News & Events

All events
Second International Workshop on Cybersecurity Certification

More >>
FOSAD - 20th Edition

More >>
CORMORANT - Seminar on cybersecurity and privacy in multimodal...

More >>

All news

Evaluation of the Cooperative Car demonstrator developed by TECNALIA in the CAPE program

17th Sep 2021
Last week EURECAT technology centre has visited the TECNALIA’s Autonomous Vehicle Cybersecurity laboratory, which is one of the laboratories that forms the BDIH Cybersecurity Node. The aim of the visit was to carry out, together with the TECNALIA team, a penetration test on a fleet of Model Cars while they circulate jointly and in a coordinated manner forming a platoon. This work is part of SPARTA!

In SPARTA, TECNALIA is working on the assessment and improvement of the security of connected vehicles driving autonomously in a platoon mode. A platoon is a group of vehicles driving in close proximity to each other, with the purpose of reducing aerodynamic drag, thereby reducing fuel consumption and CO2 emissions. Each platoon member, thanks to its CACC (Cooperative Adaptive Cruise Control), adapts its speed based on data received from its sensors and information exchanged with the other vehicles. They have also worked in new countermeasures to mitigate the cyber-attacks to which this ...
More >>

Turris OS 5.2 has bee released

8th Sep 2021
About Turris project:

Project Turris started back in 2013. It was a security project sponsored by CZ.NIC to get more relevant data about attacks on average Joe. As part of the project, routers with custom software were created and given away to Czech Republic households. Those routers were under contract, which stated that they had to be the main access point to the Internet. From those routers, firewall logs were collected. Apart from firewall logs, some minimalistic honeypots were written for popular protocols, trying to learn more about attacker’s behavior. The resulting data were shared with the Czech national CSIRT team and the relevant result with the worldwide security community. Apart from that, those data were used to generate publicly available greylist and dynamically update firewall on the routers and frequent updates, open-source firmware, and performance. After receiving this kind of feedback, CZ.NIC decided to try to spread those routers even further and created a co...
More >>

SPARTA at the 47th edition of the Cybersecurity Breakfast

2nd Sep 2021
AGENDA

The 47th edition of the Cybersecurity Breakfast was organized in cooperation with the SPARTA project. It was focused on lessons learned while effectively transforming cybersecurity research into innovation. 

The agenda was divided in 3 parts:

A keynote by Dr Mart Noorma, Science and Development Director at Milrem Robotics, Professor of Space and Defense Technology at University of Tartu (Estonia), on “Lessons learned from a highly innovative company, working for years with both academy and industry researchers to build unmanned ground systems”.
Focused highlights provided by senior leaders in the domain

Jacques Klein, Chief Scientist in Software Engineering and Mobile Security, University of Luxembourg (Luxembourg): “How realistic is it for researchers to access real world data for academic research, and then open innovation purposes?”
François Thill, Director Cybersecurity and Digital Technologies at the Ministry of the Economy (Luxembourg): “A MECO i...
More >>

Personal Data Breach Regulation

27th Jul 2021
Article 33 of the General Data Protection Regulation 2016/679 (GDPR) requires that, as soon as the data controller becomes aware that a personal data breach has occurred, it should without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority, unless the controller can demonstrate that the breach is unlikely to result in a risk for the rights and freedoms of individuals. “Personal data breach” is defined in Article 4(12) GDPR as a “breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of personal data transmitted, stored or otherwise processed.” Where this cannot be achieved within 72 hours, an explanation of the reasons for the delay should accompany the notification to the supervisory authority and information may be provided in phases without undue further delay.

Furthermore, data subjects should be notified without undue dela...
More >>

Analysis of foreign influence and cyber incidents during the Latvian municipal elections 2021

21st Jul 2021
Disclamer: This analysis was conducted by one of Sub-case owners (DeBunkEU.org) that recently joined the SPARTA T-SHARK Program. The aim of the “Analysis of foreign influence and cyber incidents during the Latvian municipal elections 2021” was to demonstrate how the incidents collected from the different data sources (Information and cyber environment) can be linked and analysed together and how the decision makers can benefit from the full spectrum of cybersecurity awareness.

In the beginning of June, regular municipal elections were held in Latvia. Even though the municipality of Riga did not hold the elections this year, the capital was targeted the most amid the decision of the mayor to remove the Belarusian flag during the hockey tournament. 

To complete this analysis, DebunkEU.org joined the T-SHARK programme, which concentrates on combining information and technological spheres to draw connections between cyber incidents and the information landscape. Analysis of Latvian mu...
More >>

Making Cybersecurity more Responsible

16th Jul 2021
Cybersecurity has become more and more critical for the functioning of our society. Cybersecurity measures, however, may come at the expense of other interests and values. This is problematic since those who decide on security measures in politics, industry and law enforcement don’t have the same interests and priorities as those who are finally affected by them, namely citizens and companies. Researchers and engineers implementing cyber security measures may have their ideas and priorities. Thus, finding the right balance between the interests of different stakeholders remains difficult even if actors are aware of possible value conflicts. It is also obvious that the social groups affected by cybersecurity measures and the range of impacts can vary greatly and depend heavily on the specific use cases and implementation details, so that no concrete instructions for action can be given apart from very general guidelines.

One way to address this conflict is through the concept of “re...
More >>

SPARTA organized Summer School on the relationship between cybersecurity and privacy

12th Jul 2021
SPARTA and CyberSec4Europe are involved in the organisation of the 16th Summer School on Privacy and Identity Management, which will take place in August 2021. This Summer School is a joint effort together with IFIP, the International Federation for Information Processing and its working groups on Social Accountability and Cybersecurity. 

The topic of the Summer School is “It’s complicated: Exploring the complex relationship between cybersecurity, privacy, and other liberties”. These relations are manifest at both regulatory and practical levels: with digital media and information technology as everyday commodities, an increasing number of attacks on IT security are based on privacy breaches and privacy breaches are facilitated by security attacks. Examples include CEO fraud, spear fishing, and leakage of consumer information like credit card details. Although there is a general consensus that security, privacy, and data protection are interrelated, the complexity of their relation...
More >>

More efficient information gathering from DNS servers

7th Jul 2021
author: Ladislav Lhotka

translation: Petra Raszková

Since the end of January 2021, all authoritative DNS servers operated by CZ.NIC association collect information about DNS transactions (queries and responses) using the new standard format Compacted-DNS (C-DNS).

Its specification is incorporated in RFC 8618. For the process of data gathering is used DNS Probe software developed in CZ.NIC labs in cooperation with FIT VUT in Brno. This completed approximately a half-year phase of transition from the traditional and previously used PCAP format. During this phase was tested performance as well as the stability of DNS Probe and afterwards the results obtained from both formats were compared. 

C-DNS unlike PCAP was made especial for saving and transfer of great numbers of DNS transactions. It was designated in order to be as efficient and flexible as possible, which on the other hand is related with its relative complicatedness. A more detailed description is beyond ambit of this con...
More >>

SPARTA Data Sharing Infrastructure

24th Jun 2021
Data sharing is one of the key aspects of building a comprehensive cybersecurity concept within the T-SHARK programme. Shared cyber incident-related data, extracted using different technological tools; structured contextual information from different sources makes it possible to connect separate events, better understand targets and build situation awareness in the whole ecosystem. 

The specially developed SPARTA Data Sharing infrastructure consists of the integration of two main existing sharing platforms: the “MISP Threat Sharing’’ systems and the “C3ISP Collaborative and Confidential Information Sharing and Analysis for Cyber Protection’’ system. The main frontend of the SPARTA Data Sharing Infrastructure will be represented by the MISP data-sharing platform because the MISP graphical user interface offers a wide number of functionalities to help users in their searches and analysis and, at the same time, it is very easy and intuitive to be used. Secondly, the data format used t...
More >>

ROUNDATABLE: “From education, going through the R&D&i, towards the Intelligent Company”

17th Jun 2021
Last week the “VI National Cybersecurity Research Days” conference (https://2021.jnic.es/programa) was held in Spain, in which Ana Ayerbe from TECNALIA presented SPARTA in a roundtable organised by the Spanish Chapter of the Women4Cyber initiative.

The roundtable covered the different issues related to the cybersecurity supply chain, starting with the education needs to cover the talent gap, going through the different efforts in the Research and Development area, to finalise with the technological transfer of technologies and solutions towards the companies, and the creation of Cybersecurity startups.

The roundtable started with a presentation by Mar Lopez from the National Cybersecurity Department (DSN) that talked about the status of Cybersecurity at Spanish level, the talent needs and the gender and diversity dimension introducing the Women4Cyber initiative.

After that, two entrepreneurs talked about their experience in the Cybersecurity world: Azucena Hernández, CEO of EUROC...
More >>

About

Mission

Re-imagining the way cybersecurity research, innovation, and training are performed in Europe across domains and expertise, from foundations to applications, in academia and industry

Impact

SPARTA will create a long-lasting community capable of collaboration to define, develop, share, and evolve solutions that will help practitioners prevent cybercrime and enhance cybersecurity.

Vision

Become a unique innovation force in cybersecurity with transformative impacts on European Union economy, infrastructures, society and democracy.

It's a tough road ahead

With one of the most advanced and multi-cultural research ecosystem in the world, the European Union has the means to take on the cybersecurity challenge. Its scientists have the opportunity to become a unique innovation force in cybersecurity with transformative impacts on our economy, infrastructures, society, and democracy.

Yet many challenges need to be addressed before such a vision can be successful.


How can we design and effectively maintain a European roadmap in cybersecurity research?

How might we cultivate out-of-the-box thinking in research endeavours?

What is the most effective way to maintain excellence in multi-disciplinary pursuits?

These first three items are instrumental to foster a culture of risk-taking – a critical asset for creativity in the face of innovative threats.

These last three items are absolutely key to ensure that the SPARTA network will produce concrete and transformative results. More importantly, they are instrumental in making these results suitable for a wide variety of applications in vertical sectors, creating technological vantage points and economic leverage.


How do we sustain strategic analysis and guidance for research and innovation?

What is the best way to implement flexibility in research actions?

How can we leverage the accumulated strengths of the European industry?

Organizing tomorrow's research activities

Governance activities form the backbone of the network, supporting community activities that range from roadmap design to Request for Challenges, from monthly SPARTA Workshops to bi-yearly SPARTA Days. Research programs are continuously spun from strands of the roadmap, led by experts of their fields, and aim at generating concrete and transformative results.

Develop an ambitious Cybersecurity Research and Innovation Roadmap leveraging Europe’s strengths and opportunities, across multiple disciplines, maturity levels, and geographical locations.

Set up space, time, and means to enable research collaborations, leveraging the strengths of existing structures and organisations around a Joint Competence Center Infrastructure.

Explore innovative work in full- spectrum situational awareness, with the goal of enabling the supervision of complex systems over heterogeneous time scales.

Develop a foundation for secure- by-design intelligent infrastructure built on strong formal approaches, addressing multiple cybersecurity facets.

Investigate new avenues for continuous assessment and new evaluation tools and techniques for handling tomorrow's dynamic and elastic digital systems.

Devise approaches to make systems using AI more reliable and resilient through enhanced explainability and better threat understanding.

Foster the emergence of a thriving and responsible research and innovation model, allowing the development of unique innovation paths, contributing to European strategic autonomy.

Establish unparalleled traction with European, national, and regional ecosystems, relaying concrete requirements, disruptive ideas, and novel results through multi-level and cross-network actions and events.