Next-Generation Cooperative Cyber Range

Closed

Programme Category

EU Competitive Programmes

Programme Name

European Defence Fund (EDF)

Programme Description

The European Defence Fund (EDF) is the Commission’s initiative to support collaborative defence research and development, and to foster an innovative and competitive defence industrial base.

Programme Details

Identifier Code

EDF-2024-DA-CYBER-NGCR-STEP

Call

Next-Generation Cooperative Cyber Range

Summary

This topic aims to address the remaining challenge on design and development of solutions that deliver notable progress vis-à-vis the current state-of-the-art, including in view of wider technology landscape. This means that focus has to shift from creating cyber ranges that fulfil basic needs to cyber ranges that target next-level capability requirements. Therefore, the specific objective is about the use of cyber ranges for trainings and exercises. The proposed solutions, however, can benefit also other cyber range use-cases such as product development and penetration testing. Therefore, considerations of such use-cases may be taken into account for developing the solutions.

Detailed Call Description

The next-generation cooperative cyber range capability must address at least the following issues:

Set up of trainings and exercises with classified information, especially for cross-border exercises by EU Member States and EDF Associated Countries.

Although the use of classified information in national exercises and trainings is not a new phenomenon, it is, firstly, still absent from the capabilities of many nations and, secondly, there is no existing solution that offers an EU-wide, cross-border classified capability. Such a capability could help various countries in using this functionality which they otherwise would not be able to use and it would provide a currently unavailable solution to conducting exercises across nations, including for topics such as information sharing and ensuring confidentiality of related data. This would also benefit the EU’s military structure, e.g., EU Military Staff, European Defence Agency and others.

Moreover, such a capability can be used by nations internally, e.g., for its different security agencies both in defence and national security to increase interoperability.

Set up of trainings and exercises covering the entire chain of cyber defence operations from planning through conduct up to review, including by utilising realistic mission networks.

Most large-scale technical cyber exercises that are currently conducted do not sufficiently cover all relevant aspects of cyberspace operations. While such aspects are sometimes covered in non-technical exercises, these tend to not sufficiently well incorporate technical cyber defence teams. As a result, truly comprehensive and effective exercises are difficult to deliver.

The aspects that surround these technical activities (e.g., operation planning, legal considerations) and which complement incident management (e.g., intelligence activities) require different scenarios and different technical exercise environments in comparison to existing capabilities. The latter also includes the challenge of creating realistic federated mission networks for training purposes.

Key aspects in this entire chain are also the analysis of the performance of the cyber operators and the scoring of cyber security situational awareness.

Leveraging Artificial Intelligence throughout the delivery of trainings and exercises (e.g., for Blue, Red, White and Green Teams)

The use of AI in different phases and parts of cyber exercises and trainings has been researched and developed to an extent. This includes, for example, AI-based scenario generation, and AI-based Red/Blue Teams with hybrid skills (human + AI-based attack/defend strategies (developed in different private companies). AI also plays a pivotal role in generating comprehensive situational awareness for the development of realistic federated missions.

In the area of federated missions, which employ multiple teams operating from different locations, AI technologies could help to identify the operational deficiencies within each team member, informing subsequent training customisation and generating tailored scenarios.

It is clear that AI can assist in these and in other parts of cyber capability development. The proposals are expected to provide AI-based solutions that target all major parts of cyber exercise and training delivery, as well as AI-based solutions for the performance evaluation of the trainees using the hybrid skills.

Set up of trainings and exercises that leverage the concept of digital twins.

Digital twins as a concept has a long history. The use of such solutions in cyber exercises has also been targeted previously but not with results that have been sufficiently persistent or useful. Therefore, the challenge remains on developing digital twins or other high-fidelity simulations that have a reasonable cost-effectiveness – given that a common dilemma in such simulations is finding a balance between cost of creating such digital copies and the learning impact that those simulations can offer on top of more standardised ways for IT/OT system and network simulations. One possible avenue for successful balancing of these requirements may be witnessed in the space domain, given its increased need for simulations and testing.

Develop or facilitate a framework for accreditation of training centres and personnel skill levels.

The solutions should include a proposal on how to establish certified practices for accreditation of training centres (cyber ranges) and skill levels (personal and team certificates). The solution should take into account EU-wide accreditation schemes. However, these should allow for national specificities. Where possible, existing standards, such as relevant NATO practices, should be used.

Cross-cutting items

All solutions must address the challenge of sharing and pooling cyber range capabilities in a coordinated manner between cyber range providers. This challenge may be best addressed by using and enhancing existing initiatives and projects. Moreover, this sharing and pooling can be demonstrated, for example, via the implementation of the project’s solutions in different cyber ranges through federation. If federation as an approach is used, it is expected that the proposals also cover the business and management side of the federation. This could, for example, formalise in the development of model cooperation agreements that mimic actual needs and have been developed with processes similar to actual processes (twin environments).

Where existing or new cyber range and cyber exercise standards (e.g., for scenario development and game net creation) are covered, the proposal must address the challenge of achieving a wide user-based of the standard. Proposing the use of any such standards without clearly addressing the way forward may invalidate the whole part of the proposal related to such standards because the success of a standard is as much dependent on the community as the standard’s actual content.

Call Total Budget

€48.000.000

Thematic Categories

  • Information Technology
  • Justice - Security
  • Other Thematic Category
  • Research, Technological Development and Innovation

Eligibility for Participation

  • Businesses
  • Central Government
  • Legal Entities
  • Other Beneficiaries
  • Private Bodies
  • Researchers/Research Centers/Institutions
  • State-owned Enterprises

Eligibility For Participation Notes

In order to be eligible, the applicants (beneficiaries and affiliated entities) must:

  • be legal entities (public or private bodies)
  • be established in one of the eligible countries, i.e.:
    • EU Member States (including overseas countries and territories (OCTs)
    • non-EU countries:
      • listed EEA countries (‘EDF associated countries’, see list of participating countries)
  • have their executive management structure established in eligible countries
  • must not be subject to control by a non-associated third country or non-associated third-country entity (unless they can provide guarantees – see Annex 2 – approved by the Member State or EDF associated country where they are established)

Consortium composition – Proposals must be submitted by:
minimum 3 independent applicants (beneficiaries; not affiliated entities) from 3 different eligible countries.

Call Opening Date

20/06/2024

Call Closing Date

05/11/2024

National Contact Point(s)

Ministry of Defense

Address: 172-174 Strovolos Avenue, 2048 Strovolos, Nicosia
Telephone: 22 807500
Email: defence@mod.gov.cy
Website: https://mod.gov.cy/

Department of Research and Innovation
Telephones: 22 807755, 22 807754
Email: research.innovation@mod.gov.cy

EU Contact Point

For help related to this call, please contact: DEFIS-EDF-PROPOSALS@ec.europa.eu