SESAME targets innovations around three central elements in 5G: the placement of network intelligence and applications in the network edge through Network Functions Virtualisation (NFV) and Edge Cloud Computing; the substantial evolution of the Small Cell concept, already mainstream in 4G but expected to deliver its full potential in the challenging high dense 5G scenarios; and the consolidation of multi-tenancy in communications infrastructures, allowing several operators/service providers to engage in new sharing models of both access capacity and edge computing capabilities. SESAME proposes the Cloud-Enabled Small Cell (CESC) concept, a new multi-operator enabled Small Cell that integrates a virtualised execution platform (i.e., the Light DC) for deploying Virtual Network Functions (NVFs), supporting powerful self-x management and executing novel applications and services inside the access network infrastructure. The Light DC will feature low-power processors and hardware accelerators for time critical operations and will build a high manageable clustered edge computing infrastructure. This approach will allow new stakeholders to dynamically enter the value chain by acting as 'host-neutral' providers in high traffic areas where densification of multiple networks is not practical. The optimal management of a CESC deployment is a key challenge of SESAME, for which new orchestration, NFV management, virtualisation of management views per tenant, self-x features and radio access management techniques will be developed. After designing, specifying and developing the architecture and all the involved CESC modules, SESAME will culminate with a prototype with all functionalities for proving the concept in relevant use cases. Besides, CESC will be formulated consistently and synergistically with other 5G-PPP components through coordination with the corresponding projects.

The FORESIGHT project aims to develop a federated cyber-range solution to enhance the preparedness of cyber-security professionals at all levels and advance their skills towards preventing, detecting, reacting and mitigating sophisticated cyber-attacks. This is achieved by delivering an ecosystem of networked realistic training and simulation platforms that collaboratively bring unique cyber-security aspects from the aviation, smart grid and naval domains. The proposed platform will extend the capabilities of existing cyber-ranges and will allow the creation of complex cross-domain/hybrid scenarios to be built jointly with the IoT domain. Emphasis is given on the design and implementation of realistic and dynamic scenarios that are based on identified and forecasted trends of cyber-attacks and vulnerabilities extracted from cyber-threat intelligence gathered from the dark web; this will enable cyber-security professionals to rapidly adapt to an evolving threat landscape. The development of advanced risk analysis and econometric models will prove to be valuable in estimating the impact of cyber-risks, selecting the most appropriate and affordable security measures, and minimising the cost and time to recover from cyber-attacks. Innovative training curricula, guiding cyber-security professionals to implement and combine security measures using new technologies and established learning methodologies, will be created and employed for training needs; they will be linked to professional certification programs and be supported by learning platforms. Aside from the development of skills, the project aims at a holistic approach to cyber-threat management with the ultimate goal of cultivating a strong security culture. As such, the project puts considerable emphasis on research and development (i.e. research on cyber-threats, development of novel ideas, etc) as the key to increasing training dynamics and awareness methods for exceeding the rate of evolution of cyber-attackers

The smart energy ecosystem constitutes the next technological leap of the conventional electrical grid, providing multiple benefits such as increased reliability, better service quality and efficient utilization of the existing infrastructures. However, despite the fact that it brings beneficial environmental, economic and social changes, it also generates significant security and privacy challenges, as it includes a combination of heterogeneous, co-existing smart and legacy technologies. Based on this reality, the SDN-microSENSE project intends to provide a set of secure, privacy-enabled and resilient to cyberattacks tools, thus ensuring the normal operation of EPES as well as the integrity and the confidentiality of communications. In particular, adopting an SDN-based technology, SDN-microSENSE will develop a three-layer security architecture, by deploying and implementing risk assessment processes, self-healing capabilities, large-scale distributed detection and prevention mechanisms, as well as an overlay privacy protection framework. Firstly, the risk assessment framework will identify the risk level of each component of EPES, identifying the possible threats and vulnerabilities. Accordingly, in the context of self-healing, islanding schemes and energy management processes will be deployed, isolating the critical parts of the network in the case of emergency. Furthermore, collaborative intrusion detection tools will be capable of detecting and preventing possible threats and anomalies timely. Finally, the overlay privacy protection framework will focus on the privacy issues, including homomorphic encryption and anonymity processes

Delivering on the 5G promise of increased data rates, and ubiquitous coverages, poses stringent requirements on traditional vertically integrated operators. In particular, telecom operators are expected to massively roll out Small Cells, which requires finding appropriate urban spaces with both backhaul and energy availability. Network sharing becomes essential to unlock those commercial massive deployments. The open access model, or neutral host, will come to play a key role on the deployment of 5G networks, especially in urban scenarios where very dense Small Cell deploymens are required. In parallel recent trends are paving the way towards the development of new, heterogeneous and distributed cloud paradigms that significantly differ from today’s established cloud model: with edge computing, cloud architectures are pushed all the way to the edge of the network, close to the devices that produce and act on data. We posit that there are two sets of players perfectly poised to take advantage of both trends since they already own the infrastructure needed to build edge deployments: telecommunication providers and municipalities. 5GCity focuses on how common smart city infrastructure (i.e.,small cells and processing power at the very edge of networks) can bring benefit to both players based on resource sharing and end-to-end virtualization, pushing the cloud model to the extreme edge. 5GCity will design, develop, deploy and demonstrate a distributed cloud and radio platform for municipalities and infrastructure owners acting as 5G neutral hosts. 5GCity’s main aim is to build and deploy a common, multi-tenant, open platform that extends the (centralized) cloud model to the extreme edge of the network, with a demonstration in three different cities (Barcelona, Bristol and Lucca). 5GCity will directly impact a large and varied range of actors: (i) telecom providers; (ii) municipalities; and (iii) a number of different vertical sectors utilizing the city infrastructure

Nowadays, cybercrime is one of the most relevant and critical threats to both the economy and society in Europe. Establishing efficient and effective ways to protect services and infrastructures from ever-evolving cyber threats is crucial for sustaining business integrity and reputation as well as protecting personal and sensitive data. To that end, the SHIELD project proposes a universal solution for dynamically establishing and deploying virtual security infrastructures into ISP and corporate networks. SHIELD builds on the huge momentum of Network Functions Virtualisation (NFV), as currently standardised by ETSI, in order to virtualise security appliances into virtual Network Security Functions (vNSFs), to be instantiated within the network infrastructure using NFV technologies and concepts, effectively monitoring and filtering network traffic in a distributed manner. Logs and metrics from vNSFs are aggregated into an information-driven Data Analysis and Remediation Engine (DARE), which leverages state-of-the-art big data storage and analytics in order to predict specific vulnerabilities and attacks by analysing the network and understanding the adversary possibilities, behaviour and intent. The SHIELD virtual security infrastructure can either used by the ISP internally for network monitoring and protection, but it can also be offered as-a-service to ISP customers; for this purpose, SHIELD establishes a “vNSF Store”, i.e. a repository of available virtual security functions (firewalls, DPIs, content filters etc.) from which the ISP customers can select the ones which best match their needs and deploy them to protect their infrastructure. This approach promotes openness and interoperability of security functions and offers an affordable, zero-CAPEX security solution for citizens and SMEs. Moreover, SHIELD services can be easily scaled up or down, configured and upgraded according to customers’ needs, as opposed to security solutions based on monolithic hardware.