Logging is a universal and industry-agnostic practice, and organizations across diverse sectors are becoming increasingly vigilant about log security. Logs are the core sources for insights into the state of digital systems and are central to discovering cyber attacks. Thus, malicious actors commonly remove traces of their activities by manipulating logs. To date, the market is missing solutions that can independently monitor and verify that the logs have not been tampered with by malicious insiders or outside attackers. Without confidence in the integrity of logs, organizations are unable to mitigate cyber incidents in time as they have zero or very limited situational awareness of the occurrence and scope of cyber incidents. Guardtime AS, a pioneer in hash-based cryptography and production-grade blockchain technology implementation, has developed a breakthrough solution for log security - TrueTrail (TT). TrueTrail provides immutability and independent log verification, leveraging our proprietary blockchain technology for a decentralized trust anchor. Thereby we will bring into the market a fundamentally new approach to log security, which: • enables massive scale automated and independent log integrity assurance; • provides real-time log integrity checks and long-term log record validity; • makes any log data immutable and detects currently hidden log manipulations. We have piloted the solution and validated the value proposition with large-scale piloting with several governmental institutions as well as gained first customers from the finance sector. By completing the TNT project we can launch TrueTrail to global markets, implement a highly scalable business model, significantly shorten the sales and implementation cycles, and target new customer segments. Moreover, the SMEI funding will allow us to achieve commercial independence and technological freedom.

On B2B and B2C relations, the reliability among stakeholders is an essential requirement. Every second of every day, businesses exchange items with suppliers, partners, customers and others. Items mean goods, services, money, data and more. Such exchanges are transactions, that need to be reliable, precise and agreed among the participants. Moreover, in many transactions, the fully automation is not possible, it is needed a trusted centralized entity. In many cases, the human intercession is needed to certify the proper execution of such transaction (audit, public notaries, third-party certifier…). Blockchain aims to enable automatic transactions, reducing the "trust tax" among stakeholders. It is being used in more and more domains. However, Blockchain cannot fully ensure that the digitally recorded information is taken in a certain location and time. The automated and trusted Proof of Location has not been fully achieved without the human intercession. A reliable and affordable source of positioning/timing data is essential to achieve the automated verification of location and time. The new service Open Service Navigation Message Authentication (OS-NMA) of Galileo will provide authentication of the navigation data, in order to determine if the data used for processing was produced by the satellites or falsified. The overall goal of SPACE4GREENERis to propose a technological solution that enable a trusted platform among stakeholders of different nature for the automated certification that an activity occurs or a thing is in a location in a certain point of time, without requiring a third-party human certification. The solution is based on the integration of Galileo OS-NMA signals and Blockchain with smart devices and mobile platforms that will produce a trusted information and share it among the stakeholders. The benefit of such approach is applicable to multiple domains, but the technical validation will be focused on Agrifood and fishing scenarios.

The proposed Cyber-security Excellence Hub in Estonia and South Moravia (CHESS) will integrate leading cybersecurity institutions and capitalize on the strengths of both regions to address important Europe-wide challenges. South Moravia is a major ICT industry & education powerhouse of the Czech Republic, with a very focused and coherent smart specialization strategy targeting cybersecurity. Estonia is among the most advanced digital societies globally, with exceptional e-government deployment – which, however, makes it vulnerable to various cyber threats. CHESS will directly follow the strategies and roadmaps of the European Cybersecurity Competence Pilots and build on the experience of CHESS partners involved in all four of these pilots, contributing to safe transition of the EU to full-scale digital society. The CHESS Hub will conduct a thorough needs analysis of the two regions and develop a joint cross-border R&I strategy for cybersecurity. The strategy development will be aided by implementation of pilot R&I projects that will reinforce the cross-regional collaboration, engage regional innovation ecosystems and build evidence for future projects. Gaps in skills and expertise identified in the regions will be removed by training and knowledge transfer. Finally, dedicated task forces will ensure sustainability of CHESS by integration with regional, national, and EU-level strategies and funding programmes. To exploit the project outputs, especially the pilot project results, CHESS will aid with market potential assessment and link researchers and innovators with entrepreneurship training and business consultancy services available in the regions. The strategizing, skills-building and pilot R&I will cover the totality of the cybersecurity field, with special attention to 6 Challenge Areas: Internet of Secure Things; Security Certification; Verification of Trustworthy Software; Blockchain; Post-Quantum Cryptography; and Human-centric Aspects of Cybersecurity.

Blockchain and distributed ledger technologies (DLTs) have emerged as one of the most revolutionary developments in recent years, with the goal of eliminating centralised intermediaries and installing distributed trusted services. They facilitate trustworthy trades and exchanges over the Internet, power cryptocurrencies, ensure transparency for documents, and much more. Although based on cryptographic techniques at their core, the currently deployed DLTs do not address privacy. Indeed, the very idea of a public ledger that stores a verifiable record of transactions at first appears inherently incompatible with the privacy requirements of many potential applications, which use sensitive data such as trade secrets and personal information. New cryptographic techniques and protocols are therefore needed to protect the data, facilitate these applications, and make DLTs deliver on their promises. PRIViLEDGE realises cryptographic protocols supporting privacy, anonymity, and efficient decentralised consensus for DLTs. In PRIViLEDGE, several European key players in cryptographic research and from the fintech and blockchain domains unite to push the limits of cryptographic protocols for privacy and security. Results from PRIViLEDGE are demonstrated through four ledger-based solutions: (1) verifiable online voting; (2) contract validation and execution for insurance; (3) university diploma record ledger; and (4) update mechanism for stake-based ledgers. The selected use cases are diverse and represent the principal application domains of DLT; this ensures wide reach and impact of the techniques developed in PRIViLEDGE beyond the immediate scope of the project.

SOFIE addresses the challenges of the call by creating a secure and open IoT federation architecture and framework. We use Distributed Ledger Technology (DLT), including blockchains and inter-ledger technologies, to enable actuation, auditability, smart contracts and management of identities and encryption keys, and to enable totally decentralised solutions with virtually unlimited scalability. We address the fragmentation of IoT through federation rather than integration. Virtually any IoT platform can join the federation by creating, relatively simply, an adapter. Data remains in the respective IoT platforms and is usable by all the applications within the limits set by the applicable security and privacy policies. We exercise security and privacy by design. We provide end-to-end security, key management, authorisation, accountability, and auditability, utilising DLTs where applicable. The user shall retain control over their data also after the data have been stored in the Cloud or Fog in an EU GDPR (or other regulations) compliant manner. We base our work on existing open standards, interfaces and components, such as FIWARE, W3C Web of Things (WoT), and oneM2M. We will select existing components, develop new ones, and collect them — together with documentation, instructions and examples — into an IoT federation framework for creating administratively decentralised, open, and secure IoT business platforms from existing IoT platforms. We will demonstrate the practicality of our approach by using it in three pilots in three different sectors: food chain, gaming, and energy market. Three business platforms will be realised for the pilots. The results of the pilots will be evaluated against the key performance indicators. We actively participate in standardisation and disseminate our results through scientific journals, conferences, and workshops, but also the Web, social media and developer communities. We also aim to make at least two of the pilots sustainable.