CIPSEC - Enhancing Critical Infrastructure Protection with innovative SECurity framework

01/05/2016 to 30/04/2019


The integration of ICT technologies with critical infrastructure services, despite improving the performance and daily operation of those services, has been accomplished without considering security as core requirement, leaving behind shortcomings and weaknesses which have entailed a serious security problems.

CIPSEC develops an integrated framework composed by a heterogeneous set of products and services, providing high levels of protection for the whole critical infrastructure, considering both its IT (information technology) and OT (operational technology) networks.
The outcomes are meant to be exploited in a wide range of verticals. CIPSEC brings use cases in railway, health and environment protection contexts.

Who is the project designed for?

The project intends to provide a cost-effective multi-domain security solution, offering high levels of protection in IT and OT for critical infrastructures. Therefore the market target is very wide and includes verticals such as chemical industry, ICT, energy, financial services, food industry, health, transportation, water systems and facilities, nuclear, emergency services or manufacturing to name but a few.

The stakeholders group includes operators of critical infrastructures (whether public or private), large organizations, academia, SMEs (especially those being ICT-intensive), standardization groups, policy makers, public-private partnerships (PPPs), public authorities and people working on related European Projects, among others. CIPSEC orchestrates a security solution for the critical infrastructure protection lifecycle: before, during and after the incident. CIPSEC is an answer to the question on how to benefit from higher efficiency and better quality of service brought by ICT advances in the field of critical infrastructures without compromising security.

CIPSEC helps support European countries security and boost European competitiveness in critical infrastructure protection.

How will your project benefit the end-user?

CIPSEC contributes to the reduction of the capital investment in controlling and solving security threats for critical infrastructures. CIPSEC aims at increasing the confidence on the role of ICT in the daily operation of critical infrastructures, with positive impact in efficiency, quality of service and business profits.
CIPSEC also makes an impact by reducing the economic exposure linked to the consequence of cyber incidents and the likelihood of environmental disasters.

CIPSEC also has an educational side, creating awareness on the importance to secure all assets involved in critical infrastructure daily operation. Europe needs to become more aware of the dangers existing in the digital world, and as in real life all the segments of the population need to get ready and know the basic rules of thumb to avoid to be victims of cyber attacks and the cyber criminals behind them.
In such sense, CIPSEC offers a training service with a nice plethora of courses addressed to a wide audience, including not only end-users but also people without a technical background, but unavoidably in daily touch with ICT technologies.

Please briefly describe the results your project achieved so far
We have completed the design of the whole framework orchestrating the products and services brought to the project. We have designed all the internal interfaces, the data flow, the communication among the different functional modules and the dashboard being presented to the end-users. An intermediate integrated version has been produced and an early deployment has been carried out in the three pilots of the project.
We have a clear innovation roadmap associated to the whole platform and each of its components.We also have results in the shape of market analysis and key competitors survey. We have established links with some standardization working groups to monitor their activity and take into account their results to steer the internal activities in alignment with industry standards.

  What are the next steps for your project?

  • Delivery of the final platform version
  • Complete piloting of the solution, validation and assessment
  • Complete individual and joint exploitation plans, with business models

News Project of the Week: CyberSec4Europe

The CyberSec4Europe project, one of the four pilot projects aimed at establishing a European Cybersecurity Competence Network has just been launched on February 28 in Brussels.

During its 42 months of duration, the project will align and interconnect a vast pool of research excellence in existing centres and research facilities, bringing together cybersecurity expertise in an interdisciplinary manner while developing a governance model for the future European Cybersecurity Competence Network.

Future Events

Cyber Insurance and its Contribution to Cyber Risk Mitigation - Leiden March 25-29
25/03/2019 to 29/03/2019

The rise in both the scale and severity of recent cyberattacks demands new thinking about cybersecurity risk and the mitigation and transfer of that risk. Cyber insurance is one potential way to manage risk by transferring damage liability, but the cyber insurance market is immature and the understanding and actuarial knowledge of cyber-risk is currently underdeveloped.

e-SIDES workshop 2019

e-SIDES workshop: Towards Value-Centric Big Data: Connect People, Processes and Technology


2 April 2019

10am to 4pm


e-SIDES is a research project funded by European Commission H2020 Programme that deals with the ethical, legal, social and economic implications of privacy-preserving technologies in different big data context.