Research & Innovation - Participant Portal

Search

TOPIC : Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe

Topic identifier: SU-INFRA01-2018-2019-2020
Publication date: 27 October 2017
Focus area: Boosting the effectiveness of the Security Union (SU)

Types of action: IA Innovation action
DeadlineModel:
Opening date:
single-stage
14 March 2019
Deadline: 22 August 2019 17:00:00

Types of action: IA Innovation action
DeadlineModel:
Opening date:
single-stage
15 March 2018
Deadline: 23 August 2018 17:00:00

Time Zone : (Brussels time)
  Horizon 2020 H2020 website
Pillar: Societal Challenges
Work Programme Year: H2020-2018-2020
Topic Updates
  • 02 May 2018 11:59

    Applicants to the topic SU-INFRA01-2018-2019-2020 "Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe" are informed that – following the signature of the grants of the proposals selected in 2017 – detailed information on all 6 projects from the CIP-2016-2017 call – evaluated in 2016 and in 2017 – is now available in CORDIS following this link.

    These 6 projects cover the critical infrastructures Energy, Transport infrastructure (Port infrastructure) and Water (for the projects selected in 2016), and Finance, Health and Communications (for the projects selected in 2017).

    Applicants willing to address any of the abovementioned infrastructures under SU-INFRA01-2018-2019-2020 shall duly justify the added value of their proposal and provide evidence that minimal overlapping exists with the dimensions already covered by projects funded since 2016 in these areas. Any different dimension, not already covered by previously funded projects, would be automatically eligible for possible consideration.
     

     

  • 15 March 2018 14:49

    Applicants to the topic SU-INFRA01-2018-2019-2020 "Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe" are informed that three projects from the CIP-2016-2017-2 call – evaluated in 2016 - are currently running and cover the Critical Infrastructures (CIs) Energy, Transport (focus on ports) and Water. More information can be found in CORDIS following this link.

    Three projects from the CIP-2016-2017-2 call – evaluated in 2017 - are still in grant preparation and expected to start from May 2018 on. They shall cover the CIs Communication Infrastructure, Health and Financial Services. More precisely, the following aspects will be addressed:
    • The project on the CI Communication Infrastructure will focus on physical and cyber protection of communication systems. More particularly, it will address the protection of current communication infrastructures (including 4G and SDN/NVF), analyse in depth potential cascading effects and impact on dependent critical infrastructures and mission critical services and finally extrapolate to future communication structures, such as 5G and massive use of IoT.
    • The project on the CI Health Services will focus on physical and cyber protection of health services and infrastructures. In particular, it will contribute to better protect health-sector related building management systems and IT infrastructures, but also medical devices. Furthermore, the project will analyse impact propagation and cascading effects within health services.
    • The project on the CI Financial Services deals with physical and cybersecurity attacks to financial services. In particular, it focuses on banking, capital management and insurance, cards & P2P payments and also investigates potential cascading effects on other services.

    After signature of the projects, more detailed information will be published in CORDIS under the same link.
     

  • 26 February 2018 12:03

    With reference to the topic SU-INFRA01-2018-2019-2020: "Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe" applicants are informed that the Commission has funded in 2017 3 projects under the related 2016 call CIP-2016-2017-1 in the following domains: Energy Infrastructures, Transport infrastructure (Port infrastructure) and Water infrastructure.

    In addition to those, 3 other projects are currently under grant agreement preparation and likely to be funded under the 2017 related call CIP-2016-2017-2 in the domains of Financial infrastructure, Health infrastructure and Communications infrastructure.

    Applicants willing to address any of the abovementioned infrastructures under SU-INFRA01-2018-2019-2020 shall duly justify the added value of their proposal and provide evidence that minimal overlapping exists with the dimensions already covered by projects funded since 2016 in these areas. Any different dimension, not already covered by previously funded projects, would be automatically eligible for possible consideration.

    Detailed information on the projects from the 2016 call can be found in CORDIS following this link.

    Following the closure of the grant agreement process end of April, this information will be soon amended with details on the funded projects from the 2017 call.
     

Topic Description
Specific Challenge:

Disruptions in the operation of our countries’ critical infrastructure may result from many kinds of hazards and physical and/or cyber-attacks on installations and their interconnected systems. Recent events demonstrate the increase of combined physical and cyber-attacks due to their interdependencies. A comprehensive, yet installation-specific, approach is needed to secure existing or future, public or private, connected and interdependent installations, plants and systems. Budgetary constraints on both the public and private sectors mean that new security solutions must be more accurate, efficient and cost-effective, and possibly more automated than the ones currently available.

Scope:

Proposals should cover: forecast, assessment of physical and cyber risks, prevention, detection, response, and in case of failure, mitigation of consequences (including novel installation designs), and fast recovery after incidents, over the life span of the infrastructure, with a view to achieving the security and resilience of all functions performed by the installations, and of neighbouring populations and the environment.

They should:

(a) assess in detail all aspects of interdependent physical (e.g. bombing, sabotage and attacks with a variety of weapons against installations, buildings and ships; plane or drone overflights and crashes; spreading of fires, floods, landslides, disastrous consequences of global warming, seismic activity, space weather, combined threats, etc.) and cyber threats and incidents (e.g. malfunction of SCADA system, non-authorised access of server, electronic interference, distributed attacks), and the cascading risks resulting from such complex threats,

(b) demonstrate the accuracy of their risk assessment approach using specific examples and scenarios of real life and by comparing the results with other risk assessment methodologies,

(c) develop improved real-time, evidence-based security management of physical and cyber threats, taking account of the ageing of existing infrastructure, and

(d) provide scenarios and recommendations for policy planning, engagement of the civil society, and investment measures encompassing all aspects of prevention-detection-response-mitigation

Innovative methods should be proposed for sharing information with the public in the vicinity of the installations - including through social media and with the involvement of civil society organisations -, for the protection of first responders such as rescue teams, security teams and monitoring teams, and for ensuring service continuity.

In 2018 and 2019, they should focus on any type of installation belonging to one of the following critical infrastructures: water systems, energy infrastructure (power plants and distribution, oil rigs, offshore platforms), transport infrastructure (airports, ports, railways, urban multimodal nodes), communication infrastructures and ground segments of space systems, health services, e-commerce and the postal infrastructure, sensitive industrial sites and plants, and financial services. Priorities for 2020 will be defined at a later stage. When selecting for funding the proposals submitted in 2018 or 2019, the Commission will take due account of similar projects financed in the previous years since 2016, with a view to cover the largest possible spectrum of installations. Each year, a list of infrastructures excluded from the Call will be published on the participant portal.

Consortia should involve the largest variety of relevant beneficiaries, including infrastructure owners and operators, first responders, industry, technologists and social scientists, etc. The participation of SMEs is strongly encouraged.

In line with the EU's strategy for international cooperation in research and innovation[1] international cooperation is encouraged, and in particular with international research partners in the context of the International Forum to Advance First Responder Innovation[2] in which the Commission has decided to participate.

The centre of gravity for technology development with actions funded under this topic is expected to be up to TRL 7 – see General Annex G of the Horizon 2020 Work Programme.

Indicative budget: The Commission considers that proposals requesting a contribution from the EU of about EUR 7 to 8 million would allow this topic to be addressed appropriately. Nonetheless this does not preclude the submission and selection of proposals requesting other amounts

Expected Impact:

Short term:

  • State-of-the-art analysis of physical/cyber detection technologies and risk scenarios, in the context of a specific critical infrastructure.
  • Analysis of both physical and cyber vulnerabilities of a specific critical infrastructure, including the combination of both real situation awareness and cyber situation awareness within the environment of the infrastructure.
  • In situ demonstrations of efficient and cost-effective solutions to the largest audience, beyond the project participants.

Medium term

  • Innovative (novel or improved), integrated, and incremental solutions to prevent, detect, respond and mitigate physical and cyber threats to a specific Critical Infrastructure.
  • Innovative approaches to monitoring the environment, to protecting and communicating with the inhabitants in the vicinity of the critical infrastructure.
  • Security risk management plans integrating systemic and both physical and cyber aspects.
  • Tools, concepts, and technologies for combatting both physical and cyber threats to a specific critical infrastructure.
  • Where relevant, test beds for industrial automation and control system for critical infrastructure in Europe, to measure the performance of critical infrastructure systems, when equipped with cyber and physical security protective measures, against prevailing standards and guidelines.
  • Test results and validation of models for the protection of a specific critical infrastructure against physical and cyber threats.
  • Establishment and dissemination throughout the relevant user communities of specific models for information sharing on incidents, threats and vulnerabilities with respect to both physical and cyber threats.

Long term

  • Convergence of safety and security standards, and the pre-establishment of certification mechanisms.
  • Secure, interoperable interfaces among different critical infrastructures to prevent from cascading effects.
  • Contributions to relevant sectorial frameworks or regulatory initiatives.
Delegation Exception Footnote:

It is expected that this topic will continue in 2020.

Cross-cutting Priorities:

International cooperation
Contractual Public-Private Partnerships (cPPPs)
Cybersecurity

[1]COM(2012) 497.

[2]http://www.internationalresponderforum.org/

Topic conditions and documents

With reference to the topic SU-INFRA01-2018-2019-2020: "Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe" applicants are informed that the Commission has funded, under the call CIP-2016-2017, in 2017 (based on the results of the 2016 evaluations) 3 projects in the domains Energy Infrastructures, Transport infrastructure (Port infrastructure) and Water infrastructure, and in 2018 (based on the results of the 2017 evaluations) another 3 projects in the domains of Financial infrastructure, Health infrastructure and Communications infrastructure.

Detailed information on all these 6 projects from the CIP-2016-2017 call can be found in CORDIS following this link.

Applicants willing to address any of the abovementioned infrastructures under SU-INFRA01-2018-2019-2020 shall duly justify the added value of their proposal and provide evidence that minimal overlapping exists with the dimensions already covered by projects funded since 2016 in these areas. Any different dimension, not already covered by previously funded projects, would be automatically eligible for possible consideration.
 

1. Eligible countries: described in Annex A of the Work Programme.
A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon 2020 projects. See the information in the Online Manual.

 

2. Eligibility and admissibility conditions: described in Annex B and Annex C of the Work Programme.

 

At least 2 operators of the chosen type of critical infrastructure operating in 2 Member States or Associated Countries must be beneficiaries (possibly, but not necessarily: coordinator) of the grant agreement and should be directly involved in the carrying out of the tasks foreseen in the grant.

The participation of industry able to provide security solutions is required.

The duration of the proposed activities must not exceed 24 months.

Proposal page limits and layout: please refer to Part B of the proposal template in the submission system below.

 

3. Evaluation:

  • Evaluation criteria, scoring and thresholds are described in Annex H of the Work Programme.
  • Submission and evaluation processes are described in the Online Manual.

 

4. Indicative time for evaluation and grant agreements:

Information on the outcome of evaluation (single-stage call): maximum 5 months from the deadline for submission.
Signature of grant agreements: maximum 8 months from the deadline for submission.

 

5. Proposal templates, evaluation forms and model grant agreements (MGA):

Innovation Action:

Specific provisions and funding rates
Standard proposal template
Standard evaluation form
General MGA - Multi-Beneficiary
Annotated Grant Agreement

 

6. Additional provisions:

Horizon 2020 budget flexibility
Classified information
Technology readiness levels (TRL) – where a topic description refers to TRL, these definitions apply

 

Members of consortium are required to conclude a consortium agreement, in principle prior to the signature of the grant agreement.

 

7. Open access must be granted to all scientific publications resulting from Horizon 2020 actions.

Where relevant, proposals should also provide information on how the participants will manage the research data generated and/or collected during the project, such as details on what types of data the project will generate, whether and how this data will be exploited or made accessible for verification and re-use, and how it will be curated and preserved.

Open access to research data
The Open Research Data Pilot has been extended to cover all Horizon 2020 topics for which the submission is opened on 26 July 2016 or later. Projects funded under this topic will therefore by default provide open access to the research data they generate, except if they decide to opt-out under the conditions described in Annex L of the Work Programme. Projects can opt-out at any stage, that is both before and after the grant signature.

Note that the evaluation phase proposals will not be evaluated more favourably because they plan to open or share their data, and will not be penalised for opting out.

Open research data sharing applies to the data needed to validate the results presented in scientific publications. Additionally, projects can choose to make other data available open access and need to describe their approach in a Data Management Plan.

Projects need to create a Data Management Plan (DMP), except if they opt-out of making their research data open access. A first version of the DMP must be provided as an early deliverable within six months of the project and should be updated during the project as appropriate. The Commission already provides guidance documents, including a template for DMPs. See the Online Manual.

Eligibility of costs: costs related to data management and data sharing are eligible for reimbursement during the project duration.

The legal requirements for projects participating in this pilot are in the article 29.3 of the Model Grant Agreement.

 

8. Additional documents:

1. Introduction WP 2018-20

14. Secure societies – protecting freedom and security of Europe and its citizens WP 2018-20

18. Dissemination, Exploitation and Evaluation WP 2018-20

General annexes to the Work Programme 2018-2020

Legal basis: Horizon 2020 Regulation of Establishment
Legal basis: Horizon 2020 Rules for Participation
Legal basis: Horizon 2020 Specific Programme

 


Partner Search
0
Organisations are looking for collaborating partners for this topic
View/Edit Partner Search

LEARs, Account Administrators or self-registrants can publish partner requests for open and forthcoming topics after logging into the Participant Portal.








Submission Service

To access the Electronic Submission Service of the topic, please select the type of action that is most relevant to your proposal from the list below and click on the 'Start Submission' button. You will then be asked to confirm your choice of the type of action and topic, as these cannot be changed in the submission system. Upon confirmation you will be linked to the correct entry point.

To access existing draft proposals for this topic, please login to the Participant Portal and select the My Proposals page of the My Area section.

Type of Action Innovation action [IA]
Topic Prevention, detection, response and mitigation of combined physical and cyber threats to critical infrastructure in Europe - SU-INFRA01-2018-2019-2020
Guidance on proposal submission: H2020 online manual
IT Guidance: IT help

Get support

H2020 Online Manual is your guide on the procedures from proposal submission to managing your grant.

Participant Portal FAQ – Submission of proposals.

National Contact Points (NCP) - contact your NCP for further assistance in your national language(s).

Research Enquiry Service – ask questions about any aspect of European research in general and the EU Research Framework Programmes in particular.

Enterprise Europe Network – contact your EEN national contact for advice to businesses with special focus on SMEs. The support includes guidance on the EU research funding.

IT Helpdesk - contact the Participant Portal IT helpdesk for questions such as forgotten passwords, access rights and roles, technical aspects of submission of proposals, etc.

Ethics – for compliance with ethical issues, see the Online Manual and Science and Society Portal

European IPR Helpdesk assists you on intellectual property issues

CEN and CENELEC, the European Standards Organisations, advise you how to tackle standardisation in your project proposal. Contact CEN-CENELEC Research Helpdesk at research@cencenelec.eu

The European Charter for Researchers and the Code of Conduct for their recruitment

Partner Search Services help you find a partner organisation for your proposal.