BEAWRE

PDP4E is an innovation action that will provide software and system engineers with methods and software tools to systematically apply data protection principles in the projects they carry out, so that the products they create comply with the General Data Protection Regulation (GDPR), thus bringing the principles of Privacy and Data Protection by Design to practice. PDP4E will integrate privacy and data protection engineering functionalities into existent, mainstream software tools that are already in use by engineers, focusing on open-source tools that will be integrated in the Eclipse ecosystem, The approach will integrate methods proposed by the privacy engineering community (e.g. LINDDUN, ISO/IEC 27550 Privacy engineering), and the industry of software and system engineering tools (e.g. MUSE, PAPYRUS or OpenCert) using a model driven engineering approach. PDP4E will introduce privacy and data protection into software and system engineering disciplines (Risk Management, Requirements Engineering, Model-Driven Design, and Assurance), which drive the everyday activities of engineers. Results of PDP4E will be assessed by two demonstration pilots on industries where privacy and data protection are especially relevant, one on C-ITS applications and services (connected vehicle application domain) and one on big data on smart grid (smart grid application domain). PDP4E will promote its results in engineering communities, as Eclipse (community of software developers) or IPEN (community of stakeholders with an interest on privacy engineering). An open Alliance for Privacy and Data Protection Engineering is planned as a follow-up of the project, building on that community and the synergies among partners. PDP4E includes 8 partners and has a 36-month duration.

To unleash the full potential of IoT, realizing the digital society and flourishing innovations in application domains such as eHealth, smart city, intelligent transport systems, and smart manufacturing, it is critical to facilitate the creation and operation of trustworthy Smart IoT Systems. Since smart IoT systems typically operate in a changing and often unpredictable environment, the ability of these systems to continuously evolve and adapt to their new environment is decisive to ensure and increase their trustworthiness, quality and user experience. The DevOps movement advocates a set of software engineering best practices and tools, to ensure Quality of Service whilst continuously evolving complex systems and foster agility, rapid innovation cycles, and ease of use . Therefore, DevOps has been widely adopted in the software industry . However, there is no complete DevOps support for trustworthy smart IoT systems today. The main technical goal of ENACT is to develop novel IoT platform enablers to: i) Enable DevOps in the realm of trustworthy smart IoT systems, and enrich it with novel concepts for end-to-end security and privacy, resilience and robustness strengthening trustworthiness, taking into account the challenges related to “collaborative” actuation and actuation conflicts. ii) Facilitate the smooth integration of these to leverage DevOps for existing and new IoT platforms and approaches (e.g., FIWARE, SOFIA, and TelluCloud). This will be accomplished by evolving current DevOps methods and techniques to support the agile development and operation of smart IoT systems, and provide a set of novel mechanisms to ensure quality assurance and trustworthiness, such as actuation conflict handling, continuous testing and delivery across IoT, edge and cloud spaces and end to end security and privacy management. Through this ENACT will provide a DevOps framework for smart IoT Systems

Improving the CI capacities at preparedness, detection and response phases requires the attention to the human factor as well as the collaboration of heterogeneous organisations involved in the CI development and operation, ensuring a continuum of care, just as it is done for other ICT systems with the adoption of SecDevOps approaches. DYNABIC Consortium believes that the adoption of defensive AI and novel approaches to continuous business risk management based on enhanced SecDevOps can drastically improve critical services resilience. Furthermore, AI-based self-healing and autonomous response automation can greatly help to achieve fast and efficient recovery and enable the provision of fully resilient critical services to European citizens. The strategic objective of DYNABIC is to increase the resilience and business continuity capabilities of European critical services in the face of advanced cyber-physical threats. This objective will be pursued by delivering new socio-technical methods, models and tools to support resilience through holistic business continuity risk management and control in operation, and dynamic adaptation of responses at system, human and organization planes. DYNABIC will deliver the DYNABIC Framework that will enable OES to predict, quantitatively assess and mitigate in real-time business continuity risks and their potential cascading effects. Furthermore, it will enable the dynamic autonomous adaptation of critical infrastructures to meet Resilience goals by the automatic optimization and orchestration of response strategies. The DYNABIC framework will be validated in two types of demonstrations: i) Smart Preparedness, prevention and Response to Business Disruption risks in 4 critical infrastructures and supply chains (EV charging stations, Critical transport services, Telco services, and Hospital services), and i) Smart Preparedness and Response to Cascading Business Disruption risks in interconnected CIs.