(EDF-2023-DA-CYBER-CSA) - FULL-SPECTRUM CYBER SITUATIONAL AWARENESS FOR ENHANCED CYBERSPACE OPERATIONS SUPPORT
Call: Call for EDF development actions implemented via actual cost grants EU
Topic description
Objective:
According to the EU Military Vision and Strategy on Cyberspace as a Domain of Operations, cyberspace comprises the distinct but interrelated physical layer, logical layer and cognitive layer, which cannot be considered independently, but is one facet of the triad cyberspace, electromagnetic environment and cognitive environment. Pointing to the same direction, NATO’s doctrine for cyberspace operations described cyberspace in terms of three layers: physical, logical and cyber persona, where Cyberspace Operations (CO) always include the logical layer, but may also include activities or elements from the other two layers.
Military activities in cyberspace may comprise two overarching missions: to protect and defend their own cyberspace (national level, EU level, Coalition level, etc.) and conduct COs. In this context, Cyber Situational Awareness (CySA) describes the capability of perceiving, reasoning and projecting knowledge of the elements in the battlespace necessary to make well-informed decisions, putting emphasis on the cyber situations and their propagations to planned missions. Commanders need to acquire CySA at strategic, operational and tactical levels in order to make informed decisions on how to operate in cyberspace towards enhancing mission assurance and achieve cyber effects to support mission objectives. On the other hand, a holistic and human-understandable representation of the whole situation is needed.
Specific objective
Previous national and EU initiatives have addressed the conceptualisation and development of technologies for the acquisition of situational awareness by focusing on the logical sub-layer of cyberspace (software, services, networks, interfaces, etc.) but there is a raising demand of military-focused solutions able to holistically understand the cyberspace as a whole, taking into account all the layers.
The military operations in cyberspace possess complexity intrinsically linked to the challenge of understanding in real time the state of the different data processing planes in which its various actors coexist, as well as the relationship with the lines of effort, tasks and objectives of the missions they enable, where allies, enemies, unknown and neutral entities may coexist. These military operations extend the scope of the conventional understanding of situations in Cyber-Physical Systems (CPS) towards covering the understanding of the dependencies between the cyberspace and the COs context, the latter comprising Lines of Operation (LOOs) and their dependencies, Decisive Conditions (DCs) and how effects triggered by cyber situations may be derived on them, cyber Centres of Gravity (CoGs), missions in or through cyberspace, mission-enabling capabilities linked to cyber assets, etc., and impact/effect dimensions related with kinetic battle domain (air, land, space, sea) or hybrid propagations (information, political, economic, social, environmental, etc.). Developing mission-centric CySA capabilities able to assist human decision-makers while preserving the commander’s intent is considered a challenge, which is amplified by the difficulty of understanding the different sub-layers of cyberspace as a single environment and considering the hybrid effects consequent of cyber situations.
Scope:The proposals must focus on developing capabilities for mission-centric CySA, which as a System of Systems (SoS), must comprise independent enablers able to act jointly towards facilitating human decision-making through synergies between them. The proposals should address challenges in all the following areas:
- Full-spectrum cyber situational awareness:
- facilitating human decision-makers understanding of the cyberspace spectrum as a whole, including physical (hardware, geographical, Electromagnetic Spectrum, etc.), logical (software, networks, etc.) and cyber persona (Human-Machine Interfacing, cognitive, psychological, social) assets, conditionings, impacts and effects.
- Decision, command, and control support:
- identification and assessment of creative and flexible options (CO’s Areas of Operation (CoAs), countermeasures, etc.) and opportunities to accomplish missions in or through cyberspace. The proposals should bring CySA to assist decision-making under full-spectrum operational friction, including uncertainty when faced with a thinking and adaptive enemy, which may operate on conventional but also hybrid measures. CySA also facilitates understanding the effect and stress of COs on human actors;
- associating full-spectrum cyber situations and opportunities with objectives, strategies and initiatives of actors operating within the CoAs (considering features such as interest, responsibility, influence, etc.). Among others, this includes assessing the status of mission essential assets, recognition of players in the operational environment, or developing a joint Situational Awareness (SA). As part of the characterisation of the mission, all instruments of power should be taken into account (approaches such as PMESII or PESTLE). Mission Engineering (ME) may be considered with a view to help determining and analysing the composition and status of decisive cyber conditions that support or impact own missions, while assisting the assessment of opportunities on neutral/adversarial missions, centres of gravity and CoAs;
- capability orchestration enabling deployability within joint forces, and adapted to decision-makers at all war levels. This includes adapting to collaborative environments like joint and/or combined operations at the national, EU and NATO levels. Capability to dynamically adapt to the operational context in agreement with different human intervention profiles.
- Interoperability:
- the results should enable interoperability with EU-level and NATO-level C2 initiatives.
Types of activities
The following table lists the types of activities which are eligible for this topic, and whether they are mandatory or optional (see Article 10(3) EDF Regulation):
| Types of activities (art 10(3) EDF Regulation) | Eligible? | |
| (a) | Activities that aim to create, underpin and improve knowledge, products and technologies, including disruptive technologies, which can achieve significant effects in the area of defence (generating knowledge) | No |
| (b) | Activities that aim to increase interoperability and resilience, including secured production and exchange of data, to master critical defence technologies, to strengthen the security of supply or to enable the effective exploitation of results for defence products and technologies (integrating knowledge) | Yes(Optional) |
| (c) | Studies, such as feasibility studies to explore the feasibility of new or upgraded products, technologies, processes, services and solutions | Yes(Mandatory) |
| (d) | Design of a defence product, tangible or intangible component or technology as well as the definition of the technical specifications on which such a design has been developed, including any partial test for risk reduction in an industrial or representative environment | Yes(Mandatory) |
| (e) | System prototyping of a defence product, tangible or intangible component or technology | Yes(Mandatory) |
| (f) | Testing of a defence product, tangible or intangible component or technology | Yes(Optional) |
| (g) | Qualification of a defence product, tangible or intangible component or technology | Yes(Optional) |
| (h) | Certification of a defence product, tangible or intangible component or technology | Yes(Optional) |
| (i) | Development of technologies or assets increasing efficiency across the life cycle of defence products and technologies | Yes(Optional) |
The proposals must cover at least the following tasks as part of the mandatory activities:
- studies and design of a holistic CySA enabling solution able to orchestrate EU cyber defence-related capabilities towards achieving full-spectrum awareness for assisting COs in or through cyberspace, on a mission-centric perspective;
- studies and design of specific CySA capabilities to discover and assess opportunities in or through cyberspace in the context of multi-domain operations, and to support commanders to benefit from them;
- studies and design of specific CySA enabling capabilities for an easy full-spectrum understanding of cyber frictions, adversarial postures and their effects according to the commander's intent, with emphasis on mission characterisations, analysis and implementation;
- System prototyping: demonstrators on the previous area’s points.
In addition, the proposals should cover the following tasks:
- testing of complementary large-scale demonstrators supported by national and EU end-users on tactical, operational and strategical storylines;
- explore the recent advances of edge processing in order to ensure independent functionality and partly-offline reduced human intervention especially at the tactical level as MSOCs and MNOCs often use low quality air gapped networks.
The proposals must also substantiate synergies and complementarity with activities described in the call topics EDIDP-CSAMN-SSS-2019 and EDF-2021-CYBER-R-CDAI, and in other relevant EU ongoing activities.
The proposals must give due consideration to design principles and implement a specific ethics-focused approach during the development, deployment and/or use of AI-based solutions, e.g. by the Assessment List for Trustworthy AI (ALTAI), in order to develop procedures to detect and assess the level of potential ethical risks and address them.
Moreover:
- projects addressing activities referred to in point (d) above must be based on harmonised defence capability requirements jointly agreed by at least two Member States or EDF associated countries (or, if studies within the meaning of point (c) are still needed to define the requirements, at least on the joint intent to agree on them)
- projects addressing activities referred to in points (e) to (h) above, must be:
- supported by at least two Member States or EDF associated countries that intend to procure the final product or use the technology in a coordinated manner, including through joint procurement
and
-
- based on common technical specifications jointly agreed by the Member States or EDF associated countries that are to co-finance the action or that intend to jointly procure the final product or to jointly use the technology (or, if design within the meaning of point (d) is still needed to define the specifications, at least on the joint intent to agree on them).
Functional requirements
The proposals must be supported by a set of capability requirements as agreed by a group of Member States or EDF associated countries (Norway). The proposals must give evidence of coherence between the proposed activities and the requirements by the Member States and EDF associated countries (Norway).
The proposals should aim to provide:
- a full-spectrum Recognised Cyberspace Picture (RCyP), combining cyberspace, electromagnetic environment and cognitive environment, that is able to assist human decision-makers from a mission-centric perspective;
- capability to analyse RCyP information and forecast combined effects for Cyberspace Operations, based on monitored, collected, shared and fused data from multiple sources and authorities, and derived from different battlespace dimensions;
- ability to share information and cooperate with different stakeholders prior, during and after mission execution;
- interoperability with EU Cyberspace Operations;
- capabilities to discover, track, identify, and assess both threatening situations (for mitigation) and mission-centric opportunities (for exploitation), in order to make successful Cyberspace Operations.
The outcome should contribute to:
- a stronger, more competitive and technologically independent European Defence Technological and Industrial Base (EDTIB) when it comes to solutions for cyber defence capabilities, cyberspace operations and Cyber Situational Awareness;
- improved situational awareness, resilience and security of EU Cyberspace Operations;
- reduction of the minimum reaction time for deployment and increased feasibility of EU military missions;
- improved interoperability and future capabilities of EU Member States and EDF associated countries (Norway) forces in the area of cyber defence for cyber mission planning and execution;
- improved interoperability of C2 systems;
- better cooperation of EU Member States and EDF associated countries (Norway), research and industrial actors towards defining a common vision on Cyberspace Operations.