Railway infrastructures are moving towards more intelligent, connected, user-centric and collaborative systems. While it brings many advantages for the industry and users, it also poses new opportunities for cyber-criminals and terrorists. CYRail aims to deliver tailored specifications and recommendations for secure modern rail systems design and operation. The challenges are multiple: wide and distributed geographical display of rail systems limit the traditional cyber-protection and cyber-defence tools & practices; the heterogeneous nature of rail systems make them vulnerable to blended attacks; the collaboration with other transportation infrastructures increase the number of points for attack; new passenger-centric services may expose rail systems to threats known in the IoT; last but not least, ICT supporting these trends are not necessarily trusted for critical applications. CYRail will address those challenges through a methodical diagnosis and specification process, enforced at each step of the cyber-security chain: operational context and scenarios will be defined, followed by a security assessments of railway systems. An analysis of threats targeting those infrastructures will be developed as well as innovative, attack detection and alerting techniques. Adapted mitigation plans and countermeasures will be defined, taking into account their potential impact on operations. Protection Profiles for railway control and signalling applications will be delivered to ensure security by design of new rail infrastructures. The CYRail consortium intends to take advantage of developments in other industries (aeronautics, automotive and energy) and bring them into the railway sector, taking similarities and specificities into account. The Consortium is comprised of a well-balanced group of 6 partners from 5 European countries with complementary skills. An Advisory Board is foreseen, to bring on board the expertise from stakeholders within the railway value chain.

The assurance of security, privacy, reliability and safety features is key-point to unlock the enormous potential that the connected vehicles systems paradigm i.e., the dynamic Cyberphysical system of highly-equipped infrastructure-connected vehicles with numerous third-party components, can offer towards safer transportation. The emerging systems expose a variety of wireless-communication and hardware interfaces which result in a large attack surface; thus, attempts to assess the degree of confidence that security needs are satisfied come with prohibited cost for automotive stakeholders and OEMs. SAFERtec project will leverage a highly-skilled consortium to first model the varying exposure of a prototype connected vehicle system to numerous threats appearing under two generic instances of the increasingly pervasive V2I setting. One relates to road-side unit communication while the other involves the interaction with cloud application and passengers' smart devices. Then, adopting a systematic vertical approach SAFERtec will obtain an in-depth look of the possible vulnerabilities performing penetration-testing on individual hardware components and upper-layer V2I applications. Considering the available security mechanisms a third party provider already applies to each module, SAFERtec will determine a corresponding protection profile as a summary of the identified risks. An innovative framework appropriately designed for unified and thus, cost-effective use across all modules will employ statistical tools and security metrics to quantify the involved security assurance levels and also feed the incomplete automotive standards. Research on dependability methods will then allow the framework's transition from individual modules to the connected vehicle system. All above results will be incorporated and made available through an open-access toolkit that will pave the way towards the cost-effective identification of security assurance levels for connected vehicle systems.

Addressing call topic area 3 (DR Technologies), DRIvE links together cutting edge science in Multi-Agent Systems (MAS), forecasting and cyber security with emerging innovative SMEs making first market penetration in EU DR markets. In doing so, near market solutions are strengthened with lower TRL, higher risk functionalities that support a vision of an “internet of energy” and “collaborative energy network.” From the research side, MAS will move closer to real time operations and progress from a limited number of assets toward decentralized management of a larger number of assets providing DR services to prosumers, grid stakeholders and DSOs. The research will deliver a fully-integrated, interoperable and secure DR Management Platform for Aggregators with advanced hybrid forecasting, optimization, fast-response capabilities and enhanced user participation components in a standard-compliant (Open ADR) market-regulated (USEF) manner, empowering a true cost-effective mass-market (100's millions of heterogenous assets). The project features 5 pilots across 3 countries consisting of a stadium, wind farm, 7-floor office, tertiary & residential buildings within medium-large districts, resulting in over 25 MW of potential flexible capacity. Direct engagement of 100 households and 2 tertiary buildings (over 1,000 persons) is attained and replication to over 75,000 persons is possible. The pilots will be running in real DSO environment with real engagement of grid players. Overall, DRIvE will make available average 20% of load in residential and tertiary buildings for use in DR, resulting in up to 30% cost-saving (price-based DR) and also maximizing revenue for prosumers (incentive-based DR). DRIvE will also allow a minimum 25% increase of renewable hosting capacity (distribution grid) and up to 30% of overall reduction of CAPEX and OPEX costs for DSOs. The project is female led and three women serve in management structure positions of responsibility.

SeCoIIA aims at securing digital transition of manufacturing industry towards more connected, collaborative, flexible and automated production techniques. It fosters user-driven application cases from aeronautics, automotive and naval construction sectors. Collaboration is considered from Organization to Organization (O2O), but also from Machine to Machine (M2M), Machine to Human (M2H) and Human to Human (H2H) perspectives. Enhanced process monitoring, optimization and control is achieved by intelligent use digital twin technology, Industrial IoT, Cloud Manufacturing (CMfg), collaborative robotics and Industrial AI. The collaborative approach triggers a virtuous cycle of growth and innovation, irrigating the full value chain, from very large to very small actors. Now reaching this step requires due diligence to security implications. The transition from hierarchized supply chains to collaborative networks of smart factories opens an attack surface so far never reached. Manufacturing operators are untrained to the manipulation of vulnerable cyber-physical assets. The deployment of smart sensors over distributed shop floors requires time sensitive communication security measures. Enhanced collaboration on manufacturing activities may not safely apply without collaborative security monitoring and incident response. Last but not least, the increased reliance on machine-learning based decision making sets a technical challenge in terms of security assurance and a legal challenge in terms of accountability and law enforcement. These are the challenges that SeCoIIA intends to address through the development of 12 key capabilities which will be assessed in various configurations through 3 ambitious demonstration campaigns lead by pilot users. With 4 large strategic industry players, 4 highly innovative SMEs and 4 highly recognized research centres, SeCoIIA consortium is best suited to achieve enhanced competitiveness and resilience for European manufacturing industry.

BRAIN-IoT focuses on complex scenarios where actuation and control are cooperatively supported by populations of IoT systems. The breakthrough targeted by BRAIN-IoT is to establish a framework and methodology supporting smart cooperative behaviour in fully de-centralized, composable and dynamic federations of heterogeneous IoT platforms. BRAIN-IoT tackles future business-critical and privacy-sensitive IoT scenarios subject to strict dependability requirements. In this complex setting, BRAIN-IoT enables smart autonomous behaviour in IoT scenarios involving heterogeneous sensors and actuators autonomously cooperating in complex, dynamic tasks. This is done by employing highly dynamic federations of heterogeneous IoT platforms able to support secure and scalable operations for future IoT use cases, backed by an open decentralized marketplace of IoT platform and smart features, supporting runtime deployment and reconfiguration. Open semantic models are used to enforce interoperable operations and exchange of data and control features, supported by model-based development tools to ease prototyping and integration of interoperable solutions. Overall, secure operations are guaranteed by a consistent framework providing AAA features in highly dynamic, distributed IoT scenarios, joint with solutions to embed privacy awareness and control features. The viability of the proposed approaches is demonstrated in two futuristic usage scenarios, namely Service Robotics and Critical Infrastructure Management, as well as through a series of proof-of-concept demonstrations in collaboration with on-going IoT large-scale pilot initiatives.