ATLANTIS aims at enhancing resilience and Cyber-Physical-Human (CPH) security of the key EU Critical Infrastructures, going beyond the scope of distinct assets, systems, and single CI, by addressing resilience at the systemic level against major natural hazards and complex attacks that could potentially disrupt vital functions of the society. The mission of ATLANTIS, which involves 39 European partners with complementary roles and skills, is to improve the resilience and the protection capabilities of interconnected ECI exposed to evolving systemic risks due to existing and emerging large-scale, combined, cyber-physical threats and hazards, guarantee the continuity of operations, while minimizing cascading effects in the infrastructure itself, the environment, other CIs, and the involved population, enabling public and private actors to meet current and emerging challenges by adopting sustainable security solutions. The mission of ATLANTIS will be achieved by - Improving knowledge on large-scale, vulnerability assessment and long-term systemic risks. - Improving the systemic resilience of ECI, through novel, adaptive, flexible, and customizable security measures (“by design”) and tools (“by innovation”). - Improving effective cooperation among CI operators and government security stakeholders, while preserving CI autonomy and sovereignty. - Delivering an open TRL-7 technological framework that will provide the ECIs with AI -based solutions for increased AWARENESS, CAPABILITY and COOPERATION in managing systemic threats. The ATLANTIS solution will be validated and demonstrated in 3 large-scale cross-border and cross-sector pilots: - LSP#1: Cross-Border/Cross Domain Large Scale Pilot in Transport, Energy and Telecoms (Slovenia, Croatia, Italy and France); - LSP#2: Cross Domain Large Scale Pilot in Health, Logistics/Supply Chain and Border control (Cyprus, Greece and Croatia); - LSP#3: Cross-Country Large-Scale Pilot in FinTech/Financial (Spain, Germany, Cyprus).

The health sector is steadily becoming the de facto target for cyberattacks. Based on the most recent ENISA report at the end of 2018, cybersecurity incidents have shown that the healthcare sector is one of the most vulnerable. Focusing specifically on Electronic Medical Devices (EMD), they suffer from numerous and multi-layered vulnerabilities . Default, weak or no password authentication for remote connections, unencrypted traffic or obsolete and insecure cryptographic algorithms, unsupported operating systems, outdated, unmanaged and vulnerable software are among the most serious problems that jeopardise both their smooth operation and the data aggregated and stored. The vision of HEIR is to provide a thorough threat identification and cybersecurity knowledge base system addressing both local (in the hospital / medical centre) and global (including different stakeholders) levels, that comprises the following pillars: (i) Real time threat hunting services, facilitated by advanced machine learning technologies, supporting the identification of the most common threats in electronic medical systems based on widely accepted methodologies such as the OWASP Top 10 Security Risks and the ENISA Top 15 Threats; (ii) Sensitive data trustworthiness sharing facilitated by the HEIR privacy aware framework; (iii) Innovative Benchmarking based on the calculation of the Risk Assessment of Medical Applications (RAMA) score, that will measure the security status of every medical device and provide thorough vulnerability assessment of hospitals and medical centres; (iv) The delivery of an Observatory for the Security of Electronic Medical Devices; an intelligent knowledge base accessible by different stakeholders, providing advanced visualisations for each threat identified in RAMA and facilitating global awareness on EMD-related threats. Last, HEIR will set up a broad European network for establishing good security practice in all regulatory frameworks to reduce market access.

The objectives of SEARCH are truly ground-breaking, seeking to enable extensive data aggregation and analysis while safeguarding the integrity and privacy of original datasets through synthetically derived proxies. This initiative is designed to address biomedical challenges in Europe and offer translational solutions that will ultimately contribute to the advancement of personalised medicine. Unlike traditional data-sharing platforms that mainly focus on technical obstacles, SEARCH adopts an innovative approach by addressing legal, ownership, and subject privacy concerns. It specifically targets distributed institutional repositories that are hesitant to share multimodal clinical data, overcoming security concerns through a combination of clinical synthetic data proxies and a Federated Learning framework. Until synthetic data proxies gain wider acceptance, this combined strategy aimed at alleviating security concerns, facilitates the scalability required for AI analysis and promotes creative public-private data collaborations. SEARCH will offer advanced data federation capabilities, incorporating unique Synthetic Data Generation features to create various data types, including those not comprehensively addressed currently (e.g., wearable device data, image sequences, and genomic data). Through curated access to these novel digital tools, SEARCH will facilitate convenient access for the healthcare industry and research community to address bottlenecks and challenges in the development of novel tools for personalized prevention, diagnosis and treatment based on explainable AI. Moreover, SEARCH will provide agreed-upon gold standard synthetic datasets for evaluating the performance of biomedical AI solutions. SEARCH aims to consolidate European Innovation and Research endeavours by promoting public and private collaborations to unlock the potential for innovation in the digital healthcare sector.

The massive increase in data collected and stored worldwide calls for new ways to preserve privacy while still allowing data sharing among multiple data owners. Today, the lack of trusted and secure environments for data sharing inhibits data economy while legality, privacy, trustworthiness, data value and confidentiality hamper the free flow of data. By the end of the project, MUSKETEER aims to create a validated, federated, privacy-preserving machine learning platform tested on industrial data that is inter-operable, scalable and efficient enough to be deployed in real use cases. MUSKETEER aims to alleviate data sharing barriers by providing secure, scalable and privacy-preserving analytics over decentralized datasets using machine learning. Data can continue to be stored in different locations with different privacy constraints, but shared securely. The MUSKETEER cross-domain platform will validate progress in the industrial scenarios of smart manufacturing and health. MUSKETEER strives to (1) create machine learning models over a variety of privacy-preserving scenarios, (2) ensure security and robustness against external and internal threats, (3) provide a standardized and extendable architecture, (4) demonstrate and validate in two different industrial scenarios and (5) enhance data economy by boosting sharing across domains. The MUSKETEER impact crosses industrial, scientific, economic and strategic domains. Real-world industry requirements and outcomes are validated in an operational setting. Federated machine learning approaches for data sharing are innovated. Data economy is fostered by creating a rewarding model capable of fairly monetizing datasets according to the real data value. Finally, Europe is positioned as a leader in innovative data sharing technologies.

Advances in healthcare IT systems have resulted in complex socio-technical architectures, which deliver integrated and patient-centered services. All these transformations, in addition to clinical benefits, they also introduce risks including security risks that need to be understood and managed, reduced to acceptable levels. There are numerous reports of new types of security vulnerabilities for this kind of architectures, which challenge the effectiveness of the current security tools. MEDSECURANCE will conceive novel methodologies, infrastructures, and technologies that enable an effective, harmonious and continuous development and evolution of secure system engineering management activities in Internet of Medical Things (IoMT). Our objective is to advance knowledge and basic understanding of decision making in diverse IoMT threat landscapes based on different system and component level interactions. This is accomplished via the development of a novel holistic strategy that considers the interdependence of several IoMT subsystems, information exchange, risk thresholds, and regulatory ramifications. We provide scalable and verifiable secure system engineering management solution(s) that capture, communicate, and act on these complexities in order to improve decision-making in cyber defence while automating cybersecurity assurance. Our solution(s) will be co-developed and validated with our medical industry user partners, and complemented by engagement of healthcare industry stakeholders in support of the recommendations to existing guidelines that will also be developed in the project.