Interest for Evaluators (Open Call 2 -OPEN)

The deadline is extended for Thursday 31/10/24, 17:00 Brussels time

Closed

Purpose: Resilmesh calls experts to participate as an external evaluator for the Open Call 1. Welcome to the Resilmesh call for the Expression of Interest for Evaluators! This is your opportunity to contribute as an external evaluator in our exciting project.

 Expression of Interest for Evaluators

Welcome to the Resilmesh call for the Expression of Interest for Evaluators! This is your opportunity to contribute as an external evaluator in our exciting project.

The pool of evaluators will gather a set of recognized experts in the domain of Resilmesh Open Call 2 selected through an open process to ensure transparent and consistent evaluation of the applications.

Types of experts (profiles)

Applications for External Evaluators are now open!

We are looking for experts to serve as evaluators in the field of cybersecurity, modern security models, attack prediction and detection, cyber resilience capacity.

The evaluators will assume the responsibility of providing a neutral and rigorous scientific and/or business assessment of fellows’ applications, focusing on the following key aspects:

  • Alignment and Excellence: Projects must demonstrate a clear set of objectives aligned with the general objectives of the project, and the challenge they are targeting. Additionally, applications must demonstrate that the proposal is innovative.
  • Impact: Projects must demonstrate how they will contribute to Resilmesh impact and extend the Resilmesh training datasets (Additional datasets are optional but highly valued) and the alignment with the envisioned licensing model for Resilmesh.
  • Concept & Technology: How the solution addresses the challenge proposed and how it advances the state of the art and its feasibility. The novelty and technology fit to Resilmesh scope, including the platforms/ technologies to be integrated, and technical capacity to achieve TRL 4-5.
  • Implementation: Applicants must provide credible evidence that the project delivery team has the necessary skills, infrastructure and management experience to be able to deliver the project, and the work plan is realistic to deliver the proposed solution in the timeframe of the acceleration program and budget specified.

What are the benefits for the evaluators

  • Contribute to Resilmesh’s goals and be recognized as an independent evaluator in an Horizon Europe project.

Note that experts cannot publicly announce that they are collaborating with the Resilmesh consortium until the end of the project (September 2026), as it is a confidential process, and all evaluators must remain anonymous. However, independent evaluators can explicitly say they are involved in an evaluation process as experts in a European Commission project.

  • Be economically compensated for the work performed. Based on the European Commission rules, the work performed by independent evaluators will be reimbursed. Each evaluator will be expected to finish eight evaluations which corresponds to a total of €900 compensation.
  • Be an important part of the project and related ecosystem. Get to know your peers (increase your network) and contribute to the success of the Resilmesh project.

Key information about the project

Resilmesh will help organisations achieve higher levels of security and resilience by providing them with methods and tools to better manage the complexity of their digital infrastructures and services, combat advanced persistent threats (APT’S). The project has identified three digital infrastructure domains that will act as early adopters and amplifiers of Resilmesh solutions: (i) renewable energy (ii) civic regional infrastructure and (iii) flexible manufacturing. Digital infrastructure domains include a wide range of civil and critical infrastructures that have very varying technologies, topologies, and application requirements.

Types of projects and challenges in the Open Call #2

Note: Refer to the Resilmesh Architecture[1] Description for technical information on the terms below.

Challenge 1- Extension to new domains and systems

This challenge will address extensions to Resilmesh via the collaboration mesh IRP’s.

The collaboration mesh consists of two sub-parts:

1. A connectivity mesh to describe the interconnection of the systems’ components. This term includes not only the actual network connectivity but also the end-to-end aggregation data processing pipeline. This applies primarily to the Collaboration Mesh and the Aggregation Plane – see system architecture diagram in D2.3.

For this subject area we are interested in proposals:

  • That demonstrate how the connectivity mesh capability can provide secure adaptivity to improve the resilience of the Resilmesh platform by improving resilience engineering techniques such as redundancy and dynamic positioning as described in the NIST cyber resilience engineering[2] guidelines to provide a form of Moving Target Defence.
  • We expect a Kubernetes-based service mesh implementation. The task shall also indicate and demonstrate how their implementation will address known security issues that could arise in the use of Kubernetes service mesh such as mTLS configuration issues, sidecar injection vulnerabilities, lack of ingress/egress controls, certificate and key management risks etc.
  • The proposal should be grounded in a specific IT or OT application scenario.

2. An interworking mesh based on the use of open protocols, standards and best practices to enable ease of integration and cooperation between security applications/controls including third party tools. In this task we are looking for proposals that will extend the interoperability in the security application layers i.e. Threat Awareness, Situation Assessment and Security Operations- between Resilmesh components and other tools along the lines of the Open XDR Architecture (OXA) principles including the use of ‘Meshroom’ tool.

Proposals should address one of connectivity mesh or interworking mesh.

Challenge 2 – New Analytic Algorithms and Architectures

Zone based Anomaly detection architectures: This area is concerned with exploring the use of novel approaches to edge anomaly detection as well as alerts aggregated by zone. A security zone is a logical grouping of physical, data, and application assets sharing common security requirements. Zones have long been a central feature of Industrial Control System (IDS) networks (https://bit.ly/3yL1g0y ) . They are now also becoming mainstream in IT security solutions as a part of the Zero Trust approach i.e. secure device enclaves such as the Google Cloud Platform ‘service perimeter’ or network segment etc.

This task will therefore explore, for a particular use-case or scenario, how zone based anomaly detection may be implemented in Resilmesh. This relies on the capability to associate a number of assets as a single unit for analysis purposes and may involve extension of the ISIM asset management tool or the NSE network risk management tool as well as possible extension to Wazuh dashboards.

Novel edge AI AD architectures and algorithms: The deployment of edge-based AI opens many possibilities for experimenting with different algorithms and architectures, taking into consideration the needs of the domain and the data. Some possible approaches might be:

  • Use Ensemble methods
  • Distributed deep learning
  • Incremental learning
  • Edge Agent/ic architectures
  • Edge-to-Edge Collaborative Anomaly Detection
  • Multi-modal and multi-rate data sources fusion

User and Entity Behaviour Analytics: UEBA shifts the focus of detection from Indicator of Compromise (IoC) approaches to focus on higher level Indicators of Behaviour (IoB). UEBA can apply to both endpoint and network traffic behaviours. One approach here could be to extend the Resilmesh NDR functional component with network behaviour analytics such as those identified in the Network Traffic Analysis category in the Mitre D3FEND taxonomy (https://d3fend.mitre.org/). UEBA analytics for IIoT/OT infrastructure in particular are of interest.

What is expected from potential evaluators

Experts must be available during the evaluation period, which is set to run during November-December 2025, according to the following indicative timeline:

  • Selection of experts and contract signature: 14/11/25
  • Evaluators Conference call: 17/11/2025
  • Application evaluation: until 17/11/2025 – 23/11/2025
  • Consensus Meetings: 24/11/2025 [if needed]

The evaluation stage will take place remotely, using tools provided by the Resilmesh consortium.

Note: The above timeline is indicative and may change according to consortium needs.

More information

Important Notice:

Please note that this expression of interest to participate in the Resilmesh Open Call 2 evaluation as an external expert is NOT binding and does NOT constitute any commitment to the Resilmesh project.

The selection of the experts to support Resilmesh in the evaluation of the Open Call 2 will be taken at a later stage, since it depends on the number of received proposals, their origin, the domain that they target as well as the origin of the potential evaluators, their affiliations, their expertise and the balance between various criteria (e.g. gender, background, affiliation type, age, expertise etc.). Furthermore, we are obliged to frequently change experts that support in the evaluations of proposals.

Registration available here until 5/11/2025 at 5:00PM CET [Brussels time]

[1] D2.3 System Architecture v2  https://resilmesh.eu/deliverables/

[2] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160v2r1.pdf

Download "Expression of Interest for Evaluators"

Resilmesh
Powered by  GDPR Cookie Compliance
Privacy Overview

TERMS OF USE - COOKIES POLICY - DATA PROTECTION POLICY

TERMS OF USE

The RESILMESH project website https://ResilMeshproject.eu/ is owned by the RESILMESH Consortium and managed by the Center for Security Studies (KEMEA), as a Consortium member.

RESILMESH is a research project that has received funding from the EU-funded HORIZON project under grant agreement no. 101119681. The project started on 1 October 2023 and is scheduled to end on 30 September 2026. The RESILMESH consortium consists of 11 leading partners in the area of cybersecurity defence and AI (7 academic institutions and 4 industrial partners) and 3 critical infrastructure operators.. The present website is part of the dissemination and communication activities undertaken by the RESILMESH consortium with the aim to successfully communicate its research outputs on a rather innovative topic to a wider public and facilitate the creation of synergies with interested stakeholders.

This website can provide all (hereafter referred to as ‘users’/‘visitors’) with information, participation, content delivery, or content collection services regarding the project RESILMESH, under the terms of use included in this document.

The website is the sole responsibility of the Parties of the Consortium and cannot be considered to reflect the views of the European Commission. The use/visit of this website and/or its services is provided under the unconditional acceptance of the terms of use described herein. Navigating through this website, staying on this website, creating links to it (URL) or to its files/services, and archiving/bookmarking it, constitute acceptance of its terms of use.

The use of the website must be conducted solely under legitimate purposes and in a manner that does not restrict or impede its use by third parties. The user/visitor of this website is obligated to use it in accordance with the law and the present terms of use. The user/visitor of the website shall not commit any acts or omissions that may cause damage or malfunction and may adversely affect or endanger the provision of services provided through the website to citizens.

The content of the website, including (indicatively and not exhaustively) texts, graphics, images, videos, sounds, services, etc. (hereafter referred to as ‘Content’) is legally protected under the applicable Intellectual Property Rights legal framework and we reserve all rights of use and ownership of the Content, all copies created based on it, as well as all intellectual property rights and all other property rights pertaining to it.

We make reasonable efforts to ensure that the information and content that appears on the website is as accurate, true and up-to-date as possible. It also provides the content (e.g., information, names, photographs, pictures, images, data, etc.) and the services made available through the website ‘AS IS’. Under no circumstances, can we be held liable for any legal claims, civil or criminal, or damages of any kind (direct loss, special damage, or indirect loss) to the user/visitor of this website.

The website may contain links to third-party websites for the sole purpose of providing information to the user/visitor. The referral to links belonging to third-party websites does not constitute an endorsement of their views and actions or the acceptance of the content they express, publish or post. Third-parties – owners of the websites/responsible under the law – are solely responsible for the content of their websites or for any damage that may result from their use when the user / visitor of the Website gains access to them.

We make all efforts to ensure the proper function of our network but we do not guarantee that our server operations will be uninterrupted or error-free, free from viruses, malicious software or other similar elements.

The terms and conditions of use of this website, as well as any amendment thereof, are governed by and supplemented by the applicable national and European law and the applicable international treaties. Any provision of these terms which is found to be against the above legal framework or is rendered invalid ceases to be valid and enforceable and shall be withdrawn from the present terms, without in any way undermining the validity of the remaining terms.

The terms and conditions of use of this website constitute the overall agreement between the Consortium and the users/visitors of its webpages and services and bind solely them. No modification of the terms of use is taken into account and is part of this agreement, unless it is expressed in writing and is incorporated in the present Terms of Use. Unless otherwise stated on this website, the above terms of use are immediately applicable in their entirety. We unilaterally reserve the right to modify, add, alter the content or services of the Website and its terms of use, whenever it deems necessary, without prior notice, through this website, always within the legal framework in force.

You may access the website https://ResilMeshproject.eu/ without having to disclose any data about your person. Nevertheless, the installed browser on your device sends automatically information to the server of the RESILMESH website, including information about your browser type and version, as well as the date and time of access, so as to establish a connection and permit your access to the website.

COOKIES POLICY

We use cookies and analytics services to maintain and monitor the performance of the RESILMESH website and to optimize our services, as well as to receive aggregate data that we can use in our dissemination reports for the European Commission.

Cookies are data files that are transferred from a web server to the Website visitor’s computer, in order to keep statistics and to provide the best experience to the visitor – strictly necessary and functional cookies. Cookies are an industry standard used by most websites to facilitate the user’s repeated access to a website and its use through the personalisation of the service provided as they can store the personal choices of the user. Cookies are not harmful to the user’s computer system or its files, and apart from the user himself/herself/themselves, only the website from which a particular cookie has been transferred to his or her or their computer can read, modify it or delete it.

If the user/visitor does not wish his or her or their information to be collected through cookies, he or she can use the “reject” option on banner. It should be noted, however, that discarding cookies may result in making it more difficult or impossible to use certain parts of the Website, and/or that there is a change in its intended appearance and operation, as a permanent connection will be required. At all events, the user/visitor can manage the collection of any cookies through the website’s settings.

We shall contain such data in hardcopy and electronic files and/or databases in full compliance with data protection legislation, including security and confidentiality requirements based on the principles of good practice, proportionality and transparency regarding processing.

The RESILMESH website will use the Matomo for WordPress plugin. Matomo is an open-source web analytics platform. A web analytics platform is used by KEMEA (the website owner), in order to measure, collect, analyse and report visitor’s data for dissemination and reporting of the project purposes. For more information, we advise you to visit: https://matomo.org/ . Matomo settings are customized, so that the visitor’s IP address is anonymized.User ID tracking and content tracking are disabled. We have also disabled first -party analytics cookies and all third-party cookies . Essential non-analytics cookies may be created, for which you will be asked to consent. You may choose to prevent this website from aggregating and analysing the actions you take here. For that reason, you will be asked whether you opt-in or out of tracking.

Please, note that you will be asked to consent on the use and storage of cookies and/or trackers.

DATA PROTECTION POLICY

The present data protection policy clarifies in a layered manner the processing of personal information of visitors of the RESILMESH project website. The data processing on the RESILMESH website is pursuant to Regulation (EU) 2016/679 (General Data Protection Regulation), Greek Law 4624/2019 on the protection of personal data and any other applicable law.

  1. Data Controller

The Data Controller is the Center for Security Studies (KEMEA) with offices in Athens, at P. Kanellopoulou str., 4, 10177 Greece. The Data Controller can be contacted by writing to the address above or by sending an e-mail message to kemea@kemea.gr , or by calling at Telephone: +30 2107710805 or sending a Fax at Fax number:  +30 211 100 4499.

  1. Data Protection Officer (DPO)

KEMEA’s Data Protection Officer may be reached at dpo@kemea-research.gr in case you have any question about the processing of your data when using the RESILMESH website or you wish to exercise any of your rights as a data subject.

  1. Types of personal of personal data to be processed:
  • When visiting the RESILMESH website

The IT systems and applications designated for the operation of this Website detect, during the course of their ordinary operation, certain data – the transmission of which is implicit in the use of Internet communication protocols – not associated with directly identifiable users.

The data collected may include cookies, IP addresses of computers used by users connecting to the site, the URI – Uniform Resource Identifier – addresses of the resources requested, the time of the request, the method used to send the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (completed successfully, error, etc.) and other parameters relating to the operating system and the user’s IT environment.

  • When filing a question/request via our contact form

Other personal data collected are those provided by the user/visitor when corresponding with the e-mail addresses indicated on our website or when filling our online contact form or registering on the website (providing e.g., name, surname, username, password, e-mail address, institution/body etc.).

The sending of personal, non-mandatory data also by email on an optional, explicit and voluntary basis to the addresses indicated on this website means that the address of the sender is then acquired, this being necessary in order to respond to the request, together with any other personal data included in the message.

  1. Purposes of processing

The personal data of the user/visitor are processed for the following purposes:

  • communication for responding to any requests/questions submitted by the user/visitor,
  • security and proper functioning of the RESILMESH website,
  • dissemination of the RESILMESH project and its results, invitation to other relevant activities
  • compliance with legal or administrative obligations.
  1. Legal basis

The data processing takes place according to Article 6(1)(a) GDPR, your informed consent. You may withdraw your consent at any time with future effect, by sending an informal email to dpo@kemea-research.gr. We may also process personal data based on Article6(1)(c) GDPR, when the processing is necessary for our compliance with a legal obligation.

  1. Data recipients

Data recipients of:

  • Information that the Consortium is obligated or entitled by law, contract, judgement and regulatory decision to notify may be: public and independent administrative authorities, judicial authorities and public officials.
  • All the information necessary for the achievement of each specific purpose: the Administration and the relevant services of KEMEA and the RESILMESH

KEMEA and the RESILMESH Consortium shall not disclose, assign, exchange, grant or otherwise dispose, without the consent of the user/visitor, to third parties, natural or legal persons, personal data other than the cases mentioned above within the scope of national laws provisions and the General Data Protection Regulation.

  1. Data transfer

No transfer to non- EU countries/ international organizations is foreseen.

  1. Rights of the data subject

You have the following rights:

  • pursuant to Article 7(3) GDPR, you have the right to withdraw your consent at any time and without any consequences for you. This means that in future we may no longer continue to process the data if the processing is based on this consent;
  • pursuant to Article 13 ,14 and  15 GDPR, you have the right to obtain information about whether your personal data are processed by us and where that is the case, access to those personal data. In particular, you have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information : the purpose of processing, the categories of the personal data, the categories of recipients, to whom your data has been or is disclosed to, the storage period planned, the existence of a right to request from the controller rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint and the source of your data if it has not been collected by us. Pursuant to Article 12 GDPR, we must provide any communication relating to the processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language.
  • pursuant to Article 15 GDPR, and in case your personal data are processed by us, you have the right to access those personal data.
  • pursuant to Article 16 GDPR, you have the right to obtain the rectification of inaccurate personal data without undue delay or the completion of your personal data stored with us;
  • pursuant to Article 17 GDPR, you have the right to obtain the erasure of your personal data stored with us without undue delay, unless processing is necessary to exercise the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes or to establish, exercise or defend legal claims;
  • pursuant to Article 18 GDPR, you have the right to request the restriction of the processing of your personal data under the conditions set by the applicable laws;
  • pursuant to Article 20 GDPR, you have the right to receive your personal data, in a structured, commonly used and machine-readable format or to obtain the transmission to another data controller (right to data portability);
  • pursuant to Article 77 GDPR, to lodge a complaint with a national supervisory authority. You can contact the supervisory authority of your habitual residence or workplace or our company headquarters. In the latter case, you can file a complaint with the Hellenic Data Protection Authority (gr)

If you wish to exercise any of your rights, you may contact us via e-mail at dpo@kemea-research.gr.

  1. Data retention

Your personal data is retained only for as long as it is necessary to fulfill the purposes described above, and they will be retained until 02 February 2031 (22/02/2031) as a maximum, unless a longer retention period is required by legal obligations or regulations.

  • Data security

Your personal data are processed by electronic means in compliance with the provisions of Article 32 of GDPR 2016/679, national law and in compliance with the principles of data’s confidentiality, integrity, and availability. Your personal data are transferred in an encoded manner using the widely used and secure TLS (Transport Layer Security) encryption standard. You will recognize a secure TLS connection by the additional “s” after “http” (i.e., https://..) in the address bar of your browser or from the lock icon. Moreover, we use suitable technical and organizational measures, which are being continuously enhanced, to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.

  1. Amendments to this Data Protection Policy

This data protection policy is effective as of April 2023.

We keep our Data Protection Policy under regular review to make sure it is up to date and precise. Thus, it may become necessary to change it due to the potential addition of new features to the RESILMESH website or due to further legal requirements. You can have access to the latest data protection information on the RESILMESH website here.