Approaches and tools for security in software and hardware development and assessment

HORIZON-CL3-2024-CS-01-01

General information

Programme

Horizon Europe Framework Programme (HORIZON)

Budget overview

Call

Increased Cybersecurity 2024 (HORIZON-CL3-2024-CS-01)

Type of action

HORIZON-IA HORIZON Innovation Actions

Type of MGA

HORIZON Lump Sum Grant [HORIZON-AG-LS]

Forthcoming

Deadline model

single-stage

Planned opening date

27 June 2024

Deadline date

20 November 2024 17:00:00 Brussels time

Topic description

Expected Outcome:

Projects’ results are expected to contribute to some or all of the following outcomes:

  • Improved hardware and software security engineering; resilient systems design;
  • Improved access to testing of hardware and software in virtual, closed and secure environments;
  • Systematic and, where possible, automated study of vulnerabilities, software analysis, vulnerability discovery, and dynamic security assessment;
  • Trustworthy certifiable hardware and software;
  • AI-based security services e.g. predictive security, advanced anomaly and intrusion detection, system health checks.

Scope:

Software is at the foundation of all digital technologies and, as such, at the core of IT infrastructures, services, and products. Current software development prioritises fast deployment over security, which results in vulnerabilities and unsecure applications. Security engineering, both at the software and hardware levels, must be integrated in their development. Whilst a great portion of the software and hardware used in the EU is developed outside the European Union, it should comply with the security requirements within the EU. The EU should be able to rely on software and hardware that can be verified and audited as to their security. In particular, the potential security implications of using open-source software and hardware, and security auditability in that context, should be further explored. Software is subject to continuous update, so the security posture cannot be assessed once and for all, hence methods and tooling to perform continuous assessments of security are needed. In addition, security and privacy regulations also evolve, having to be factored in compliance approaches.

The identification and analysis of potential regulatory aspects and barriers for the developed technologies/solutions is encouraged, where relevant.

Leave a Comment

Your email address will not be published. Required fields are marked *