New Projects

"New Funded Trust & Security Research Projects"

PANORAMIX - Privacy and Accountability in Networks via Optimized Randomized Mix-nets

"The objective of the PANORAMIX project is the development of a multipurpose infrastructure for privacy-preserving communications based on ""mix-networks"" (mix-nets) and its integration into high-value applications that can be exploited by European businesses. Mix-nets protect not only the content of communications from third parties, but also obscure the exact identity of the senders or receivers of messages, through the use of cryptographic relays....

To find out more Click Here

VisiOn - Visual Privacy Management in User Centric Open Environments

Open and dynamic online services, such as those created in the context of Cloud Computing, Big Data and the Internet of Things provide benefits, such as easy exchange of information, faster processing of data and 24/7 access. However, potential users of online services are still reluctant to outsource sensitive data to these services, mainly due to lack of control over management and privacy issues of their data.

To find out more Click Here

SafeCloud - Secure and Resilient Cloud Architecture

Cloud infrastructures, despite all their advantages and importance to the competitiveness of modern economies, raise fundamental questions related to the privacy, integrity, and security of offsite data storage and processing tasks. These questions are currently not answered satisfactorily by existing technologies.

To find out more Click Here

PRIVACY FLAG - Enabling Crowd-sourcing based privacy protection for smartphone applications, websites and Internet of Things deployments

Personal data have become merchandisable asset encouraging various stakeholders to collect such data and trade them without the end-user awareness and acceptance. The European Union has taken the lead in adapting the legal framework to better protect the citizens’ rights and interests.

To find out more Click Here

TYPES - Towards transparencY and Privacy in the onlinE advertising businesS

Online advertising generated in 2013 $42B worth of revenue and more than 3.4 million direct and indirect jobs in Europe in 2012 alone. It supports some of the most important Internet services such as search, social media and user generated content sites.

To find out more Click Here

OPERANDO - Online Privacy Enforcement, Rights Assurance and Optimization

The goal of the OPERANDO project is to specify, implement, field-test, validate and exploit an innovative privacy enforcement platform that will enable the Privacy as a Service business paradigm and the market for online privacy services.

To find out more Click Here

ReCRED - From Real-world Identities to Privacy-preserving and Attribute-based CREDentials for Device-centric Access Control

ReCRED’s ultimate goal is to promote the user’s personal mobile device to the role of a unified authentication and authorization proxy towards the digital world. ReCRED adopts an incrementally deployable strategy in two complementary directions: extensibility in the type and nature of supported stakeholders and services (from local access control to online service access), as well as flexibility and extensibility in the set of supported authentication and access control techniques; from widely...

To find out more Click Here

SpeechXRays - Multi-channel biometrics combining acoustic and machine vision analysis of speech, lip movement and face

The SpeechXRays project will develop and test in real-life environments a user recognition platform based on voice acoustics analysis and audio-visual identity verification. SpeechXRays will outperform state-of-the-art solutions in the following areas: • Security: high accuracy solution (cross over accuracy1 of 1/100 ie twice the commercial voice/face solutions) • Privacy: biometric data stored in the device (or in a private cloud under the responsibility of the data subject) • Usability: tex...

To find out more Click Here

CREDENTIAL - Secure Cloud Identity Wallet

With increasing mobility and Internet usage, the demand for digital services increases and has reached critical and high assurance domains like e-Government, e-Health and e-Business. Those domains have high security and privacy requirements and hence will be harnessed with various novel mechanisms for secure access. Approaches for handling the resulting variety of authentication and authorisation mechanisms include the use of digital identity and access management systems (IAM). Like other tec...

To find out more Click Here

OCTAVE - Objective Control for TAlker VErification

Industry needs alternatives to textual passwords for access control. While tokens can still be stolen or transferred to other persons, biometrics technology can provide reliable, cost-effective and user-friendly solutions. The proliferation of smart services calls for unsupervised authentication at a distance. Being natural, non-intrusive and readily compatible with smart and mobile devices, automatic speaker verification (ASV) is an appealing solution. Even so, today’s state-of-the-art ASV sy...

To find out more Click Here

DOGANA - aDvanced sOcial enGineering And vulNerability Assessment framework

Latest insights into security breaches reveal that most of the security incidents include the human element as a major component of their attacks: about 90% of the attacks include several enabling steps in the attack belonging to the area of Social Engineering (SE)

To find out more Click Here

WISER - Wide-Impact cyber SEcurity Risk framework

WISER is a European collaborative Innovation Action that puts cyber-risk management at the very heart of good business practice, benefitting multiple industries in particular critical infrastructure and process owners, and ICT-intensive SMEs. Started on June 1st 2015, by 2017 WISER will provide a cyber-risk management framework able to assess, monitor and mitigate the risks in real-time, in multiple industries.

To find out more Click Here

MITIGATE - Multidimensional, IntegraTed, rIsk assessment framework and dynamic, collaborative Risk ManaGement tools for critical information infrAstrucTurEs

Despite the importance of Critical Information Infrastructures (CIIs) and dynamic ICT-based maritime supply chains (SCs) for port operations, state-of-the-art Risk Management (RM) methodologies for maritime environments pay limited attention to cyber-security and do not adequately address security processes for international SCs. Motivated by these limitations, MITIGATE will introduce, integrate, validate and commercialize a novel RM system, which will empower stakeholders’ collaboration for t...

To find out more Click Here

Back to Top

CSP Forum News

The SASSI (Security Assessment for Systems, Services and Infrastructures) workshop

The SASSI (Security Assessment for Systems, Services and Infrastructures) workshop took place on September 15-16 2015 in Berlin, co-organized by the CSP Forum. It provided a forum to discuss innovative approaches to security assessment, security testing and security certification for software-based systems. Experts from industry and academia presented and discussed their solutions to key issues like legal-risk analysis, vulnerability testing, model based security testing, etc. The workshop also focused on the interaction between innovations and industrial requirements, especially when security meets the demands of cost efficiency and scalability. The contributions originated from industrial practice and were complemented by industry grade research results from national and international research projects.
For more information Click Here, a report will be released soon.

The Meet-IoT 2015 event

The Meet-IoT 2015 event took place on October 1-2, 2015 in Turin. The event focused on innovations within Internet of things, Smart Cities and Domotics, including privacy and security concerns. CSP Forum contributed as part of the “Research and Technology” panel, restating the importance of security and privacy research in the IoT domain and presenting some of the main project outcomes (e.g., portfolio analysis and success stories in EU S&T research).

CSP Forum Presents at the Spanish cybersecurity research conference (JNIC 2015)

From September 14th until 16th , 2015, the first Spanish cybersecurity research conference (JNIC 2015) was celebrated in Leon, where also Spanish Institute for cybersecurity (INCIBE) is located. Organized by the University of Leon, the event gathered participants from academy, industry as well as end users, such as government or financial sector institutions. Topics were not exclusively focused on research, but rather covered a wide range of related issues, from education to innovation and market uptake. SECCORD was presented by Aljosa Pasic and the paper titled “Research-to-market transition in European Cybersecurity Projects” won the 1st award for the best industrial paper. For a list of winners Click Here

The second conference will take place in Granada in 2016.

CSP Innovation Forum Conference 2015 Springer Post Proceedings

The CSP Forum (funded via EU FP7 CSA SecCord) Annual Conference Springer post proceddings 2015 are now available

These proceedings collect contributions from Annual T&S conference, Cyber Security and Privacy EU Forum (CSP Forum), orgainised in cooreration with the trust and security unit of DG CONNECT

To view the CSP Innovation Forum Conference 2015 Springer Post Proceedings
Click Here

CSP Forum Trust & Security Success Stories

Check out the Trust & Security Success Stories Highlights. The Success Stories were distributed numerous events, as follows
1. Draggercon 2015
2. European Security Research Conference 2015
3. 3rd Annual European Cyber Security Conference 2015
4. SASSI 2015
5. Meet-IoT event 2015
6. Cloud World Forum 2015
7. JNIC 2015

To view the CSP Forum Success Stories Click Here

Report Available from CSP Forum Cluster event “Risk Assessment and Cyber Insurance”

The CSP Forum event “Risk Assessment and Cyber Insurance” took place on April 27th 2015 in Brussels. Five prominent experts, representing key stakeholders in the domain (EU commission, industrial sector, insurances, brokers, auditors), presented their viewpoints with special focus on fundamental challenges and possible solutions. More than 40 people registered for the workshop with a good mixture of industry, research institutions, and academia as well as EU and national level institutions. More information are available in the workshop report. For more information please Click Here

The 3rd Annual European Cyber Security Conference - Brussels

CSP Forum exhibited 3rd Annual European Cybersecurity Conference, Brullels, 8th October. Here CSP Forum prompted and distributed Trust and Security Research Project Success Stories to over 200 attendees consisting of Business/Industry, European Institutions, National Government Officials, NGO's etc.

For more information please Click Here

Each year in October, Europe’s most innovative and forward-thinking researchers and entrepreneurs gather in Brussels, to recognise those who are bolstering Europe’s cyber security landscape.

The awards are the brainchild of an EU-supported project named IPACSO. The consortium comprises a diverse range of industry, academic, R&D and policy-making experts collaborating to build a faster, more effective and efficient road-to-market landscape for cyber security entrepreneurs. The IPACSO- consortium reaches more than 20,000 security stakeholders in Europe !

Recently Published project research papers Dooly, Z., Doyle, K, and Power, J. (2015), “Uncovering Innovation Practices and Requirements in Privacy and Cyber Security Organisations: Insights from IPACSO”, published in CSP Forum 2015 Springer Edition, CCIS 530

Dooly, Z., Doyle, K. and Kearney, P. (2015), "What's So Unique About Cyber Security" published in published in CSP Forum 2015 Springer Edition, CCIS 530

Successful exploitation examples/success stories of your research projects outputs IPACSO Cyber Security and Privacy Bootcamp RoadTrip Ireland

To find out more Click Here

Meet the Champions on Thursday 22 October, at the Innovation & Conference Center Living Tomorrow, in Vilvoorde - Brussels

Participation is free of charge upon prior registration

CSP Forum Risk Assessment and Cyber Insurance Workshop – Report

The CSP Forum event “Risk Assessment and Cyber Insurance”, organized on April 27th 2015 in Brussels, discussed around this topic, with special focus on its fundamental challenges and possible solutions.

To find out more Click Here

Back to Top

Project News

ICT 2015 networking session: “Key challenges in end-to-end privacy/security in untrusted environments”

The H2020 projects WITDOM, TREDISEC and PRISMACLOUD, addressing to the H2020-ICT-2014-1 call, organize a joint networking session at the ICT 2015 – Innovate, Connect, Transform event, held on October 20th-22nd October 2015 in Centro de Congressos de Lisboa, Lisbon (Portugal).

The European Commission endorsed event ICT 2015 showcases and promotes the main breakthroughs in digital transformation and information technologies that happen in the EU.

For more information about the networking session and how to participate, please contact the networking session coordinator, Ms. Elena González at elena.gonzalez.external@atos.

Also, find information at the networking online space:

To read more on this article Click Here

PaaSage announces first Release – PaaSage, a large scale European research project for developing an open and integrated platform to support model based lifecycle management of Cloud applications for software and service providers is proud to announce the official public release of the first version of the PaaSage product.

To find out more Click Here


OPTET raises potentials for SMEs, like ATC S.A or MLState to create new business opportunities through the exploitation of trustworthy enabling technologies in their commercial development. ATC, an OPTET partner, has initiated the development of two commercial applications in the health and the tourism domains, using FIWARE technologies. In these applications, ATC plans to integrate OPTET specific technologies for the estimation of the users’ trust in using these applications. MLState, another OPTET partner, has partially developed, in the context of OPTET, a software development environment using OPA language. With this environment, PEPS platform has been developed and will provider soon a secured communication platform (WebChat for example). This service should be open to the public in the next weeks. The OPTET project is described in ERCIM News No. 102

To find out more on the OPTET project Click Here

A closer look to MUSA: MUlti-cloud Secure Applications – a new European H2020 project.

The MUSA project was kicked off in the beginning of this year to investigate security management in multi-cloud environments. The project runs for three years having 7 partners collaborating in developing tools to support security-intelligent multi-cloud applications, such as MUSA IDE, MUSA Decision support and MUSA Distributed deployment tools. Another important result of the project will be the MUSA Security assurance platform in the form of SaaS to control the application secure behaviour at operation.

To read more on this articleClick Here

To view the Website Click Here.


CAPITAL was a two year project aiming to deliver a Strategic Research and Innovation Agenda (SRIA) on Cyber Security and Privacy. The project aimed to tackle both key societal, but also technological domains whose future is at risk due to potential cybersecurity and privacy threats.

The Final Expert Forum of the project was held in Berlin, September 16th, where its SRIA was also presented in front of an audience of experts on the fields of cybersecurity and privacy.

The project officially ended on September 30th.


The coordinator of the NEMESYS project, Imperial College, has signed a contract with Huawei for research starting on October 1, 2015 which will pursue some of the questions that Imperial started investigating in previous EU projects including NEMESYS.

An article was published in EU Research Volume 2015, issue 1, pages 70-71, regarding the achievements of the NEMESYS project. To view this article Click Here.

For more information on NEMESYS activities on events and conferences Click Here

TREsPASS Project News

A third edition of the TREsPASS newsletter was issued in July, this time the newsletter pays particular attention to security visualisation and our visualisation competition.

The NSPW workshop carried out in August and co-organized by Lorena Montoya was a great success. The workshop proceedings are expected to be out before the end of the year.

TREsPASS Cybercrime Social Engineering Analysis Challenge 2015

This award will be launched soon. Check our Website for details.

The Second International Workshop on Graphical Models for Security

The GRAMSEC workshop that took place in July was successfully organized by Sjouke Mauw and Olga Gadyatskaya. The invited speaker was Marc Bouissou, Professor at École Centrale Paris and a Senior Research Engineer at EDF R&D, France.

Security Assessment for Systems, Services, and Infrastructures Workshop

The SASSI workshop took place in September and it was co-organized by Jan Willemson. Check the website for presentation abstracts and presenter mini-bios.


In July 2015 the FP7 SPECS project released the first version of its "Solutions Portfolio" in an attempt to bring project's outcomes close to the market. The portfolio is comprised of four different commercial applications/services to be offered by consortium partners including EMC.Click Here

If you want to know more about SPECS, our approach and technical contribution please watch our available videos Here

The SPECS Framework is available as an open source solution on the BItbucket repositories of the specs team: To view Click Here

Back to Top

Member States

ENISA's After Action Report of the pan-European cybersecurity exercise Cyber Europe 2014 (CE2014) was approved by the EU Member States and gives a high-level overview of the complex cybersecurity exercise that was carried out in 2014. The full after action report includes an engaging action plan which ENISA and Member States are committed to implement.

To find out more Click Here


Security and Trust of Next Generation Enterprise Information Systems

The SECENTIS Winter School will provide an innovative training to tackle the scientific and technical security challenges raised by the combination of new technologies (e.g., cloud computing, mobile applications, and the Software-as-a-Service paradigm) and to manage the impact of these changes in industry.

The School will consist of courses (lectures and tutorials) by experts plus short contributed talks and poster presentations by young researchers. Submissions will be supervised by the School's Scientific Committee.

This winter school will take place Trento, Italy. For more informationClick Here

There will be grants partially covering local expenses for young researchers, Click Here.

European Cybersecurity Month

European Cyber Security Month (ECSM) is an EU advocacy campaign that promotes cyber security among citizens and advocates for change in the perception of cyber-threats by promoting data and information security, education, sharing of good practices and competitions. The European Union Agency for Network and Information Security (ENISA), the European Commission DG CONNECT and Partners are deploying the European Cyber Security Month (ECSM) every October. Metrics: in 2014 there were 30 countries involved, in 2013 there were 24 countries involved.

For more information Click Here.

European 2015 Cyber Survey Report (Marsh)

Organisations across Europe have under-investigated cyber risks and need to do more to assess their exposures, according to respondents who participated in Marsh’s Cyber Risk Survey.

According to the European 2015 Cyber Survey Report, more than three quarters (79%) of respondents believe they do not have a complete understanding of the cyber risks their organisations are exposed to. Moreover, nearly half (43%) of all organisations have not yet identified one or more cyber scenarios, despite 75% including cyber risk in their corporate risk registers.

To find out more Click Here

Back to Top

Upcoming Events

Trust & Security Research Project Events 2015 Timeline

To view our timeline Click Here

If you have a project workshop in the planning for 2015 , we would appreciate it if you could provide the Name /date/location of the event for inclusion in the timeline. Please send such information to for inclusion , Thank you for your contributions.

A4Cloud @ CSA Congress EMEA: Workshop on Governance: Accountability-Compliance in the Cloud

A4Cloud co-organizes along with other EU funded consortia (Cloud4Europe, PICSE, SLA-Ready and SPECS) the Workshop on Governance – Accountability-Compliance in the Cloud, in the context of CSA Congress EMEA 2015. The workshop will be held on November 16, 2015 from 13.00 to 18.00 at Fraunhofer FOKUS in Berlin (Kaiserin-Augusta-Allee 31 10589 Berlin).

To register Click Here

For more information on the event, please visit Here


During the upcoming CSA EMEA Congress Nov 17th - Nov 19th 2015 representatives from the SPECS consortium will participate in a workshop on Governance, Accountability and Compliance in the Cloud. For this event, SPECS will collaborate with the EU projects A4Cloud, Cloud for Europe, PICSE and SLA-Ready.Click Here

If you want to know more about SPECS, our approach and technical contribution please watch our available videos Here

The SPECS Framework is available as an open source solution on the BItbucket repositories of the specs team: To view Click Here

TREDISEC paper accepted @WIFS 2015

SAFRAN Morpho, a TREDISEC partner, will present the paper entitled “Some Applications of Verifiable Computation to Biometric Verification”, authored by Julien Bringer, Hervé Chabanne, Firas Kraïem, Roch Lescuyer and Eduardo Soria-Vazquez, at the 7th IEEE International Workshop on Information Forensics and Security (WIFS), to be held in Roma, Italy, on November, 16th-19th, 2015.

If you would like to find out more about the Tredisec project Click Here

Timeline of Events

November 11th - 12th 2015: Border Sessions, International Science& Technology Festival - Jeroen Barendse, LUST.

January 13th - 15th 2016: Winter school on Security in Socio-Technical Systems - Christian W. Probst, Technical University of Denmark.

January 27th - 29th 2016: Cybercrime Social Engineering Analysis Challenge: Security Nightmare 2015 - Mike Osborne, IBM Research - Zurich.

November 14th - 18th 2016: Dagstuhl seminar on Assessing ICT Security Risks in Socio-Technical Systems - Kai Rannenberg, Goethe University Frankfurt.

Back to Top

Past Events

Annual Privacy Forum October 2015

Nowadays electronic communication networks and digital services are an essential part of an increasing number of everyday commodities. In the era of automated profiling and electronic surveillance, citizens face a serious threat against their right to privacy and informational self-determination, especially when using the internet and mobile services.The lack of transparency regarding the functionality and interconnection of such services increases the risk of uncontrollable processing of personal data. However, the distributed implementation of networks and services offers also the opportunity for new Privacy Enhancing Technologies (PETs) that could support users’ needs while safeguarding their personal data.

To read more about the APF Conference which took place on the 7th - 8th of October 2015 Click Here

A4Cloud @ Annual Privacy Forum 2015

A4Cloud presented the paper “A Data Protection Impact Assessment Methodology for Cloud” in the context of the Annual Privacy Forum 2015, which will be held in Luxemburg on October 7-8, 2015. For more information about the programme Click Here

Back to Top