Approaches and tools for security in software and hardware development and assessment HORIZON-CL3-2024-CS-01-01

Descriptions

Opportunity link:

Opportunity type:

Grant

Sponsor:

Horizon Europe Framework Programme (HORIZON)

Award amount and duration:

6 awards valued up to 6,000,000, project duration variable

Currency:

EUR

Eligibility

Type:

Faculty

Applications from Canadian researchers and innovators will be reviewed as fully-fledged members of consortia in Horizon Europe Pillar 2 calls. While Canadians can participate in all Horizon Europe calls that are open to international partners, as an associated country, Canadians can access a broader range of research opportunities in Pillar 2.

1. Admissibility conditions: described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes

Proposal page limits and layout: described in Part B of the Application Form available in the Submission System

2. Eligible countries: described in Annex B of the Work Programme General Annexes

A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon Europe projects. See the information in the Horizon Europe Programme Guide.

Summary

Expected Outcome:

Projects’ results are expected to contribute to some or all of the following outcomes:

Improved hardware and software security engineering; resilient systems design;
Improved access to testing of hardware and software in virtual, closed and secure environments;
Systematic and, where possible, automated study of vulnerabilities, software analysis, vulnerability discovery, and dynamic security assessment;
Trustworthy certifiable hardware and software;
AI-based security services e.g. predictive security, advanced anomaly and intrusion detection, system health checks.

Scope:

Software is at the foundation of all digital technologies and, as such, at the core of IT infrastructures, services, and products. Current software development prioritises fast deployment over security, which results in vulnerabilities and unsecure applications. Security engineering, both at the software and hardware levels, must be integrated in their development. Whilst a great portion of the software and hardware used in the EU is developed outside the European Union, it should comply with the security requirements within the EU. The EU should be able to rely on software and hardware that can be verified and audited as to their security. In particular, the potential security implications of using open-source software and hardware, and security auditability in that context, should be further explored. Software is subject to continuous update, so the security posture cannot be assessed once and for all, hence methods and tooling to perform continuous assessments of security are needed. In addition, security and privacy regulations also evolve, having to be factored in compliance approaches.

The identification and analysis of potential regulatory aspects and barriers for the developed technologies/solutions is encouraged, where relevant.

Topic Destination:

Increased Cybersecurity (2023/24)

Proposals for topics under this Destination should set out a credible pathway contributing to the following impact of the Strategic Plan 2021-2024: "Increased cybersecurity and a more secure online environment by developing and using effectively EU and Member States’ capabilities in digital technologies supporting protection of data and networks aspiring to technological sovereignty in this field, while respecting privacy and other fundamental rights; this should contribute to secure services, processes and products, as well as to robust digital infrastructures capable to resist and counter cyber-attacks and hybrid threats".

More specifically, proposals should contribute to the achievement of one or more of the following impacts:

Strengthened EU cybersecurity capacities and European Union sovereignty in digital technologies
More resilient digital infrastructures, systems and processes
Increased software, hardware and supply chain security
Secured disruptive technologies
Smart and quantifiable security assurance and certification shared across the EU
Reinforced awareness and a common cyber security management and culture.

All proposals of projects under this Destination should be complementary and not overlap with relevant actions funded by other EU instruments, including the European Defence Fund and its precursors (the European Defence Industrial Development Programme (EDIDP) and the Preparatory Action on Defence research (PADR)), while maintaining a focus on civilian applications only.

Overhead

The budget categories and cost eligibility rules are fixed in the grant agreement, including indirect costs at a 25% flat-rate of the total eligible direct costs (excluding eligible direct costs for subcontracting, financial support to third parties and any unit costs or lump sums which include indirect costs).

Deadlines

Application deadlines

RSO detailed review deadline

Date:

November 6, 2024 - 12:00 PM

RSO final internal review deadline

Date:

November 15, 2024 - 12:00 PM

Program application deadline

Date:

November 20, 2024 - 9:00 AM

Approvals

NOTE: Consult your Faculty Associate Dean (Research) (ADR) regarding Faculty-specific deadlines and submission processes.

Principal Investigators: Complete a Research Management System (RMS) record, including a copy of your complete application, and submit this for approvals in RMS.

Postdocs, students, and trainees: For fellowships and externally-sponsored research training awards or opportunities, you must complete the Research Funding Application Approval (RFAA) Trainee PDF form, and submit it, along with a complete copy of the application, to Research Services at rsotrainee@ucalgary.ca. Trainees should not use RMS at this time.

Approvals: The University of Calgary requires that all funding applications be approved prior to submission. Approval requires signatures via either RMS or the RFAA Trainee form, in the following order:

Principal Investigator
Department Head
Faculty ADR/Dean
Research Services (on behalf of the Vice-President Research)

Read the Meaning of Grant Signatures policy to understand what your approval means. Please see the agency guidelines for details about which signatures are required on your application, as it may differ from internal requirements.

Late submissions: Late submissions will only be accepted in cases of medical or family emergencies, or other exceptional circumstances. If you submit your RMS record to Research Services after the internal deadline has passed, you must secure additional approvals. Please read: Late Applications Process.