Project Management /INOV
WP1 will provide the overall support for both management and administration of the entire project and for all members of the IRIS consortium, following the setup of project management principles as contained in Project Management Institute’s (PMI), and Project Management Body of Knowledge’s (PMBOK) Guide.
Manage the project according to EU Grant Agreement (GA) provisions and conformingly to the GA
Coordinate at consortium level of the activities of the project
Manage the overall legal, contractual, financial and administrative aspects of the consortium
Monitor the overall technical coordination and progress of the project at all potential levels
Control and refine the objectives of the project, by taking care of quality assurance, performance management, and conflict resolution to ensure scientific excellence for all outputs and for the internal processes. Representation of the project and the consortium towards the EU Commission. Also liaising with other relevant projects both inside and outside the related specific EU domain.
Represent the project and the consortium towards external bodies and assemblies, and support of selected outcomes to these assemblies
Manage an internal repository of the generated information and reports
Manage the ethical and legal aspects of the IRIS project
System Co-Design / ATOS
WP2 will define the basis for the co-design of the IRIS technology outcomes. It will provide the requirements, the use cases and the application scenarios for the system development.
Specify the system-level requirements in line with actors’ needs and technical constraints.
Select and define the IRIS use cases that will drive the architecture definition.
Identify the IRIS innovations, human factors, requirements and means of validation (KPIs).
Survey technology roadmaps and interact with related initiatives for exploiting synergies.
Autonomous Threat Analytics / CEA
WP3 will develop autonomous threat detection, vulnerability assessment, response and self-recovery agents.
Develop a Digital Twin honeypot model for implementing deceptive security tripwires that generate threat intelligence telemetry and analytics, whilst testing ATA threat detection and capabilities.
Develop Autonomous AI Threat Detection classifiers and agents for dynamically identifying novel and emerging IoT and AI-targeted attack vectors and indicators of compromise allowing for the initiation of response procedures and publication of intelligence telemetry to CTI’s orchestration processes.
Develop an IoT/AI-provision risk and vulnerability assessment module, which analyses novel indicators of vulnerability from threat intelligence to initiate automatic incident response.
Develop a response and self-recovery module which evaluates risk and impact in real-time to implement automatic measures for threat mitigation and remediation on target IoT & AI infrastructures, and prioritize orchestration workflows for propagation of threat indicators across IRIS enhanced-MeliCERTes community.
Collaborative Secure and Trusted Cyber-Threat Intelligence Sharing / CERTH
WP4 will develop the dynamic repositories of threats and vulnerabilities; the IRIS Collaborative Threat Intelligence (CTI) and Data Protection and Accountability (DPA) modules tasked with enriching the capabilities of the MeliCERTes platform with advanced automated threat intelligence sharing and orchestration processes.
Develop dynamic repositories of threats and vulnerabilities related to IoT and AI threats.
Develop a CTI sharing toolkit that supports highly customizable and automated information sharing & filtering policies supporting the organizations’ privacy and security needs.
Develop advanced threat intelligence orchestration capabilities using OWS run books and playbooks.
Develop real-time data protection and recovery.
Develop a distributed ledger that provides dynamic accountability, auditing and traceability to threat intelligence publication, consumption and access control with self-encryption and recovery capabilities.
Virtual Cyber Range and Training Environment / THALES
WP5 will develop the IRIS Virtual Cyber Range (VCR) platform and the related hands-on training and exercises.
Develop the IRIS Virtual Cyber Range (VCR) platform and the related hands-on training and exercises.
Design and develop specific training exercises, along with their corresponding documentation and training content, targeting challenging adversarial IoT and AI threat intelligence scenarios and having the collaboration between CSIRTs/CERTs operators as one of the goals to achieve.
IRIS Platform Integration and Testing / INTRA
WP6 will integrate the findings of WP3, WP4 and WP5 into a single platform.
Specify the overall IRIS reference architecture as well as the technical specifications of the IRIS platform, and its individual components, modules and tools
Define an integration and testing plan that will be used in order to create the integrated IRIS platform
Setup the Continuous Integration/Continuous Development (CI/CD) environment
Integrate all software components developed within WP3, WP4 and WP5 to release the IRIS platform in two major releases, following the defined architecture and design specifications
Test the integrated platform at different levels, units, bilateral and end-to-end integration tests and functional workflows, to verify its correct system-level operation and functionality according to predefined technical testing plan, ensuring the quality of the produced integrated platform
Large-Scale Pilot Demonstration and Evaluation / KEMEA
WP7 will perform the pilot demonstrations in real life scenarios aiming to evaluate the IRIS platform.
Deliver an operational IRIS platform, offering all envisaged services, by large scale demonstrations of the modules and tools that have been implemented in other work packages
Develop detailed evaluation plan and methodology describing how the platform modules should be tested and assessed against the PUC scenarios
Validate the superiority of the IRIS platform by implementing 3 PUCs and analysing the gathered data
Dissemination, Communication and Exploitation of Results / CLS
WP8 will focus on the development and execution of viable plans for the IRIS dissemination, communication, and exploitation activities.
Tailored and interactive communication outreach and dissemination of the IRIS results towards the various stakeholders, integrating their feedback at key points of the project development
High impact-driven exploitation of the project results prioritising contributions for adoption of the IRIS technological components and solutions into future related standards and innovative products
Mapping of the technological roadmap into new business models based on market evaluation
Development of a standardisation strategy in IRIS by identifying the key exploitable results that can impact the standardisation and by preparing a concrete plan to submit contributions to relevant SDOs
Close collaboration with standardisation bodies, towards transforming the IRIS approach to an EU wide blueprint for the implementation of cyber security risk management practices
Maximization of the IRIS impact in the cybersecurity community and broader by establishing and engaging external groups (third parties) in the validation, evaluation and wider use of the project’s results
Ethics requirements / CEL
WP9 will set out the ‘ethics requirements’ that the project must comply with.
Ensure compliance with the ‘ethics requirements’ set out in this work package