Certifying the Security and Resilience of Supply Chain Services
Information sharing is associated with all supply chain functions like transportation, distribution, logistics, warehousing, inventory management, sourcing, procurement, and order and production planning, required to deliver goods and services from the point of origin to the point of consumption. Today’s supply chains can be viewed as complex cyber systems composed by heterogeneous, interconnected ICT assets, Internet of Things devices owned by different national and EU CIs, ensuring seamless and swift product/data exchange from the producer down to the end consumer during the provision of the supply chain services. However, despite the tremendous socio-economic importance of supply chains, security officers and operators have still no easy and integrated way to protect their interconnected CIs’ and cyber systems.
CYRENE vision is to enhance the security, privacy, resilience, accountability and trustworthiness of Supply Chains through the provision of a novel and dynamic Conformity Assessment Process that evaluates the security and resilience of supply chain services, the interconnected IT infrastructures composing these services and the individual devices that support the operations of the SCs. In order to meet its objective, the proposed Conformity Assessment Process is based on a collaborative, multi-level evidence -driven, Risk and Privacy Assessment Approach that support, at different levels, the SCs security officers and operators to recognize, identify, model, and dynamically analyse advanced persistent threats and vulnerabilities as well as to handle daily cyber-security and privacy risks and data breaches. CYRENE will be validated in the scope of realistic scenarios/conditions comprising of real-life supply chain infrastructures and end-users. Furthermore, the project will ensure the active engagement of a large number of external stakeholders as a means of developing a wider ecosystem around the project’s results, which will set the basis for CYRENE’s large scale adoption and global impact.
Privanova leads consortium efforts on privacy, data protection and ethics compliance. Our first task is to foresee the ethics issues related to the research and address them in the proposal in such a way to avoid EC’s Ethics Requirements. Following the project kickoff we start by gathering and analyzing the ethics and legal requirements including the GDPR compliance. We also participate in standardization efforts and contribute to all other work packages to ensure legal and ethical compliance of the project. One of our main tasks is to support the coordinator and monitor the risk management component of the project.
This project has received funding from the European Union’s Horizon 2020 research and Innovation programme under grant agreement N°952690. All information on this website reflects only the authors’ view. The Agency and the Commission are not responsible for any use that may be made of the information this website contains.
- MAGGIOLI SPA
- CENTRO RICERCHE FIAT SCPA
- FUNDACION DE LA COMUNIDAD VALENCIANA PARA LA INVESTIGACION, PROMOCION Y ESTUDIOS COMERCIALES DE VALENCIAPORT
- STOCKHOLMS UNIVERSITET
- TELECOMMUNICATION SYSTEMS INSTITUTE
- UNIVERSITY OF NOVI SAD FACULTY OF SCIENCES
- FOCAL POINT
- PRIVANOVA SAS
- HYPERBOREA SRL
- CYBERLENS BV
- IOTAM INTERNET OF THINGS APPLICATIONS AND MULTI LAYER DEVELOPMENT LTD
- UBITECH LIMITED