Skip to main content
Logo
EnglishEnglish
European Cybersecurity Competence Centre and Network
  • Call for proposals
  • Open

Increased Cybersecurity - HORIZON-CL3-2025-02-CS-ECCC

The call for proposals HORIZON-CL3-2025-02-CS-ECCC – Increased cybersecurity is implemented by the ECCC and covers 6 topics for an overall indicative budget of EUR 90.55 million.

Details

Status
Open
Publication date
29 April 2025
Opening date
Deadline model
Single-stage
Deadline date
12 November 2025, 17:00 (CET)
Funding programme
Department
European Cybersecurity Industrial, Technology and Research Competence Centre

Description

Generative AI for Cybersecurity applications (EUR 40 million)

Expected Outcome:

Projects will develop technologies, tools, processes that reinforce cybersecurity using AI technological components, in particular Generative AI, in line with relevant EU policy, legal and ethical requirements.

Proposals should address at least one of the following expected outcomes:

  • Developing, training and testing of Generative AI models for monitoring, detection, response and self-healing capabilities in digital processes, and systems against cyberattacks, including adversarial AI attacks.
  • Development of Generative AI tools and technologies for continuous monitoring, compliance and automated remediation. These should consider legal aspects of EU and national regulation as well as ethical and privacy aspects.

Further details on the Funding and Tenders portal.

New advanced tools and processes for Operational Cybersecurity (EUR 23.55 million);

Expected Outcome:

The use of and dependence on information and communication technologies have become fundamental aspects in all sectors of the economy. Public administrations, companies and citizens are more interconnected and interdependent across sectors and borders than ever before. This higher uptake of digital technologies increases exposure to cyber security incidents, vulnerabilities and their potential impacts. At the same time, Member States are facing growing cybersecurity risks and an overall complex threat landscape, with a clear risk of rapid spill-over of cyber incidents from one Member State to others.

Moreover, cyber operations are increasingly integrated in hybrid and warfare strategies, with significant effects on the target. In particular, the current geopolitical context is being accompanied by a strategy of hostile cyber operations, which is a game changer for the perception and assessment of the EU’s collective cybersecurity crisis management preparedness and a call for urgent action. The threat of a possible large-scale incident causing significant disruption and damage to critical infrastructure and data spaces demands heightened preparedness at all levels of the EU’s cybersecurity ecosystem. In recent years, the number of cyberattacks has increased dramatically, including supply chain attacks aiming at cyberespionage, ransomware, or disruption. The vulnerability landscape is also threatening. The ENISA Threat Landscape Report 2024 counts a total of 19,754 vulnerabilities. This amount of vulnerabilities can’t be manually managed by humans. There is a need for automated management of vulnerabilities based on established standards like the Common Security Advisory Framework (CSAF).

As regards detection of cyber threats and incidents, there is an urgent need to increase the exchange of information and improve our collective capabilities in order to reduce drastically the time needed to detect cyber threats and mitigate, before they can cause large-scale damage and costs. While many cybersecurity threats and incidents have a potential cross-border dimension, due to the interconnection of digital infrastructures, the sharing of relevant information among Member States remains limited. Proposals are expected to address this emerging threat landscape with the development of advanced frameworks, services tools, and processes, in line with relevant EU legislation (NIS2, Cyber Resilience Act, Cyber Solidarity Act).

Lastly, focus should be given to developing innovative frameworks, technologies, tools, processes, and services that reinforce cybersecurity capabilities for operational and technical cybersecurity cooperation, in line with relevant EU policy, with particular focus on NIS2, Cyber Solidarity Act and the EU Cybersecurity Strategy, as well as legal and ethical requirements.

Further details on the Funding and Tenders portal

Privacy Enhancing Technologies (EUR 11 million)

Expected Outcome:

Projects’ results are expected to contribute to some or all of the following outcomes:

  • Development of robust, scalable, and reliable technologies to uphold privacy within federated and secure data sharing frameworks, as well as in the processing of personal and industrial data, integrated into real-world systems.
  • Development of privacy preserving approaches for data sharing solutions, including privacy-preserving cyber threat information sharing, and in collaborative computations involving sensitive data.
  • Integration of privacy-by-design at the core of software and protocol development processes, with attention to ensure that cryptographic building blocks and implementations of privacy-enhancing digital signatures and user-authentication schemes are crypto-agile and modular, to facilitate a transition towards post-quantum cryptographic algorithms.
  • Development of privacy enhancing technologies for the users of constrained devices.
  • Contribution towards the advancement of GDPR-compliant European data spaces for digital services and research, such as those on health data, aligning with DATA Topics of Horizon Europe Cluster 4.
  • Development of privacy enhancing technologies and solutions, to benefit the requirements of citizens and companies, including small and medium-sized enterprises (SMEs).
  • Development of blockchain-based and decentralized privacy-enhancing technologies, to preserve data confidentiality, integrity, and the authenticity of transactions and digital assets. Possible combination of blockchain with other technologies, such as federated learning, will need to address the data's security and privacy shared through such networks while ensuring that their connected devices are trusted.
  • Investigating the usability and user experience of privacy-enhancing technologies and exploring ways to design systems that are both secure and user-friendly.

Further details on the Funding and Tenders portal

Security evaluations of Post-Quantum Cryptography (PQC) primitives (EUR 4 million)

Expected Outcome:

Projects’ results are expected to contribute to some or all of the following outcomes:

  • Breakthroughs in understanding the quantum hardness of various mathematical problem classes that underpin the security of current and future post-quantum cryptosystems;
  • New quantum algorithms with significant quantum speed-up for lattice-based, code-based, and potentially other mathematical problem-classes;
  • Improved implementation of quantum algorithms using high-level quantum programming languages to solve mathematical problems forming the core of cryptosystems;
  • Establishment of environments testing the robustness of cryptosystems regarding quantum attackers;
  • AI-based approaches to help discovering vulnerabilities of lattice-based or other mathematical problem-classes;
  • Cryptanalysis results;
  • Parameter suggestions to create a robust set of cryptographic building blocks for post-quantum cybersecurity and design of post-quantum cryptosystems with improved security against quantum or AI-based attacks.

Further details on the Funding and Tenders portal

Security of implementations of Post Quantum Cryptography algorithm (EUR 6 million)

Expected Outcome:

Projects’ results are expected to contribute to some or all of the following outcomes:

  • Design and implementations of Post-Quantum Cryptography (PQC) algorithms that are resistant to side-channel and fault attacks;
  • Optimized countermeasures taking into account a balanced trade-off between security, performance, and costs;
  • Recommendations on implementing countermeasures for a broad range of attacks, also identifying the available and necessary hardware;
  • Analysis of new attacks or combinations of attacks, also eventually enhanced by AI, applicable to real-world conditions.
  • Design of automated security evaluations for PQC implementations.

Further details on the Funding and Tenders portal

Integration of Post-Quantum Cryptography (PQC) algorithms into high-level protocols (EUR 6 million)

Expected Outcome:

Proposals are expected to contribute to some or all of the following outcomes:

  • Design and implementations of at least one high-level post-quantum cryptography protocol along with a security analysis demonstrating that no security is lost compared to the used building blocks/lower-level protocols (KEMs, signatures, AEAD,…);
  • Submission of these high-level protocols integrating PQC to standardization bodies and/or submission of the specification and implementation to the respective open source projects;
  • Requirements analysis highlighting roadblocks and needs for development of PQC solutions for missing building blocks for migrating high-level protocols to PQC.

Further details on the Funding and Tenders portal