|GRANTWAY
EN

Development and validation of processes and tools used for agile certification of ICT products, ICT services and ICT processes

European Comission

Share
Favorite
Feedback
Summary
30 June 2022
16 November 2022
-
-
-
For profit
Not for profit (incl. NGOs)
Public sector
R&D and Higher Education
Afghanistan
Albania
Algeria
Angola
Argentina
Armenia
Aruba
Austria
Azerbaijan
Bangladesh
Belarus
Belgium
Belize
Benin
Bhutan
Bolivia
Bonaire
Bosnia and Herzegovina
Botswana
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Cape Verde
Central African Republic
Chad
Colombia
Comoros
Costa Rica
Croatia
Cuba
Curaçao
Cyprus
Czechia
Democratic Republic of the Congo
Denmark
Djibouti
Dominica
Dominican Republic
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Eswatini
Ethiopia
Faroe Islands
Fiji
Finland
France
French Polynesia
French Southern and Antarctic Territories
Gabon
Gambia
Georgia
Georgia
Germany
Ghana
Greece
Greenland
Grenada
Guatemala
Guinea
Guinea-Bissau
Guyana
Haiti
Honduras
Hungary
Iceland
Indonesia
Iran
Iraq
Ireland
Israel
Italy
Jamaica
Jordan
Kazakhstan
Kenya
Kiribati
Kosovo
Kyrgyzstan
Laos
Latvia
Lebanon
Lesotho
Liberia
Libya
Lithuania
Luxembourg
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Mauritania
Mauritius
Micronesia
Moldova
Mongolia
Montenegro
Morocco
Mozambique
Myanmar
Namibia
Nepal
Netherlands
New Caledonia
Nicaragua
Niger
Nigeria
North Korea
North Macedonia
Norway
Pakistan
Palestine
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Poland
Portugal
Republic of Côte d'Ivoire
Republic of the Congo
Romania
Rwanda
Saba
Saint Barthélemy
Saint Lucia
Saint Vincent and the Grenadines
Samoa
Sao Tome and Principe
Senegal
Serbia
Sierra Leone
Sint Maarten
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
South Sudan
Spain
Sri Lanka
St. Eustatius
St. Pierre and Miquelon
Sudan
Suriname
Sweden
Syria
Tajikistan
Tanzania
Thailand
Togo
Tonga
Tunisia
Turkey
Turkmenistan
Tuvalu
Uganda
UK
Ukraine
Uzbekistan
Vanuatu
Venezuela
Vietnam
Wallis and Futuna
Yemen
Zambia
Zimbabwe
Research, Development and Innovation
Overview

ExpectedOutcome :

Projects are expected to contribute to at least three of the following outcomes:

  • Availability of applicable tools and procedures for partial and continuous assessment and lean re-certification of ICT products, ICT services and ICT processes ;
  • Reduction of time and efforts spent for (re-) certifying ICT products, ICT services and ICT processes ;
  • Improved stakeholder collaboration on cybersecurity certification information, including manufacturers and end users from different Member States;
  • Efficient (re-)use of information and evidence relevant to certification and in support of multi-scheme (re-)use;
  • Integration of certification on the whole system modelling, verification, testing and verification process
  • Increased comparability of assurance statements arising from certification schemes and the standards used therein; avoidance of multi-certification;
  • Advancing test and simulation facilities, including incident and threat analysis;
  • Increased Digital Twin capabilities for continuous assessment and integration of new solutions.

The proposal should provide appropriate indicators to measure its progress and specific impact.

Scope :

In order to foster the application of security standards, agile certification and continuous assessment of cyber resilience systems, actions will cover the harmonising, packaging and distributing of certification processes for contemporary ICT products, services, and processes but to new and disruptive technologies as well, such as AI and High Performance Computing.

To support cybersecurity autonomy of the EU, approaches concerning a dynamic, real time, collaborative vulnerability testing and information sharing should be developed and build on existing resources (including the work carried out in preparation of the EU cybersecurity certification framework, as established by the EU Cybersecurity Act) . The resources may range from tools, procedures, practices, and information sources, such as checklists, flaw repositories deployment and configuration guidance, and impact assessments posted by European industries, manufacturers, developers, CSIRTs, ISACs (Information Sharing and Analysis Centres), or national and international authorities (e.g. NIST, JVN) and relevant standards.

The actions should aim at improving certification processes, tools, evidence presentation and assurance statements, at least in quantifiable terms, where relevant by relying on a suitable IT security metric and should complement or aid other certifications relevant in other sectors or risk scenarios.

In this topic the integration of the gender dimension (sex and gender analysis) in research and innovation content is not a mandatory requirement.

Specific Topic Conditions :

Activities are expected to achieve TRL 7 by the end of the project – see General Annex B.

Cross-cutting Priorities :

Digital Agenda Artificial Intelligence

Eligibility

General conditions

  1. Admissibility conditions: described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes

Proposal page limits and layout: described in Part B of the Application Form available in the Submission System

  1. Eligible countries: described in Annex B of the Work Programme General Annexes

A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon Europe projects. See the information in the Horizon Europe Programme Guide .

3 . Other eligibility conditions: described in Annex B of the Work Programme General Annexes

Some activities, resulting from this topic, may involve using classified background and/or producing of security sensitive results (EUCI and SEN). Please refer to the related provisions in section B Security — EU classified and sensitive information of the General Annexes.

  1. Financial and operational capacity and exclusion: described in Annex C of the Work Programme General Annexes

  2. Evaluation and award:

  • Award criteria, scoring and thresholds are described in Annex D of the Work Programme General Annexes

  • Submission and evaluation processes are described in Annex F of the Work Programme General Annexes and the Online Manual

  • Indicative timeline for evaluation and grant agreement: described in Annex F of the Work Programme General Annexes

  1. Legal and financial set-up of the grants: described in Annex G of the Work Programme General Annexes

Specific conditions

  1. Specific conditions: described in the [specific topic of the Work Programme]

Documents

Call documents:

Standard application form (HE RIA, IA) — call-specific application form is available in the Submission System

Standard evaluation form (HE RIA, IA) — will be used with the necessary adaptations

HE General MGA v1.0 - MGA

Additional documents:

HE Main Work Programme 2021–2022 – 1. General Introduction

HE Main Work Programme 2021–2022 – 6. Civil Security for Society

HE Main Work Programme 2021–2022 – 13. General Annexes

HE Programme Guide

HE Programme and Rules for Participation Regulation 2021/695

HE Specific Programme Decision 2021/764

EU Financial Regulation

Rules for Legal Entity Validation, LEAR Appointment and Financial Capacity Assessment

EU Grants AGA — Annotated Model Grant Agreement

Funding & Tenders Portal Online Manual

Funding & Tenders Portal Terms and Conditions

Funding & Tenders Portal Privacy Statement

Learn more or apply
All information about this funding has been collected from and belongs to the funding organization
20 April 2023