by Matteo Merialdo – Project Implementation Manager, RHEA Group

Our adventure started in February 2019, with a successful kick-off on a sunny day in Brussels, involving more than 100 people from all the partners.

Technical activities started immediately, focusing on use case analysis, transversal and inter-sector requirements and challenges elicitation, as the foundation of all ECHO activities. Many complex scenarios (single, multi and inter-sector) have been elicited with the strict collaboration of our industrial end user covering Energy, Maritime and Healthcare sectors. Given the industrial liaisons of several organizations of the Consortium, also Space has been added as Secondary Sector to the scenarios analysis.

Communication and dissemination activities were fastened, with a preliminary version of leaflets and website just before mid-February 2019, while now we are developing the third version. A strong management structure has been put in place to support the overall development of the project: the ECHO Consortium is now behaving almost as a single organization, with more than 350 active personnel involved in many different activities. The ECHO Network Governance Model, developed as one of the first activities, is improving the traditional Grant Agreement structure in order to improve collaboration and outputs.

During the first eighteen months, a specific effort  was made to define and conceptualize the idea of ‘ECHO Assets’: the main outputs of ECHO to be provided as technologies or services to the EU community. ECHO assets  will be subject to market and exploitation analysis and are monitored from an IPR perspective.

The Consortium identified the following as ECHO assets:

The ECHO Early Warning System

E-EWS is already accessible to all ECHO partners and to any new interested party: the team is performing a full validation of the functionalities and working with fast pace on the development of the missing features for the first complete release in January 2021. Since E-EWS will be offered as a Service, any interested party is welcome to join us and participate to the platform!

The ECHO Federated Cyber Range

The development of the E-FCR is progressing following expectation: the team is starting the testing phase since the most important functionalities have been developed. The E-FCR will leverage a Marketplace where cyber range providers will be able to publish their services, and a pooling & sharing system to interconnect capacities and capabilities of different cyber ranges to provide more complex services. In addition, the team developed a Scenario Description Language in order to provide a single mean to express cyber range services. The E-FCR will be open, as a Service, for Content and Cyber Range Providers worldwide. Any interested party is welcome to join ECHO and leverage of the E-FCR!

As part of the cyber range activities, many ECHO cyber range are being implemented: by 2021, 12 ECHO cyber ranges will be active and part of the Federation, including healthcare, energy and maritime (ship emulations) implementations.

ECHO Early Prototypes

Seven prototypes, solving several identified EU cybersecurity challenges, are actually in development:

  •         Penetration Testing tool
  •         Trust & Quality Metrics
  •         CyMS CVE Strainer
  •         SNORT module
  •         CTI extractor
  •         MonSys

Other 6 prototypes will be developed on a second batch of tools: the Consortium will leverage on its cyber ranges to provide R&D environments to test and validate the tools. ECHO is happy to join forces with any organization interested on developing innovative tools: we will provide support and guidance as part of our collaborative vision for EU cyber strategic autonomy!

ECHO social dimension, branding and future Services

We increased our presence in the social media, on the Internet and in the wider EU cyber-security community with multiple dissemination and communication initiatives, often in coordination with the other pilot projects (Concordia, Sparta, and Cybersec4Europe): the ECHO Network is ready to be enlarged and the ECHO Network piloting phase started at M13, with new partners considered to enter the network. We recently offer also the possibility for single researchers to join the Network!

In general, the first eighteen months of the project have been intense but productive: acting as a single organization, we are matching all our objectives, with a very dedicated focus on tangible outputs. For the next period, we will focus on consolidating the results and building complete exploitation strategy to support identified ECHO Network Services based on the ECHO assets:

  •         ECHO Cybersecurity Governance Services
  •         ECHO Early Warning System Service
  •         ECHO Cybersecurity Certification Scheme Service
  •         ECHO Multi-Sector Assessment Framework Service
  •         ECHO Federated Cyber Range Service
  •         ECHO Cyber Skills Framework Service