SESAME targets innovations around three central elements in 5G: the placement of network intelligence and applications in the network edge through Network Functions Virtualisation (NFV) and Edge Cloud Computing; the substantial evolution of the Small Cell concept, already mainstream in 4G but expected to deliver its full potential in the challenging high dense 5G scenarios; and the consolidation of multi-tenancy in communications infrastructures, allowing several operators/service providers to engage in new sharing models of both access capacity and edge computing capabilities. SESAME proposes the Cloud-Enabled Small Cell (CESC) concept, a new multi-operator enabled Small Cell that integrates a virtualised execution platform (i.e., the Light DC) for deploying Virtual Network Functions (NVFs), supporting powerful self-x management and executing novel applications and services inside the access network infrastructure. The Light DC will feature low-power processors and hardware accelerators for time critical operations and will build a high manageable clustered edge computing infrastructure. This approach will allow new stakeholders to dynamically enter the value chain by acting as 'host-neutral' providers in high traffic areas where densification of multiple networks is not practical. The optimal management of a CESC deployment is a key challenge of SESAME, for which new orchestration, NFV management, virtualisation of management views per tenant, self-x features and radio access management techniques will be developed. After designing, specifying and developing the architecture and all the involved CESC modules, SESAME will culminate with a prototype with all functionalities for proving the concept in relevant use cases. Besides, CESC will be formulated consistently and synergistically with other 5G-PPP components through coordination with the corresponding projects.

Nowadays, cybercrime is one of the most relevant and critical threats to both the economy and society in Europe. Establishing efficient and effective ways to protect services and infrastructures from ever-evolving cyber threats is crucial for sustaining business integrity and reputation as well as protecting personal and sensitive data. To that end, the SHIELD project proposes a universal solution for dynamically establishing and deploying virtual security infrastructures into ISP and corporate networks. SHIELD builds on the huge momentum of Network Functions Virtualisation (NFV), as currently standardised by ETSI, in order to virtualise security appliances into virtual Network Security Functions (vNSFs), to be instantiated within the network infrastructure using NFV technologies and concepts, effectively monitoring and filtering network traffic in a distributed manner. Logs and metrics from vNSFs are aggregated into an information-driven Data Analysis and Remediation Engine (DARE), which leverages state-of-the-art big data storage and analytics in order to predict specific vulnerabilities and attacks by analysing the network and understanding the adversary possibilities, behaviour and intent. The SHIELD virtual security infrastructure can either used by the ISP internally for network monitoring and protection, but it can also be offered as-a-service to ISP customers; for this purpose, SHIELD establishes a “vNSF Store”, i.e. a repository of available virtual security functions (firewalls, DPIs, content filters etc.) from which the ISP customers can select the ones which best match their needs and deploy them to protect their infrastructure. This approach promotes openness and interoperability of security functions and offers an affordable, zero-CAPEX security solution for citizens and SMEs. Moreover, SHIELD services can be easily scaled up or down, configured and upgraded according to customers’ needs, as opposed to security solutions based on monolithic hardware.

5G ESSENCE addresses the paradigms of Edge Cloud computing and Small Cell as a Service by fuelling the drivers and removing the barriers in the Small Cell market, forecasted to grow at an impressive pace up to 2020 and beyond and to play a key-role in the 5G ecosystem. 5G ESSENCE provides a highly flexible and scalable platform,able to support new business models and revenue streams by creating a neutral host market and reducing operational costs by providing new opportunities for ownership, deployment,toperation and amortisation. The technical approach exploits the benefits of the centralisation of Small Cell functions as scale grows through an edge cloud environment based on a two-tier architecture: a first distributed tier for providing low latency services and a second centralised tier for providing high processing power for computing-intensive network applications. This allows decoupling the control and user planes of the Radio Access Network (RAN) and achieving the benefits of Cloud-RAN without the enormous fronthaul latency restrictions. The use of end-to-end network slicing mechanisms will allow sharing the 5G ESSENCE infrastructure among multiple operators/vertical industries and customising its capabilities on a per-tenant basis. The versatility of the architecture is enhanced by high-performance virtualisation techniques for data isolation, latency reduction and resource efficiency, and by orchestrating lightweight virtual resources enabling efficient Virtualised Network Function placement and live migration. 5G ESSENCE leverages knowledge, SW modules and prototypes from various 5G-PPP Phase-1 projects,SESAME being particularly relevant. Building on these foundations, very ambitious objectives are targeted, culminating with the prototyping and demonstration of 5G ESSENCE system in three real-life use cases associated to vertical industries, i.e., edge network acceleration in a crowded event, mission critical applications, and in-flight communications.

SMEs and MEs constitute a very large part of the economy and are thus integral to the EU’s economic growth and social development. However, they often have no systematic approach for ensuring digital security and 60% of them not being able to recover economically from a cyberattack. PALANTIR aims at bridging the gap between large enterprises and SMEs/MEs, by providing multi-layered, infrastructure-wide threat monitoring, cyber-resiliency and knowledge sharing in a heterogeneous ecosystem, while at the same time being able to market these services to third parties in the form of Security-as-a-service (SECaaS). PALANTIR will implement a coherent privacy assurance, data protection, incident detection and recovery framework, focusing on the case of highly dynamic service-oriented systems and networks, taking advantage of their inherent programmability features and abstractions. PALANTIR will also focus on cyber-resiliency leveraging the features of service-oriented systems key building features by a) applying and exploiting Network Functions Virtualization (NFV) and Software-Defined Networking (SDN) technologies; b) considering emerging paradigms such as the application of scalable artificial Intelligence, standardization and threat-sharing techniques to risk analysis, network operation, monitoring and management and c) ensuring the SME’s compliance with the relevant data privacy and protection regulations in the data breach age, implementing the «Privacy by Default» and the «Privacy by Design» principles on how personal data is collected, used, transferred and stored between 3rd party businesses and entities. The end result will be an evolving, expandable and unified framework, tailored to the individual needs of every SME and ME, reducing the complexity level of usual security tools while still being affordable and thus attractive for adoption.