantities of data produced by IoT devices revolutionize the way such ecosystems operate via the exploitation of AI models/services. This has led to the emergence of the so-called Artificial Intelligence of Things (AIoT) systems. In general, designing techniques to promote robustness, efficiency and continual operation of AIoT systems requires realistic and trustworthy data at scale. However, such data is not always easy to obtain due to the cost of smart space construction, the inconvenience of long-term device tracking, the sensor/knowledge data gaps in diverse scenarios of a smart space, and the restrictions imposed on sensitive data sharing. Furthermore, an efficient AIoT system operation requires trustworthy AI services, as well as novel approaches for speeding up their inference across the IoT-Edge/Cloud continuum. PANDORA aims to devise and implement a comprehensive framework enabling the delivery of trustworthy datasets of smart space ecosystems, as well as the deployment and green operation of AIoT systems in such spaces. PANDORA spans two phases: (1) prior to AIoT system deployment; (2) post AIoT system deployment and operation. Phase 1 proposes and combines a series of novel techniques such as synthetic data generation, quantification of uncertainties, and data summarization for the delivery of trustworthy datasets, as well as explainable AI and domain-informed model training/testing in smart space ecosystems. Phase 2 defines novel AIaaS and CaaS techniques for the robust, explainable, green and continual operation of AIoT systems deployed in such spaces. The trustworthiness and applicability of the PANDORA framework will be tested through five pilot cases hosting AIoT applications in smart buildings, factories and critical infrastructures.

Cybersecurity certification as introduced by the EU Cybersecurity Act (EUCSA) will play a crucial role in increasing the trust to and security of ICT Products, ICT Services and ICT Processes. Cybersecurity certification is a complex process, posing a variety of challenges to the different interested parties. This proposal introduces the CUSTODES, a system comprised of a variety of components with the aim to provide trustworthy, cost-effective, agile and portable conformity assessment capabilities, to a variety of interested parties, covering multiple Assurance levels of Composite ICT products or ICT services. The CUSTODES system will discover and translate certification information of the Building Blocks of the composite ICT products or Services under evaluation, will provide Certification information to the interested parties and will share information on newly identified vulnerabilities related to the specific blocks or composite products as needed increasing transparency, re-usability and trust. It will also utilize a Restricted & Trusted Execution (RTE) Environment, to ensure the chain of custody of the product under assessment. CUSTODES will be validated in three pilots, a) one of two Class I composite products with digital elements, b) one of an ICT product with an embedded AI component and c) a final one of the as-a-service functionality through EIT Digital extensive digital ecosystem. The CUSTODES project is built on a collaboration of 17 organisations from 11 EU member states and third countries. The Consortium which includes 3 Conformity Assessment Organizations is composed by 10 SMEs, 3 large industry partners, 2 research organizations, and 2 public organizations/associations. The Consortium is led by RISE which has extensive experience in national and European research projects, and numerous collaborations with industrial partners.