Saltar al contenido principal.

Escudo de la Junta de Castilla y León; Página de inicio

Contacto

Información Europea de Castilla y León

Contenido principal. Saltar al inicio.

Gama cibernética cooperativa de próxima generación ( EDF-2024-DA-CYBER-NGCR-STEP)

Título:

Gama cibernética cooperativa de próxima generación ( EDF-2024-DA-CYBER-NGCR-STEP)

Categoría temática:

  • Justicia, Protección Civil y Consumo
  • Sociedad de la Información e I+D+I

Programa:

FONDO EUROPEO DE DEFENSA - EDF

Descripción y objetivos:

Objective:Cyber range technologies have seen notable uptake over the last decade. They form a cornerstone of cyber defence training and testing. The objective of this topic is to take further the ongoing cyber range technology roadmap by designing and implementing next-generation solutions. The key consideration is on the cooperative approach in developing and using those cyber range technologies, thereby facilitating joint capability development.Technological investments and developments have so far mostly focused on various fundamental needs such as visualisation, scoring, realistic scenarios, and federation. Separate mature technological building blocks exist in modern cyber and IT solutions. However, these developments have yet to be consolidated into the context of cyber ranges for defence purposes, in a manner such as the PESCO project Cyber Ranges Federation.Specific objectiveThis topic aims to address the remaining challenge on design and development of solutions that deliver notable progress vis-à-vis the current state-of-the-art, including in view of wider technology landscape. This means that focus has to shift from creating cyber ranges that fulfil basic needs to cyber ranges that target next-level capability requirements. Therefore, the specific objective is about the use of cyber ranges for trainings and exercises. The proposed solutions, however, can benefit also other cyber range use-cases such as product development and penetration testing. Therefore, considerations of such use-cases may be taken into account for developing the solutions. Scope:The next-generation cooperative cyber range capability must address at least the following issues: Set up of trainings and exercises with classified information, especially for cross-border exercises by EU Member States and EDF Associated Countries. Although the use of classified information in national exercises and trainings is not a new phenomenon, it is, firstly, still absent from the capabilities of many nations and, secondly, there is no existing solution that offers an EU-wide, cross-border classified capability. Such a capability could help various countries in using this functionality which they otherwise would not be able to use and it would provide a currently unavailable solution to conducting exercises across nations, including for topics such as information sharing and ensuring confidentiality of related data. This would also benefit the EU’s military structure, e.g., EU Military Staff, European Defence Agency and others.Moreover, such a capability can be used by nations internally, e.g., for its different security agencies both in defence and national security to increase interoperability. Set up of trainings and exercises covering the entire chain of cyber defence operations from planning through conduct up to review, including by utilising realistic mission networks. Most large-scale technical cyber exercises that are currently conducted do not sufficiently cover all relevant aspects of cyberspace operations. While such aspects are sometimes covered in non-technical exercises, these tend to not sufficiently well incorporate technical cyber defence teams. As a result, truly comprehensive and effective exercises are difficult to deliver.The aspects that surround these technical activities (e.g., operation planning, legal considerations) and which complement incident management (e.g., intelligence activities) require different scenarios and different technical exercise environments in comparison to existing capabilities. The latter also includes the challenge of creating realistic federated mission networks for training purposes.Key aspects in this entire chain are also the analysis of the performance of the cyber operators and the scoring of cyber security situational awareness. Leveraging Artificial Intelligence throughout the delivery of trainings and exercises (e.g., for Blue, Red, White and Green Teams) The use of AI in different phases and parts of cyber exercises and trainings has been researched and developed to an extent. This includes, for example, AI-based scenario generation, and AI-based Red/Blue Teams with hybrid skills (human + AI-based attack/defend strategies (developed in different private companies). AI also plays a pivotal role in generating comprehensive situational awareness for the development of realistic federated missions.In the area of federated missions, which employ multiple teams operating from different locations, AI technologies could help to identify the operational deficiencies within each team member, informing subsequent training customisation and generating tailored scenarios.It is clear that AI can assist in these and in other parts of cyber capability development. The proposals are expected to provide AI-based solutions that target all major parts of cyber exercise and training delivery, as well as AI-based solutions for the performance evaluation of the trainees using the hybrid skills. Set up of trainings and exercises that leverage the concept of digital twins. Digital twins as a concept has a long history. The use of such solutions in cyber exercises has also been targeted previously but not with results that have been sufficiently persistent or useful. Therefore, the challenge remains on developing digital twins or other high-fidelity simulations that have a reasonable cost-effectiveness – given that a common dilemma in such simulations is finding a balance between cost of creating such digital copies and the learning impact that those simulations can offer on top of more standardised ways for IT/OT system and network simulations. One possible avenue for successful balancing of these requirements may be witnessed in the space domain, given its increased need for simulations and testing. Develop or facilitate a framework for accreditation of training centres and personnel skill levels. The solutions should include a proposal on how to establish certified practices for accreditation of training centres (cyber ranges) and skill levels (personal and team certificates). The solution should take into account EU-wide accreditation schemes. However, these should allow for national specificities. Where possible, existing standards, such as relevant NATO practices, should be used. Cross-cutting items All solutions must address the challenge of sharing and pooling cyber range capabilities in a coordinated manner between cyber range providers. This challenge may be best addressed by using and enhancing existing initiatives and projects. Moreover, this sharing and pooling can be demonstrated, for example, via the implementation of the project’s solutions in different cyber ranges through federation. If federation as an approach is used, it is expected that the proposals also cover the business and management side of the federation. This could, for example, formalise in the development of model cooperation agreements that mimic actual needs and have been developed with processes similar to actual processes (twin environments).Where existing or new cyber range and cyber exercise standards (e.g., for scenario development and game net creation) are covered, the proposal must address the challenge of achieving a wide user-based of the standard. Proposing the use of any such standards without clearly addressing the way forward may invalidate the whole part of the proposal related to such standards because the success of a standard is as much dependent on the community as the standard’s actual content.Types of activitiesThe following table lists the types of activities which are eligible for this topic, and whether they are mandatory or optional (see Article 10(3) EDF Regulation): Types of activities (art 10(3) EDF Regulation) Eligible? (a) Activities that aim to create, underpin and improve knowledge, products and technologies, including disruptive technologies, which can achieve significant effects in the area of defence (generating knowledge) No (b) Activities that aim to increase interoperability and resilience, including secured production and exchange of data, to master critical defence technologies, to strengthen the security of supply or to enable the effective exploitation of results for defence products and technologies (integrating knowledge) Yes(optional) (c) Studies, such as feasibility studies to explore the feasibility of new or upgraded products, technologies, processes, services and solutions Yes(mandatory) (d) Design of a defence product, tangible or intangible component or technology as well as the definition of the technical specifications on which such a design has been developed, including any partial test for risk reduction in an industrial or representative environment Yes(mandatory) (e) System prototyping of a defence product, tangible or intangible component or technology Yes(mandatory) (f) Testing of a defence product, tangible or intangible component or technology Yes(mandatory) (g) Qualification of a defence product, tangible or intangible component or technology Yes(mandatory) (h) Certification of a defence product, tangible or intangible component or technology Yes(optional) (i) Development of technologies or assets increasing efficiency across the life cycle of defence products and technologies Yes(optional) Accordingly, the proposals must cover at least the following tasks as part of the mandatory activities:Studies: Identification of additional challenge(s) with a comparable level of complexity as those specifically listed above (scope, items 1-6).Definition of capability statements for the solutions to all of the items in the scope (1-6).Assessment of the feasibility of achieving the capability as per the capability statements.Based on the feasibility assessment, definition of the most appropriate technical requirements for the solutions. Design: Design of the solutions for each of the listed items in the scope (1-6). System prototyping: Development of one or more system prototypes for each of the solution that target the items in the scope (1-6). Testing: Testing of all of the prototypes developed under system prototyping.Testing of one or more system prototypes at least in: One new live-fire cyber demonstration with 3 or more EU Member states/EDF Associated Countries, organised by the consortiumOne existing live-fire cyber demonstration with 3 or more EU Member states/EDF Associated Countries (e.g., in an exercise that is part of a series where at least one exercise has been held and where the exercises are held irrespective of the current topic). Qualification: Qualification of the system, systems or system components for one or more of the system prototypes; In addition, the proposals should cover at least the following tasks:Studies: A supply chain analysis in the area of cooperative cyber range technologies, addressing critical dependencies for the EDTIB. Design: Design of the solutions to items relevant for future cyber ranges beyond the mandatory items stated in the scope and in the mandatory tasks. Prototyping: One or more prototypes of the designs to items relevant for future cyber ranges beyond the mandatory tasks. Testing: Testing of the prototypes beyond the mandatory tasks in at least one live-fire cyber exercise. Certification: Certification of the system, systems or system components which are used for the purpose of using classified information.Certification of the system, systems or system components which are used for the purpose of delivering complete cyber operations trainings and exercises. Also, a proposal for accreditation schemes both for training centres and personal certificates (on skill) should be included. The proposals may cover at least the following tasks:Qualification: Qualification of any systems beyond the mandatory tasks. Certification, with the meaning of Validation, Verification & Evaluation (VV&E): VV&E of the system, systems or system components which are used for the purpose of leveraging the concept of digital twins.VV&E of the system, systems or system components which are used for the purpose of leveraging AI.VV&E of system prototypes designed and delivered beyond the mandatory tasks. The proposals should substantiate synergies and complementarities with foreseen, ongoing or completed activities, notably those described in the call topic EDF-2021-CYBER-D-IECTE on Improved efficiency of cyber trainings and exercises, as well as with activities conducted under Horizon Europe (e.g., DIGITAL-ECCC-2022-CYBER-03-CYBER-RESILIENCE).Moreover:projects addressing activities referred to in point (d) above must be based on harmonised defence capability requirements jointly agreed by at least two Member States or EDF associated countries (or, if studies within the meaning of point (c) are still needed to define the requirements, at least on the joint intent to agree on them)projects addressing activities referred to in points (e) to (h) above, must be: supported by at least two Member States or EDF associated countries that intend to procure the final product or use the technology in a coordinated manner, including through joint procurement and based on common technical specifications jointly agreed by the Member States or EDF associated countries that are to co-finance the action or that intend to jointly procure the final product or to jointly use the technology (or, if design within the meaning of point (d) is still needed to define the specifications, at least on the joint intent to agree on them). For more information, please check section 6. Functional requirementsThe proposed solutions and technologies should meet the following functional requirements in support of cyber ranges capabilities:The proposal should meet the common requirements for next generation cooperative cyber range as defined by supporting armed forces.The proposal should enable use of classified information.The proposal should provide a complete cyber operations trainings and exercises environment.The proposal should be able to measure the performance of the cyber operators, as well as to allow for the scoring of cyber security situational awareness.The proposal should, by leveraging AI enabled technologies: Be able to identify operational lacks within each team member before the organisation of the training exercise.Be able to enrich the training environment by the use of Green/White/Blue/Red teams with features such as hybrid skills (human + AI), game net components, environment enriching user simulation, dynamic amendments of training deliveries, etc.Be able to provide performance evaluation of the trainees using the hybrid skills; The proposal should leverage digital twins (may include cyber physical elements), as part of the realistic federated missions to be defined in the different trainings, enabling red teams with AI-based tools to attack the digital asset and blue teams with AI-based tools to defend the digital asset.The proposal should enable federating cyber ranges through: Standard solutions to all challenges, which should contain functionalities for sharing and pooling of resources and federation of cyber ranges. For example, through concepts methods, tools, and standards such as HLA[1], or as developed in the context of the call EDF-2021-CYBER-D-IECTE. Expected Impact:The outcome should contribute to:Reduce dependencies on non-European suppliers by boosting the EDTIB and promoting the development of a European solution.Strategic autonomy of EDTIB in the area of cooperative cyber ranges. Fostering the technological cooperation of industries in the field of cooperative cyber ranges. Interoperability of EU Member States and EDF Associated Countries Armed Forces: In the area of cyber defence for cyber mission planning and execution, including through the use of classified information and high-fidelity simulations such as digital twins within the training process;Between civil and military actors;Common requirements and harmonisation of capability development. [1] 1. Admissibility conditions: described in section 5 of the call document Proposal page limits and layout: described in Part B of the Application Form available in the Submission System 2. Eligible countries: described in section 6 of the call document   3. Other eligibility conditions: described in section 6 of the call document 4. Financial and operational capacity and exclusion: described in section 7 of the call document 5. Evaluation and award: Award criteria, scoring and thresholds: described in section 9 of the call document Submission and evaluation processes: described section 8 of the call document and the Online Manual Indicative timeline for evaluation and grant agreement: described in section 4 of the call document   6. Legal and financial set-up of the grants: described in section 10 of the call document   Call documents:  Call document    Templates for proposals should be downloaded from the Submission System (available at the opening of the call), the links below are examples only: - EDF Standard application form  - Detailed budget table (EDF DA) - Participant information (including previous projects, if any) - List of infrastructure, facilities, assets and resources - Cofinancing declarations (if the requested EU grant does not cover the total eligible costs of the project)  - Harmonised capability declarations (if the project covers design activities) - Declarations on procurement intent and common specifications (if the project covers system prototyping, testing, qualification or certification activities) - Actual indirect cost methodology declarations (if actual indirect costs used) - Ownership control declarations (including for associated partners and subcontractors involved in the action) - PRS declaration (if the project requires access to Galileo PRS information)   EDF General MGA v1.0    Additional documents:  EDF Annual Work Programme EDF Regulation 2021/697  EDF Programme Security Instruction (PSI)   EU Financial Regulation 2018/1046  Rules for Legal Entity Validation, LEAR Appointment and Financial Capacity Assessment  EU Grants AGA — Annotated Model Grant Agreement  Funding & Tenders Portal Online Manual  Funding & Tenders Portal Terms and Conditions  Funding & Tenders Portal Privacy Statement

Acciones previstas:

Esta convocatoria cubre los siguientes temas:

Organizaciones que pueden participar:

Abierto para entidades legalmente constituidas y localizadas en alguna de las zonas de actuación de cualquiera de los siguientes tipos:

  • Cualquier tipo de organización

Zonas de actuacion:

  • Las entidades u organizaciones que participen deberán disponer de su sede social en el ámbito geográfico siguiente:
    • Unión Europea (UE)
    • Asociación Europea de Libre Comercio (AELC)

Financiacion comunitaria:

La previsión de financiación comunitaria disponible para la convocatoria de propuestas es:

  • Presupuesto global: 48000000 €

Fechas a tener en cuenta:

  • 2024-06-20 02:00:00 : Fecha inicio de presentación de propuestas
  • 2024-11-05 18:00:00 : Fecha límite de presentación de propuestas

Dirección general responsable:

  • Dirección General de Relaciones Exteriores: Rue de la Loi , 56, 1049 - Bruxelles
  • Dirección General de Relaciones Exteriores: Rue de la Loi, 170, 1040 - Bruxelles

convocatoria:

Para más información visita la página web de la convocatoria

Convocatorias Relacionadas: