Title Promoter Affiliations Abstract "CyberSecurity4.0 : Strategic and case-specific Cyber-Security - for Industry 4.0 in SMEs" "Tatiana Galibus" "Sirris, the collective centre for the technological industry" "Cybersecurity 4.0 targets SME manufacturers and their production technology and cybersecurity technology providers. Industry 4.0 spurs a rapid digitization of the manufacturing industry. However, the connected data-driven production systems cause the exponential growth of the exposed legacy connection points and sensitive data exchange. Today, manufacturing SMEs and their suppliers in-sufficiently mitigate these cybersecurity risks due to the lack of accessible knowledge and solutions tailored to their needs. This leads to a greater impact of cybersecurity incidents and data breaches. Drastic increase in organized cybercrime brings entire production lines to a long standstill. In a con-nected digitized world, cybersecurity is not an option but a critical factor for business continuity and reputation.CyberSecurity4.0 develops an SME-oriented cybersecurity framework, tools, guidelines and learning environment specific for Industry 4.0. This enables SMEs to address actionable cybersecurity for their connected production systems and Industry 4.0 applications. The project focuses on the most vulnerable and least addressed domains of cybersecurity for Industry4.0: operation technology, sup-ply chain and data exchange. The results contribute to the strategic cybersecurity plans in Flanders and Germany by supporting the security awareness, strategy and implementation with a solution that can be tailored to the specific situation of an SME.Active dissemination and open access to the framework, demonstrator and learning environment will contribute to raising cybersecurity awareness and culture. Implementation of the framework provides actionable and attainable cybersecurity guidelines for manufacturing SMEs. It helps to avoid and reduce the negative impact of cyberattacks and data breaches, comply with cybersecurity requirements and increase trust of partners. Thus, relevant cybersecurity enables SMEs to achieve productivity increases based on Industry 4.0 transformation. Finally, CyberSecurity4.0 aims at facili-tating the partnership between manufacturing SMEs and providers of cybersecurity technology and services. The latter benefit from integrating the guidelines and solutions in their service portfolio and open-up new or extend markets in manufacturing.Sirris, FIR at RWTH Aachen, IDA FH Aachen and Howest join forces for CyberSecurity4.0 and bring in complementary skills to develop the applicable cybersecurity solutions for SMEs. The partners col-laborate with an active user committee, which combines all stakeholders: manufacturing companies, production technology providers (equipment manufacturers and integrators) and cybersecurity technology providers (32 companies)." "Cornet CyberSecurity 4.0" "Tatiana Galibus" "Sirris, the collective centre for the technological industry" "CyberSecurity4.0 aims to enable SMEs to appropriately secure their production systems and Industrie 4.0 applications. The project develops specifically for the Industrie 4.0 context a low-threshold and SME-oriented cybersecurity framework, techniques and tools (with proven ROI), guidelines, a demonstrator and a learning environment. The project focuses on the most vulnerable and least addressed domains of cybersecurity for Industry 4.0: OT technology (the link to the connected manufacturing system), data exchange and supply chain security. The framework supports the different phases, from awareness and assessment to strategy and implementation. The solution can be tailored to the specific situation of an SME. This precompetitive research contributes to the strategic development plan in Flanders by focusing on pragmatic cyber security for manufacturing companies (Impulse program).Project objective:·        Generic business profiles, use cases and needs of SMEs for the security of connected production systems (with focus on OT, supply chain security and data exchange). ·        Three maturity models for cyber security (basic - standard - advanced), coupled with the ""Industry 4.0 Maturity Index"", support an approach tailored to the SME. ·        Methodology and tool to estimate current and required cyber maturity in for Industry 4.0 applications (cyber security risks, vulnerabilities), as a starting point for initiating actions. ·        Easily deployable cyber security framework with AI supported tools, practical guidelines and relevant measures specific to the business profile, case and target maturity level. ·        A demonstrator integrates all results in Sirris' connected manufacturing lab and the HOWEST living lab. Use cases illustrate possible attack angles and how the maturity levels deal with them. ·        A learning environment with gamification approach and Hands-on workshop ""Cybersecurity for Industry 4.0"" to support knowledge transfer and allow SMEs to experiment. ·        An interactive web tool provides access to the learning environment, the tools and guidelinesTarget group: Manufacturing companies, Manufacturing technology providers, Cybersecurity providersResults: The project increases (confidence in) cybersecurity by dramatically reducing risks (by applying a robust cybersecurity framework), thereby accelerating the transition to Industrie4.0 and enabling the SME to pursue the above benefits, build reputation and gain customers.Name of Organizer(s): Sirris, Howest. In collaboration with FIR at RWTH Aachen, IDA FH Aachen." "Strategic Research Programme Cybersecurity Initiative Flanders" "Bjorn De Sutter" "Department of Electronics and information systems" "This strategic research programme includes four tracks.Track 1 addresses Application and Software SecurityTrack 2 includes Strategic Security ServicesTrack 3 covers System and Infrastructure Security.Track 4 covers the Technology Building Blocks for Security.UGent is active in track 3, performing research on Diversity-based Multi-Variant Execution Mitigation Techniques for System Defense and on Methods and Tools for Secure Deployment." "Optimizing Legal and Ethical Use of Technologies for Cybersecurity & Health." "Paul Quinn" "Criminology, Metajuridica" "The IOF GEAR programme “Optimizing Legal and Ethical Use of Technologies for Cybersecurity & Health” (OCH) aims at contributing substantially to the European, and global, search to optimize the legal and ethical use of technologies in the domains of cybersecurity and health in order for them to better serve their societal purposes. VUB’s research group on Law, Science, Technology and Society (LSTS), specifically its two labs focusing on cybersecurity and health, the Cyber and Data Security Lab (CDSL) and the Health and Ageing Law Lab (HALL) respectively, are uniquely positioned to serve these objectives through, among others, applied research within EU- and Member State-funded projects, collaborations with industry-representative associations, governmental actors (including at EU level), as well as, academic partners active within the above fields, participation in training activities and collaborations, as well as, development of their own legal and ethical assessment tools and methodologies to optimize uptake and deployment of cybersecurity and health technologies." "CYMEDSEC : Enhanced cybersecurity for networked medical devices through optimisation of guidelines, standards, risk management and security by design" "Paul Quinn" "European Commission, Metajuridica" "CYMEDSEC has been designed with an optimum consortium of regulatory, cybersecurity, technology, evaluation, and clinical EU experts to address exactly this challenge. It provides close feedback loops between new technological paradigms and recommendation of regulatory approaches, fostering regulatory science fresh thinking. It will deliver novel security-by-design solutions for the oversight of ‘Internet of Medical Things’ (IoMT) devices, including connected in vitro diagnostics. IoMT ‘fleet’ cybersecurity oversight systems will be developed. Use cases explored include remote patient monitoring and critical care scenarios, for which the project will develop novel and highly secure gateway middleware. Our technological and methodological advancement will go hand-in-hand with detailed review of regulations and guidelines, the formal creation of a new IoMT cybersecurity standard, and evidence collection from representative case studies. These objectives are holistically interlinked, with learnings form each work area feeding into development and proposals in other areas." "Towards robust ML-based cybersecurity systems" "Lieven Desmet" "Distributed and Secure Software (DistriNet)" "Organizations and citizens are under constant attack, and the cybersecurity landscape is in constant flux. To cope with such hostile environments, more and more defenses (as well as attacks) try to leverage on the recent advances in machine learning. Research in this domain has shown promising results in a broad variety of application domains such as malware detection, website fingerprinting, botnet detection; albeit often evaluated in lab conditions, on unrealistic datasets or well-scoped experiments. To increase the maturity and practical adoption of ML-based system, this research project focuses on methodologies and techniques to increase the robustness of ML-based cybersecurity systems within dynamic environments. In such a realistic domain context, the environments in which solutions will be deployed are in constant evolution, and might be partially controlled by adversaries. Given this dynamic or hostile context, this research will investigate how existing and novel ML-based systems can achieve optimal performance trade-offs, while maintaining safety guarantees in the deployed systems." "A European qualitative study to unveil best practices from cybersecurity leaders to protect their own children" "Bart Preneel" "Computer Security and Industrial Cryptography (COSIC)" "This research aims to unveil best practices employed by cybersecurity leaders to protect their own children, encompassing both technical and human factors and by doing so addressing a research gap to contribute to “children's and parents' awareness about cybersecurity risks, needs, and solutions” (Understanding parents' perceptions of children's cybersecurity awareness in Norway” https://dl.acm.org/doi/abs/10.1145/3462203.3475900). The main goal is to identify strategies parents can adopt for children that can contribute to successfully addressing both the human factor (awareness and behaviour) and relevant technical know-how and activities to promote a safer and more secure digital experience for children. The methodology will be based on qualitative research, conducting a series of exploratory in depth interviews with a sample of top experienced professionals leaders in the cybersecurity field, who besides work, can also be considered the CISOs (Chief Information Security Officer) for their children. Although the sample of cyber savvy parents may be limited, exploring the unique perspectives of those leaders of organisations with responsibilities to protect operations, communication or information for hundreds or thousands of individuals, will create valuable insights to enhance children's cybersecurity. The research will focus on addressing these questions: What are the best practices cybersecurity leaders employ to protect their own children? What are the most relevant know-how topics and cybersecurity behaviours they prioritised for their own children? What strategies deployed by those cyber savvy parents and leaders could help to better equip other parents to educate their children with the necessary know-how and cybersecurity behaviours? What would be the needs in terms of resources (time, budget) to address human and technical factors per child? How does the importance of human and technical factors compare in ensuring children's cybersecurity? How could insights from cybersecurity leaders' experiences in protecting organisations and their own children be applied to protect children in general and vice versa? Answering these questions would provide a unique and valuable perspective, with insights and advice to contribute to the body of knowledge for the benefit of children, parents, organisations, policy making and society in general." "CyberSecurity (CS) research program - operating year 2024" "Bjorn De Sutter" "Department of Electronics and information systems" "This strategic research programme includes four tracks. Track 1 addresses Application and Software Security Track 2 includes Strategic Security Services Track 3 covers System and Infrastructure Security. Track 4 covers the Technology Building Blocks for Security. UGent is active in track 3, performing research on Diversity-based Multi-Variant Execution Mitigation Techniques for System Defense and on Methods and Tools for Secure Deployment." "CyberSecurity (CS) research program - operating year 2023" "Bjorn De Sutter" "Department of Electronics and information systems" "This strategic basic research program comprises four tracks: Track 1 focuses on application and software security. Track 2 includes strategic security services. Track 3 covers system and infrastructure security. Track 4 focuses on technology building blocks for security. UGent is active in track 3 and conducts research focused on multi-variant execution techniques based on diversity for system security, and on methods and tools for safe use of software protections." "OCH - Optimizing Legal and Ethical Use of Technologies for Cybersecurity & Health" "Paul Quinn" "Criminology, Metajuridica" "The IOF GEAR programme “Optimizing Legal and Ethical Use of Technologies for Cybersecurity & Health” (OCH) aims at contributing substantially to the European, and global, search to optimize the legal and ethical use of technologies in the domains and cybersecurity and health in order for them to better serve their societal purposes. VUB’s research group on Law, Science, Technology and Society (LSTS), specifically its two labs focusing on cybersecurity and health, the Cyber and Data Security Lab (CDSL) and the Health and Ageing Law Lab (HALL) respectively, are uniquely positioned to serve these objectives through, among others, applied research within EU- and Member State-funded projects, collaborations with industry-representative associations, governmental actors (including at EU level), as well as, academic partners active within the above fields, participation in training activities and collaborations, as well as, development of their own legal and ethical assessment tools and methodologies to optimize uptake and deployment of cybersecurity and health technologies"