ECRYPT-CSA will strenghten European excellence in the area of cryptography and to build on the network of excellence ECRYPT and ECRYPTII to achieve a durable intergration and structuring of the European Cryptography community.
The HEAT project will develop advanced cryptographic technologies to process sensitive information in ecrypted form without needing to compromise on the privacy and security of the citizens and organisation that provide the input data.
The mission of the HECTOR project is to close the gap between the mathematical heaven of cryptographic algorithms and their efficient, secure and robust hardware implementations.
The PQCRYPTO will allow users to switch to post-quantum cryptography. PQCRYPTO will design a portolio of high security post quantum public-key systems.
PRISMACLOUD will enable end-to-end security for cloud users and provide tools to protect their privacy with the best technical means possible by cryptography.
SAFEcrypto will provide a new generation of practical, robust and physically secure post-quantum cryptographic solutions that ensure long-term security for future ICT systems, services and applications.
SCISSOR designs a new generation SCADA security monitoring framework, multi-layer, with security monitoring and mitigation framework, spanning all the dimensions present in a critical infrustructure deployment control of the enviornment, control of the network traffic, control of the hardware and software system components, control of the people accessing the infrastructure, and of course native control of the industrial process itself.
SHARCS aims at designing, building and demonstrating secure-by-system arcchitectures that achieve end-to-end security for their users. SHARC will achieve this by systematially analyzing and extending, as necessary, everyhardware and software layer in a computing system.
Tredisec project (Trust-aware, Reliable and Distributed Information Security in the Cloud) aims at developing system and techniques to make the cloud a secure and efficient heaven to store data. For more information Click Here
WITDOM is a project to produce a framework for end-to-end (E2E) protection of data in untrusted and fast evolving ICT-based environments.
CSP Forum News
The Cybersecurity & Privacy Innovation Forum Conference 2015 took place at MCE conference centre, Brussels Belgium from the 28th to the 29th of April. The CSP Innovation Forum 2015 was organised by the European Commission DG Connect(Unit H4 Trust & Security) and the CSPForum.The conference included 41 EU funded Trust & Security Research Project Exhibitors, over 80 expert speakers and high profile keynote speakers such as Zoran Stančič, Deputy Director-General
European Commission; Paul Timmers, Director: Sustainable & Secure Society Directorate, European Commission; Jakub Boratynski Head of Unit, Trust and Security,
European Commission and Giovanni Buttarelli European Data Protection Supervisor.
Speaker: Zoran Stančič, Deputy Director-General, European Commission, DG CONNECT
Success Stories of FP7 ICT Trust & Security Projects.
The FP7 Program has funded several projects in ICT Trust and Security throughout the past 9 years for a total of value of more than 350 million euro. A key question for policy makers and citizens alike is whether it was worth it: where are the European “success stories”?
With the collaboration of EC, SECCORD tried to address these questions through a comprehensive study of FP7 security and trust ICT projects. The research is based on the analysis of public data, questionnaires and several interviews conducted with project coordinators, technical and scientific leaders. How many research projects led to new companies, new jobs, new intellectual property, new international standards, and new experiences by ordinary citizens?
The main results achieved by FP7 projects funded under Call 1, 5 , 8 and 10 have been summarized in two reports available online Here
(A more recent version of the report will be released in Autumn 2015 and SECCORD is looking for new and updated “Successful Stories” to include in the document; interesting projects are invited to write to email@example.com)
CSP Forum and SASSI Workshop September 2015...
Security Assessment for System, Service and Infrastructures 15th - 16th September 2015. The SASSI workshop will provide a forum to discuss innovative approaches to security assessment, security testing and security certification for software-based systems. Experts from industry and academia will present and discuss their solutions to key issues like legal-risk analysis, security risk analysis, risk-based engineering, vulnerability testing, model based security testing, standardization, and certification. The CSP Forum is sponsoring and actively participating th the SASSI Workshop 2015.
IPACSO Innovation Awards at CSP Innovation Forum Conference 2015.
The IPaCSO EU Funded CSA project, presented its award winners with a token of recognition during the CSP Innovation Forum 2015 evening Networking Event.The IPaCSO Innovation awards "Discovery of the European Cybersecurity Entrepreneurial Path" was opened by keynote speaker Mr. Paul Timmers, Director: Sustainable & Secure Society Directorate, European Commission, DG Connect.
Pictured: Paul Timmers Director for Director: Sustainable & Secure Society Directorate, European Commission DG CONNECT, Zeta Dooly, WIT, IPACSO Coordinator presenting to Ales Cernivec, XLAB, Richard Coady, Sedicii, Boris Kannes Intrinsic - ID
fuseami is a mobile app that allows conference attendees to network smarter berfore, during and after a conference. The fuseami app was used at the Cybersecurity & Privacy innovation Forum Conference in Brussels with great success. Simply download, login, choose the conference you are attending and immediately start networking with relevant attendees. For more information or to download the app log on to the fesami Website.
Trust & Security Research Project Events 2015 Timeline
If you have a project workshop in the planning for 2015 , we would appreciate it if you could provide the Name /date/location of the event for inclusion in the timeline.
Please send such information to firstname.lastname@example.org for inclusion , Thank you for your contributions.
The TREsPASS Project is organising / hosting several events around this summer. Check the links for details!
• 13th July 2015: Graphical Models for Security (GraMSec) scientific workshop, Verona, Italy. Link Here. Sjouke Mauw, University of Luxembourg.
• 8th - 11th September 2015: TREsPASS hosts New Security Paradigms Workshop (NSPW), Twente, Netherlands. Link Here. Lorena Monntoya, University of Twente.
• 11th - 17th January 2016: Winter school on Security in Socio-Technical Systems Christian W. Probst, TU Denmark.
The MOSAIK, RASEN and TREsPASS Projects
• 15th - 16th September 2015 Security Assessment for Systems, Services, and Infrastructures (SASSI) workshop, Berlin. Link Here. Jan Willemson Cybernetica.
PCAS project attending the EAB Research Projects Conference 2015 – September 2015
PCAS will present its work at the EAB Research Projects Conference 2015 on September 8th. The PCAS project will present an overview of the project (objectives and status) along with a presentation on Multibiometrics in a Secure and Portable Device
The EAB Research Projects Conference is organized by the European Association for Biometrics (EAB) with the support of several European funded projects and will take place the premises of Fraunhofer IGD in Darmstadt, Germany. Link Here for the offical press release.
PCAS project attending the ICT 2015 Innovate, Connect, Transform - October 2015
The PCAS consortium will be present at the ICT 2015 Innovate, Connect, Transform conference.
The conference will take place on 20-22 October 2015 in Lisbon, Portugal.
At the PCAS booth, visitors will be able to see and experiment some of the advancements attained:
• The working prototype will show some functionalities of the PCAS system.
• Users will be able to experiment and try to break various biometric authentication algorithms implemented on regular smartphones/laptops.
• Methods for verifying security in commonly available processors will be demonstrated.
First International Workshop on Information Security, Assurance and Reliability in the Cloud (WISARC)
8th IEEE/ACM International Conference on Utility and Cloud Computing (UCC 2015) December 7–10, 2015, Limassol, Cyprus. Call for papers now open.
A4Cloud Tutorial on Accountability @ IFIP Summer School 2015
A4Cloud organizes the tutorial “A4Cloud Tools: Accountability in the Cloud” in the context of the IFIP Summer School 2015 which will be held in Edinburgh on August 16-21, 2015. For more information about the programme click or to visit their Website here.
PRIPARE in multiple standardisation fronts on privacy engineering
•PRIPARE became a member of OASIS PbD-SE and OASIS PMRM. PRIPARE deliverables have been submitted to the PMRM TC and suggestions have been made on the PMRM specification.
"Accountability and Security in the Cloud" book now available
"Accountability and Security in the Cloud" book from the First A4Cloud Summer School held in Malaga, Spain, on June 2-6, 2014, features multidisciplinary results including lectures on technical and socio-legal aspects of accountability and security in the cloud. For more information about the book click here
A4Cloud Best Paper Award @ CLOSER 2015
A4Cloud has won the Best Paper Award Certificate for the paper entitled "Cloud Provider Transparency-A View from Cloud Customers", authored by Daniela Cruzes and Martin Gilje Jaatun, at the 5th International Conference on Cloud Computing and Services Science (CLOSER), which was held in Lisbon, Portugal, on 20th-22nd May 2015
SAFEPOST, ‘Reuse and development of Security Knowledge assets for International Postal supply chains’, is a four year Integration project addressing the FP7-SEC-2011.2.4- 1 International Postal Supply Chains. The project started on the 1st April 2012
SAFEPOST will provide a highly innovative solution for postal security to:
•assist stakeholders involved in postal services to achieve enhanced security without cost penalties
•facilitate the sustainable development of increasing level of postal security across Europe
The project acronym “SWEPT” is short for “Securing Websites through malware dEtection and attack prevention Technologies”. The main goal of the project is to develop a new multifaceted approach to mitigating malicious attacks on websites by maximizing the security posture of websites with a minimum of intervention needed by website owners and administrators.
The first HW prototype for the SPD is available – May 2015
The first version of a functional board and enclosure of the SPD is now available for testing. The HW will be used for testing of the Software components on a close to real HW implementation and for CEA to start doing vulnerability tests on the selected processor and cryptographic algorithms.
This hardware development has been done in parallel with the design and development of all the supporting software infrastructures. To view their Website Click Here.
WISER www.cyberwiser.eu is a new European initiative that puts cyber-risk management at the very heart of good business practice, benefitting multiple industries in particular critical infrastructure and process owners, and ICT-intensive SMEs. Kicking off in June 2015, by 2017 WISER will provide a cyber-risk management framework able to assess, monitor and mitigate the risks in real time.
The “Security visualisation make and do” workshop @ Cybersecurity & Privacy Innovation Forum was a great success! Check out our Twitter feed for some pictures. Continuing the theme of the workshop, we are launching a competition for visualisations that depict the nuances of information sharing, vulnerability and risk at the everyday level, and the enmeshed relationship between the social and technical from one of several perspectives.
Cyber attack on people: How your personal safety and security might be threatened by an attack on a piece of technology. What form does this attack take? How might it be experienced? What makes this attack successful?
Cyber attacks on the state: How the security of the State might be threatened by an attack on its infrustructure. What form might an attack take? What are the impacts of such an attack? Who wins and who loses with such an attack?
Cyber attacks on technology: How the security of technology and technologically held data might be threatened by an attack on the technology. What form might an attack take? what might make this attack successful?
Visualisations may be submitted in a number of different formats, with further details on our website.
CUMULUS Evaluation: Experts input required - Participate by July 31 - Let us know your opinion about CUMULUS
Your feedback is important - CUMULUS results concern all stakeholders in the fields of cloud, security, certification and research.
Please take around 30 minutes - you can go directly to the online questionnaire from the CUMULUS web site, or Click Here.
CUMULUS will address these limitations by developing an integrated framework of models, processes and tools supporting the certification of security properties of infrastructure (IaaS), platform (PaaS) and software application layer (SaaS) services in cloud.
For more information you can visit their Website just Click Here.
The CAPITAL project 2nd Expert Forum
The CAPITAL project 2nd Expert Forum will take place in Berlin in parallel to the 10th edition of the annual Future Security Research Conference (FuSEC)
Organised by Fraunhofer. This 1 day Forum will focus on the main results of the CAPITAL project and will unveil its highly anticipated European Cybersecurity Research Agenda to an audience gathering high-level European political representatives including Public-Private NIS Platform stakeholders and various experts. REGISTRATION will open on July 6th. Attendance to this event is free of charge. Registration to this event will allow you to benefit of a special rate to attend the Future Security Research Conference (FuSEC) on days 1 and 3.
For more details you can log onto the Capital Site HERE.
From June 15-17, the PANOPTESEC project participated in the NATO IST-128 Workshop “Cyber Attack Detection, Forensics and Attribution for Assessment of Mission Impact.” The workshop explored how attack detection, forensics and attribution and related technologies and methods should support the assessment of mission impact due to cyber-attack
By the end of July, the PANOPTESEC partners will deliver the first prototypes of component modules forming the PANOPTESEC solution, including the Mission Impact Module. Following this prototype delivery, the project enters the experimentation phase when prototypes will be refined through an iterative process of test, refinement and pre-integration.
The EU-funded PANOPTESEC project aims to deliver a beyond-state-of-the-art prototype that will proactively and reactively manage cyber incidents. Click Here for more information
LinkedIn Group about PANOPTESEC and Cyber Security technology developments: Click Here
Member States and Other News
Annual Privacy Forum
The European Commission Directorate General for Communications Networks, Content and Technology (DG CONNECT), the European Union Agency for Network and Information Security (ENISA) and, as local host, the University of Luxemburg organize a two-day event with the objective of providing a forum to academia, industry and policy makers. This year, the main focus of the Annual Privacy Forum will be on the privacy of electronic communications.
APF will take place on the 7th and 8th of October 2015 in Luxembourg, during the Luxembourgian Presidency of the Council of the EU.
For more information Click here
European Cyber Security Month (ECSM)
ECSM is a European Union advocacy campaign that takes place in October. ECSM aims to promote cyber Security amoung citizens, to to change their perception of cyber-threats and to provide up to date security information, through eduction and sharing good practices
TSSG KEYNOTE AT THE CYBER SECURITY STAKEHOLDER FORUM, SOUTH AFRICA.
James Clarke from Waterford Insitute of Technology’s (TSSG) was an invited keynote speaker at the Department of Science and Technology (DST) of the South Africa Government’s stakeholder workshop on the Cybersecurity Research Development and Innovation (RDI) Agenda of South Africa, held in Pretoria, South Africa, on 26th Feb. 2015.
Back row: Prof Fulufhelo Nelwamondo, DST Cybersecurity RDI Agenda Task Team chairperson, CSIR Modeling and Digital Science Unit; James Clarke, Waterford Institute of Technology – TSSG, Ireland; Imraan Patel, Deputy Director-General at the Department of Science and Technology (DST) and Jeannette Morwane, Director: ICT & Service Industry, DST.
Front row: Dr Barend Taute, CSIR Meraka Unit and Dr Irene Moetsana-Moeng from the State Security Agency.
ENISA: Cloud security guide for SME’s
This guide wants to assist SMEs understand the security risks and opportunities they should take into account when procuring cloud services. This document includes a set of security risk, a set of security opportunities and a list of security questions the SME could pose to the provider to understand the level of security. The risks and opportunities are linked to the security questions so the end result is customised according to the user's needs and requirements. This information is supported by two example use cases and an annex that gives an overview of the data protection legislation applicable and the authorities involved in each country.
Irelands National Cyber Security Strategy (2015-2017)
The National Cyber Security Strategy (2015-2017) sets out how Ireland will engage with a dynamic and challenging aspect of developments in digital technology, setting out the Government's approach to facilitating the resilient, safe and secure operation of computer networks and associated infrastructure used by Irish citizens and businesses. To view IRISH Cybersecurity Strategy 2015 - 2017.
Click here or to view information about other member states Click Here.
CSP Forum Member States - Web Information
Want to know more about the Member state cyber security strategies check out the CSP forum member state web section https://www.cspforum.eu/member_states. For member state representatives – if you have further updated details to add - on latest cybersecurity focused reports/ initiatives , contact the CSP Forum directly (email@example.com) to get this information included.
Cybersecurity & Privacy Forum along with IPaCSO, attended and exhibited
at the Cloud World Forum 2015, London 24-25th June.
With their joint exhibiton located in the dedicated security zone (G205), this proved to be a prime and opportunistic event and location to disseminate EU funded success stories and the IPaCSO ICT Security Innovation Framework to a wider community of interested parties, going beyond the normal EU Trust and security research community.
Supporting the clustering community, the CSP Forum as part of the exhibition promoted the following EU funded cloud forward Trust & Security Research (SecCord, A4Cloud, PRISMACLOUD, SPECS, TREDISEC, CUMULUS, TRESCCA, WITDOM) Projects.
Fake charity proposal wins Social Engineering Award
Today, the TREsPASS Social Engineering Award ceremony took place at the Computer Privacy and Data Protection conference in Brussels. The jury announced that the EUR 750 prize goes to.... Demetris Antoniou! Congratulations! To find out more Click Here.
A4Cloud was presented at the CSA booth at the INFOSEC 2015, the Europe's number one Information Security Conference and Exhibition, which attracted over 13000 visitors. See more at http://www.infosecurityeurope.com/
A4Cloud @ EU28 Cloud Security Conference
A4Cloud was presented at the Panel: Implementations and solutions of the EU28 Cloud Security Conference, which was co-organised by ENISA and the Latvian Ministry of Defence. This Cloud Security Conference was held in Riga under the umbrella of the Latvian EU presidency in June 16th, 2015. Read more at Here
On 18 May, the ASPIRE consortium, and in particular its PIs Paolo Falcarin and Brecht Wyseur organized the 1st International Workshop on Software Protection (SPRO), collocated with the International Conference on Software Engineering (ICSE) in Firenze, Italy. With 23 paper submissions and 43 registrants, the workshop was a big success, in particular considering the relatively small research field of software protection and the fact that the attendants where split almost half/half between industry and academia. Nine papers were presented, along with keynotes by Bart Preneel and Bjorn De Sutter, and fruitful discussions continued during a dinner for all attendants sponsored by NAGRA Kudelski.
PRIPARE created a liaison with ISO/IEC JTC1/SC27/WG5 in order to contribute to standards related to privacy engineering. PRIPARE attended the ISO meetings in October 2014 and May 2015, submitting the creation of a study period on privacy engineering. Antonio Kung was appointed rapporteur of this study period.
PRIPARE supports IPEN
•PRIPARE helped organise the IPEN workshop that took place in June 5th. The event was hosted by KU Leuven/ICRI, partner of PRIPARE. Three break out sessions were organised by PRIPARE, one on educational material for privacy and two on standardisations.
•PRIPARE organised three training sessions since March 2015. The first training took place in ULM in March 2015. A second workshop dedicated to the CRISALIS project took place in Arnhem in May 2015. Finally a briefing to the European commission was organised in June 2015 To view more Click Here