Maggioli Informatica, the IT pole of Maggioli Group, born from the integration and experience of Maggioli’s
software houses and other local IT companies acquired during the recent years (e.g., CEDAF, STUDIO K,
ELDASOFT, SAGA, ASITECH, TINN, A.P. Systems, etc.), is the most qualified system integrator and leader in provisioning of complete IT solutions and services for the Local Public sector: more than 6,000 Municipalities out of 8,048 in Italy runs about 100.000 modules provided by Maggioli Informatica. In addition, it provides services and solutions to more than 3,800 museums and 1,500 SMEs. The exclusive value proposition combines and integrates design capability, product knowledge and 35 years of experience in the sector.
Another important characteristic of the company is the widespread presence in the territory with a highly-qualified commercial and consulting network. In Italy, Maggioli is operating with 3 branches (Rome, Milan and Bologna), 6 commercial branches (Udine, Cremona, Piacenza, Reggio Emilia, Sesto Fiorentino and Catanzaro) and 11 technical offices (Forlì, L’Aquila, Magenta, Grassobbio, Savigliano, Imperia, Cosenza, Palermo, Messina, Ragusa, Teramo). Maggioli is also extending its activities abroad: nowadays there are offices/subsidiaries in Belgium (Brussels), Spain (Tenerife and Madrid), Greece (Athens) and Colombia (Bogota). Maggioli Informatica has a significant know-how on analysis, design and development of computer systems in various technological environments for large and small customers. Particular attention is devoted to the use of the open source technologies. The current marketing strategy of the company closely follows the evolution of the information systems for Public Administration through a proposition via the cloud.
Maggioli complies with UNI EN ISO 9001:2008, UNI CEI ISO/IEC 27001:2014, UNI EN ISO 14001:2015
Maggioli will be the Project Coordinator taking care of WP1 under which all the necessary processes for ensuring that the project’s objectives are successfully met, all communication processes are in place and all quality procedures are followed, including risk management. In addition, Maggioli will be involved in several technical tasks concerning in particular the design and development of CYRENE system and layers (WP3&4) and system integration (WP5).
Centro Ricerche Fiat (CRF)
With a workforce of approximately 900 full-time professionals, CRF develops research and innovation along thethree principal axes of sustainability: Environmental Sustainability, which encompasses all aspects relating to energy efficiency as well as to the reduction of the impact on the environment over the entire lifecycle of the vehicle, from design to manufacturing, logistics and usage; Social Sustainability, focusing on the safety of our operators in the manufacturing and logistics processes, of our clients through the development of active, passive, preventive a nd cooperative solutions; Economically sustainable competitiveness, oriented towards viableinnovation, i.e., improving the performance and functionality of the supply chain, the production systems and the vehicles in a cost-effective manner while reducing the time-to-market of research results. The CRF research activities imply strategic competences in the fields of manufacturing, advanced materials, ICT and electronics, automotive engineering and a wide range of state-of-the-art laboratories and extensive test facilities, including advanced logistics and manufacturing labs, engine & vehicle testing facilities, EMC chambers and a dynamic driving simulator with immersive virtual reality.
CRF participates with a leading role in the European “Green Vehicle Initiative” and “Factories of the Future”, the Public Private Partnerships conceived by the European Commission in 2009 to focus public and private research on issues of direct and significant relevance to the Europe with regard to the competitiveness of industry and employment. Within this context, CRF is also actively involved in key European Technology Platforms including: ERTRAC (road transport), EPOSS (smart systems), EUMAT (materials), MANUFUTURE (manufacturing), each of which has proved to be particularly effective at bringing together key stakeholders within an integrated approach to research and innovation.
In CYRENE, CRF will provide a pilot in the field of the trusted supply chain for the assembly, testing and inbound logistics of the components to a plant in Italy. As a contributor to the WP, CRF will coordinate the development of the use cases, provide and manage a pilot applied on the supply chain of a current FCA (FIAT Chrysler Automobiles) plant in Italy. Accordingly, CRF will derive the FCA requirements, giving the basis for the methodological development in the other WPs. CRF will provide the relevant infrastructure, data and involve the adequate staff in the plants to test the system on the identified use case. Furthermore, CRF will provide an analysis of the business case for the successful introduction of the CYRENE output to the Automotive sector and a roadmap for the industrialization of the results in the FCA context.
Fundación Valenciaport manifests an R&D&I centre of excellence that not only undertakes its own academic research but also serves as a tool at the service of all agents involved in the transport and logistics chain and particularly within the maritime and port domains, these being key competitive elements buttressing the internationalisation process of Spanish companies. On top of the activities linked to research and training, Fundación Valenciaport also carries out international cooperation projects focused on the optimal and integrated development of transport, logistics and ports.
Fundación Valenciaport has participated in a large number of projects and research agreements in the fields of security, new technologies, port development, transport economics and logistics. In the field of information and communication technologies, it acts as a catalyser of the innovation processes of the port community of Valenciaport.
VPF aims at being a pioneer of its sector in managing its corporate systems security. Given the extent and the
criticality of the Supply Chain that VPF is a member of, the interest in CYRENE scope is self-apparent. VPF will participate in the project as end-user and will contribute in most of the WPs, initially through the provision of input for the system requirements and specifications, and regulation framework, and later during the CYRENE system testing and validation, techno-economic assessment, dissemination of results. In particular, VPF will lead the scenarios and test cases definitions, pilots operation, and stakeholders evaluation.
Stockholm University has both a long history of an intensive involvement in international cooperation and collaboration and keen interest to continue and initiate novel activities within the European Research Arena, which is signified by numerous projects originating in various EU Framework Programmes, many overseas endeavors with the research and educational institutions in North and Latin America, Asia and finally with many developing countries in Africa.
Established in 1966, the Department of Computer and Systems Sciences (DSV) (http://www.dsv.su.se/en/) is the oldest and the largest ICT department in Sweden, with around 120 researchers, including thirteen professors; seven undergraduate and eleven graduate programmes and one hundred PhD students. There are four units: Act in Communication Technology (ACT), Interactive Design and e-Learning (IDEAL), Information Systems (IS) and Systems Analysis and Security (SAS), and three centers of excellence around the areas of mobile life, ICT4D, and open eGovernment. The Department and the Faculty have a long tradition in international cooperation with institutions and organizations literary on all five continents, which also includes coordination and active participation in EU projects within the areas that range from studying and modeling the epidemiological aspects of various diseases or the impact of flooding to the national economies, through decision making systems for eparticipation, models for comprehensive information security and privacy, service oriented computing, ubiquitous learning technology, and application of various data science models.
SU will contribute to the definition of the Conformity/Certification Assessment Schemes as well as to the
specification Risk, Security, Privacy & Conformity Assessment process. In addition, SU will also contribute to the development of the Risk Assessment, Threat Μonitoring, Vulnerability Management & Web Intelligence cabilities of the CYRENE system. Finally, SU will disseminate project results through the publication of scientific articles and their presentation to scientific conferences.
The Telecommunication Systems Institute (TSI)
It contributes to the graduate program of the Electrical and Computer Engineering (ECE)
Department at TUC, and in turn draws senior researchers and graduate students. TSI has sufficient space and other baseband infrastructure. It is entirely funded from external research and development grants and contracts in telecommunications and allied areas: telecommunication systems/networks and network services, networking hardware, sensors, RF, and high performance computing systems, machine learning, information systems, big data analytics, signal processing for telecommunications, speech, language and image processing, and biomedical applications. Funding mainly comes from the European Commission, international Industry, and National Funding Agencies. TSI has had significant experience in FP6, FP7 and H2020 projects, including FET, acting in many occasions as coordinator. It has also adopted a strategy of promoting the commercial exploitation of R&D results, by providing services (e.g. consulting) and contracting with industrial partners for specific products.
TSI’s role in the project will be in line with the organisation’s significant expertise in mature, operational as well as state of the art cyber-security techniques and good practices, including security monitoring, security assessment and incident response. The strong involvement in both research- and industry focused projects provide thorough and up-to-date knowledge on current and emerging cyber-security threats faced by ICT systems of organizations of various sizes (from Critical Infrastructures to SMEs) and the complex supply chain ecosystem. The above will allow TSI to provide valuable input and enhance CYRENE’s Security Monitoring and Risk Assessment tools. From the technical perspective, TSI will leverage the provided cloud-based IDS solutions and the overall protection of security and privacy. Energy consumption and performance will also be taken into account. Moreover, ML algorithms for sentiment analysis in social media that will capture the current threat landscape for the protected supply chains will be also provided. Combined together, this enhanced IDS setting will consider both the technical security aspects and the potential attackers’ intentions, providing an advance threat intelligence tool.
University of Novi Sad Faculty of Sciences (UNSPMF)
UNSPMF is experienced in managing and implementing both international and national projects, which significantly improved its institutional capacities. The Faculty participates in more than 30 international and around 70 nationally funded projects, therefore proving the capacity to manage and logistically support various project management schemes and demands. UNSPMF is strategically oriented to EU and other external funding (H2020: currently participating in 3; Interreg IPA CBC programmes; Danube Interreg Translational Programme: currently participating in 1; Erasmus Plus KA1 and KA2-currently participating in 2 Erasmus + KA2 projects and many KA1 projects), trying to fully employ its excellence and results achieved through previous programmess: FP5, FP6, FP7, European Agency for Reconstruction and Development, COST actions, FP7-SEERANET Plus Joint Call, South East Europe Program, Hungary-Serbia IPA Cross-border Cooperation Program, TEMPUS, Erasmus Mundus, Erasmus Plus, together with many bi- and multilateral education and research projects (with Thailand, Italy, Germany, Austria, Slovenia, France, Switzerland-4 projects under SCOPES 2013-2016 program). The research strategy is directed towards internationalization, improving human resources and capacity building. UNSPMF is committed to principles of The European Charter for Researchers and Code of Conduct for the Recruitment of Researchers and is a member of the EURAXESS project thus providing supporting services to researchers wishing to pursue research career in Serbia. Research and teaching staff of the UNSPMF are productive with more than 200 scientific papers annually published in international scientific journals. More than a hundred of those are rated as exceptional on SCI list (ranked among the first 50%).
The Department of Mathematics and Informatics – DMI (https://www.dmi.uns.ac.rs/) of UNSPMF hosts the only national center of excellence in mathematics: Center for Mathematical Research of Nonlinear Phenomena (https://www.dmi.uns.ac.rs/en/research/cmrnp), since 2008. In 2012, the Scientific Computing Research Group (SCORG, www.scorg.pmf.uns.ac.rs) was established at DMI that conducts research in the area of highperformance computing. SCORG has a strong collaboration with institutions with significant experience in the field, including Institute of Physics in Belgrade, Ecole Polytechnique Federale de Lausanne, Barcelona Supercomputing Center, Faculty of Information studies in Novo Mesto, etc. DMI researchers participate in several EU-funded international projects in the domains of Internet of Things, Big Data, and high-performance computing.
UNSPMF will bring expertise in machine learning and optimization-based methods for threat detection. UNSPMF as a research institute will have a key role in the design of the CYRENE concept, in particular it will be the main contributor of the Threat Μonitoring, Vulnerability Management & Web Intelligence capabilities of the CYRENE system, based on its expertise from previous approaches and on the tools the institute has already developed.
FOCAL POINT (FP)
Lately, FP has been advanced in Blockchain Technology both for App. Development and for Block chain App Security assessment perspectives.The company is focused on Oil & Gas Companies cyber issues, Banks, National CSIRTs and Maritime Security, providing basic and advanced training to the Incident Response Teams via unique live, real time, high level, sophisticated cyber-attacks via a customer designed Cyber Defence Exercise. FP creates custom malware to assess and train incident responders, analysts and forensics teams. The malware FP creates is not detected by commercial products (AV) and depicts targeted attacks to create indicators of compromise (IOC). The malware is controlled and contained only within the cyber range. FP expertise is focused on the Detection and Response to highly sophisticated attacks. FP has been focused on Advanced Defensive Strategies by using Scenario based on real case studies. FP consultation is mainly on suggestion of responses & advice on how to evaluate strategies, tools, procedures and how to effectively collaborate with other team members in order to develop cyber situational awareness and related ‘’playbooks’’ as part of the preparation for the real case.
Its staff and advisors provide total solution with Vulnerability Assessment, Penetration Testing and Red Teaming to assess the current security status of the network/ applications and training of Incident Response Team on best practices and advanced cyber security tools taking advantage of the unique and long experience acquired in International Organizations. Our staff having more than 15 years’ experience in Cyber Security in International Organisations such as NATO, provides consultation to Governments / Companies / Organisations on how to establish a Cyber Defence Centre and create policies and procedures. The creation of this Centre is very critical for the cyber defence of the National Critical Infrastructure.
All FP team members are senior security specialists with extensive industry knowledge, including experience with NATO, ENISA, EUROPOL and the European Commission. The team includes published security authors and open-source/freeware security tool developers. FOCAL POINT members are also frequently invited speakers at company sponsored training events, public organization meetings, and well-known computer security conferences and seminars such as BlackHat, SANS, RSA, DEFCON, EuSecWest, ISACA, Europol and NATO.
FP has adopted the “military way” as the core approach in order to assess cyber security and defend systems,
networks and applications in an effective and holistic way. FOCALPOINT’s consultants experience stems from many years in service of NATO in NATO Computer Incident Response Capability where the most advanced cyber defence tactics and techniques were used and practiced as part of the daily business.
“Threat Intelligence” incorporated into Advanced Intrusion Analysis for a real life, latest types of cyber-attacks in order to get realistic results. The latest Tactics, Techniques & Procedures (TTPs) used by current threat actors are leveraged as part of our Intrusion Analysis. This approach provides a very high value for real cyber security and can be performed ONLY by very experienced analysts using a “manual” approach. NO Automated Tool can provide this and this is one of the main FP’s differentiators from other security companies. Multitude of 0-day vulnerabilities discovered by our security consultants. Responsible disclosure used to inform vendors and raise CVEs. (Available public). Our security analysts have also conducted research in the deficiencies of automated application scanners and current published application testing methodologies. They have leveraged this unique insight into creating an enhanced and efficient methodology for testing network and application vulnerabilities.
FP’s expertise and experience in risk management will be utilized to develop the CYRENE methodologies and to contribute to the tasks of the design and development of the risk assessment functionalities of the system. In addition, FP will contribute to the planning of pilot operations and scenarios and test cases definition and to the evaluation of the project results. Finally, as an SME, FP will contribute to the industrial dissemination of the project results and the exploitation planning.
PN leads consortium efforts on privacy, data protection and ethics compliance. In particular, we are responsible for gathering and analyzing the ethics and legal requirements including the GDPR compliance. We participate in standardization efforts of the project and contribute to all other work packages to ensure legal and ethical compliance of the project. PN also supports the risk management component of the project.
Hyperborea currently employs 25 staff members plus a team of 15 experts in different market sectors encompassing Big Data, semantics, etc. Hyperborea is a member of Regional and National Italian confederation of crafts and SMEs and of the Technological Clusters to strengthen research activities between Centres of Scientific Excellence and the Industrial sector in Tuscany.Hyperborea will act as one of the main platform integrators and will contribute to the design and implementation of the main supply chain cyber security and privacy risks project’s modules. Will be heavily involved in analytics tasks and activities and will act as pilot support partner for the project’s test beds.
CyberLens was established to undertake both theoretic and applied research, shape the development of complex software, and disseminate knowledge by working hand-in-hand with European large industries, SMEs, research centres and universities. The company's portfolio includes software development, IT research, and business consultancy. CyberLens’s executive team members have a rich track record in developing software, publishing their research in high impact factor venues, attracting research and innovation fund and participating successfully in research and innovation projects. CyberLens’s focus areas are:
- Cyber security risk management
- Dynamic vulnerability assessment
- Cyber security investment decision support
- Security and privacy requirements engineering
- 5G Security, including security for virtualised (NFV/SDN) environments
- Security and privacy for the Internet of Things (IoT)
- Security for cyber-physical systems (including unmanned robotic vehicles)
- Security of critical infrastructures (which include large-scale, complex systems such as healthcare
infrastructures, power and energy systems, telecommunication networks, etc.)
- Collaborative intrusion detection and classification
- Cyber defence optimisation based on game theory
Based on its expertise, and its proprietary software, CyberLens will contribute to the design of the CYRENE
system architecture. CyberLens will contribute to the development of the Risk Assessment, Threat Μonitoring, Vulnerability Management, Simulation & Web Intelligence capabilities of the proposed solution. CyberLens will also contribute to the integration and validation of the CYRENE system, and to the preparation of the CYRENE demonstrations.
Empowered by an experienced, strong and skilful team, ZELUS focuses on Digital Forensic Investigations and Analysis (both cyber and physical), Threat Hunting and security-related Situational Awareness. ZELUS services are targeting decision makers and span from collection and analysis systems (e.g. analysis of digital evidence in Critical Infrastructures) to network security services and privacy preserving systems. Moreover, ZELUS supports complete management and implementation services for IT projects supporting the complete software lifecycle, i.e. design, development, deployment, optimisation and maintenance.
As a start-up, ZELUS has received an investment funding from European H2020 Fed4Fire programme, that
promotes SMEs to the European Digital Single Market, to support its innovative toolset for digital forensics
analysis and threat hunting (Digital Forensics Toolkit). DFT is a versatile solution for digital forensics
investigations, analysis of digital evidence and advanced visualizations for combating organized cybercrime.
Constantly enriched with new features, DFT aims at reducing the time to discover the root cause of security
incidents and even prevent them from happening via its threat hunting capabilities. Focusing on security by design, ZELUS toolkit helps its customers realise a secure operating environment for their IT infrastructure.
Offerings of the toolkit: (i) Physical forensics services, that support a post-mortem digital forensics investigation for IT and non-IT cybersecurity experts, including but not limited to basic forensics activities; (ii) Cyber forensics services, empowered with correlation algorithms and innovative capabilities (e.g. Preconfigured views and Timeline analysis), for almost real-time mitigation actions (e.g. threat-hunting: automatic digital forensics investigation and recommendation/identification of potential threats). Forensics services offer a complete solution on the forensic investigation of digital and physical assets. They include post-mortem analysis and robust processing capabilities of physical media, advanced reporting features and complementary training and consultation offerings for both IT and non-IT cybersecurity experts; (iii) Security information and Event Management services; (iv) consultation and training (e.g. penetration testing, design and implementation of secure network solutions, etc.)
A strategic goal of ZELUS is to extend its know-how in diverse domains and test its solutions in real-life
environments so as to penetrate to the market with industrial-tested, robust and user validated products. ZELUS strongly believes that the emerging market of Forensics Analysis based on Big Data technologies will, by necessity, depend heavily on novel forensics methods and visualization techniques such as those provided by DFT.
In digital forensics data must be stored and organized in such a way to allow correlation patterns, relationships, etc. to be identified and included in the repository. In most cases it is the linkages between the data that convey information and not the data itself. Hence, an effective forensics visualisation tool should make the discovery, creation and presentation of these correlations as easy and as natural for the analyst as possible. Especially in rapidly changing situations, the ability to focus on the important is key to establishing situational awareness. DFT enables relationships between physical and cyber security data for increasing risk awareness and treat hunting. In CYRENE, forensics visualization is an important aspect of delivering the conformity assessment evaluation results, as well as for assisting better threat monitoring and assessment.
Sphynx Technology Solutions AG
Via its consulting services, Sphynx has expertise in providing customized solutions depending on client needs as well as more general training on analytics, security assessment and certification and cyber intelligence.Sphynx’s role in CYRENE will be the development of security and privacy assurance solutions in the context of systems which deploy AI-intensive processing (e.g., privacy in the context of AI, security and privacy preservation in the content of machine learning enabled systems adaptability).
ITML particularly delivers solutions through (a) bilateral projects with private industry, (b) Public-Private
Partnerships (PPP), (c) EU and beyond-EU funded projects, and nationally-funded projects. It has active
participation in numerous H2020 projects as technology provider and system integrator.
The primary competence of ITML relies in the design and development of software prototypes based on
technologies that include machine learning algorithms, advanced data mining techniques, data aggregation and data analytics in IoT systems, as well as visualisation tools; all of which are applied in different operational domains, such as energy, logistics, health, education, maritime, and security. ITML comprises numerous selected, internationally recognized and multi-experienced electrical and computer engineers, who have been conducting research, at worldwide level, for several years in areas related to the design,
management and performance evaluation of high-speed telecommunication networks and services, security and transportation, energy efficiency, service-oriented architectures, business process management, e-government, ecommerce applications, and software engineering. Moreover, ITML has a team of technical project managers and software engineers who are experts in the software development process and in the validation of the scientific results produced in the context of R&I.
ITML’s role in CYRENE is to:
- Contribution to user and system requirements
- Detection of various attacks based on machine-learning and artificial intelligence
- Mitigation of security threads
UBITECH LIMITED is the youngest member of UBITECH Group that has been established in 2005,
concentrated initially in the Balkan market and acquiring several EC and national grants for novel R&D initiatives. Currently, UBITECH Group has extended its operations with targeted international activities through its subsidiaries, representation offices, business partners and affiliated companies in Limassol (UBITECH LIMITED), Madrid (Business Development Office), Buenos Aires (UBITECH SRL targeting mainly Argentina, Paraguay, Uruguay and Bolivia) and Guayaquil (Business Partner and Representation Office for Ecuador and Panama), concentrating mainly in the Spanish-speaking countries of Central and Latin America.
UBITECH will contribute to all activities with regard to the implementation of all main components of the
CYRENE offerings as well as in the integration of the different cyber security and dynamic privacy and risk
assessment services. In addition, UBITECH will be heavily involved in the Multi-Level Evidence-based Risk
Assessment capabilities, in the Threat Μonitoring, Vulnerability Management, Simulation and Web Intelligence layers and in the system integration and testing as well as in the deployment, configuration, operation and evaluation of the CYRENE Layers at the pilot sites. Finally, UBITECH will work towards the dissemination and exploitation of the project’s outcomes.
Project Coordinator: Sofoklis Efremidis
Institution: Maggioli SPA
Duration: 36 months
Participating organisations: 14
Number of countries: 10
This project has received funding from the European Union’s Horizon 2020 Research and Innovation program under grant agreement No 952690. The website reflects only the view of the author(s) and the Commission is not responsible for any use that may be made of the information it contains.