ERATOSTHENES will devise a novel distributed, automated, auditable, yet privacy-respectful, Trust and Identity Management Framework intended to dynamically and holistically manage the lifecycle of IoT devices, strengthening trust, identities, and resilience in the entire IoT ecosystem, supporting the enforcement of the NIS directive, GDPR and Cybersecurity Act. ERASTOSTHENES will leverage breakthrough solutions: (a) the first-ever enclosure of cybersecurity features in IoT devices through deployment of Trust Agents and continuous trust evaluation within the network in a contextual and social approach; (b) decentralised identity management mechanisms to conciliate requirements of self-sovereignty and privacy preservation in a distributed/transparent trust model along with disposable identities; (c) self-encryption/decryption at device-level with a whole system automated recovery process (incl. software, crypto-key material, identities) after an attack based on a multi-layer recovery model; (d) threat-analysis models based on federated learning and edge execution to continuously monitor devices and detect attacks; (e) collaborative IoT threat intelligence sharing across ledgers to adapt detection/defense mechanism to the evolving security conditions and assist the IoT life-cycle; (f) integration of Physical Unclonable Functions in trust framework and distributed ledgers. Finally, it will support enforcement of the NIS directive with a security information sharing mechanism based on inter-ledger technologies to support exchange of trust and security information among stakeholders, enhancing collaboration, vulnerabilities’ disclosure, and secure management of software updates. The overall vision of ERATOSTHENES is to provide core cybersecurity features to be adopted by manufacturers as baseline certification elements in the production of devices and throughout their entire lifecycle. The solution will be validated in 3 industrial cases: Automotive, Health, Industry 4.0.

EMERALDSs vision is to design, develop and create an urban data-oriented Mobility Analytics as a Service (MAaaS) toolset, consisting of the so-called emeralds services, compiled in a proof-of-concept prototype, capable of exploiting the untapped potential of extreme urban mobility data. The toolset will enable the stakeholders of the urban mobility ecosystem to collect and manage ubiquitous spatio-temporal data of high-volume, high-velocity and of high-variety, analyse them both in online and offline settings, import them to real-time responsive AI/ML algorithms and visualize results in interactive dashboards, whilst implementing privacy preservation techniques at all data modalities and at all levels of its architecture. The toolset will offer advanced capabilities in data mining (searching and processing) of large amounts and varieties of urban mobility data and its efficiency will be assessed, validated and demonstrated in three TRL5 pilot use cases (by following a co-development approach with mobility and city stakeholders to improve decision making in urban smart city environments), and deployed/showcased in two early adopters data-driven TRL6 applications (by integrating the new services to existing systems to improve commercial offerings).

SILVANUS envisages to deliver an environmentally sustainable and climate resilient forest management platform through innovative capabilities to prevent and combat against the ignition and spread of forest fires. The platform will cater to the demands of efficient resource utilisation and provide protection against threats of wildfires encountered globally. The project will establish synergies between (i) environmental; (ii) technology and (iii) social science experts for enhancing the ability of regional and national authorities to monitor forest resources, evaluate biodiversity, generate more accurate fire risk indicators and promote safety regulations among citizens through awareness campaigns. The novelty of SILVANUS lies in the development and integration of advanced semantic technologies to systematically formalise the knowledge of forest administration and resource utilisation. Additionally, the platform will integrate a big-data processing framework capable of analysing heterogeneous data sources including earth observation resources, climate models and weather data, continuous on-board computation of multi-spectral video streams. Also, the project integrates a series of sensor and actuator technologies using innovative wireless communication infrastructure through the coordination of aerial vehicles and ground robots. The technological platform will be complemented with the integration of resilience models, and the results of environmental and ecological studies carried out for the assessment of fire risk indicators based on continuous surveys of forest regions. The surveys are designed to take into consideration the expertise and experience of frontline fire fighter organisations who collectively provide support for 47,504x104 sq. meters of forest area within Europe and across international communities. The project innovation will be validated through 11 pilot demonstrations across Europe and internationally using a two sprint cycle.

IoT developers face a very fragmented landscape made of very different devices, from bare metal devices with few KB of RAM and limited or no security protection to devices equipped with powerful support for AI and with built-in hardware (HW) to implement Root of Trust (RoT) and Trusted Execution Environments (TEE). Such different devices coexist, and it is an open challenge to guarantee an acceptable level of security across the whole system to avoid “easy” entry points for attackers. The complexity is further exacerbated by the existence of many HW platforms, general purpose but also domain specific, each implementing proprietary instances of RoT and TEE that prevent or make it very difficult for applications and security services to interoperate. CROSSCON aims at addressing all these issues by designing a new open, flexible, highly portable and vendor independent IoT security stack that can run across a variety of different edge devices and multiple HW platforms to offer a consistent security baseline across an entire IoT system. A high-level assurance is guaranteed by the formal verification of the stack specifications. CROSSCON stack offers a unified set of trusted APIs to the layers above. It is modular and among all the security features it offers is possible to configure only the ones needed depending on the underlined HW and firmware. It leverages the security features already implemented in the layers below. In case such security features are missing, like in bare metal devices, the stack offers an entire TEE implementation suitable for such devices. As devices are getting more powerful and use cases more complex, there is the need to add new trusted services as building blocks to implement security at the higher levels, such as protection of the models given in input to ML engines embedded in HW or support for biometrics and template protections. CROSSCON provides the open specifications of the stack along with an open-source reference implementation.

The 6G vision for an open, distributed and user-centric evolution of the current SBA core network creates many security challenges and risks. The disaggregated heterogeneous cloud continuum (i.e. distributed cloud system with many stakeholders located in different regions, while private, public, or hybrid clouds are considered for the formation of the continuum), in conjunction with softwarization and IT-based infrastructure operations, set the stage for risks and challenges to trustworthiness in the 6G era. On top of the open and distributed 6G core over the edge-cloud continuum, SAFE-6G proposes a holistic research approach aimed to design, develop and validate a 6G-ready native trustworthiness framework by enabling user-centric safety, security, privacy, resilience, reliability functions. By utilizing (X)AI/ML techniques to cognitively coordinate and balance these functions, in order to optimize the Level of Trust (LoT), which realises the trust requirements and data governance policy that each user/tenant/human-role specifies, a feature that is considered an essential KVI for user-centric 6G. The proposed SAFE-6G framework covers the whole trustworthiness 6G lifecycle by applying trustworthiness analysis, realisation and post-evaluation during the whole user-centric service provision, from onboarding and deployment to operation and decomposition. Verification and validation of the proposed SAFE-6G framework will be performed at the Stream C SNS 6G-SANDBOX Athens platform using two Metaverse-based pilots. The immersive-applications will be tested considering different 6G system setups, different service flavors and deployments, under various threats and attacks.