Phase 1 (Definition):

The definition phase marks the beginning of the project and involves the identification of the user requirements that will drive the design of the SPIDER platform, and the specification of the technical requirements of its components. To ensure a user driven approach, SPIDER envisages a strong involvement of the end users in all three design and
development cycles (1st, 2nd and final platform prototype).

Phase 2 (Implementation):

The implementation phase takes off from the user requirements specification, and comprises a range of integrated, multidisciplinary research and technology tasks

Phase 3 (Prototype & System Integration):

With the successful completion of all tasks in phase 2, the stand-alone SPIDER components will be integrated into an operational prototype platform that includes all the proposed SPIDER components. The prototype will be tested, integrated and demonstrated in real environments for each PUC separately. So there will be at least five Proof of Concepts (PoCs) to showcase the different features of the SPIDER Platform.

Phase 4 (Testing & User Validation):

In the final phase of the project, the SPIDER platform will be validated in five highly realistic pilot use cases covering different scenarios in cybersecurity testing, training and economics


Objective 1:

To analyse the user, technical and business requirements and design the core architecture of the SPIDER CRaaS platform for the telecommunications domain.

Objective 2:

To provide the telecommunications infrastructure that can support a cyber range with the latest 5G virtualisation, infrastructure management and orchestration technologies.

Objective 3:

To design and implement state-of-the-art AI/Machine Learning-based technologies capable of assessing the security of critical virtualised communication infrastructures.

Objective 4:

To design and implement a digital gamified and serious game-based learning environment for training experts and non-experts by leveraging serious games as well as gamified and active learning methods.

Objective 5:

To devise and integrate within the SPIDER CRaaS platform improved risk analysis and econometric models that can support public and private organisations in making optimal investment decisions and forecast the economic impact of cyber risks.

Objective 6:

To design and implement a monitoring and reporting layer that can track the progress and outcomes of the end users while testing and training with the SPIDER CRaaS platform.

Objective 7:
To demonstrate and validate the integrated SPIDER CRaaS platform across four pilots.

Objective 8:

To ensure (a) wide communication and scientific dissemination of the SPIDER results to the research, academic, and ICT community, (b) efficient exploitation and business planning of the SPIDER concepts and tools to the market, and (c) contribution of specific project results to relevant standardisation bodies.



SPIDER’s key technological concepts and unique selling points are:

  • the development and deployment of a cutting-edge cyber range platform for instructing and certifying cybersecurity professionals in resisting and dealing with modern cybersecurity incidents;
  • the establishment of a realistic cybersecurity training infrastructure and brokerage facility for cybersecurity situation awareness, hands-on exercise experience as well as for skills development in key cyber defence areas;
  • the provision of a virtual cyber environment that imitates reality for the quantitative, qualitative and realistic assessment of potentially ground-breaking cyber defence technologies and for experimentation with complex cyber-attacks in a contained environment;
  • the design and delivery of structured training and cyber exercises (both pre-built and customised) to prepare cyber defenders at both public and private organisations protect their critical infrastructures, enterprises and communications networks;
  • the delivery of a serious gaming repository for sharing training material;
  • the development of shared approaches to express and transform the end user needs into actual experiments and cyber exercises as well as the development of appropriate tools and methods for supporting current and future generated evidence-based simulation scenarios;
  • the development of unique analytics methodologies for quantifying the economic impact of cyber risk;
  • the derivation of improved risks analysis and econometric models to facilitate the effective decision-making and faster response to complex cyber risks.
  • the development of optimal risk mitigation and risk treatment methods for helping decision makers prioritise cybersecurity investments.



Project duration

Start Date: 1st July 2019 – 30th June 2022 (36 months)


19 partners from 9 European countries (high diversity)

Special skills & expertise plus extensive successful collaboration history (additional asset)

Reporting periods

1M -> 18M (review meeting is TBD at the moment)

19M -> 36M indicative (final review meeting is TBD at the moment)


954 total Person/Months