Call: AI for cybersecurity reinforcement
|Type of Fund||Direct Management|
|Description of programme |
"Horizon Europe - Cluster 3 - Destination 4: Increased Cybersecurity"
Europe is in the midst of a digital transformation. Digital technologies are profoundly changing our daily life, our way of working and doing business, and the way people travel, communicate and relate with each other. Digital communication, social media interaction, artificial intelligence, e-government, e-commerce and digital enterprises are steadily transforming our world. They are generating an ever-increasing amount of data, which, if pooled and used, can lead to a completely new means and levels of value creation. The more interconnected we are, however, the more we are vulnerable to cyber threats.
Digital disruption, notably caused by malicious cyber activities, not only threaten our economies but also our way of life, our freedoms and values, and even try to undermine the cohesion and functioning of our democracy in Europe.
Regardless of the economic, political or personal motivations behind the cyber threats, securing our future wellbeing, freedoms, democratic governance, and prosperity depend on improving our capacity to shield the EU from malicious attacks and to address digital security weaknesses in general. The digital transformation requires improving cybersecurity substantially, so as to ensure the protection of the increasing number of connected devices and the safe operation of network and information systems, including the ones used in power grids, drinking water supply and distribution services, vehicles and transport systems, hospitals and the overall health system, finances, public institutions, factories, and homes. Europe must build resilience to cyber-attacks and create effective cyber deterrence, while making sure that data protection and freedom of citizens are strengthened. These efforts should include considerations for particularly vulnerable organisations and citizens.
The technological tools of cybersecurity are strategic assets, as well as being key growth technologies for the future. It is in the EU's strategic interest to ensure that the EU retains and develops the essential capacities to secure its digital economy, society and democracy, to protect critical hardware and software and to provide key cybersecurity services.
Research and innovation will build on the results of Horizon 2020 such as the pilot projects funded under SU-ICT-03-2018 [[Establishing and operating a pilot for a Cybersecurity Competence Network to develop and implement a common Cybersecurity Research & Innovation Roadmap.]].and other relevant H2020 topics and cybersecurity activities (e.g. carried out by ENISA [[https://www.enisa.europa.eu/]] or relevant parts of work of the EIT Digital[[https://www.eitdigital.eu/]]). The activities will be aligned as relevant with the future objectives of the Cybersecurity Competence Centre and Network of National Coordination Centres (Commission proposal COM(2018) 630). They will be complementary to actions under the Digital Europe Programme, Specific Objectives 3 and 4, which will strengthen EU cybersecurity capacity by support to deployment of cybersecurity infrastructures and tools across the EU, for public administrations, businesses, and individuals, and support digital skills including in cybersecurity. For example support is foreseen to specialised education programmes or modules in key capacity areas such as cybersecurity. Generally, cybersecurity is a horizontal challenge and is not be limited to Horizon Europe Cluster 3. In addition to the calls of the Horizon Europe of Cluster 3 - Civil Security for Society, other activities relevant for Cybersecurity will be supported in particular in the Work Programme part of Cluster 4 - Digital, Industry and Space.
Research and innovation results may feed into the operational work on preparedness and response in the Joint Cyber Unit [[see section 2.1 in The EU's Cybersecurity Strategy for the Digital Decade, JOIN(2020) 18 final. https://eur-lex.europa.eu/legal-content/GA/TXT/?uri=CELEX:52020JC0018]].
Proposals for topics under this Destination should set out a credible pathway contributing to the following impact of the Strategic Plan 2021-2024: "Increased cybersecurity and a more secure online environment by developing and using effectively EU and Member States’ capabilities in digital technologies supporting protection of data and networks aspiring to technological sovereignty in this field, while respecting privacy and other fundamental rights; this should contribute to secure services, processes and products, as well as to robust digital infrastructures capable to resist and counter cyber-attacks and hybrid threats".
More specifically, proposals should contribute to the achievement of one or more of the following impacts:
|Link||Link to Programme|
AI for cybersecurity reinforcement
|Description of call |
"AI for cybersecurity reinforcement"
Projects are expected to contribute to some of the following expected outcomes:
The proposal should provide appropriate indicators to measure its progress and specific impact.
Artificial intelligence (AI) is present in almost every application area where massive data are involved. Understanding the implications and possible side effects for cybersecurity however requires deep analysis, including further research and innovation. On the one hand, AI can be used to improve response and resilience such us for the early detection of threats and other malicious activities with the aim to more accurately identify, prevent and stop attacks. On the other hand, attackers are increasingly powering their tools by using AI or by manipulating AI systems (including the AI systems used to reinforce cybersecurity).
The proposed actions should develop AI-based methods and tools in order to address the following interrelated capabilities: (i) improve systems robustness (i.e. the ability of a system to maintain its initial stable configuration even when it processes erroneous inputs, thanks to self-testing and self-healing); (ii) improve systems resilience (i.e. the ability of a system to resist and tolerate an attack, anticipate, cope and evolve by facilitating threat and anomaly detection and allowing security analysts to retrieve information about cyber threats); (iii) improve systems response (i.e. the capacity of a system to respond autonomously to attacks, thanks to identifying vulnerabilities in other machines and operate strategically by deciding which vulnerability to attack and at which point, and by deceiving attackers; and to (iv) counter the ways AI can be used for attacking. Advanced AI-based solutions, including machine learning tools, as well as defensive mechanisms to ensure data integrity should also be included in the proposed actions. Proposals should strive to ultimately facilitate the work of relevant cybersecurity experts (e.g. by reducing the workloads of security operators).
Regarding the manifold links among AI and cybersecurity, privacy and personal data protection, applicants should demonstrate how their proposed solutions comply with and support the EU policy actions and guidelines relevant to AI (e.g. Ethics Guidelines for Trustworthy AI, the AI Whitepaper, EU Security Strategy and the Data Strategy). Proposals should foresee activities to collaborate with projects stemming from relevant topics included in the Cluster 4 “Digital, Industry and Space” of Horizon Europe. Generally, proposals should also build on the outcomes of and/or foresee actions to collaborate with other relevant projects (e.g. funded under Horizon 2020, Digital Europe Programme or Horizon Europe).
Proposals should strive to use, and contribute to, European relevant data pools (including federations of national and/or regional ones to render their proposed solutions more effective. To this end, applicants should crucially strive to ensure data quality and homogeneity of merged/federated data. Applicants should also identify and document relevant trade-offs between effectiveness of AI and fundamental rights (such as personal data protection). Moreover, privacy in big data should also be addressed.
Key performance indicators (KPI), with baseline targets in order to measure success and error rates, should demonstrate how the proposed work will bring significant progress to the state-of-the-art. All technologies and tools developed should be appropriately documented, to support take-up and replicability. Participation of SMEs is encouraged.
|Link||Link to Call|
|Thematic Focus||Research & Innovation, Technology Transfer & Exchange, Capacity Building, Cooperation Networks, Institutional Cooperation, Clustering, Development Cooperation, Economic Cooperation, Digitisation, ICT, Telecommunication, Justice, Safety & Security, Disaster Prevention, Resiliance, Risk Management, Competitiveness, SME, Consumer Protection|
|Funding area|| EU Member States |
Overseas Countries and Territories (OCTs)
|Origin of Applicant|| EU Member States |
Overseas Countries and Territories (OCTs)
|Eligible applicants||Research Institution, International Organization, Public Services, University, Federal State / Region / City / Municipality / Local Authority, National Government, Small and Medium Sized Enterprises, SMEs (between 10 and 249 employees), NGO / NPO, Enterprise (more than 250 employees or not defined), Lobby Group / Professional Association / Trade Union, Education and Training Centres|
eligible non-EU countries:
At the date of the publication of the work programme, there are no countries associated to Horizon Europe. Considering the Union’s interest to retain, in principle, relations with the countries associated to Horizon 2020, most third countries associated to Horizon 2020 are expected to be associated to Horizon Europe with an intention to secure uninterrupted continuity between Horizon 2020 and Horizon Europe. In addition, other third countries can also become associated to Horizon Europe during the programme. For the purposes of the eligibility conditions, applicants established in Horizon 2020 Associated Countries or in other third countries negotiating association to Horizon Europe will be treated as entities established in an Associated Country, if the Horizon Europe association agreement with the third country concerned applies at the time of signature of the grant agreement.
Legal entities which are established in countries not listed above will be eligible for funding if provided for in the specific call conditions, or if their participation is considered essential for implementing the action by the granting authority.
|Project Partner Details|| |
Unless otherwise provided for in the specific call conditions , legal entities forming a consortium are eligible to participate in actions provided that the consortium includes:
|Further info|| |
Proposal page limits and layout:
The application form will have two parts:
Page limit - Part B: 45 pages
|Type of Funding||Grants|
|Financial details|| |
Some activities, resulting from this topic, may involve using classified background and/or producing of security sensitive results (EUCI and SEN). Please refer to the related provisions in section B Security — EU classified and sensitive information of the General Annexes.
Activities are expected to achieve TRL 4 by the end of the project.
|Submission||Proposals must be submitted electronically via the Funding & Tenders Portal Electronic Submission System. Paper submissions are NOTpossible.|