A Certification approach for dynamic, agile and reUSable assessmenT fOr composite systems of ICT proDucts, servicEs, and processeS

Civil SecurityHORIZON-IAID: 101120684
EC Contribution
โ‚ฌ49,992
Consortium Size
18 orgs
Start Year
2023
โ–ถSummary

Cybersecurity certification as introduced by the EU Cybersecurity Act (EUCSA) will play a crucial role in increasing the trust to and security of ICT Products, ICT Services and ICT Processes. Cybersecurity certification is a complex process, posing a variety of challenges to the different interested parties. This proposal introduces the CUSTODES, a system comprised of a variety of components with the aim to provide trustworthy, cost-effective, agile and portable conformity assessment capabilities, to a variety of interested parties, covering multiple Assurance levels of Composite ICT products or ICT services.The CUSTODES system will discover and translate certification information of the Building Blocks of the composite ICT products or Services under evaluation, will provide Certification information to the interested parties and will share information on newly identified vulnerabilities related to the specific blocks or composite products as needed increasing transparency, re-usability and trust. It will also utilize a Restricted & Trusted Execution (RTE) Environment, to ensure the chain of custody of the product under assessment.CUSTODES will be validated in three pilots, a) one of two Class I composite products with digital elements, b) one of an ICT product with an embedded AI component and c) a final one of the as-a-service functionality through EIT Digital extensive digital ecosystem. The CUSTODES project is built on a collaboration of 17 organisations from 11 EU member states and third countries. The Consortium which includes 3 Conformity Assessment Organizations is composed by 10 SMEs, 3 large industry partners, 2 research organizations, and 2 public organizations/associations. The Consortium is led by RISE which has extensive experience in national and European research projects, and numerous collaborations with industrial partners.

Consortium (18)

Project Results (10)

Source: CORDIS, the EU research results database.

โ–ถPublications (7)
A Practical Human-Centric Risk Management (HRM) Methodology
Electronicsยท 2025DOI
Kitty Kioskli, Eleni Seralidou, Nineta Polemi
A risk and conformity assessment framework to ensure security and resilience of healthcare systems and medical supply chain
International Journal of Information Securityยท 2025DOI
Kitty Kioskli, Elisavet Grigoriou, Shareeful Islam, Andrianos M. Yiorkas, Loizos Christofi, Haralambos Mouratidis
Adoption of Deep-Learning Models for Managing Threat in API Calls with Transparency Obligation Practice for Overall Resilience
Sensorsยท 2025DOI
Nihala Basheer, Shareeful Islam, Mohammed K. S. Alwaheidi, Spyridon Papastergiou
A taxonomy for cybersecurity standards
Journal of Surveillance, Security and Safetyยท 2024DOI
Eleni-Maria Kalogeraki, Nineta Polemi
Composite Inspection and Certification (CIC) System for Cybersecuity Assessment of ICT Products, Services, and Processes
2024 IEEE International Conference on Cyber Security and Resilience (CSR)ยท 2024DOI
Spyridon Papastergiou, Shareeful Islam, Eleni Maria Kalogeraki, Argyro Chatzopoulou, Panagiotis Bountakas, Konstantinos Pournaras, Sreedevi Beena, Nineta Polemi
Deciphering Cyber-Security Certifications: An Ontological Journey through Composite Systems and their certification
2024 IEEE International Conference on Engineering, Technology, and Innovation (ICE/ITMC)ยท 2024DOI
Jasmin Cosic, Admir Jukan
Strengthening Cybersecurity Certifications Through Robust Chain of Custody Practices
2024 IEEE International Conference on Cyber Security and Resilience (CSR)ยท 2024DOI
Jasmin Cosic, Admir Jukan, Miroslav Baca
โ–ถDeliverables (2)
โ–ถOther Results (1)
Periodic Reporting for period 1 - CUSTODES (A Certification approach for dynamic, agile and reUSable assessmenT fOr composite systems of ICT proDucts, servicEs, and processeS)