In recent years, the majority of the world's Critical Infrastructures CIs evolved to become more flexible, cost efficient and able to offer better services and conditions for business opportunities. Towards this evolution, CIs and companies offering CI services had to adopt many of the recent advances of the Information and Communication Technologies (ICT) field. This adaptation however, was rather hasty and without thorough evaluation of its impact on security. The result was to leave CIs vulnerable to a who the new set of threats and attacks that impose high levels of risk to the public safety, economy and welfare of the population. In so far, the main approach to protect CIs is to handle them as comprehensive entities and offer them a complete solution for their overall infrastructures and systems (IT&OT departments). However Complete CI protection solutions exist in the form of individual products from individual companies. These products integrate only and tools/solutions designed by the same company, thus offering limited technical solutions. The main aim of CIPSEC is to create a unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection in IT (information technology) and OT (operational technology) departments of CIs. As part of this framework CIPSEC will offer a complete security ecosystem of additional services that can support the proposed technical solutions to work reliably and at professional quality. These services include vulnerability tests and recommendations, key personnel training courses, public-private partnerships (PPPs) forensics analysis, standardization and protection against cascading effects. All solutions and services will be validated in three pilots performed in three different CI environments (transportation, health, environment). CIPSEC will also develop a marketing strategy for optimal positioning of its solutions in the CI security market.

Fog computing brings cloud computing capabilities closer to the end-device and users, while enabling location-dependent resource allocation, low latency services, and extending significantly the IoT services portfolio as well as market and business opportunities in the cloud sector. With the number of devices exponentially growing globally, new cloud and fog models are expected to emerge, paving the way for shared, collaborative, extensible mobile, volatile and dynamic compute, storage and network infrastructure. When put together, cloud and fog computing create a new stack of resources, which we refer to as Fog-to-Cloud (F2C), creating the need for a new, open and coordinated management ecosystem. The mF2C proposal sets the goal of designing an open, secure, decentralized, multi-stakeholder management framework, including novel programming models, privacy and security, data storage techniques, service creation, brokerage solutions, SLA policies, and resource orchestration methods. The proposed framework is