Publications

The recent prevalence of microservice-based applications that leverage the capabilities offered by cloud and edge computing, has given rise to highly complex services which create new challenges for efficient monitoring and orchestration. In today’s cloud environments, service monitoring is typically premised on technical Quality of Service (QoS) performance metrics, rather than on Quality of Experience (QoE) as perceived by users. In this paper, we posit that user feedback should also play a significant role in cloud service monitoring. However, we explicitly set a prerequisite: the trustworthiness of user feedback should not be considered guaranteed. Therefore, we have developed Feed4Cloud, the first system to complement QoS monitoring with exclusively trustworthy user feedback for QoE-aware cloud service management. The novelty of our solution lies in two key aspects: First, the establishment of an intermediate verification layer that validates user feedback before it is injected into the orchestration engine. The second key aspect is the use of Blockchain in this layer, as a means to record user feedback in a decentralized and secure way, aiming to achieve non-repudiation and ensure its integrity. In this paper, we present the architectural details of the Feed4Cloud prototype, while placing a particular focus on aspects regarding trustworthy evaluation of service performance. Furthermore, we provide evaluation results that validate the effectiveness of the introduced verification layer and demonstrate that QoE-based service evaluation can consistently be conducted in a trustworthy manner across a wide range of system conditions and user behaviors.

Combating crime and conditions of high physical risk in cities, the environment, and critical infrastructures requires a multifaceted approach. For sensitive problems, such as advanced situational awareness in the fields of civilian applications and environmental protection, Artificial Intelligence (AI) and Neural Network (NN) adoption has been slow due to concerns about their reliability, leading to several algorithms for explaining their decisions. Despite the possibilities for AI in critical infrastructure protection and civilian applications, many challenges still exist. For instance: (i) there are complex and high risks meaning that AI systems need to be transparent and interpretable to gain decision-maker trust; (ii) AI models may be vulnerable to imperceptible manipulations of input data even without any knowledge about the AI technique that is used; (iii) the need to efficiently process distributed, multimodal and big data coming from different, but however cheap, Internet of Things (IoT) and sensory devices (e.g., drones, cameras, accelerometers, telemetry, geomagnetic field, and proximity sensors); and (iv) many AI methods based on Machine Learning (ML) require huge amounts of training data, resulting in a Big Data computation problem. We introduce, benchmark, and demonstrate an adversarial explanations approach that we can efficiently tackle both adversarial robustness and explanation complexity of AI systems. To achieve this, we train robustified NNs and transparent explainers on big imagery data and leverage the attacks’ knowledge as explanations to gain greater fidelity to the AI model. The merit of the proposed approach is that the new and robustified model has a great performance against new, unseen types of perturbations and attacks. This way, we pave the adoption of more informed and responsible AI integration in sensitive application domains.

The Dark Web, known for its anonymity and illicit activities, presents considerable challenges for Law Enforcement Agencies (LEAs) due to the complexity and volume of data generated within it. Online marketplaces on the Dark Web are notorious for facilitating illegal activities such as drug trafficking, counterfeit goods, and weapons sales while using advanced obfuscation techniques to avoid detection. The unstructured nature of data on these platforms and their constantly evolving operations make manual extraction and analysis exceedingly difficult.This paper addresses the pressing need for structured information extraction from Dark Web marketplaces, with a specific focus on firearm-related listings. Traditional rule-based methods have proven inadequate due to their reliance on HTML tags and pattern recognition, necessitating more adaptive solutions. Thus, the application of Large Language Models (LLMs) and Prompt Engineering to tackle these challenges is explored. By leveraging the capabilities of LLMs, this study aims to transform the extraction process into a more efficient and accurate system. Various generative models and prompt formulations are tested, to determine the most effective approach for extracting detailed information such as product specifications, pricing, and seller details.The proposed pipeline involves feeding crawled marketplace pages into a generative model, which then identifies Product Details Pages (PDPs) and consequently extracts relevant information from them. The use of LLMs marks a significant advancement over traditional methods, enhancing the accuracy and comprehensiveness of data extraction. Additionally, this research highlights the effectiveness of prompt engineering in improving information retrieval.This work underscores the critical need for sophisticated tools to monitor and combat illegal activities on the Dark Web, particularly in the context of firearm trafficking.

Modern technologies have enabled illicit firearms trafficking to partially merge with cybercrime, while also allowing its off-line aspects to become increasingly complex. The online trade of firearms, their components, 3D blueprints and illicit substances carried out by criminals on both the surface Web and dark Web is increasingly difficult to address as a consequence of the exponential growth in the amount of information disseminated on the Internet. On the other hand, law enforcement agencies are confronted with significant challenges that require the development of sophisticated technological solutions capable of processing large volumes of data, identifying relevant information in a timely manner and creating networks of connections between potential criminal groups. This article presents a real-world practical system, namely the CEASEFIRE one, powered by advanced artificial intelligence technologies that can assist law enforcement personnel in addressing the above described challenges.

This paper provides an analysis and comparison of the YOLOv5, YOLOv8 and YOLOv10 models for webpage CAPTCHAs detection using the datasets collected from the web and darknet as well as synthetized data of webpages. The study examines the nano (n), small (s), and medium (m) variants of YOLO architectures and use metrics such as Precision, Recall, F1 score, mAP@50 and inference speed to determine the real-life utility. Additionally, the possibility of tuning the trained model to detect new CAPTCHA patterns efficiently was examined as it is a crucial part of real-life applications. The image slicing method was proposed as a way to improve the metrics of detection on oversized input images which can be a common scenario in webpages analysis. Models in version nano achieved the best results in terms of speed, while more complexed architectures scored better in terms of other metrics.

As Artificial Intelligence (AI) is revolutionizing various industries and applications, understanding the hardware requirements and energy consumption of AI pipelines in Big Data (BD) applications has become increasingly essential. This paper presents a comprehensive, scalable framework, designed to systematically measure hardware resources, energy usage, and model performance across two prominent data modalities: tabular data and images. The framework is generalizable, facilitating replicability across the AI research community, and encourages the deployment of AI models with comprehensive metrics beyond traditional accuracy, promoting the optimization of pipelines for real-world scenarios. Through detailed benchmarking, we identify EfficientNet as a standout model for image classification, and XGBoost for tabular data, both excelling in their respective domains. Notably, our findings show that Graphics Processing Units (GPUs) account for approximately 90% of total energy consumption in image-based tasks, while Central Processing Units (CPUs) are responsible for around 50% of energy use in tabular data processing. The merit of our innovative proposed framework combines information theory and probability theory to enhance our understanding of AI model performance in Edge-to-Cloud (E2C) applications that demand efficient Big Data processing in distributed environments. By seamlessly integrating energy efficiency with hardware optimization, it enables realtime monitoring of energy consumption and computing resources in containerized environments, providing precise insights for optimizing AI workloads. This framework facilitates scalable AI deployment on resource-constrained edge devices, reducing energy consumption while enhancing AI model robustness and interpretability, thereby promoting greater trust and transparency in AI-powered decision-making for critical real-world applications. This emphasizes the importance of multi-objective optimization for more sustainable and efficient Big Data AI workflows.

Data spaces consist of trusted frameworks that manage the entire data lifecycle, encompassing various data models, metadata descriptors, ontologies for semantic interpretation, and data services for accessing, processing, and analyzing data. Domain-specific data spaces are currently being designed and deployed in vertical sectors, following specifications and reference frameworks that enable interoperability and compatibility. One such vertical sector with high impact on economy is mobility. In this paper, we present our position towards mobility data spaces, highlighting the idiosyncrasy of mobility data, while presenting the MobiSpaces approach that encompasses services for mobility data management and advanced mobility analytics. By exploiting MobiSpaces, mobility data providers can break the barrier of participation in data spaces thereby sharing their dataset with less hurdle, whereas data consumers can find advanced data analysis tools readily applicable on mobility data sets to extract insights and discover mobility patterns.

Optical fiber links are known for their high bandwidth and reliable data transmission. However, problems may still arise, affecting signal quality and network performance. These problems are usually happening due to external physical extrusion or excessive bending, insufficient transmission power, damaged connectors causing signal loss; or failures of splice tray connector. In response to increasing optical fiber link problems transparency and interpetability, various attempts have been made to bring explainability in Artificial Intelligence (AI) decision-making and reasoning processes. This paper tackles a crucial and timely topic, i.e., understand the various factors contributing to optical link problems by explaining opaque AI models with two goals: (i) either providing instance explanations for a given decision by using a local and model agnostic approach; or (ii) providing global explanations able to describe the overall logic assuming knowledge of the black box model or its internals. The scientific contribution of this paper entails novel explainable AI (XAI) models harvesting data from optical fiber link events to first derive local explanations, and then apply a hierarchical approach to educe global explanations from the local ones. The proposed approach shows that we can efficiently tackle both explanation complexity and fidelity to reason about the causes that have resulted in optical fiber link problems.

The advent of 5G/6G broadband wireless networks brings several challenges with respect to optimal resource planning and allocation. In a heavily interconnected network of wireless devices, and users along with their equipment, all compete for scarce resources which further emphasizes the importance of fair and efficient allocation of those resources for the proper functioning of the networks. This paper tackles a crucial and timely topic, i.e., understand the various factors involved for optimizing network performance and ensuring fair access for different users, applications and devices. Integrating Machine Learning (ML) and Artificial Intelligence (AI) for predictive dimensioning and pattern mining over the network traffic can enable dynamic and intelligent resource allocation, increase network capacity, enhance the underlying capabilities between users and core network, and better correlate the Quality of Service (QoS). The scientific contribution of this paper entails novel AI models harvesting data from real-world 5G/6G testbeds offered through the AI as a Service (AIaaS) paradigm to enable model reuse and seamless exploitation for different 5G/6G application requirements and learning tasks.

The transition of artificial intelligence (AI) from research to deployment has underscored the critical importance of leveraging data effectively in developing and evaluating AI models. Despite their pivotal role in determining performance, fairness, and robustness, data are often undervalued in AI research, lacking a data-centric focus. In response, the AI-DAPT project pioneers a data-centric approach that aligns with AI methodologies to address the pressing need for reliable and trustworthy AI systems. This paper presents the AI-DAPT project and concept, highlighting its innovative solutions. Through advanced techniques like synthetic data generation and hybrid science-guided Machine Learning (ML), AI-DAPT aims to mitigate vulnerabilities in conventional AI paradigms. The developed solutions will be demonstrated in healthcare, robotics, energy, and manufacturing scenarios, hence navigating real-world complexities.

This study explores the interaction between aggregators and building occupants in activating flexibility through Demand Response (DR) programs, with a focus on reinforcing the resilience of the energy system considering the uncertainties presented by Renewable Energy Sources (RES). Firstly, it introduces a methodology of optimizing aggregated flexibility provision strategies in environments with limited data, utilizing Discrete Fourier Transformation (DFT) and clustering techniques to identify building occupants' activity patterns. Secondly, the study assesses the disaggregated flexibility provision of Heating Ventilation and Air Conditioning (HVAC) systems during DR events, employing machine learning and optimization techniques for precise, device-level analysis. The first approach offers a non-intrusive pathway for aggregators to provide flexibility services in environments of a single smart meter for the whole building's consumption, while the second approach maximizes the amount of flexibility in the case of dedicated metering devices to the HVAC systems by carefully considering building occupants' thermal comfort profiles. Through the application of data-driven techniques and encompassing case studies from both industrial and residential buildings, this paper not only unveils pivotal opportunities for aggregators in the balancing and emerging flexibility markets but also successfully develops and demonstrates end-to-end practical tools for aggregators.

In this paper, we introduce a synergistic approach between artificial intelligence and system operators through an innovative digital twin architecture, integrated with an active learning framework, to enhance short-term load forecasting. Central to this architecture is the incorporation of sophisticated data pipelines, facilitating the real-time ingestion, processing and analysis of grid-related data. Utilizing a recurrent neural network architecture, our model generates day-ahead load forecasts together with prediction confidence intervals, strengthening system operator trust in the model's predictive reliability and enhancing their ability to respond to evolving grid conditions effectively. The active learning framework iteratively refines the predictions by incorporating real-time feedback based on forecast uncertainty, utilizing newly available data to continuously enhance forecasting accuracy and confidence. This AI-assisted strategy is exemplified in a case study of the Greek transmission system. It demonstrates the potential to transform short-term load forecasting, thereby increasing the reliability and operational efficiency of modern power grids. This approach marks a significant step forward in the digitalization and intelligent management of power systems.

In recent years, the electricity sector has received significant scientific attention due to global regulatory efforts promoting sustainability and decarbonisation. DSOs transmission and distribution system operators are being asked to respond to the most crucial challenge in their history, namely the energy transition of the power system. Sustainable development and technological advancements, especially in artificial intelligence and machine learning, are key in transforming conventional power networks into smart grids. A critical aspect of this transformation is to accurately predict electricity consumption for residential users. Smart electricity metering technologies in smart grids collect extensive consumption data, enabling energy consumption forecasting. This forecasting is crucial to managing electricity demand and to help utilities in load planning. The aim of this paper is to draw useful conclusions on the behaviour of residential consumers and the level of precision that can be achieved when predicting their demand, a fact that significantly improves the operation of Smart Grids and their interaction with the electricity markets. The assets and consumers of the distribution grid could participate in the electricity markets providing additional flexibility services. In this paper, an extensive study on residential load forecasting is presented, which concerns on small residential consumers, who are established on the Greek island of Skiathos. For this purpose, state-of-the-art algorithms are investigated with the aim of short-term forecasting of their electricity energy consumption. The dataset used contains data in hourly resolution from the aggregation of 15 individual low-voltage consumers. More specifically, five different models are created to draw safe comparative conclusions. Initially, a multilayer perceptron model (MLP) is constructed, which consists of a series of fully densely connected layers. Then, a convolutional neural network model is created, followed by a single dense layer (CNN-Dense). Additionally, to further investigate the problem, a Long-Short-Term Memory (LSTM) model and a Temporal Convolutional Network (TCN) are implemented, which are exclusive models for time series problems. For further investigation, an ensemble model is implemented, which combines CNN and LSTM predictions. For the best performance of the models, the Bayesian Optimization technique is deployed, in order to use iterative processes through which the best hyperparameters of the models will be determined. Finally, a Naïve model is implemented, which is used as benchmark model, to compare the predictions of the five Deep Leaning algorithms with a statistical model. This paper has been divided into the following parts: First, a brief literature review is presented with the aim of highlighting similar scientific studies that have been developed. Subsequently, the operation of the five models is briefly described. Then, an Exploratory Data Analysis (EDA) is carried out, to investigate all the main features of the demand time-series, such as its seasonality among different months of the year and the peak and nonpeak values. Then, the forecasting errors are introduced with a comparative analysis. Severalerror metrics are used to compare the accuracy of the models’ predictions with the actual values. Finally, the conclusions drawn from this study are discussed, as well as proposals for future studies resulting from the work carried out.

Towards the advent of the sixth generation (6G) wireless networks, smart technologies play a key role in the end-to-end automation of services across multiple domains. In particular, they create a new reality with multiple benefits, including intent-driven management, ultra-speed communication services and holistic integration within the Internet of Things (IoT). In this context, the Zero-touch Network and Service Management (ZSM) group within the European Telecommunications Standards Institute (ETSI) aims to provide an architectural framework which will allow the zero-touch orchestration of network services in a multi-domain fashion. Therefore, in this paper, we investigate the role of cross-domain storage, communication and analytics services within the architectural framework of ETSI ZSM. For this purpose, we take into account a particular case study which focuses on the orchestration of security services within the 5G core. More specifically, the deployment of a new User Plane Function (UPF) equipped with intrusion detection services that leverage Artificial Intelligence (AI) is investigated. For this purpose, the aforementioned cross-domain services are used to assess the security of the respective AI models before the onboarding of the new UPF within the 5G core. Based on this case study, a new security game is investigated, exploring and modelling the strategies of potential attackers and defenders. Furthermore, the architectural design and implementation of the cross-domain services are provided. Finally, the evaluation results show that the cross-domain analytics services are able to assess the security and resilience of the AI models and guide the orchestration functions.

The advent of Industry 4.0 heralds a new era in manufacturing, driven by advancements in automation, IoT, and AI. Integral to this shift is the deployment of robust communication networks capable of real-time data exchange. Leveraging 5G technology, with its low latency and high bandwidth, is crucial in meeting these demands. However, integrating vertical services with 5G networks poses challenges. This paper, part of the 5 G-INDUCE project, focuses on deploying and validating corrosion inspection and intruder surveillance services for critical infrastructures. Trials conducted at the Greek Experimentation Facility showcased successful service deployment, configuration, and high-definition video streaming. Quantitative results exceeded expected Key Performance Indicators, demonstrating the platform’s efficacy in integrating advanced network applications. This work contributes to the evolution of Industry 4.0 by harnessing the transformative potential of 5 G technology.

Photonic Ising Machines constitute an emergent new paradigm of computation, geared towards tackling combinatorial optimization problems that can be reduced to the problem of finding the ground state of an Ising model. Spatial Photonic Ising Machines have proven to be advantageous for simulating fully connected large-scale spin systems. However, fine control of a general interaction matrix J has so far only been accomplished through eigenvalue decomposition methods that either limit the scalability or increase the execution time of the optimization process. We introduce and experimentally validate a SPIM instance that enables direct control over the full interaction matrix, enabling the encoding of Ising Hamiltonians with arbitrary couplings and connectivity. We demonstrate the conformity of the experimentally measured Ising energy with the theoretically expected values and then proceed to solve both the unweighted and weighted graph partitioning problems, showcasing a systematic convergence to an optimal solution via simulated annealing. Our approach greatly expands the applicability of SPIMs for real-world applications without sacrificing any of the inherent advantages of the system, and paves the way to encoding the full range of NP problems that are known to be equivalent to Ising models, on SPIM devices.

We explore the potential of spatial-photonic Ising machines (SPIMs) to address computationally intensive Ising problems that employ low-rank and circulant coupling matrices. Our results indicate that the performance of SPIMs is critically affected by the rank and precision of the coupling matrices. By developing and assessing advanced decomposition techniques, we expand the range of problems SPIMs can solve, overcoming the limitations of traditional Mattis-type matrices. Our approach accommodates a diverse array of coupling matrices, including those with inherently low ranks, applicable to complex NP-complete problems. We explore the practical benefits of low-rank approximation in optimization tasks, particularly in financial optimization, to demonstrate the real-world applications of SPIMs. Finally, we evaluate the computational limitations imposed by SPIM hardware precision and suggest strategies to optimize the performance of these systems within these constraints.

Accurate traffic forecasting plays a crucial role in modern Intelligent Transportation Systems (ITS), as it enables real-time traffic flow management, reduces congestion, and improves the overall efficiency of urban transportation networks. With the rise of Quantum Machine Learning (QML), it has emerged a new paradigm possessing the potential to enhance predictive capabilities beyond what classical machine learning models can achieve. In the present work we pursue a heuristic approach to explore the potential of QML, and focus on a specific transport issue. In particular, as a case study we investigate a traffic forecast task for a major urban area in Athens (Greece), for which we possess high-resolution data. In this endeavor we explore the application of Quantum Neural Networks (QNN), and, notably, we present the first application of quantum data re-uploading in the context of transport forecasting. This technique allows quantum models to better capture complex patterns, such as traffic dynamics, by repeatedly encoding classical data into a quantum state. Aside from providing a prediction model, we spend considerable effort in comparing the performance of our hybrid quantum-classical neural networks with classical deep learning approaches. Our results show that hybrid models achieve competitive accuracy with state-of-the-art classical methods, especially when the number of qubits and re-uploading blocks is increased. While the classical models demonstrate lower computational demands, we provide evidence that increasing the complexity of the quantum model improves predictive accuracy. These findings indicate that QML techniques, and specifically the data re-uploading approach, hold promise for advancing traffic forecasting models and could be instrumental in addressing challenges inherent in ITS environments.

The tremendous technological outbreaks that characterize our modern societies have evolved citizen behaviors and expectations for more responsive, trustworthy, and transparent public services and policies. In that direction, solutions, and application from the emerging domains of AI, Big Data and blockchain should safeguard the fundamental elements of human rights, as well as the respect for human dignity, freedom, equality, and democracy, and citizens should be protected from the negative impacts from the utilization of these technologies. In addition, the implementation of such solutions focusing on data-driven and evidence-based policy making purposes is associated with various challenges that have not been yet adequately addressed. These challenges encompass not just the development of these solutions, but also their integration and how their further interpretability and explainability to the policymakers and all stakeholders of the modern e-government landscape. Through this work we seek to unveil the potentials that pose from the introduction and implementation of the AI4Gov platform. It is a groundbreaking initiative designed to harness the synergies of AI, Big Data, and blockchain technologies in fostering the fundamental human rights. This innovative framework aims to leverage AI algorithms and advanced analytics to process vast amounts of data, identifying patterns and insights crucial for understanding and addressing bias and discrimination among other challenges. Moreover, the integration with blockchain ensures the immutability and transparency of data, providing a secure and decentralized platform for recording and verifying human rights-related information. Finally, the definition of the AI4Gov platform’s architecture and the integration of its components follow some best principles proposed and introduced by the GAIA-X architecture, that represents a novel model for the architectural design of software and cloud systems following a federated approach. This initiative aims to ensure data sovereignty, interoperability, and trustworthiness for businesses and organizations.

In the context of logistics for small scale enterprises, we have proposed a framework for a robotic indoor transport system, specially design for coping with semi-structured, flexible environments, typically encountered in small residences, warehouses, or medium-sized industrial facilities where there is minimal potential for infrastructural and/or procedural augments to the process, to facilitate the robotic automation. Such environments pose a significant problem to automated solutions, since the environment is flexible and partially unknown, cluttered and human-center. For such problems, hierarchical abstractions is an almost natural way to decompose the problem, but this line of attack is not without problems. Specifically, for complicated tasks, it is not in general possible to guarantee that the low level controller will be able to facilitate the task. Our proposed approach to this problem uses a hierarchical scheme to disengage the low level robot motion with the task reasoning and task planning and to facilitate the execution of the low level, we restrict the task level with a prescribed lexicon and grammar of tasks, that can be executed reasonably well. The grammar is used for each specific plant, to produce a family of tasks that are both easily executable and provide a large coverage in the overall task space.

Applications for Extended Reality (XR) are rapidly expanding across a wide range of industries, including gaming, entertainment, and healthcare. Accompanying this trend is the field of digital manufacturing, which encompasses a broad range of applications such as quick product design, remote maintenance, production process simulation, employee safety, and training. Industrial personnel may benefit from ergonomic and user-friendly cyber-representations of production processes using XR applications, particularly in the industrial arena. These cyber-representations are utilized to create augmented environments for training, simulation, and testing. The wave of Industry 5.0 (I5.0) applications that are certain to be human-centric and emphasize trustworthy human-machine collaboration cannot be supported by current systems because of several issues, such as the requirement for individualized XR visualizations and new methods for world-building, content production, and flow control aspects of XR systems. The XR5.0 project is presented in this publication with the goal of addressing these issues and offering a revolutionary Person-Centric and AI-based XR paradigm that will be customized to the needs and characteristics of I5.0 applications. The project outlines the organizing concepts and guidelines for utilizing XR in I5.0 applications, with a focus on the creation of cutting-edge "XR-made-in-Europe" technology that complements human-centered manufacturing techniques and upholds European ideals. The associated applications consider the workers’ environment through the incorporation of human-centered digital twins (DTs), which make up the "digital image" of the workers. This allows for the simultaneous design and implementation of an innovative fusion of cutting-edge AI paradigms and XR technology. The added value of the XR5.0 project is discussed, and potential use cases and user journeys are analyzed, leading to a discussion of the project’s revolutionary benefits and additional steps that should be taken.

This publication focuses on integrating human expertise into the artificial intelligence (AI) loop for visual inspection tasks. By leveraging explainable AI (xAI) techniques and active learning, the study aims to enhance the accuracy and reliability of AI systems in manufacturing settings. The approach allows human operators to provide feedback, improving the system's performance over time.

This report provides an overview of the collaborative efforts of the BRIDGE Consumer and Citizen’s Engagement Working Group (CCE WG) during the 2023/24 period. It focuses on the dual roles of individuals as consumers and citizens in the energy transition within European research and innovation (R&I) projects. Organised into three sub-groups—Indicators of Engagement, Strategies of Engagement, and Smart Tools—the CCE WG aims to deepen understanding and empower stakeholders by developing a comprehensive framework of analysis and recommendations for both practitioners and researchers. Structured to reflect the organisation of the group, the report is divided into three main sections, corresponding to the activities of each sub-group. Each subgroup employed a methodological approach tailored to their specific objectives, utilising a diverse array of techniques to enhance their analyses. This included conducting documentary analyses of previous findings, examining case studies from various R&I projects for comparative insights, and conducting interviews with a broad range of stakeholders. Additionally, a thorough review of the existing literature provided a solid theoretical foundation for the group’s recommendations and conclusions. Significant findings include the Indicators of Engagement subgroup's recommendation of adopting a theory-grounded approach to identify and select indicators, and the highlight of a potential link between engagement and emotional responses. This underscores the importance of emotions in understanding and measuring engagement, thereby influencing the development of engagement strategies and the assessment of outcomes. The Strategies of Engagement subgroup emphasised the need for engagement strategies to be specifically tailored to the objectives and purposes of each project, advocating for a circular process that allows continuous refinement of strategies and objectives throughout the participatory process. This dynamic approach enables more responsive and effective engagement, adapting to new insights and feedback as the project advances. Meanwhile, the Smart Tools for Engagement subgroup identified consumer trust and active user involvement in the development of smart tools as critical to success. These factors ensure that the tools are not only trusted but also precisely tailored to meet specific user needs. Engaging users directly in the development process results in solutions that are more likely to be well received and widely adopted, thus enhancing engagement and utility.

This report presents the initial mapping results of the BRIDGE projects’ collaboration within Working Group (WG) on Business Model (BM) in 2023 – 2024 period. The following conclusions have been derived: The results of 2022 2023 collaboration showed that most projects use the same tools, in particular the Business Model Canvas (BMC), which is the most popular tool for business model creation in BRIDGE projects. However, the limitations of the BMC have been identified and need to be addressed by combining different tools (e.g. Value Proposition Canvas). Currently, there is a lack of standardised processes for both business modelling and quantification methods such as cost-benefit analysis (CBA). In addition, data sets are not being treated as Key Exploitable Results (KERs) and there is a need to valorise data through business modelling. The work performed in 2023 – 2024 has shown that projects need support from BRIDGE in their business model approach at different stages of their activities, a gap that is currently addressed by all tasks.

MDCG 2019-16 is intended to assist practitioners in compliance with the Medical Device Regulation and the In-Vitro Device Regulation. This paper presents a gap analysis of MDCG 2019-16, identifying key gaps and proposing a robust set of recommendations to enhance the IoMT regulatory framework. This work has been undertaken by a selection of current (2023-2025) projects, all funded under the Horizon Europe call “Enhancing cybersecurity of connected medical devices”: HORIZON-HLTH-2022-IND-13-01, and this paper summarises observations and recommendations from across these projects. There is considerable consensus across the projects in many recommendation themes, notably; linking cybersecurity with patient safety and privacy; keeping the guidelines current; and usage recipes for the guidelines. The paper also suggests toolkit solutions to address some of the recommendations.

This book sets out to address some of the issues that a smart city needs to overcome to make use of both the data currently available to them and how this can be enhanced by using emerging technology enabling a citizen to share their personal data, adding value.It provides answers for those within a smart city, advising their mayors or leaders on introducing new technology. We will cover the topic so as to enable many different public officials to be able to understand the situation from their own perspective, be they lawyers, financial people, service providers, those looking at governance structures, policy makers, etc.We are contributing to the new model for the European Data Economy. Case studies of existing best practice in the use of data are augmented with examples of embracing a citizen’s personal data in the mix, to enable better services to develop and potential new revenue streams to occur. This will enable new business models and investment opportunities to emerge.We will address the topic of how to put a value on data and will conclude by looking at what new technologies will be emerging in the coming years, to help cities with carbon-neutral targets to have more chance of succeeding.

During the last decades, the dark web has become the ground for criminal activities, enabling for illegal content sharing, as well as marketplaces selling drugs and firearms. The 2023 Internet Organised Crime Threat Assessment (IOCTA) of Europol’s European Cybercrime Centre (EC3) presented the dark web as the one of the top crime ecosystems. Analyzing the .onion sites hosting marketplaces is of interest to law enforcement, security researchers, and big data analysts. The capability of automatically harvesting web content from web servers enables Law Enforcement Agencies (LEAs) to collect and preserve data prone to serve as potential clues or evidence in investigations. The use of sophisticated protocols and the inherent complexity of the Dark Web makes it difficult for security agencies to identify and investigate these activities through conventional methods. The sheer size, unpredictable ecosystem, and anonymity provided by the Dark Web are the essential confrontations to trace the criminals. Therefore, it is a crucial step to discover the potential solutions towards cyber-crimes evaluating the sailing Dark Web crime threats. In this paper, we devise Artificial Intelligence and Big Data processing to extract insights and investigate how the Dark Web facilitates crime and dynamically maintains marketplaces with illegal goods exchange. The scientific contribution of this paper entails novel textual and multimedia analytics over large collections of data to collect evidence for further investigations and support visual reporting and alerting mechanisms. The conclusions include practical implications of Dark Web content retrieval and archival, such as investigation clues and evidence, and related future research topics.

In this paper, we present an architecture for mobility data spaces enabling trustworthy and reliable data operations along with its main constituent parts. The architecture makes use of a data lake for scalable storage of diverse mobility data sets, on top of which separate computing and storage layers are implemented to allow independent scaling with a data operations toolbox providing all data operations. Furthermore, to cater for mobility analytics, machine learning and artificial intelligence support, an edge analytics suite is provided that encompasses distributed algorithms for mobility analytics and federated learning, thereby exploiting edge computing technologies. In turn, this is supported by a resource allocator that monitors the energy consumption of data-intensive operations and provides this information to the platform for intelligent task placement in edge devices, aiming at energy-efficient operations. As a result, an end-to-end platform is proposed that combines data services and infrastructure services towards supporting mobility application domains, such as urban and maritime.

Virtual Reality (VR) applications are increasingly used to support ergonomic and safe training activities, including serious games for training security officers and other security related professionals. Nevertheless, they do not exploit opportunities for trusted and secure management of digital assets, which are typically offered by the blockchain infrastructures of emerging metaverse environments. This paper introduces a novel interactive and realistic VR-based serious game for training law enforcement officers in the analysis and understanding of terroristic activities. The game is driven by pragmatic models of terroristic actions and teaches its users how to predict and anticipate indicators of terroristic attacks. It also provides the means for generating datasets to train Artificial Intelligence (AI) modules that could help analyzing and predict potentially terroristic activities. Moreover, the paper provides an outlook for the evolution of the game in metaverse environments, where blockchain infrastructures can be used to both boost the cyber-resilience of the game and to safeguard the trustworthiness of the data generation process.

Privacy preservation over federated data has gained its momentum in the era of securing users’ sensitive information. Combining and analysing sensitive information from multiple data sources offers considerable potential for knowledge discovery. However, there are different constraints which should be fulfilled, such as what are the data to be preserved; what is meant by privacy preservation; what are the constraints on federated computing; and what are the secure mechanisms to train, query and explore data without accuracy loss. We introduce the Protected Federated Query Engine which applies Fully Homomorphic Encryption and querying processing over decentralised data sources of diverse schemas and granularities to efficiently collect, align, aggregate and serve Artificial Intelligence Operations (AIOps) and Data Operations (DataOps) without sacrificing accuracy and efficiency.

Explainable Artificial Intelligence (XAI) has gained significant attention as a means to address the transparency and interpretability challenges posed by black box AI models. In the context of the manufacturing industry, where complex problems and decision-making processes are widespread, the XMANAI platform emerges as a solution to enable transparent and trustworthy collaboration between humans and machines. By leveraging advancements in XAI and catering the prompt collaboration between data scientists and domain experts, the platform enables the construction of interpretable AI models that offer high transparency without compromising performance. This paper introduces the approach to building the XMANAI platform and highlights its potential to resolve the “transparency paradox” of AI. The platform not only addresses technical challenges related to transparency but also caters to the specific needs of the manufacturing industry, including lifecycle management, security, and trusted sharing of AI assets. The paper provides an overview of the XMANAI platform main functionalities, addressing the challenges faced during the development and presenting the evaluation framework to measure the performance of the delivered XAI solutions. It also demonstrates the benefits of the XMANAI approach in achieving transparency in manufacturing decision-making, fostering trust and collaboration between humans and machines, improving operational efficiency, and optimizing business value.

Childhood obesity is a serious public health problem worldwide. The ENDORSE platform is an innovative software ecosystem based on Artificial Intelligence which consists of mobile applications for parents and health professionals, activity trackers, and mobile games for children. This study explores the impact of the ENDORSE platform on metabolic parameters associated with pediatric obesity and on the food parenting practices of the participating mothers. Therefore, the metabolic parameters of the 45 children (mean age: 10.42 years, 53% girls, 58% pubertal, mean baseline BMI z-score 2.83) who completed the ENDORSE study were evaluated. The Comprehensive Feeding Practices Questionnaire was used for the assessment of food parenting practices. Furthermore, regression analysis was used to investigate possible associations between BMI z-score changes and changes in metabolic parameters and food parenting practices. Overall, there was a statistically significant reduction in glycated hemoglobin (mean change = −0.10, p = 0.013), SGOT (mean change = −1.84, p = 0.011), and SGPT (mean change = −2.95, p = 0.022). Emotional feeding/food as reward decreased (mean change −0.21, p = 0.007) and healthy eating guidance increased (mean change = 0.11, p = 0.051). Linear regression analysis revealed that BMI z-score change had a robust and significant correlation with important metabolic parameters: HOMA-IR change (beta coefficient = 3.60, p-value = 0.046), SGPT change (beta coefficient = 11.90, p-value = 0.037), and cortisol change (beta coefficient = 9.96, p-value = 0.008). Furthermore, healthy eating guidance change had a robust negative relationship with BMI z-score change (beta coefficient = −0.29, p-value = 0.007). Conclusions: The Endorse digital weight management program improved several metabolic parameters and food parenting practices.

Childhood obesity constitutes a major risk factor for future adverse health conditions. Multicomponent parent–child interventions are considered effective in controlling weight. Τhe ENDORSE platform utilizes m-health technologies, Artificial Intelligence (AI), and serious games (SG) toward the creation of an innovative software ecosystem connecting healthcare professionals, children, and their parents in order to deliver coordinated services to combat childhood obesity. It consists of activity trackers, a mobile SG for children, and mobile apps for parents and healthcare professionals. The heterogeneous dataset gathered through the interaction of the end-users with the platform composes the unique user profile. Part of it feeds an AI-based model that enables personalized messages. A feasibility pilot trial was conducted involving 50 overweight and obese children (mean age 10.5 years, 52% girls, 58% pubertal, median baseline BMI z-score 2.85) in a 3-month intervention. Adherence was measured by means of frequency of usage based on the data records. Overall, a clinically and statistically significant BMI z-score reduction was achieved (mean BMI z-score reduction −0.21 ± 0.26, p-value < 0.001). A statistically significant correlation was revealed between the level of activity tracker usage and the improvement of BMI z-score (−0.355, p = 0.017), highlighting the potential of the ENDORSE platform.

In this first part of the INFINITECH book series, which is a series of three books, the principles of the modern economy that lead to make the modern financial sector and the FinTech’s the most disruptive areas in today’s global economy are discussed. INFINITECH envision many opportunities emerging for activating new channels of innovation in the local and global scale while at the same time catapult opportunities for more disruptive user-centric services. At the same time, INFINITECH is the result of a sharing vision from a representative global group of experts, providing a common vision and identifying impacts in the financial and insurance sectors.

Today, the need for “end-to-end” coordination between the electricity sector stakeholders, not only in business terms but also in securely exchanging real-time data, is becoming a necessity to increase electricity networks’ stability and resilience while satisfying individual operational optimization objectives and business case targets of all stakeholders. To this end, the SYNERGY energy data platform builds on state-of-the-art data management, sharing, and analytics technologies, driven by the actual needs of the electricity data value chain. This paper will describe the layered SYNERGY Reference Architecture that consists of a Cloud Infrastructure, On-Premise Environments, and Energy Apps and discuss the main challenges and solutions adopted for (a) the design of custom pipelines for batch and streaming data collection and for data manipulation and analytics (based on baseline or pre-trained machine learning and deep learning algorithms) and (b) their scheduled, on-event, or real-time execution on the cloud, on-premise and in gateways, toward an energy data space. Particular focus will be laid on the design of the SYNERGY AI analytics marketplace that allows for trustful sharing of data assets (i.e., datasets, pipelines, trained AI models, analytics results) which belong to different stakeholders, through a multi-party smart contract mechanism powered by blockchain technologies.

Over the past couple of years, implementations of Artificial Intelligence (AI) have significantly risen in numerous platforms, tools and applications around the world, impacting a broad range of industries such as manufacturing towards Smart Factories and Industry 4.0, in general. Nevertheless, despite industrial AI being the driving force for smart factories, there is strong reluctance in its adoption by manufacturers due to the lack of transparency of the black-box AI models and trust behind the decisions taken, as well as the awareness of where and how it should be incorporated in their processes and products. This paper introduces the Explainable AI platform of XMANAI which takes advantage of the latest AI advancements and technological breakthroughs in Explainable AI (XAI) in order to build "glass box" AI models that are explainable to a "human-in-the-loop" without the decrease of AI performance. The core of the platform consists of a catalogue of hybrid and graph AI models which are built, fine-tuned and validated either as baseline AI models that will be reusable to address any manufacturing problem or trained AI models that have been fine-tuned for solving concrete manufacturing problems in a trustful manner through value-based explanations that are easily and effectively interpreted by humans.

Transactive energy paradigm targets creating a way for producers and consumers to match and balance energy supply and demand on a real time basis. An approach towards realizing this target is through price signals generated by energy market mechanisms. Pilot projects have confirmed that transactive control technology is effective in various ways, such as improving energy efficiency and reliability, reducing energy cost and encouraging integration of renewable energy sources. However, a main challenge towards the broad adoption of smart grid technologies, such as transactive energy, is the protection of the participants’ privacy. This paper presents the design and the implementation of a uniform price double auction mechanism which preserves the privacy of its participants leveraging homomorphic encryption. Market participants exchange encrypted information among them and the market entity. The auction clearing is jointly computed and the computations are performed on encrypted data. Large-scale experimentation, simulating the Olympic Peninsula pilot project, enable us to measure the effectiveness and scalability of the proposed distributed mechanism. The analysis of the results suggests that the proposed protocol provides an effective mechanism for the implementation of a privacy preserving real-time energy market.

This paper presents an integrated methodology for decision making in smart grid investments that assesses the investment plans of stakeholders in local energy communities (LECs). Considering the energy flow exchanges of the LECs and interpreting them in terms of technical benefits and costs, this methodology indicates the most sustainable and profitable solution covering the LEC energy transition plans. A set of specialized tools capturing the energy, environmental, financial, and social impacts are integrated under a common platform called the IANOS Energy Planning and Transition (IEPT) suite. The tools evaluate a set of well-defined key performance indicators that are gathered using a cost–benefit analysis (CBA) module offering multilateral assessment. By upgrading the functionalities of specialized tools, i.e., the energy modeler INTEMA, the life cycle assessment and costing tool VERIFY, and the smart grid-oriented CBA tool, the IEPT suite evaluates the viability of different smart grid investment scenarios from a multi-dimensional perspective at the LEC level. The functionalities of the proposed suite are validated in the LEC of Nisyros island, Greece, where three smart grid-based investment scenarios of different self-consumption levels are evaluated and ranked in terms of benefits and profitability. The results highlight that for a 20-year horizon of analysis, the investment scenario where a 50% self-consumption target is achieved was more financially viable compared to the 80% and 95% scenarios, achieving values of BCR and NPV equal to EUR 2.12 and EUR 4,400,000, respectively.

In order to preserve privacy in a blockchain ecosystem, the main objective is to keep a transaction's data private, such as the sender, the receiver, and the amount transferred. The current work studies the cryptographic tools commonly used to achieve this type of privacy, primarily focusing on the Ethereum blockchain. Such tools usually require many computational and storage resources, leading to additional fees. An anonymous auction protocol was developed as a case study to explore these costs, where hiding the identity and the amount of the bids utilizes a variety of cryptographic primitives. The proposed implementation was compared against three sealed-bid auction protocols, which utilize similar cryptographic tools for preserving privacy throughout the auction process. The results show that providing an additional level of anonymity, such as hiding someone's identity, can increase the gas cost significantly, up to 2.5 times, depending on the choice of the cryptographic tools, which determine the usage of the blockchain's storage and computational resources. By adjusting the level of decentralization on the application level by moving some operations off-chain and maintaining the role of the auctioneer, we show that we can maintain anonymity while reducing the gas cost by 40%.

5G-IANA aims at providing an open 5G experimentation platform, on top of which third-party experimenters, i.e., SMEs in the Automotive vertical sector will have the opportunity to develop, deploy and test their services. The provided Automotive Open Experimentation Platform (AOEP) is a set of hardware and software resources that provides the computational and communication/transport infrastructure. This is coupled with management and orchestration components, as well as an enhanced network application Toolkit tailored to the Automotive sector, for simplifying the design and onboarding of new network applications. 5G-IANA exposes to experimenters Application Programming Interfaces (APIs) for facilitating all the different steps towards the production stage of a new service. The platform supports different virtualization technologies integrating different Management and Orchestration (MANO) frameworks for enabling the deployment of end-to-end network services across different segments (vehicles, road infrastructure, Multi-access Edge Computing (MEC) nodes and cloud resources). The 5G-IANA network application toolkit is linked with an Automotive Networks/ Application Functions Repository including an extensive portfolio of ready-to-use and openly accessible Automotive-related functions and network application templates, that are available for SMEs to use and develop new applications. Overall, 5G-IANA aspires to encourage third parties to test novel software or hardware or use cases by exploiting the platform capabilities.

We present P5; an event-driven policy framework that allows network operators to realize end-to-end policies on top of P4-based data planes in an intuitive and effective manner. We demonstrate how P5 adheres to a service-level agreement (SLA) by applying P4-based traffic engineering with latency constraints.

As the demand for advanced and efficient network and service deployment continues to rise, the integration of multiple domains and the incorporation of AI technology are becoming essential. The ACROSS project is a Horizon Europe project, that aims to address this need by proposing an innovative end-to-end service deployment and management platform. This platform is designed to deliver unprecedented levels of automation, performance, scalability, and energy efficiency in the next-gen networks and services landscape. The platform will be built as a highly-distributed grid of domain-level orchestrators, spread across multiple geo-dispersed and potentially heterogeneous edge environments, all overseen by a cloud-managed multi-domain orchestrator. The use of standardised communication interfaces will promote separation of concerns and ensure compliance with ongoing standardization efforts, some of which include ETSI ZSM, ETSI NFV-OSM, TMF, ETSI TFS and ONF. The platform will also be enhanced with deep end-to-end telemetry, AI-driven intelligence, full-stack cross-domain zero-touch provisioning, and secure and trusted orchestration mechanisms.

Integrated Public Services (IPS) enable the provision of personalised, citizen-friendly servicesthrough seamless collaboration of the involved public authorities. In this workshop we willpresent results from the H2020 inGov European Union funded project. We will start bypresenting the Holistic Framework for IPS co-creation and provision which includes a numberof practical recommendations for public authorities. We will discuss the framework withparticipants looking for constructive comments and ideas. We will then proceed withpresenting experiences gained so far in different European settings and prompt participants tocomment and discuss our approaches and findings.

Corruption remains a pervasive global challenge, undermining economic development, social equality, and the rule of law. While numerous anti-corruption frameworks exist, traditional approaches often fail to address large-scale and cross-border corruption effectively. This paper explores innovative technological solutions that enhance anti-corruption measures through emerging technologies such as Artificial Intelligence (AI), Machine Learning (ML), Big Data Analytics, and Distributed Ledger Technologies (DLT). We propose a holistic platform designed for Law Enforcement Agencies (LEAs) to identify, detect, and prevent corruption efficiently. The platform integrates advanced tools for anti-money laundering (AML), intelligence gathering from the dark and surface web, public sentiment analysis, criminal network reconstruction, and risk factor assessment in organizational structures. By leveraging Explainable AI (XAI) and a layered modular approach, this solution provides security practitioners with actionable insights, improving their investigative capabilities while ensuring compliance with legal and ethical standards. Ultimately, the research underscores the transformative potential of cutting-edge technologies in the fight against corruption, advocating for enhanced international cooperation and capacity-building efforts.

We demonstrate a sensing platform for composite manufacturing (RTM-6) process based on silicon photonics, being controlled by novel Process Monitoring Optimization Control (PMOC) system. The photonic multi-sensor is based on bragg grating components, allowing measurements of temperature, pressure and refractive index, and is packaged employing a ball lens fiber-to-chip interface. We present results of the packaged temperature photonic sensor regarding bandwidth, linearity and thermo-optic efficiency, being controlled by our PMOC system. We experimentally achieve 0.074 nm/C with R^2 = 0.995 linearity for temperature up to 180°C (RTM-6 compatible) with 1 kHz data acquisition and 0.2°C accuracy. Keywords: Photonic temperature sensor, composite material fabrication, Bragg grating, process monitoring and control, miniaturized multi sensor, composite molds, silicon photonics

As Artificial Intelligence (AI) becomes more integrated into public governance, concerns about its transparency and accountability have become increasingly important. The use of AI in decision-making processes raises questions about bias, fairness, and the protection of individual fundamental rights. To ensure that AI is used in a way that upholds democratic values, it is essential to develop systems that are trustworthy, transparent, and accountable. Trusted AI allows citizens to have greater trust in public organizations and their decision-making processes, while it also enables public authorities and policy makers to be more transparent and accountable, providing citizens with greater visibility into how policies are developed. In addition, it encourages the use of AI in a way that promotes fairness and equity, ensuring that decision-making processes are unbiased and discrimination free against certain groups of individuals. This paper investigates how these desirable attributes can be developed in ways that are feasible and effective through the design of a holistic environment that incorporates AI and Big Data management mechanisms while preserving that the AI technology should be shaped around human rights, values, and societal needs. Societal change and evidence-based policies will be achieved through the extension of business and policy making processes with advanced approaches, such as eXplainable AI (XAI) and Situation-Aware Explainability (SAX). To this end, a novel approach is proposed, which will converge techniques and research on multiple domains, including social sciences, Trustworthy AI, Ethical AI, Big Data analytics, IoT, and blockchain into a unified ecosystem.

Artificial Intelligence (AI) advances are pushing the boundaries across research domains with AI-driven solutions in healthcare claiming a significant share. A key objective of these studies concerns the timely prediction of various pathological conditions. Sepsis is a life-threatening syndrome and one of the main causes of death in intensive care unit (ICU) patients. As it becomes a major health problem worldwide, sepsis early prediction could assist healthcare professionals towards making informed clinical decisions, and thereby, significantly reducing the sepsis' morbidity and mortality. A notable body of literature involving the use of AI for sepsis prediction exists. However, to the best of our knowledge, only a handful of studies focus on performing a systematic review of the AI enabled solutions for sepsis prediction in ICUs. In this context, the present paper aims to identify knowledge gaps, stimulate interest and yield motivations for future research. Moreover, to discuss ethical and explainability aspects and associated challenges. The literature search was conducted between February 2023 and April 2023 and considered eligible articles published within the last five years.

Artificial Intelligence (AI) advances in healthcare require better data management so that prompt and informed decisions towards patients’ care are taken. Life-threatening conditions like sepsis can benefit from this, as they demand immediate and appropriate clinical intervention. While studies involving the use of AI for sepsis prediction exist, systematic reviews on the topic are limited. In this study, AI-enabled solutions for septic shock prognosis are studied, while explainability techniques appear crucial and promising towards ethical data use and clinicians’ trust and interventions.

As food safety is undergoing through significant challenges due to recent food scandals, and the consumers demands for products of higher quality is increasing, the need for better knowledge of the food production processes and adoption of data sharing practices in the product and supply chain management are emerging. To address those issues, data sharing platforms have been introduced as essential tools for creating high value from data with secure and mutually beneficial multi-partner data sharing fascilitation. Blockchain technology, through its inhereted distributed nature can help to build trust mechanisms to enhance transparency and security dimension of food chains. In this work we propose a novel security mechanism for proper authentication and authorization when accessing resources through an agrifood data platform. Our proposed methodology aims to deliver sophisticated backbone service capabilities that will enable trusted, secure, automated, robust and controlled data transactions for food certification to all food sector businesses that demand easy, fast, and actionable access to variegating food safety data from multiple devices and in various settings.

Service Robots (SR) are increasingly used for ex ecution of complex tasks based on high-level goals. Also, the interaction with users in an easily-understandable way is very important. To this end, the imitation of human- like motion, is important not only because we “don’t need to reinvent the wheel”, but because humans, that the SR will share the world with, expect such solutions to the task. It is crucial to represent and organize the vast amount of knowledge, so that the robot can retrieve relevant knowledge faster and conveniently, in order to complete the tasks automatically. In this work, we propose a Holistic Knowledge Base scheme for task planning representation, towards the acceleration of robotic learning, based on robotic priors, scene structure, and demonstrations in a specific real-world context which dynamically changes over time and space.

Human-centricity is the core value behind the evolution of manufacturing towards Industry 5.0. Nevertheless, there is a lack of architecture that considers safety, trustworthiness, and human-centricity at its core. Therefore, we propose an architecture that integrates Artificial Intelligence (Active Learning, Forecasting, Explainable Artificial Intelligence), simulated reality, decision-making, and users' feedback, focusing on synergies between humans and machines. Furthermore, we align the proposed architecture with the Big Data Value Association Reference Architecture Model. Finally, we validate it on three use cases from real-world case studies.

The paper explores the application of explainable artificial intelligence (xAI) techniques to improve data trustworthiness in crowd-sensing systems. By providing transparent AI models, users can better understand and trust the data collected from diverse sources. The study demonstrates how xAI can address challenges related to data reliability and user engagement in crowd-sensing applications.

The emerging Cooperative Intelligent Transportation Systems (C-ITS) landscape is expanding in terms of security and trust requirements, to provide the necessary enablers for the safety of critical operations (i.e., collision avoidance). To this extend, Public Key Infrastructure (PKIs) and Direct Anonymous Attestation (DAA) schemes have been proposed by the literature, in order to provide authenticity over the exchanged messages. DAA schemes can help address several challenges of centralized PKIs by offering a more scalable solution for pseudonym certificate issuance, reloading and revocation. This paper is the first to implement a DAA-based solution and then perform a methodological comparison of the two schemes based on an experimental evaluation. The acquired results do not directly dictate one prevailing solution, but rather suggest the need for an integrated approach converging concepts from both schemes, in order to better accommodate the needs of future C-ITS systems.

The advent of 6G networks is anticipated to introduce a myriad of new technology enablers, including heterogeneous radio, RAN softwarization, multi-vendor deployments, and AI-driven network management, which is expected to broaden the existing threat landscape, demanding for more sophisticated security controls. At the same time, privacy forms a fundamental pillar in the EU development activities for 6G. This decentralized and globally connected environment necessitates robust privacy provisions that encompass all layers of the network stack. In this paper, we present PRIVATEER’s approach for enabling “privacy-first” security enablers for 6G networks. PRIVATEER aims to tackle four major privacy challenges associated with 6G security enablers, i.e., i) processing of infrastructure and network usage data, ii) security-aware orchestration, iii) infrastructure and service attestation and iv) cyber threat intelligence sharing. PRIVATEER addresses the above by introducing several innovations, including decentralised robust security analytics, privacy-aware techniques for network slicing and service orchestration and distributed infrastructure and service attestation mechanisms.

Electronic identification (eID) and Identity Management (IDM) in the context of information systems is considered of crucial importance for citizen data safety, since it can authorize the proper stakeholders to access sensitive data. The plethora of information systems’ users and devices, the need for increased data confidentiality and integrity, as well as the requirement for proper data exchange considering short-range and long-range distance data exchange protocols and networks, increases the overall necessity for proper IDM mechanisms and techniques. Nevertheless, it needs to be identified that IDM mechanisms are not only security tools that improve technical skill sets, but the leaders towards opportunities that emerge. This manuscript provides an overview of state-of-the-art IDM standards and regulations towards interoperable eID, namely SAML, WS-Federation, OAuth, OpenID, FIDO, and Mobile Connect, including their latest versions. It considers different architectural components and scenarios, covering aspects of multiple domains, with the ability to be exploited across several networking and communication systems.

The electrical grid has significantly evolved over the years, thus creating a smart paradigm, which is well known as the smart electrical grid. However, this evolution creates critical cybersecurity risks due to the vulnerable nature of the industrial systems and the involvement of new technologies. Therefore, in this paper, the ELECTRON architecture is presented as an integrated platform to detect, mitigate and prevent potential cyberthreats timely. ELECTRON combines both cybersecurity and energy defence mechanisms in a collaborative way. The key aspects of ELECTRON are (a) dynamic risk assessment, (b) asset certification, (c) federated intrusion detection and correlation, (d) Software Defined Networking (SDN) mitigation, (e) proactive islanding and (f) cybersecurity training and certification.

Anonymous credentials (ACs) are secure digital versions of credentials that allow selective proof of possession of encoded attributes without revealing additional information. Attributes can include basic personal details (e.g., passport, medical records) and also claims about existing attributes (e.g., age > 18), which can be revealed without disclosing any concrete information. However, embedding all possible claims in a credential is impractical. To address this, we propose verifiers defining policies as high-level programs executed by holders on their credentials. We also propose making the proofs designated verifier to prevent the misuse or leakage of sensitive information by dishonest verifiers to any unwanted third party.

To detect runtime attacks against programs running on a remote computing platform, Control-Flow Attestation (CFA) lets a (trusted) verifier determine the legality of the program’s execution path, as recorded and reported by the remote platform (prover). However, besides complicating scalability due to verifier complexity, this assumption regarding the verifier’s trustworthiness renders existing CFA schemes prone to privacy breaches and implementation disclosure attacks under “honest-but-curious” adversaries. Thus, to suppress sensitive details from the verifier, we propose to have the prover outsource the verification of the attested execution path to an intermediate worker of which the verifier only learns the result. However, since a worker might be dishonest about the outcome of the verification, we propose a purely cryptographical solution of transforming the verification of the attested execution path into a verifiable computational task that can be reliably outsourced to a worker without relying on any trusted execution environment. Specifically, we propose to express a program-agnostic execution path verification task inside an arithmetic circuit whose correct execution can be verified by untrusted verifiers in zero knowledge.

Both FARCROSS and TRINITY EU research projects aim to increase cross-border electricity flow and regional cooperation. The integration of SmartValve and T-SENTINEL systems offers benefits such as enhancing grid security and reliability, managing thermal constraints, and maximizing utilization of existing infrastructure. The combined system can achieve a more efficient and less costly coordinated network security process, increase cross-border capacities, and promote regional electricity market integration, benefiting the local communities with significant CO2 emissions avoidance and reduced electricity prices. Overall, the integration of SmartValve and T-SENTINEL can provide significant improvements in flexibility, making cross-border connections more robust and adaptive to the evolution of the electrical power industry.

The study on Power and Heat Sectors: Interactions and Synergies, analyses the current situation of the H&C sector in the EU and its objectives for 2030 and 2050; it provides a comparative description of the H&C technologies, including prospects for the integration of RES and thermal storage. This study was conducted by ENTSO–E’s Working Group Future of Energy Systems under Research, Development, and Innovation Committee with the support of Ubitech Energy Sprl.

Recent advances in Decentralized Digital Identity solutions, revolving around the use of Verifiable Credentials towards identity sovereignty, are centered around Identity Wallets for ensuring that identity data control remains with the user. However, such schemes still lack the capabilities to provide higher Level of Assurance (LoA) guarantees, for identity verification, which restricts their full potential. In this paper, we design and showcase DOOR; a library that enables Identity Wallets to leverage hardware Roots-of-Trust (RoT) for binding user authentication factors to HW-based keys, thus, allowing for both proof of (User) identity and (Wallet) integrity, bringing them in alignment with emerging regulations and standards that require higher LoA for services (e.g. eIDAS). At the same time, we make sure that privacy-enhancing properties like selective-disclosure are fully supported in order to make the Wallet compliant with privacy regulations (e.g. GDPR). To achieve all the above, we have designed an enhanced variant of Attribute-based Direct Anonymous Attestation (DAA-A) crypto protocol for offering anonymity, unlinkability, and unforgeability, while being the first to offer strong guarantees on the Wallet’s integrity when constructing attribute attestations. We formally prove the security properties of DOOR, offered by the underlying crypto primitives used to enable selective disclosure of attributes, by describing their construction while also benchmarking their computational footprint and comparing them with other widespread cryptographic mechanisms (adopted by the standards) in terms of performance, size of the associated verifiable presentations while safeguarding user anonymous authentication and unlinkability.

Policymaking has always revolved around the initiative to solve problems and since the start of more focused research on it, it contained many stages from problem identification and agenda setting to policy formulation, legitimization, implementation and evaluation. As policymaking evolved and societal challenges became more complex, policymakers tried to include more factors into the decision-making process and thus data driven policymaking became an important tool in this field. Data driven policymaking aims to make optimal use of data and extensive analysis in order to create and evaluate policies.

The rapid development of Smart Cities is aided by the convergence of information and communication technologies (ICT). Data is a key component of Smart City applications as well as a serious worry. Data is the critical factor that drives the whole development life-cycle in most Smart City use-cases, according to an exhaustive examination of several Smart City use-cases. Mishandling data, on the other hand, can have severe repercussions for programs that get incorrect data and users whose privacy may be compromised. As a result, we believe that an integrated ICT solution in Smart Cities is key to achieve the highest levels of scalability, data integrity, and secrecy within and across Smart Cities. As a result, this paper discusses a variety of modern technologies for Smart Cities and proposes our integrated architecture, which connects Blockchain technologies with modern data analytic techniques (e.g., Federated Learning) and Edge/Fog computing to address the current data privacy issues in Smart Cities. Finally, we discuss and present our proposed architectural framework in detail, taking into account an online marketing campaign and an e-Health application use-cases.

Adversarial machine learning (AML) is a class of data manipulation techniques that cause alterations in the behavior of artificial intelligence (AI) systems while going unnoticed by humans. These alterations can cause serious vulnerabilities to mission-critical AI-enabled applications. This work introduces an AI architecture augmented with adversarial examples and defense algorithms to safeguard, secure, and make more reliable AI systems. This can be conducted by robustifying deep neural network (DNN) classifiers and explicitly focusing on the specific case of convolutional neural networks (CNNs) used in non-trivial manufacturing environments prone to noise, vibrations, and errors when capturing and transferring data. The proposed architecture enables the imitation of the interplay between the attacker and a defender based on the deployment and cross-evaluation of adversarial and defense strategies. The AI architecture enables (i) the creation and usage of adversarial examples in the training process, which robustify the accuracy of CNNs, (ii) the evaluation of defense algorithms to recover the classifiers’ accuracy, and (iii) the provision of a multiclass discriminator to distinguish and report on non-attacked and attacked data. The experimental results show promising results in a hybrid solution combining the defense algorithms and the multiclass discriminator in an effort to revitalize the attacked base models and robustify the DNN classifiers. The proposed architecture is ratified in the context of a real manufacturing environment utilizing datasets stemming from the actual production lines.

Convergence between big data, high-performance computing, and the cloud is the key driving factor for sustainable economic growth in the future. Technological advances in many fields are determined by competence to gain precise information from the large amounts of data collected, which in turn requires powerful computing resources. This chapter provides an overview on the evolution of the three fields and four different points of view on their convergence provided by the CYBELE, DeepHealth, Evolve, and LEXIS projects funded by the European Union under the Horizon 2020 Programme.

Inefficiency in planting, harvesting, water use, meat consumption, as well as uncertainty about weather, pests, consumer demand, and other intangibles contribute to lower production, advanced costs, and greater need for products of higher quality and quantity. Precision agriculture (PA) and precision livestock farming (PLF) are introduced to assist in optimizing agricultural and livestock production while minimizing the wastes and costs. In this chapter, CYBELE is introduced, a platform aspiring to ensure that the stakeholders involved in the PA and PLF value chain (research and academia, SMEs, entrepreneurs, etc.) are granted unmediated access to a vast amount of very large-scale and distributed datasets. Additionally, by leveraging the convergence of big data, artificial intelligence, and high-performance computing infrastructures, CYBELE facilitates these stakeholders to generate value and extract insights out of the data through advanced data exploration, aggregation, processing, training, analysis, and visualization services.

The role of self-efficacy to cope with breast cancer as a mediator and/or moderator in the relationship of trait resilience to quality of life and psychological symptoms was examined in this study. Data from the BOUNCE Project (https://www.bounce-project.eu/) were used. Women diagnosed with and in treatment for breast cancer (N = 484), from four countries, participated in the study. Trait resilience and coping self-efficacy were assessed at baseline (soon after the beginning of systemic treatment), and outcomes (quality of life, psychological symptoms) 3 months later. Hierarchical regression, mediation, moderation, and conditional (moderated) mediation and moderation analyses were performed to examine the study hypotheses. Coping self-efficacy mediated the impact of trait resilience. In addition, higher levels of resilience in combination with higher levels of coping self-efficacy were associated with better outcomes. Country of origin had no impact on these results. Overall, it seems that coping self-efficacy is a key factor that should be taken into account for research and intervention efforts in cancer.

Open banking holds the potential of expanding traditional banking data flows, placing the customer at its core and in control of their banking data, including their personal information. Consent management enables the tracking, monitoring and managing the personal data lifecycle in a GDPR compliant manner, and improves customers’ control over their data, empowering them to manage their consent throughout its lifecycle. However, traditional technologies have failed to become a key enabler of trust, due to multiple security/data tampering incidents. This chapter introduces a blockchain-empowered Consent Management System (CMS). It aims at presenting the design and implementation of a robust CMS, enabling the sharing of customers’ consent, thus facilitating the exchange and the utilization of customer data, across different banking institutions. The proposed CMS implementation will enable the financial institutions to effectively manage and share their customers’ consents in a transparent and unambiguous manner, ensuring compliance to PSD2 and GDRP, while lowering the barriers of secure data sharing.

The 5G and beyond advancements will impact significantly the evolution of many vertical industries such as the Public Protection and Disaster Recovery (PPDR) sector. To this end, the requirements posed by PPDR operations and services can be satisfied to a certain great degree by 5G network capabilities associated with network slicing and incorporation of edge computing, while network coverage and availability even in disaster situations still remains a critical issue. However, the flexibility of 5G networks and the beyond 5G developments related to network and service orchestration can further lead the PPDR service provisioning. The 5G-PPP project Int5Gent aims at delivering a complete beyond 5G solution suitable for various PPDR operational scenarios, namely for day-to-day operations and for disaster scenarios; along with experimentation deployments for testing and evaluation. This paper discusses the service and technical requirements and provides an overview of the proposed technologies and deployment solutions.

Whilst the Fifth Generation (5G) mobile networks are being deployed worldwide, the adoption of this next-generation networking paradigm by the vertical businesses such as the 4th industrial revolution (Industry 4.0) sectors is lagging. One of the empirical barriers for the verticals to embrace 5G rapidly is the lack of easy-to-access platforms that facilitate cost-efficient deployment of their Network Applications (NetApps) to create end-to-end services. This paper presents a novel and realistic NetApp platform to remove this barrier, thereby speeding up the smooth vertical businesses' transition to 5G and beyond networks. Particularly, the paper provides a vision and insights on an innovative Unmanned Aerial Vehicle (UAV) based Industry 4.0 NetApp to cast lights on how 5G NetApps can help shape the resultant new business models and open new business opportunities. In this case, the NetApp is able to improve the results by detecting intruders in real time and reducing the delay of detection by 226 ms (38%).

The fifth generation of mobile networks (5G) is rapidly reaching deployment across the globe, promising a series of advances for vertical service providers, both in terms of performance and in terms of operational capabilities. In this context, the 5G-IANA Network Application platform focuses on the rapidly advancing domain of intelligent, data centric, Artificial Intelligence/Machine Learning (AI/ML)-enabled applications, with a particular focus on the automotive domain. In this article, we present the key functional features designed for the support of such services including the integration of (mobile) far-edge resources, as well as ML-aware orchestration primitives. This includes novel features such as decision support for the optimal distribution of end-to-end ML pipelines, as well as run-time support for client selection in Federated Learning setups, far-edge failure handling and distribution drift aware lifecycle management. Such features come to address a series of limitations associated with legacy 5G management & orchestration systems, such as resource consumption of data centric services and privacy support. In this context, we further discuss the new opportunities arising for service provisioning and corresponding business models in the automotive ecosystem, with a particular emphasis on the implications of the emerging data and/or ML-model sharing schemes.

The 5G and beyond advancements will impact significantly the evolution of many vertical industries such as the Public Protection and Disaster Recovery (PPDR) sector. To this end, the requirements posed by PPDR operations and services can be satisfied to a certain great degree by 5G network capabilities associated with network slicing and incorporation of edge computing, while network coverage and availability even in disaster situations still remains a critical issue. However, the flexibility of 5G networks and the beyond 5G developments related to network and service orchestration can further lead the PPDR service provisioning. The 5G-PPP project Int5Gent aims at delivering a complete beyond 5G solution suitable for various PPDR operational scenarios, namely for day-to-day operations and for disaster scenarios; along with experimentation deployments for testing and evaluation. This paper discusses the service and technical requirements and provides an overview of the proposed technologies and deployment solutions.

Food safety is undergoing through tremendous challenges over the last years, with food scandals and contamination issues putting constant pressure to global markets, while consumers demands for high quality of products are increasing. This raises the need for increasing stakeholders' knowledge of the food production process and adopting data sharing practices in the product and supply chain management. Data sharing platforms can undertake the role of creating high value from data while facilitating secure and mutually beneficial multi-partner data sharing. Our proposed system aims to deliver an industrial data platform that will facilitate the exchange and connection of data between different food safety actors, who are interested in sharing information critical to certification, while boosting the way that food certification takes place in Europe.

This preprint discusses the development of machine learning models designed to defend against adversarial attacks. The authors present novel techniques that enhance the robustness of AI systems by detecting and mitigating malicious inputs. The study contributes to the field of AI security by proposing methods to safeguard machine learning models from potential threats.

The digitisation of the typical electrical grid introduces valuable services, such as pervasive control, remote monitoring and self-healing. However, despite the benefits, cybersecurity and privacy issues can result in devastating effects or even fatal accidents, given the interdependence between the energy sector and other critical infrastructures. Large-scale cyber attacks, such as Indostroyer and DragonFly have already demonstrated the weaknesses of the current electrical grid with disastrous consequences. Based on the aforementioned remarks, both academia and industry have already designed various cybersecurity standards, such as IEC 62351. However, dynamic risk assessment and certification remain crucial aspects, given the sensitive nature of the electrical grid. On the one hand, dynamic risk assessment intends to re-compute the risk value of the affected assets and their relationships in a dynamic manner based on the relevant security events and alarms. On the other hand, based on the certification process, new approach for the dynamic management of the security need to be defined in order to provide adaptive reaction to new threats. This paper presents a combined approach, showing how both aspects can be applied in a collaborative manner in the smart electrical grid.

The industrial sector is experiencing an unprecedented number of changes in recent years. New models of remote delivery, especially in complex ICT infrastructures such as healthcare, increase the potential impact of cybersecurity breaches to a level that has not been experienced before. This paper presents the SECurity And privacy protectioN in internet of Things devices (SECANT) project, an EU-H2020 project aimed to strengthen the understanding of risks, at both human and technical level through the delivery of a holistic framework for cyber security risk assessment for enhancing the digital security, privacy, and personal data protection in complex ICT infrastructures, such in the healthcare ecosystem. The SECANT platform will implement a collaborative threat intelligence collection, analysis and sharing, an innovative risk analysis specifically designed for interconnected nodes of an industrial ecosystem, a cuttingedge trust and accountability mechanisms for data protection and a security awareness training for more informed security choices. This platform will be demonstrated and validated across four operational pilots reflecting different real-life business cases

The Greek power system is facing significant changes as the government’s policy is focused on an energy transition aligned with the EU future plans by implementing comprehensive reforms in the energy sector to drive decarbonization, increase the share of renewable power plants and foster competitive markets. This transition is expected to create significant challenges to the operation of the future Greek power system. In this context, a Wide Area Monitoring, Protection, Automation and Control (WAMPAC) System is developed that is expected to serve as a useful tool for monitoring and control of the steady state and dynamic limits of the power grid. Fifteen (15) time synchronized phasor measurement units are currently being installed in critical locations to gather data and online transmit them to phasor data concentrators in order to be used by the WAMPAC system. Moreover, a holistic design approach is adopted for the WAMPAC system with various protection and control services that aim to deal with the expected upcoming challenges. Overall, in this paper the developed augmented WAMPAC design approach and implementation is thoroughly described in order to serve as a roadmap for future power systems.

The Internet has rapidly grown into a distributed and collaborative network with over one billion users, e.g., the Internet of Things (IoT). The future Internet will become the core of the next information infrastructure in regard to computation and communication, being capable of extensibility, survivability, mobility, and adaptability. However, with the increasing complexity of the future Internet and boost in information sharing, there is a threat to such infrastructure in the aspects of security, trust, and privacy. This editorial discusses the state-of-the-art advancements in information and the future internet.

This paper offers a prototype of a Hyperledger Fabric-IPFS based network architecture including a smart contract based encryption scheme that meant to improve the security of user’s data that is being uploaded to the distributed ledger. A new extension to the self-encryption scheme was deployed by integrating data owner’s identity into the encryption process. Such integration allows to permanently preserve ownership of the original file and link it to the person/entity who originally uploaded it. Moreover, self-encryption provides strong security guarantees that decryption of a file is computationally not feasible under the condition that the encrypted file and the key are safely stored.

This work aims to provide a more secure access control in Hyperledger Fabric blockchain by combining multiple ID’s, attributes, and policies with the components that regulate access control. The access control system currently used by Hyperledger Fabric is first completely analyzed. Next, a new implementation is proposed that builds upon the existing solution but provides users and developers with easier ways to make access control decisions based on combinations of multiple ID’s, attributes, and policies. Our proposed implementation encapsulates the Fabric CA client to facilitate attribute addition and simplify the process of registering and enrolling a newly created certificate (corresponding to a new user). This research, concludes that it is possible to combine multiple ID’s, attributes, and policies with the help of Hyperledger Fabric’s smart contract technology. Furthermore, it could be seen that the performance impact for real-world applications is negligible compared to the insecure case of always providing access to a resource without performing access control.

Direct anonymous attestation (DAA) is a platform authentication mechanism that enables the provision of privacy-preserving and accountable services. DAA is based on group signatures that allow remote attestation of a device associated to a trusted component (TC) while offering strong anonymity guarantees. Standardized by the Trusted Computing Group (TCG), DAA retains user anonymity, provides user-controlled unlinkability, and identifies signatures created by compromised devices.

In the race toward next-generation systems of systems, the adoption of edge and cloud computing is escalating to deliver the underpinning end-to-end services. To safeguard the increasing attack landscape, remote attestation lets a verifier reason about the state of an untrusted remote prover. However, for most schemes, verifiability is only established under the omniscient and trusted verifier assumption, where a verifier knows the prover’s trusted states, and the prover must reveal evidence about its current state. This assumption severely challenges upscaling, inherently limits eligible verifiers, and naturally prohibits adoption in public-facing security-critical networks. To meet current zero trust paradigms, we propose a general ZEro-Knowledge pRoof of cOnformance (ZEKRO) scheme, which considers mutually distrusting participants and enables a prover to convince an untrusted verifier about its state’s correctness in zero-knowledge, i.e., without revealing anything about its state.

Adversarial machine learning (AML) is a class of data manipulation techniques that cause alterations in the behavior of artificial intelligence (AI) systems while going unnoticed by humans. These alterations can cause serious vulnerabilities to mission-critical AI-enabled applications. This work introduces an AI architecture augmented with adversarial examples and defense algorithms to safeguard, secure, and make more reliable AI systems. This can be conducted by robustifying deep neural network (DNN) classifiers and explicitly focusing on the specific case of convolutional neural networks (CNNs) used in non-trivial manufacturing environments prone to noise, vibrations, and errors when capturing and transferring data. The proposed architecture enables the imitation of the interplay between the attacker and a defender based on the deployment and cross-evaluation of adversarial and defense strategies. The AI architecture enables (i) the creation and usage of adversarial examples in the training process, which robustify the accuracy of CNNs, (ii) the evaluation of defense algorithms to recover the classifiers’ accuracy, and (iii) the provision of a multiclass discriminator to distinguish and report on non-attacked and attacked data. The experimental results show promising results in a hybrid solution combining the defense algorithms and the multiclass discriminator in an effort to revitalize the attacked base models and robustify the DNN classifiers. The proposed architecture is ratified in the context of a real manufacturing environment utilizing datasets stemming from the actual production lines.

Fog computing extends multi-cloud computing by enabling services or application functions to be hosted close to their data sources. To take advantage of the capabilities of fog computing, serverless and the function-as-a-service (FaaS) software engineering paradigms allow for the flexible deployment of applications on multi-cloud, fog, and edge resources. This article reviews prominent fog computing frameworks and discusses some of the challenges and requirements of FaaS-enabled applications. Moreover, it proposes a novel framework able to dynamically manage multi-cloud, fog, and edge resources and to deploy data-intensive applications developed using the FaaS paradigm. The proposed framework leverages the FaaS paradigm in a way that improves the average service response time of data-intensive applications by a factor of three regardless of the underlying multi-cloud, fog, and edge resource infrastructur

The technological leap of smart technologies and the Internet of Things has advanced the conventional model of the electrical power and energy systems into a new digital era, widely known as the Smart Grid. The advent of Smart Grids provides multiple benefits, such as self-monitoring, self-healing and pervasive control. However, it also raises crucial cybersecurity and privacy concerns that can lead to devastating consequences, including cascading effects with other critical infrastructures or even fatal accidents. This paper introduces a novel architecture, which will increase the Smart Grid resiliency, taking full advantage of the Software-Defined Networking (SDN) technology. The proposed architecture called SDN-microSENSE architecture consists of three main tiers: (a) Risk assessment, (b) intrusion detection and correlation and (c) self-healing. The first tier is responsible for evaluating dynamically the risk level of each Smart Grid asset. The second tier undertakes to detect and correlate security events and, finally, the last tier mitigates the potential threats, ensuring in parallel the normal operation of the Smart Grid. It is noteworthy that all tiers of the SDN-microSENSE architecture interact with the SDN controller either for detecting or mitigating intrusions.

Organisations possess and continuously generate huge amounts of static and stream data, especially with the proliferation of Internet of Things technologies. Collected but unused data, i.e., Dark Data, mean loss in value creation potential. In this respect, the concept of Computing Continuum extends the traditional more centralised Cloud Computing paradigm with Fog and Edge Computing in order to ensure low latency pre-processing and filtering close to the data sources. However, there are still major challenges to be addressed, in particular related to management of various phases of Big Data processing on the Computing Continuum. In this paper, we set forth an ecosystem for Big Data pipelines in the Computing Continuum and introduce five relevant real-life example use cases in the context of the proposed ecosystem.

The goal is to enable high scalability by decomposing a mixed-criticality application into a set of “cloud-native” and “edge-running” microservices, with different trust considerations, and managing secure accelerated offloading capabilities for distributing the resource intensive processes to the backend, thus, limiting the workload that needs to be managed at the edge. This will allow the overall system to reach its full potential, in a secure and trusted manner, without impeding safety.

A growing number of complex applications, such as cloud and / or mobile computing, video on-demand and streaming big data analytics are influenced by the growth of users, devices and connections. At the same time, the microservices architecture paradigm enables software developers divide their application into small, independent, and loosely coupled services that can be hosted on multiple machines, thus enabling horizontal scale up. In this paper, we study how a weighted load balancing approach can improve application performance and online machine learning over streaming big data, specifically in Kubernetes-based environments. We introduce an automated process which prioritizes events by efficiently managing the communication among the interacting services (i.e. pods) through adaptive traffic routing and dynamic rules enforcement allowing to control the flow of data and API calls among them. This process guarantees services stability and autoscaling at runtime. We demonstrate the proposed approach in a prototype microservices application consisting of containerized and deployed pods on Kubernetes, named as Information Aware Networking Mechanisms . These mechanisms have been integrated into a sophisticated framework which takes into account the number of requests per second or the volume of data per hour and supports weighted load balancing mechanisms to minimize inter-pods communication and prioritize important events to an online machine learning model which is crucial for the examined application. The Information Aware Networking Mechanisms have been openly made available for deployment and experimentation to the research community to build upon.

During the last decades, Dark Web content has risen in necessity in an increasingly connected world, where international anonymous networks provide access to data marketplaces and illicit multimedia material through the TOR or I2P networks. The motivation behind this paper is to gauge the current state and growth of the Dark Web in relation to the role it plays with special focus on Small and Medium-sized Enterprises (SMEs and MEs). More specifically, we devise Machine Learning and specialised Information Retrieval techniques to extract insights and investigate how the Dark Web enables cybercrime, maintains marketplaces with breached enterprise data collections and pawned email accounts. The research questions that we address concern: a) the role that the Dark Web plays for SMEs, MEs, and society in general; b) the criticality of cybercriminal activities and operations in the Dark Web exploiting threat taxonomies and scoring schemes; and c) the maturity and efficiency of technical tools and methods to curb illegal activities on the Dark Web through raising awareness via efficient text analytics, visual reporting and alerting mechanisms.

Big data analytics and business insights are of high importance and demand among today’s services and applications. Traditionally, the entire big data pipeline goes through numerous processing steps. However, the complexity of supporting big data analytic applications is more than its recent reputation would suggest. On top of hybrid big data and high-performance computing resources, this paper presents a comprehensive microservices architecture to ease the management and enactment of end-to-end big data workflow management processes. It is developed along with intuitive graphical user interfaces to abstract and hide to the end user the specificities of the underlying network, storage and compute infrastructure. Entitled as Big Data Apps Composition Environment, it facilitates the design, composition, configuration, orchestration, enactment, and validation of end-to-end big data analytic services actuated into deployment workflows. Our approach differentiates to the current engines, as it adopts a big data-driven methodology which is scalable to multiple executors and has embedded notebooks for on-demand and real-time scripting analytics. Therefore, big data services and analytic applications deployment are being accelerated, while semi-automatic scaling through the definition of multiple executors for improved time performance of demanding tasks is supported.

The aviation industry as well as the industries that benefit and are linked to it are ripe for innovation in the form of Big Data analytics. The number of available big data technologies is constantly growing, while at the same time the existing ones are rapidly evolving and empowered with new features. However, the Big Data era imposes the crucial challenge of how to effectively handle information security while managing massive and rapidly evolving data from heterogeneous data sources. While multiple technologies have emerged, there is a need to find a balance between multiple security requirements, privacy obligations, system performance and rapid dynamic analysis on large datasets. The current paper aims to introduce the ICARUS Secure Experimentation Sandbox of the ICARUS platform. The ICARUS platform aims to provide a big data-enabled platform that aspires to become an 'one-stop shop' for aviation data and intelligence marketplace that provides a trusted and secure 'sandboxed' analytics workspace, allowing the exploration, integration and deep analysis of original and derivative data in a trusted and fair manner. Towards this end, a Secure Experimentation Sandbox has been designed and integrated in the ICARUS platform offering, that enables the provisioning of a sophisticated environment that can completely guarantee the safety and confidentiality of data, allowing to any interested party to utilise the platform to conduct analytical experiments in closed-lab conditions.

Int5Gent targets the integration of innovative data plane technology building blocks under a flexible 5G network resource, slice and application orchestration framework, providing a complete 5G system platform for the validation of advance 5G services and Internet of Things (IoT) solutions. The platform can act as the enabler for the transition beyond the current 5G networking capabilities allowing novel and state-of-the-art data transport and edge processing solutions to be evaluated under a cutting-edge network orchestration framework, with intelligent service allocation and management capabilities. A sample of the envisioned technologies include: flexible multi-Radio Access Technology (multi-RAT) baseband signal processing, millimeter Wave (mmWave)technology solutions at 60GHz and 150GHz bands, hardware-based edge processor with Time Sensitive Networking (TSN), Graphical Processing Unit (GPU)processing capabilities, and elastic Software Defined Networking (SDN)-based photonic data transport. The integration of the technology blocks is performed as part of an overall architecture that promotes edge processing and is orchestrated by a Network Function Virtualization Orchestrator (NFVO) compatible framework with edge node extensions at the network layer and an overlay vertical services application orchestrator at the user plane layer.

Security, Trust and Reliability are crucial issues in mobile 5G networks from both hardware and software perspectives. These issues are of significant importance when considering implementations over distributed environments, i.e., corporate Cloud environment over massively virtualized infrastructures as envisioned in the 5G service provision paradigm. The SANCUS1 solution intends providing a modular framework integrating different engines in order to enable next‐generation 5G system networks to perform automated and intelligent analysis of their firmware images at massive scale, as well as the validation of applications and services. SANCUS also proposes a proactive risk assessment of network applications and services by means of maximising the overall system resilience in terms of security, privacy and reliability. This paper presents an overview of the SANCUS architecture in its current release as well as the pilots use cases that will be demonstrated at the end of the project and used for validating the concepts.

In 5G and beyond telecommunication infrastructures a crucial challenge in achieving the strict Key Performance Indicators (KPIs) regarding capacity, latency, and guaranteed quality of service, is the efficient handling of the fronthaul bottleneck. This part of the next generation networks is expected to comprise the New Radio (NR) access and the Next Generation Passive Optical Network (NGPON) domains. Latest developments load the fronthaul with computing tasks as well (e.g., for AI-based processes) in the context of Mobile Edge Computing (MEC). Towards efficient management of all resource types, this paper proposes a joint allocation scheme with three optimization phases for radio, optical, and MEC resources. This scheme, which has been developed in the context of the blueSPACE 5G Infrastructure Public Private Partnership (5G PPP) project, exploits cutting-edge technologies, such as radio beamforming, spatial-spectral granularity in optical networks, and Network Function Virtualization (NFV), to provide dynamic, adaptive, and energy efficient allocation of resources. The devised model is mathematically described and the overall solution is evaluated in a realistic simulation scenario, demonstrating its effectiveness.

TeraFlow proposes a new type of secure, cloud-native Software Defined Networking (SDN) controller that will radically advance the state-of-the-art in beyond 5G networks by introducing novel micro-services architecture, and provide revolutionary features for both flow management (service layer) and optical/microwave network equipment integration (infras-tructure layer) by adapting new data models. TeraFlow will also incorporate security using Machine Learning (ML) and forensic evidence for multi-tenancy based on Distributed Ledgers. Finally, this new SDN controller shall be able to integrate with the current Network Function Virtualization (NFV) and Multi-access Edge Computing (MEC) frameworks as well as to other networks. The target pool of TeraFlow stakeholders expands beyond the traditional telecom operators towards edge and hyperscale cloud providers.

Network interface cards (NICs) are fundamental components of modern high-speed networked systems, supporting multi-100 Gbps speeds and increasing programmability. Offloading computation from a server’s CPU to a NIC frees a substantial amount of the server’s CPU resources, making NICs key to offer competitive cloud services. Therefore, understanding the performance benefits and limitations of offloading a networking application to a NIC is of paramount importance. In this paper, we measure the performance of four different NICs from one of the largest NIC vendors worldwide, supporting 100 Gbps and 200 Gbps. We show that while today’s NICs can easily support multi-hundred-gigabit throughputs, performing frequent update operations of a NIC’s packet classifier—as network address translators (NATs) and load balancers would do for each incoming connection—results in a dramatic throughput reduction of up to 70 Gbps or complete denial of service. Our conclusion is that all tested NICs cannot support high-speed networking applications that require keeping track of a large number of frequently arriving incoming connections. Furthermore, we show a variety of counter-intuitive performance artefacts including the performance impact of using multiple tables to classify flows of packets.

There is a lack of a single architecture specification that addresses the needs of trusted and secure Artificial Intelligence systems with humans in the loop, such as human-centered manufacturing systems at the core of the evolution towards Industry 5.0. To realize this, we propose an architecture that integrates forecasts, Explainable Artificial Intelligence, supports collecting users' feedback, and uses Active Learning and Simulated Reality to enhance forecasts and provide decision-making recommendations. The architecture security is addressed at all levels. We align the proposed architecture with the Big Data Value Association Reference Architecture Model. We tailor it for the domain of demand forecasting and validate it on a real-world case study.

This chapter addresses the integration of artificial intelligence (AI) in manufacturing environments with a focus on security. It identifies existing gaps and proposes solutions to enhance safety and trustworthiness in industrial settings. The discussion includes AI-driven predictive maintenance, anomaly detection, and the implementation of secure communication protocols.

Addressing cyber and privacy risks has never been more critical for organisations. While a number of risk assessment methodologies and software tools are available, it is most often the case that one must, at least, integrate them into a holistic approach that combines several appropriate risk sources as input to risk mitigation tools. In addition, cyber risk assessment primarily investigates cyber risks as the consequence of vulnerabilities and threats that threaten assets of the investigated infrastructure. In fact, cyber risk assessment is decoupled from privacy impact assessment, which aims to detect privacy-specific threats and assess the degree of compliance with data protection legislation. Furthermore, a Privacy Impact Assessment (PIA) is conducted in a proactive manner during the design phase of a system, combining processing activities and their inter-dependencies with assets, vulnerabilities, real-time threats and Personally Identifiable Information (PII) that may occur during the dynamic life-cycle of systems. In this paper, we propose a cyber and privacy risk management toolkit, called AMBIENT (Automated Cyber and Privacy Risk Management Toolkit) that addresses the above challenges by implementing and integrating three distinct software tools. AMBIENT not only assesses cyber and privacy risks in a thorough and automated manner but it also offers decision-support capabilities, to recommend optimal safeguards using the well-known repository of the Center for Internet Security (CIS) Controls. To the best of our knowledge, AMBIENT is the first toolkit in the academic literature that brings together the aforementioned capabilities. To demonstrate its use, we have created a case scenario based on information about cyber attacks we have received from a healthcare organisation, as a reference sector that faces critical cyber and privacy threats.

As the upsurge of information and communication technologies has become the foundation of all modern application domains, fueled by the unprecedented amount of data being processed and exchanged, besides security concerns, there are also pressing privacy considerations that come into play. Compounding this issue, there is currently a documented gap between the cybersecurity and privacy risk assessment (RA) avenues, which are treated as distinct management processes and capitalise on rather rigid and make-like approaches. In this paper, we aim to combine the best of both worlds by proposing the APSIA (Automated Privacy and Security Impact Assessment) methodology, which stands for Automated Privacy and Security Impact Assessment. APSIA is powered by the use of interdependency graph models and data processing flows used to create a digital reflection of the cyber-physical environment of an organisation. Along with this model, we present a novel and extensible privacy risk scoring system for quantifying the privacy impact triggered by the identified vulnerabilities of the ICT infrastructure of an organisation. We provide a prototype implementation and demonstrate its applicability and efficacy through a specific case study in the context of a heavily regulated sector (i.e., assistive healthcare domain) where strict security and privacy considerations are not only expected but mandated so as to better showcase the beneficial characteristics of APSIA. Our approach can complement any existing security-based RA tool and provide the means to conduct an enhanced, dynamic and generic assessment as an integral part of an iterative and unified risk assessment process on-the-fly. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that such holistic security and privacy mechanisms can reach their full potential towards solving this conundrum.

In the face of an increasing attack landscape, it is necessary to cater for efficient mechanisms to verify software and device integrity for detecting run-time modifications in next-generation systems-of-systems. In this context, remote attestation is a promising defense mechanism that allows a third party, the verifier, to ensure a remote device’s configuration integrity and behavioural execution correctness. However, most of the existing families of attestation solutions suffer from the lack of software-based mechanisms for the efficient extraction of rigid control-flow information. This limits their applicability to only those cyber-physical systems equipped with additional hardware support. This paper proposes a multi-level execution tracing framework capitalizing on recent software features, namely the extended Berkeley Packet Filter and Intel Processor Trace technologies, that can efficiently capture the entire platform configuration and control-flow stacks, thus, enabling wide attestation coverage capabilities that can be applied on both resource-constrained devices and cloud services. Our goal is to enhance run-time software integrity and trustworthiness with a scalable tracing solution eliminating the need for federated infrastructure trust.

Recent efforts have made substantial progress towards realizing next-generation smart-connectivity “Systems-of-Systems” (SoS). These systems have evolved from local, standalone systems into safe and secure solutions distributed over the continuum from cyber-physical end devices, to edge servers and cloud facilities. The core pillar in such ecosystems is the establishment of a 5G infrastructure capable of managing service graph chains with embedded trust [1] comprising both resource-constrained devices, running at the edge, but also microservice technologies (e.g., Docker, LXC)

Vehicular networks rely on Public Key Infrastructure (PKIs) to generate long-term and short-term pseudonyms that protect vehicle's privacy. Instead of relying on a complex and centralized ecosystem of PKI entities, a more scalable solution is to rely on Direct Anonymous Attestation (DAA) and the use of Trusted Computing elements. In particular, revocation based on DAA is very attractive in terms of efficiency and privacy: it does not require the use of Certificate Revocation Lists (CRLs) and revocation authorities can exclude misbehaving participants from a V2X system without resolving (i.e. learning) their long-term identity. In this paper, we present a novel revocation protocol based on the use of DAA and showcase a detailed design and modeling of the implementation on a real TPM platform in order to demonstrate its significant performance improvements compared to existing solutions.

With the rapidly evolving next-generation systems-of-systems, we face new security, resilience, and operational assurance challenges. In the face of the increasing attack landscape, it is necessary to cater to efficient mechanisms to verify software and device integrity to detect run-time modifications. Towards this direction, remote attestation is a promising defense mechanism that allows a third party, the verifier, to ensure a remote device's (the prover's) integrity. However, many of the existing families of attestation solutions have strong assumptions on the verifying entity's trustworthiness, thus not allowing for privacy preserving integrity correctness. Furthermore, they suffer from scalability and efficiency issues. This paper presents a lightweight dynamic configuration integrity verification that enables inter and intra-device attestation without disclosing any configuration information and can be applied on both resource-constrained edge devices and cloud services. Our goal is to enhance run-time software integrity and trustworthiness with a scalable solution eliminating the need for federated infrastructure trust.

As lightweight embedded devices become increasingly ubiquitous and connected, they present a disturbing target for adversaries circumventing the gates of cryptography. We consider the challenge of exfiltrating and locating cryptographic keys from the run-time environment of software-based services when their software layout and data structures in memory are unknown. We detail an attack that can, without affecting the system’s operation, exfiltrate keys in use promptly by leveraging the strong causality between transceivers and keyed cryptosystems (authentication, authorization, and encryption). We then propose how to effectively and efficiently reduce the key material’s search space from a batch of stackshots (stack extractions) by leveraging the stack’s innate composition, which, to the best of our knowledge, is the first method to systematically infer and reduce the search space of semi-arbitrary keys. We instantiate and evaluate our attack against MSP430 micro-controllers.

The advent of IoT edge devices has enabled the collection of rich datasets, as part of Mobile Crowd Sensing (MCS), which has emerged as a key enabler for a wide gamut of safety-critical applications ranging from traffic control, environmental monitoring to assistive healthcare. Despite the clear advantages that such unprecedented quantity of data brings forth, it is also subject to inherent data trustworthiness challenges due to factors such as malevolent input and faulty sensors. Compounding this issue, there has been a plethora of proposed solutions, based on the use of traditional machine learning algorithms, towards assessing and sifting faulty data without any assumption on the trustworthiness of their source. However, there are still a number of open issues: how to cope with the presence of strong, colluding adversaries while at the same time efficiently managing this high influx of incoming user data. In this work, we meet these challenges by proposing the hybrid use of Deep Learning schemes (i.e., LSTMs) and conventional Machine Learning classifiers (i.e. One-Class Classifiers) for detecting and filtering out false data points. We provide a prototype implementation coupled with a detailed performance evaluation under various (attack) scenarios, employing both real and synthetic datasets. Our results showcase how the proposed solution outperforms various existing resilient aggregation and outlier detection schemes.

A key component in building trusted computing services is a highly secure anchor that serves as a Root-of-Trust (RoT). There are several works that conduct formal analysis on the security of such commodity RoTs (or parts of it), and also a few ones devoted to verifying the trusted computing service as a whole. However, most of the existing schemes try to verify security without differentiating the internal cryptography mechanisms of the underlying hardware token from the client application cryptography. This approach limits, to some extent, the reasoning that can be made about the level of assurance of the overall system by automated reasoning tools. In this work, we present a methodology that enables the use of formal verification tools towards verifying complex protocols using trusted computing. The focus is on reasoning about the overall application security, provided from the integration of the RoT services, and how these can translate to larger systems when the underlying cryptographic engine is considered perfectly secure. Using the Tamarin prover, we demonstrate the feasibility of our approach by instantiating it for a TPM-based remote attestation service, which is one of the core security services needed in today’s increased attack landscape.

It is our great pleasure to welcome you to the 3rd Workshop on Cyber-Security Arms Race (CYSARM)! This year we are thrilled to continue chairing this workshop at a prestigious venue as the ACM Conference on Computer and Communications Security (CCS). Although CYSARM is at the early phases (this year marks the third edition of this workshop), the workshop is already fostering collaboration among researchers and practitioners to discuss the various facets and trade-offs of cyber-security. Being the first workshop of its kind, CYSARM benefits the cyber-security community by addressing novel (and often controversial) topics in cyber-security, such as trade-offs and double-edged sword techniques. Beyond the study of cyber-security, privacy and trust as standalone components, it is also important to look at how to balance their trade-offs especially when it comes to several contradicting requirements, such as security vs privacy, security vs trust, and security vs usability. CYSARM considers all complex facets and double-edged sword aspects of the cyber-security ecosystem, in particular, how new technologies and algorithms might impact the cyber-security of existing or future models and systems.

The emergence of the Industrial Internet of Things paves the way for enhancing the real-time monitoring capabilities of contemporary factories. This can be materialised through sensors collecting data which can be further analysed. This paradigm enables the detection of indicators concerning systems’ degradation and facilitates corrective actions to be performed ahead of time. In this paper, we propose a damage prediction framework exploiting data that are coming from the core IT system in a steel industry use case. The novelty of our approach lies in the exploitation of Deep Learning techniques over streaming operational sensor data. To evaluate the framework, real-life data are collected and analysed based on daily operational activities enriched with the Remaining Useful Life (RUL). The Remaining Useful Life is automatically computed. We also periodically align the damage attribute, which is recorded in the planned activities and is performed by the maintenance engineers. We demonstrate the framework’s potential by conducting a quantitative and qualitative analysis to timely identify rare events based on historical data and predict dynamic behavioural changes in the manufacturing settings.

The convergence of HPC and Big Data along with the influence of Cloud are playing an important role in the democratization of HPC. The increasing needs of Data Analytics in computational power has added new fields of interest for the HPC facilities but also new problematics such as interoperability with Cloud and ease of use. Besides the typical HPC applications, these infrastructures are now asked to handle more complex workflows combining Machine Learning, Big Data and HPC. This brings challenges on the resource management, scheduling and environment deployment layers. Hence, enhancements are needed to allow multiple frameworks to be deployed under common system management while providing the right abstraction to facilitate adoption. This paper presents the architecture adopted for the parallel and distributed execution management software stack of Cybele EU funded project which is put in place on production HPC centers to execute hybrid data analytics workflows in the context of precision agriculture and livestock farming applications. The design is based on: Kubernetes as a higher level orchestrator of Big Data components, hybrid workflows and a common interface to submit HPC or Big Data jobs; Slurm or Torque for HPC resource management; and Singularity containerization platform for the dynamic deployment of the different Data Analytics frameworks on HPC. The paper showcases precision agriculture workflows being executed upon the architecture and provides some initial performance evaluation results and insights for the whole prototype design.

According to McKinsey & Company, about a third of food produced is lost or wasted every year, amounting to a $940 billion economic hit. Inefficiencies in planting, harvesting, water use, reduced animal contributions, as well as uncertainty about weather, pests, consumer demand and other intangibles contribute to the loss. Precision Agriculture (PA) and Precision Livestock Farming (PLF) come to assist in optimizing agricultural and livestock production and minimizing the wastes and costs aforementioned. PA is a technology-enabled, data-driven approach to farming management that observes, measures, and analyzes the needs of individual fields and crops. PLF is also a technology-enabled, data-driven approach to livestock production management, which exploits technology to quantitatively measure the behavior, health and performance of animals. Big data delivered by a plethora of data sources related to these domains, has a multitude of payoffs including precision monitoring of fertilizer and fungicide levels to optimize crop yields, risk mitigation that results from monitoring when temperature and humidity levels reach dangerous levels for crops, increasing livestock production while minimizing the environmental footprint of livestock farming, ensuring high levels of welfare and health for animals, and more. By adding analytics to these sensor and image data, opportunities also exist to further optimize PA and PLF by having continuous data on how a field or the livestock is responding to a protocol. For these domains, two main challenges exist: 1) to exploit this multitude of data facilitating dedicated improvements in performance, and 2) to make available advanced infrastructure so as to harness the power of this information in order to benefit from the new insights, practices and products, efficiently time-wise, lowering responsiveness down to seconds so as to cater for time-critical decisions. The current paper aims to introduce CYBELE, a platform aspiring to safeguard that the stakeholders involved in the agri-food value chain (research community, SMEs, entrepreneurs, etc.) have integrated, unmediated access to a vast amount of very large scale datasets of diverse types and coming from a variety of sources, and that they are capable of actually generating value and extracting insights out of these data, by providing secure and unmediated access to large-scale High Performance Computing (HPC) infrastructures supporting advanced data discovery, processing, combination and visualization services, solving computationally-intensive challenges modelled as mathematical algorithms requiring very high computing power and capability.

Over the last years, the impacts of the evolution of information integration, increased automation and new forms of information management are also evident in the aviation industry that is disrupted also by the latest advances in sensor technologies, IoT devices and cyber-physical systems and their adoption in aircrafts and other aviation-related products or services. The unprecedented volume, diversity and richness of aviation data that can be acquired, generated, stored, and managed provides unique capabilities for the aviation-related industries and pertains value that remains to be unlocked with the adoption of the innovative Big Data Analytics technologies. The big data technologies are focused on the data acquisition, the data storage and the data analytics phases of the big data lifecycle by employing a series of innovative techniques and tools that are constantly evolving with additional sophisticated features, while also new techniques and tools are frequently introduced as a result of the undergoing research activities. Nevertheless, despite the large efforts and investments on research and innovation, the Big Data technologies introduce also a number of challenges to its adopters. Besides the effective storage and access to the underlying big data, efficient data integration and data interoperability should be considered, while at the same time multiple data sources should be effectively combined by performing data exchange and data sharing between the different stakeholders that own the respective data. However, this reveals additional challenges related to the crucial preservation of the information security of the collected data, the trusted and secure data exchange and data sharing, as well as the robust access control on top of these data. The current paper aims to introduce the ICARUS big data-enabled platform that aims provide a multi-sided platform that offers a novel aviation data and intelligence marketplace accompanied by a trusted and secure “sandboxed” analytics workspace. It holistically handles the complete big data lifecycle from the data collection, data curation and data exploration to the data integration and data analysis of data originating from heterogeneous data sources with different velocity, variety and volume in a trusted and secure manner.

The next generation of telecommunication networks will integrate the latest developments and emerging advancements in telecommunications connectivity infrastructures. In this article, we discuss the transformation and convergence of the fifth-generation (5G) mobile network and the internet of things technologies, toward the emergence of the smart sixth-generation (6G) networks which will employ AI to optimize and automate their operation.

The work reports the developed planning algorithms for optimum resource allocation over a dynamic 5G infrastructure, addressing all involved types of system resources, from the radio access domain to the MEC domain through the Optical Distribution Network (ODN). A modular modelling design is adopted considering these three domains. In that manner, allocation is composed of three optimization phases, which are executed sequentially and ensure optimal end-to-end allocation of resources. The first allocation phase focuses on the over-the-air resources, which are directly assigned to the 5G mobile users. The key entities for radio access are the Remote Radio Heads (RRHs), which are placed at the edge of the network fronthaul and provide wireless communication slots to the User Equipment (UE). Beamforming capabilities are also assumed allowing each RRH to support simultaneous and independent transmission of multiple directed beams to provide high quality targeted coverage. The resource allocation scheme is responsible for assigning subchannels within specific beams to address the bandwidth requirements of the requested services. The translation from the requested data-rate and the allocated bandwidth is based on the characteristics of 3GPP New Radio (NR) standard. Furthermore, the radio resource allocation process is responsible for assigning different bands for optimal frequency reuse within the available spectrum and avoids interference. The formulated ILP optimization problem, which is solvable in close to real-time due to its low computational complexity, allows dynamic adaptation to requests and resources, with a target to minimize energy consumption. The latter is achievable through the aggregation of wireless resources into individual beams and RRHs. In order to further enhance this process, an RRH prioritization algorithm is introduced for weighting the candidate allocations.

The offering of demanding telecommunication services as promised by the 5G specifications raise the necessity for high capacity, flexible, adaptive, and power conserving fronthaul. Toward this goal, the role of the passive optical network which is responsible for interconnecting the central office (CO) with the cell-sites is crucial. Among the latest related technologies that need to be integrated in the context of the next generation passive optical networks (NGPONs), the most promising for increasing the provided bandwidth, is the optical spatial multiplexing. In this paper, we present the key 5G technologies, focusing on spatial division multiplexing, which constitutes the main innovation of the blueSPACE 5G Infrastructure Public Private Partnership (5G PPP) project. Exploiting the recent developments on multicore fibers (MCFs), optical beamforming networks (OBFNs), analog radio over fiber (ARoF), and spatial-spectral resources granularity in the context of Spectrally Spatially Flexible Optical Networks (SS-FONs), we describe a complete approach for the 5G fronthaul, emphasizing on the efficient allocation of optical resources while aiming at minimizing energy consumption. The modeled optimization problem is thoroughly presented, and the introduced scheme is evaluated through a real-world based simulation scenario, exhibiting quite promising results.

The blueSPACE project focuses on the study of innovative technologies to overcome the limitations of current fronthaul networks. The key technology proposed is space-division multiplexing, which makes it possible to increase the capacity available in conventional single-mode fibers, effectively encompassing this capacity to the forecasted bandwidth demands imposed by 5G mobile communications. In this paper, we present the innovative optical fronthaul infrastructure proposed in the project and the tailored extensions to the European Telecommunications Standards Institute network function virtualization management and orchestration architecture for this enhanced infrastructure together with practical implementation considerations.

Health sector is becoming more and more dependent on digital information every day. This fact can be exploited by cyber criminals who may obtain very lucrative benefits from stolen data. Moreover, a breach of integrity of health data can have terrible consequences for the patients. CUREX project aims to protect the confidentiality of health data and to maintain its integrity by producing a novel, flexible and scalable situational awareness-oriented platform. CUREX has been conceived as GDPR compliant by design. This design has been thought as a decentralised architecture enhanced with a private blockchain infrastructure. Thus, it ensures the integrity of the risk assessment process and of all data transactions.

This paper presents the SECONDO framework to assist organizations with decisions related to cybersecurity investments and cyber-insurance. The platform supports cybersecurity and cyber-insurance decisions by implementing and integrating a number of software components. SECONDO operates in three distinct phases: (i) cyber-physical risk assessment and continuous monitoring; (ii) investment-driven optimized cyber-physical risk control; and (iii) blockchain-enabled cyber-insurance contract preparation and maintenance. Insurers can leverage SECONDO functionalities to actively participate in the management of cyber-physical risks of a shipping company to reduce their insured risk.

Current technologies provide the ability to healthcare practitioners and citizens, to share and analyse healthcare information, thus improving the patient care quality. Nevertheless, European Union (EU) citizens have very limited control over their own health data, despite that several countries are using national or regional Electronic Health Records (EHRs) for realizing virtual or centralized national repositories of citizens’ health records. Health Information Exchange (HIE) can greatly improve the completeness of patients’ records. However, most of the current researches deal with exchanging health information among healthcare organizations, without giving the ability to the citizens on accessing, managing or exchanging healthcare data with healthcare organizations and thus being able to handle their own data, mainly due to lack of standardization and security protocols. Towards this challenge, in this paper a secure Device-to-Device (D2D) protocol is specified that can be used by software applications, aiming on facilitating the exchange of health data among citizens and healthcare professionals, on top of Bluetooth technologies.