Methodology

Phase 1 (Definition):

The definition phase marks the beginning of the project and involves the identification of the user requirements that will drive the design of the SPIDER platform, and the specification of the technical requirements of its components. To ensure a user driven approach, SPIDER envisages a strong involvement of the end users in all three design and
development cycles (1st, 2nd and final platform prototype).

Phase 2 (Implementation):

The implementation phase takes off from the user requirements specification, and comprises a range of integrated, multidisciplinary research and technology tasks

Phase 3 (Prototype & System Integration):

With the successful completion of all tasks in phase 2, the stand-alone SPIDER components will be integrated into an operational prototype platform that includes all the proposed SPIDER components. The prototype will be tested, integrated and demonstrated in real environments for each PUC separately. So there will be at least five Proof of Concepts (PoCs) to showcase the different features of the SPIDER Platform.

Phase 4 (Testing & User Validation):

In the final phase of the project, the SPIDER platform will be validated in five highly realistic pilot use cases covering different scenarios in cybersecurity testing, training and economics

The SPIDER methodology as an AGILE development approach

Objectives

Objective 1:

To analyse the user, technical and business requirements and design the core architecture of the SPIDER CRaaS platform for the telecommunications domain.

Objective 2:

To provide the telecommunications infrastructure that can support a cyber range with the latest 5G virtualisation, infrastructure management and orchestration technologies.

Objective 3:

To design and implement state-of-the-art AI/Machine Learning-based technologies capable of assessing the security of critical virtualised communication infrastructures.

Objective 4:

To design and implement a digital gamified and serious game-based learning environment for training experts and non-experts by leveraging serious games as well as gamified and active learning methods.

Objective 5:

To devise and integrate within the SPIDER CRaaS platform improved risk analysis and econometric models that can support public and private organisations in making optimal investment decisions and forecast the economic impact of cyber risks.

Objective 6:

To design and implement a monitoring and reporting layer that can track the progress and outcomes of the end users while testing and training with the SPIDER CRaaS platform.

Objective 7:
 
To demonstrate and validate the integrated SPIDER CRaaS platform across four pilots.
 

Objective 8:

To ensure (a) wide communication and scientific dissemination of the SPIDER results to the research, academic, and ICT community, (b) efficient exploitation and business planning of the SPIDER concepts and tools to the market, and (c) contribution of specific project results to relevant standardisation bodies.

 

Concept

SPIDER’s key technological concepts and unique selling points are:

  • the development and deployment of a cutting-edge cyber range platform for instructing and certifying cybersecurity professionals in resisting and dealing with modern cybersecurity incidents;
  • the establishment of a realistic cybersecurity training infrastructure and brokerage facility for cybersecurity situation awareness, hands-on exercise experience as well as for skills development in key cyber defence areas;
  • the provision of a virtual cyber environment that imitates reality for the quantitative, qualitative and realistic assessment of potentially ground-breaking cyber defence technologies and for experimentation with complex cyber-attacks in a contained environment;
  • the design and delivery of structured training and cyber exercises (both pre-built and customised) to prepare cyber defenders at both public and private organisations protect their critical infrastructures, enterprises and communications networks;
  • the delivery of a serious gaming repository for sharing training material;
  • the development of shared approaches to express and transform the end user needs into actual experiments and cyber exercises as well as the development of appropriate tools and methods for supporting current and future generated evidence-based simulation scenarios;
  • the development of unique analytics methodologies for quantifying the economic impact of cyber risk;
  • the derivation of improved risks analysis and econometric models to facilitate the effective decision-making and faster response to complex cyber risks.
  • the development of optimal risk mitigation and risk treatment methods for helping decision makers prioritise cybersecurity investments.

 

Fact-Sheet

Project duration

Start Date: 1st July 2019 – 30th June 2022 (36 months)

Consortium

19 partners from 9 European countries (high diversity)

Special skills & expertise plus extensive successful collaboration history (additional asset)

Reporting periods

Interim reporting period #1: 1/7/2019 [M1] – 31/12/2020 [M18]
Final reporting period #2: 1/1/2021 [M19] – 30/06/2022 [M36]

Resources

954 total Person/Months

Consortium

Consortium
1
ERICSSON TELECOMUNICAZIONI
ERICSSON
ITALY
2
CONSORZIO NAZIONALE INTERUNIVERSITARIO PER LE TELECOMUNICAZIONI
CNIT
ITALY
3
TELEFONICA I+D S.A.U.
TID
SPAIN
4
THALES SIX GTS FRANCE
THALES
FRANCE
5
ATOS SPAIN SA
ATOS
SPAIN
6
UBlTECH LIMITED
UBITECH
CYPRUS
7
UNIVERSIDAD POLITECNICA DE MADRID
UPM
SPAIN
8
FONDAZIONE BRUNO KESSLER
FBK
ITALY
10
EIGHT BELLS LTD.
8BELLS
CYPRUS
11
FOUNDATION FOR RESEARCH AND TECHNOLOGY
FORTH
GREECE
12
SERIOUS GAMES INTERACTIVE APS
SGI
DENMARK
13
UNIVERSITY OF PIRAEUS RESEARCH CENTRE
UPRC
GREECE
14
CITY UNIVERSITY OF LONDON
CITY
UK
15
CYBERLENS LTD.
CLS
UK
16
INFALIA PRIVATE COMPANY
INF
GREECE
17
INFOCOM S.R.L.
INFO
ITALY
18
SPHYNX TECHNOLOGY SOLUTIONS AG
STS
SWITZERLAND
19
K3Y LTD.
K3Y
BULGARIA
20
UNI SYSTEMS INFORMATION TECHNOLOGY SYSTEMS COMMERCIAL
UNI SYSTEMS
GREECE