This document provides the outline of the procedures to be followed to support the quality assurance process for every deliverable produced by FORTIKA. The main body of this report summarizes the project facts, namely the project’s work breakdown, its interdependencies, and the project timetable regarding deliverables and milestones, along with responsible partners. Afterwards, the planned progress on a management level is described. The purpose of this deliverable is to provide the consortium with all the information on the quality management process, risk assessment, contingency planning and to encompass the efforts of the project coordinator and the beneficiaries. The deliverable starts with a description of the Quality Plan, which covers the procedures for assessing the progress of the work within the project, along with corrective actions and contingency planning in case of deviations. The goal is to define policies and procedures that will assure that the consortium members will act in a coordinated way and that necessary quality levels will be met. The scope of the quality plan is to set the quality standards for FORTIKA and circulate the message for excellence in the deliverable reports. Subsequently, Risk Assessment along with Contingency Planning is provided. The method-ology selected (EFMEA), after examining the existing risk analysis methods and considering FORTIKA needs, is thoroughly described introducing variables such as Severity (S), Occurrence (O), Detectability (D) and Recoverability (R) for each risk. Detailed tables are presented containing all identified risks, classified into categories highlighting the most critical of them, i.e. the ones which could have a clear impact on the project and its completion. Mitigation plans are defined for all risks and a total risk estimate is calculated for the whole project both before and after taking them into account. The final results of the risk analysis indicate that FORTIKA is not a risky project.

This deliverable, corresponding to Task 1.3 of the FORTIKA project, describes the way Intellectual Property Rights (IPR) are handled within the project. It summarizes the IPR framework agreement, as outlined in the Grant Agreement, that provides the status of the foreground Intellectual Property that will be generated during the project’s lifecycle and provides a detailed report for the IPR policy of the project.

This document presents the revised 2nd version of the project’s Data Management Plan (DMP). It tracks the modifications and updates of the DMP as reported on Month 36. It presents the modified datasets and the new datasets, in comparison to the datasets presented in the first version of the DMP (D1.4). This deliverable was initially submitted on M24 according to relevant recommendations of the reviewers in the frame of the 1st Project Review. Following the 2nd Project Review, the reviewers recommended that the consortium should contribute to the definition of the Data Management Plan and to the monitoring of the FORTIKA security challenges as there is not mention such contribution from the Security Advisory Board in the initial version of deliverable D1.6. The consortium implemented this recommendation and the results of this effort are reported in the current revised version of D1.6. The definition of datasets of each partner was prepared by the FORTIKA Security Officer of the respective partner. The Security Officers are the members that constitute the Security Advisory Board (SAB). The consortium prepared the current revised version of D1.6 with all updates regarding the Data Management Plan (DMP). The SAB elaborated on the most recent developments regarding the DMP and discussed all relevant issues in a SAB plenary session held via teleconferencing on 28 April 2020. In Annex 3 of this report, we summarize the outcomes of this discussion and the actions decided by the Security Advisory Board relevant to the monitoring of FORTIKA security challenges. The members of the SAB performed the security scrutiny procedures for all datasets, including both the old ones reported in D1.4, as well as the updated ones included in this version of D1.6. Further, they examined also the datasets provided by other partners, in regard of potential security challenges and risks. The DMP provides an analysis of the various datasets produced by the project and the main elements of the data management policy that used by the beneficiaries, in respect with all these datasets generated by the project. This version of the document reflects the current state of the datasets paving the way for further updates during the lifecycle of the project. In particular, within this document the methods & conventions, as well as the recommendations for categorising about the use, manipulation and inclusion of data sets in the FORTIKA project. Moreover, it refers to regulatory aspects and operational information related to contact, personnel profiles details and about the ownership of the data within the project. Finally, it serves as a guide for the participants of the EU funded FORTIKA Project about the data lifecycle with respect to the creation, identification, caption and description, storage, preservation (including security and privacy), accessibility, discovery and analysis, re-use and transformation of data in the context of the different deployment sites. In addition, this deliverable presents two questionnaires targeted on a systematic codification of General Data Protection Regulation (GDPR) requirements, tailored to operate as a tool for validating the compliance of the FORTIKA results to GDPR provisions. The two questionnaires developed by OBRELA. They provide the means to examine the conformance of FORTIKA results to the requirements of GDPR. Thus, they are essential part of the DMP, as they provide the means to verify the conformance of the way that FORTIKA treats data. The two questionnaires, referred collectively as the GDPR questionnaires, are:

1. The Cybersecurity Questionnaire
2. The Privacy by Design & Privacy by Default Questionnaire

They presented in Annexes 1 and 2 of this report.

This deliverable, corresponding to Task 1.3 of the FORTIKA project, describes the way Intellectual Property Rights (IPR) are handled within the project. It summarizes the IPR framework agreement, as outlined in the Grant Agreement, that provides the status of the foreground Intellectual Property that will be generated during the project’s lifecycle and provides a detailed report for the IPR policy of the project. The structure of this deliverable is similar to the one of its predecessor (D1.5). However, the content is different. The content in this deliverable is updated according to project developments. In Section 2 we present an overview of the IPR issues. In section 3 we present the IPR strategy in terms of IPR shares for jointly developed outcomes. The previous deliverable D1.5 presented IPR data for products developed by each partner separately as they conceived on M9. Deliverable D1.7 was initially submitted on M24 according to the recommendations of the 1st Project Review Report. In this initial version of deliverable D1.7 (section 3.1) the IPR shares were presented by means of the respective tables that depicted potential exploitable results/assets of FORTIKA, jointly developed by two or more partners, as they conceived on M24. After the 2nd Project Review the reviewers suggested to give the topic of intellectual property protection sufficient attention and it is expected that in the next reporting phase the partners will inform about the IPR decisions regarding the concrete results they produce. In order to address this recommendation the developer partners elaborated on the anticipated results and the respective IPR shares. The outcomes of this process are presented in the current revised version of D1.7. A set of independent exploitable assets resulted from FORTIKA has been redefined and the IPR shares for these assets were estimated. Further, a set of proposed differentiated potential FORTIKA products was defined and the IPR shares for them have been estimated too. These are marketable solutions that are comprised by different combinations of the independent exploitable assets.

A legal analysis of all the FORTIKA Use Cases takes place under this report. In order to do so the results and findings of D2.1.1 are taken into consideration, and are subsequently particularised and customised under each Use Case’s circumstances. In this context a common legal axis of analysis is utilised, with the aim to derive concrete, actionable items addressed to Use Case leaders and participating partners in view of their optimal legal compliance with the applicable legal framework.

This report aims at providing legal guidance and support while elaborating upon and finalizing the FORTIKA business model, prior to its implementation in practice. This was considered of critical importance, in view of the fact that the FORTIKA solution is heavily dependent of applicable regulatory requirements. In this way, difficulties will be avoided and potential advantages will be identified in a timely manner. This analysis takes into account work performed under this WP2 (namely D2.1 and D2.2.1), and aims to particularise and customize its findings onto the FORTIKA business model requirements.

This report is the updated legal analysis of all the FORTIKA Use Cases. At the Project Officer’s request, instead of it being submitted on M36 of the Project it has been brought forward to M24. In assessing the FORTIKA Use Cases under a legal perspective the following have been taken into consideration:

• FORTIKA Use Cases deployment;
• FORTIKA Security Advisory Board questionnaires (relevant to Use Cases);
• The applicable legal framework (namely, the General Data Protection Regulation and the NIS Directive, as complemented by secondary legislation or other, official, guidance);
• Findings of D2.1.1;
• The axis of analysis of D2.2.1;
• Guidance to Use Case Leaders provided during Project execution.

This report is the updated, and final, legal analysis and evaluation of the FORTIKA business model, prior to its implementation in practice. A first, preliminary assessment has been carried out on M12 of the project’s term, under report D.2.3; In addition, this report takes into account reports D2.1 and D2.6 on the general regulatory framework for the FORTIKA project, as well as, D2.2 and D2.7 on the legal assessment of the project’s use case scenarios. All of these reports’ findings and assessments have been taken into account while assessing the FORTIKA business model hereafter. In addition, and in order to support the project’s initial release, a draft template for the project’s business Terms and Conditions, once it becomes operational, is included in its Annex.

This deliverable presents the results of Work Package 3 concerning the FORTIKA architecture. More specifically, this report presents the updated versions of the conceptual, and the functional architectural views of FORTIKA. The conceptual view provides a holistic view on the architecture, its building blocks, components, interdependencies among components and related constraints such as development methodology whereas the functional views depict the functionalities of the FORTIKA components. The architectural view models used in this deliverable are presented in Section 1. Initially, the conceptual architecture of the FORTIKA system is presented (Section 2). This is a high-level view on the overall architecture, describing the major components of the FORTIKA system (i.e. the Marketplace, GW and Cloud), the main functionalities (e.g. upload and deploy a cyber security appliance) and the main stakeholders (Security appliances developers and the SME owners/employees). Then, the functional view of the system is defined (Section 3), presenting the different architectural elements that deliver the system’s functionality. This view provides the system’s decomposition into different components, demonstrating the responsibilities and functionalities of each of them. In Section 4, the development view is presented, describing how the architecture supports the development process. Here, aspects like components technical requirements and dependencies, programming technologies and use of existing software are covered. The deployment view, described in Section 5, provides the hardware requirements for each component, the mapping of software elements to the runtime environment, the third-party software requirements, the network requirements and the security aspects of the FORTIKA deployment architecture.

Deliverable D4.1 reports on the implementation status and the system requirements of the FORTIKA GW device. To this end, the document first lists the system’s constraints and then the functional and non-functional system requirements. Further to that it presents the HW and SW modules of the implemented prototype; for the HW these are the System on Chip, the carrier board and the HW design of the accelerator part (FPGA); for the SW these are the Operating system, the bitstream load engine, the DMA engine module, the Monitor, and the SLA metric. It is noted that this deliverable reports on the results of the first iteration of the associated task (T4.1). The next iteration’s (M22-M30) outcomes will be the final list of the system requirements and the final implemented system both to be included in the final version of this deliverable D4.8 (M30).

The FORTIKA ecosystem, which is presented in detail in deliverable D4.3 [1], is a complex combination of distributed entities (FORTIKA cloud infrastructure, FORTIKA gateway and other third party components such as the billing system) and microservices that interact with each other, to provide the FORTIKA functionality in a transparent and secure manner. The FORTIKA architecture and the sequence of interactions between the respective modules and services, are described in deliverable D3.4 [2]. This deliverable (D4.2) is a demonstrator and its purpose is to present the communication interfaces and protocols of modules and services, and provide the corresponding endpoints through which entities communicate with each other. Through this deliverable, readers are able to understand the technologies (architecture protocols, etc.) used by FORTIKA entities, to communicate with each other and make their functionalities available to the FORTIKA ecosystem and thereby, to the FORTIKA users. This demonstrator is a versioned document and the current version (Version 1) presents the work progress up to the time of the authorship of this document, which is month 18 (November 2018) of FORTIKA’s lifecycle. The FORTIKA project currently runs the second year of development. Thus, the second version of this document, which is due on month 30 (end of November 2019), will be richer in content, concerning modules and services that have no yet been implemented.

This document is a technical report on the FORTIKA ecosystem (Marketplace) and describes the different modules that have been developed, and together make up the Marketplace, this platform allows users to easily purchase the services developed in FORTIKA, as well as its deployment in their devices. In the same way, it allows developers to offer their services easily and quickly to any organization registered in the Marketplace. The current version of the Marketplace supports the functionalities that were shown in the first demonstration, along with those that have been implemented in the last period. This first version (M18) describes the modules developed up to this date, in the following versions the new developments will be detailed. The Marketplace incorporates all those modules that are necessary to support the functionalities that are included in the requirements of the project and that pretend to support the different cases of use. This first period began with the development and implementation of the most basic modules such as User Management module, which allows the registration of organizations, users and developers, the Front-End module that supports the User Interface, so that the different functionalities can be executed in a user-friendly way, the Device Manager module to be able to establish communication with the devices of different organizations and deploy services on it, and the Back-End that integrates all these components. This document only presents a description of the components as the interaction between them is covered in detail in D4.2 FORTIKA data capturing interfaces.v1 and the deployed services and tools are also covered in D4.4 FORTIKA platform, services and tools deployed on the cloud.v1. The last section presents a demonstration of the Marketplace through a user history, to present to the reader the result of the implementation of the different modules and how the different functionalities that the Marketplace allows through the user interface are carried out.

This deliverable D4.4 is a report on the FORTIKA Platform's services and tools deployed in the cloud. The first version (M18) reports in details the basic functionality of the services supporting and powering the FORTIKA Platform. The FORTIKA Platform consists of FORTIKA Marketplace, IaaS which hosts FORTIKA Cloud services and FORTIKA Bundles (more precisely their cloud-counterparts), and FORTIKA Gateway - the target device for deployment of FORTIKA bundles in the realm of end-users. Moreover, the document describes services and processes supporting development, testing and deployment tools enabling FORTIKA's Platform Continuous Integration and Deployment. Two different domains of FORTIKA Bundles are defined and described the way FORTIKA envisions deployment of FORTIKA Bundles.

This deliverable discusses the mitigation strategies that the FORTIKA solution will apply when anomalies are detected. The strategies and work documented in this deliverable, have been developed under the Work Package 4, in T4.5 “Risk analysis, modeling and level assessment for HW/SW FORTIKA components – Mitigation Strategies” with contributions from T4.6 “FORTIKA Analytics Module & Decision Support System”. It should be noted that this work is tightly connected with the work of the FORTIKA decision support system, where the decisions on the mitigation actions to be performed are taken place. Due to the growing number of cyber-security threats that SMEs are exposed to, efficient mitigation strategies to eliminate or reduce their effect is of high importance. In this first version of the deliverable, the work is focused on the four types of threats/attacks, namely DDoS, malware, ransomware and spoofing. The whole workflow is analysed, i.e. from threat characteristics and detection techniques up to mitigation actions, in order to describe their particularities/effects and how they can be detected and mitigated. The proposed Threat Mitigation Engine architecture is described together with the design of the communication API for the interaction with the Decision Support System. In the second version of this deliverable, the full documentation on the mitigation actions that will be implemented for all possible threats of the FORTIKA solution will be provided.

Deliverable D4.7 is a demonstrator that identifies advances towards the achievement of project objectives related to WP4 “FORTIKA Modules and Components”. It reviews recent developments on the use of knowledge-based systems for Intrusion Detection, on adaptive fuzzy expert systems as well as on multi-objective optimization. Moreover it presents a detailed report on the first prototype of the Decision Support System (DSS) developed under Task 4.6 “FORTIKA Analytics Module and Decision Support System” and utilised in the context of the FORTIKA project, including its architecture and the technical and mathematical background of the system. Finally, it describes the relation of the DSS with the rest of the FORTIKA modules and lists next steps. The goal of the DSS aims towards facilitating the decision-making process as far as it concerns the detection of a threat and the selection of the best method to mitigate it. This document is the first version of a set of deliverables regarding the FORTIKA DSS. In the second revision of the document the final architecture and implementation of DSS will be reported, as well as the interaction with all other FORTIKA components.

Deliverable D4.8 reports on the final implementation status and the final system requirements of the FORTIKA GW device. To this end, the document first lists the system’s constraints and then the functional and non-functional system requirements. Further to that, it presents the HW and SW modules of the implemented prototype; for the HW these are the System on Chip, the carrier board and the HW design of the accelerator part (FPGA); for the SW these are the Operating system, the bitstream load engine, the GW Dashboard and the Monitor. In addition, a performance evaluation of the implemented FORTIKA GW focussing on the FPGA part is presented towards demonstrating the added value that this specific component brings in terms of faster execution times. It is noted that this deliverable builds on the content of the previous report version (D4.1); in this context, the outcomes and achievements produced in the second and final iteration period of the task (M22-M30) are included in this report (D4.8) as updated or new content. For the reader’s convenience, Section 1.2 lists the sections containing the new or updated content.

The FORTIKA ecosystem, which is presented in detail in deliverable D4.3 [1], is a complex combination of distributed entities (FORTIKA cloud infrastructure, FORTIKA gateway and other third party components such as the billing system) and microservices that interact with each other, to provide the FORTIKA functionality in a transparent and secure manner. The FORTIKA architecture and the sequence of interactions between the respective modules and services, are described in deliverable D3.4 [2]. This deliverable (D4.9), is a demonstrator and its purpose is to present the communication interfaces and protocols of modules and services, and provide the corresponding endpoints through which entities communicate with each other. Through this deliverable, readers can understand the technologies (architecture protocols, etc.) used by FORTIKA entities, to communicate with each other and make their functionalities available to the FORTIKA ecosystem and thereby, to the FORTIKA users. This demonstrator is a versioned document, and this is the final version (version 2), which presents the overall work of the development of FORTIKA Marketplace modules and their communication interfaces. The previous version (D4.2 [3]), was submitted on the 30th of November 2018 and it presented the initial interfaces and the data structures used for the communication. This document presents the final interfaces, the endpoints and the data structures used for the inter-component communications. Nevertheless, it is anticipated that some of the presented endpoints might change, as a result of the End-Users’ feedback, during the pilots.

This document is a technical report on the FORTIKA ecosystem (Marketplace) and describes the different modules that have been developed, and together make up the Marketplace. This platform allows users to easily purchase the services developed in FORTIKA, as well as its deployment in their devices. In the same way, it allows developers to offer their services easily and quickly to any organization registered in the Marketplace. The current version of the Marketplace supports the functionalities that were shown in the second review, along with those that have been implemented in the last period. This document is the second version of D4.3. The FORTIKA Marketplace comprises the modules presented in this deliverable along with the developments carried out from the first version (M18), until the date of publication of the present document (M30). The Marketplace incorporates all those modules that are necessary to support the functionalities that are included in the requirements of the project and support the different use cases. This first period began with the development and implementation of the most basic modules such as User Management module, which allows the registration of organizations, users and developers, the Front-End module that supports the User Interface, so that the different functionalities can be executed in a user-friendly way, the Device Manager module, to be able to establish communication with the devices of different organizations and deploy services on it, and the Back-End that integrates all these components. This document presents a description of the components as the interaction between them is covered in detail in D4.9 FORTIKA data capturing interfaces.v2 and the deployed services and tools are also covered in D4.11 FORTIKA platform, services and tools deployed on the cloud.v2. The last section presents a demonstration of the Marketplace through a user history, to present to the reader the result of the implementation of the different modules and how the different functionalities that the Marketplace allows through the user interface are carried out.

The deliverable D4.11 is a report on the FORTIKA Platform’s services and tools deployed in the cloud. The first version D4.4 (M18) [38] reports in detail the basic functionality of the services supporting and powering the FORTIKA Platform. The FORTIKA Platform consists of FORTIKA Marketplace, IaaS which hosts FORTIKA Cloud services and FORTIKA Bundles (more precisely their cloud-counterparts), and FORTIKA Gateway – the target device for deployment of FORTIKA bundles in the realm of end-users. Moreover, the document describes services and processes supporting development, testing and deployment tools enabling FORTIKA’s Platform Continuous Integration and Deployment. Two different domains of FORTIKA Bundles are defined and described the way FORTIKA envisions deployment of FORTIKA Bundles: cloud domain and on-premise domain using FORTIKA Gateway. The security aspects of the FORTIKA cloud services are addressed in deliverables D5.6. This deliverable D4.11 is a report on the progress made in the scope of the task FORTIKA Platform’s services and tools deployed in the cloud, first described in deliverable D4.4 [38]. The first version (M18) reported in detail the basic functionality of the services supporting and powering the FORTIKA Platform. The second version describes how the deployment of bundle cloud counterparts was developed, from the planning stage to actual implementation, and how the automatic testing process (CI) was kept up to date with the expanding functionalities of the platform.

This deliverable is the second version of deliverable D4.6. It contains the description and the implementation of the final version of the Threat Mitigation Engine and the threat detection methodologies developed in FORTIKA. The strategies and the work documented in this deliverable, have been developed under Work Package 4, in T4.5 “Risk analysis, modelling and level assessment for HW/SW FORTIKA components – Mitigation Strategies” with contributions from T4.6 “FORTIKA Analytics Module & Decision Support System”. This, second version of the deliverable describes the architecture of the Threat Mitigation Engine and the communication APIs for the interaction of the Threat Mitigation Engine with the Decision Support System and the virtual Security Appliance. The effective mitigation and detection strategies proposed by FORTIKA will aim to eliminate the effects of the cyber-security threats that constitute a significant and rapidly growing threat of the SMEs.

Deliverable D4.13 is a demonstrator that identifies advances towards the achievement of project objectives related to WP4 “FORTIKA Modules and Components”. It reviews recent developments on the use of knowledge-based systems for Intrusion Detection and on adaptive fuzzy expert systems. Moreover, it presents a detailed report on the prototype of the Decision Support System (DSS) developed under Task 4.6 “FORTIKA Analytics Module and Decision Support System” and utilised in the context of the FORTIKA project, including its architecture and the description of technical implementation, functionality and performance of the system. Finally, it describes the relation of the DSS with the rest of the FORTIKA modules. The goal of the DSS aims towards facilitating the decision-making process as far as it concerns the real-time detection of a threat and the selection of the best action to mitigate it. This document is the second and final version of the FORTIKA DSS deliverable.

Deliverable D5.1 describes and demonstrates the FORTIKA Middleware; a middleware is the software entity that lies between heterogeneous systems/applications aiming to facilitate their interactions. In the context of FORTIKA, the Middleware facilitates the interactions between the FORTIKA GW and the FORTIKA Marketplace; the ARM and FPGA components of the FORTIKA GW; the FORTIKA SW developers and a part of the FPGA application development process. To achieve these, the Middleware consists of three main components, namely the Synthesis Engine, the Security Bundle Handler and the Lightweight Machine to Machine client. The Synthesis Engine enables the FORTIKA SW developers to develop security applications, able to run in the FORTIKA GW’s FPGA, without the need to know and use the HW details and design; a task that otherwise would need experienced HW designers. The Security Bundle Handler allows for the deployment and management of the FORTIKA Marketplace security bundles to the FORTIKA GW; furthermore, it provides the necessary mechanisms for the dynamic change of the loaded FPGA bundles (e.g. change on the fly the FPGA deployed encryption algorithm) and the configuration of the data interfaces that are needed to exchange data between the SW and FPGA deployed components. The Lightweight Machine to Machine client provides for the communication and interactions of the FORTIKA GW and the FORTIKA Marketplace. The Security Bundle Handler and the Lightweight Machine to Machine client have been deployed in an online FORTIKA GW and their functionalities can be tested and demonstrated via Postman API calls; in addition, two demo applications, showcasing the Security Bundle Handler’s mechanisms of changing in real time the FPGA deployed bundles, and also configuring the data interfaces used to exchange data between the ARM and FPGA components of the GW, have been developed and installed in the online FORTIKA GW. On the other hand, the Synthesis Engine has been deployed in a Virtual machine that is hosted in the FINT’s private cloud. The binaries (and in some cases the code) for these Middleware components have been uploaded to FORTIKA Gitlab repository. It is noted that this deliverable reports on the results of the first iteration of the associated task (T5.1). The next iteration’s (M24-M32) outcomes will be the final version of the Middleware; this will be included in the final version of this deliverable D5.9 (M32).

This deliverable provides evidence of advances towards the achievement of project objectives related to WP5 “FORTIKA Middleware and Cyber Security Services”. It is the first version discussing the specifications and development of the components under Task 5.2. “Real-time Network Traffic Analysis Module”. This task aims at providing the design and development of a real-time Network Traffic Analysis (RTNTA) and active cybersecurity service based on big data and open source framework. The RTNTA defined in this task will be in charge of analyse the traffic from the SME network (connected to the FORTIKA gateway) and provides information in the form of NetFlow records to other modules (i.e. Visual Analytics modules, SIEMS). The outcomes of this tool enable to analyse the security status of the network, the level of consumption of services or to check the level of digital trust. Together with the Visual Analyzer and other traffic information modules, RTNTA will combine metadata storage for real-time analysis, with raw storage working on aggregate data. Such a combination of traffic information provides the basics for the detection of a wide range of attacks in the cybersecurity area (from DDOS attack detection based on anomalies on the traffic patterns to ARP Spoofing detection).

Deliverable D5.3 reports on the implementation status of the FORTIKA Attribute-Based Access Control (ABAC) module that is being developed to provide authorization services to the FORTIKA project that aims to provide security solution for SMEs. ABAC services are not limited to the initial scope of the Bring Your Own Device BYOD concept, as proposed and described, but also enable FORTIKA to provide a complete Authorization-as-service (AuthZaaS) solution. This document reports on the main components of the module and the design approach that was chosen to implement the base components of ABAC, namely: The Policy Administration and Policy Information Points (PAP and PIP, respectively), the Policy Decision Point (PDP), and the Policy Enforcement Point (PEP). This deliverable presents only the results of the first iteration of the associated task (T5.3). The next iteration (M24-M32) shall provide the final, thoroughly implemented system to be included in the final version of deliverable D5.11 (M32).

This report presents the first version of the Social Engineering Attack Recognition Service (SEARS), as part of the cyber security services that are provided by the FORTIKA project. The purpose pf the D5.4 deliverable is to present a SEARS demonstrator in M20. The sec-ond and final version of this report will be prepared during the project’s lifetime and sub-mitted in M32. The report provides an analysis of the various aspects regarding the design and develop-ment of SEARS and its main software components. This version presents the current state of the system paving the way for further updates during the project lifecycle. In particular, specific technologies used are presented, together with information and op-erational details related to performance, resource consumption, data production and pro-cessing. This report describes the SEARS system and serves as a guide with respect to the operation (including security and privacy), and maintenance of the SEARS service.

This deliverable presents the FORTIKA Security Information and Event Management (SIEM) solution that acts as the core FORTIKA component for threat detection and mitigation. The work documented in this deliverable has been developed under the Work Package 5, in Subtask 5.5.5 “Development of FORTIKA SIEM solution”. This report accompanies the prototype release for SIEM, that will be updated with the second version of this deliverable. FORTIKA SIEM solution is considered as collaboration of several FORTIKA components towards the fulfillment of the main objectives: security monitoring, threat detection and incident response. The framework is also coupled with Visual Analytics interfaces for the proper visualization and monitoring of network status and alerts generated, designed for system operators and administrators of the SMEs. Special emphasis has been put on the proper integration of the developed software on the FORTIKA gateway, i.e. lightweight computational parts are designed for the ARM processor, while computationally intensive for the FPGA part. All developed software has been tested individually and in conjunction with the rest of the FORTIKA components.

FORTIKA online marketplace will be hosted in the FORTIKA Cloud Service Provider, and FORTIKA as a Digital Service Provider (DSP), will need to establish certain guarantees to provide a secure consumption of the cloud services offered. The EU legislation on cybersecurity relies on the Directive on security of network and information systems, the NIS Directive. NISD security requirements are mandatory for DSPs. The first version of this deliverable, released on M20, proposes a solution for FORTIKA cloud monitoring adaptable to different conditions of provided cloud services, using a continuous assessment and monitoring service CCAM to enable continuous measurement of the security objectives. The deliverable finally, presents the demonstrator architecture and proposes a solution for collecting data from FORTIKA cloud environment, detailing an architecture for continuous cloud assessment monitoring CCAM using a distributed approach composed by server and agent infrastructure applied to FORTIKA cloud services, and also identifying the required software components. Further work on this task will be oriented to implement particular compliance checks using openSCAP framework to guarantee continuous monitoring of compliance, and additionally to complete a set of monitoring metrics for the FORTIKA cloud as initiated on the present study, taking into account the particular requirements for monitoring microservices, applications and cloud nodes deployed on the FORTIKA IaaS Marketplace. The final version of the deliverable will be provided on M32, with the objective to complete a demonstrator for the CCAM service applicable to FORTIKA cloud services, to contribute with a continuous cloud assessment monitoring to guarantee compliance with security objectives for DSP

Today cybersecurity incidents are of great concern to the SMEs. Considering the recent changes to the data protection laws the SMEs are under pressure to protect their corporate data. Despite these risks, businesses tend to move towards using public cloud platforms due to the flexibility and reduced operational costs they provide to the SME’s to compete in the market place. Instead of buying and building huge data centres, one can rent these 3rd party cloud offerings. Recently in order to maximise the benefits from the cloud platforms, researchers/organizations tend to move towards cryptographic approaches. These approaches bring with themselves their own constraints. Conventional symmetric key encryption approaches such as Advanced Encryption Scheme (AES) or asymmetric key encryption approaches such as Rivest-Shamir-Adleman (RSA), rely on uploading encrypted content to the cloud and once the content is needed, download all of it and then decrypt and process. Although, this is a secure way of processing ones content, but it is highly infeasible for managing and processing large volumes. Homomorphic Encryption (HE) provides the highest level of security. It makes use of the public and private key infrastructure of the AES schemes and allows one to perform arithmetic operations on encrypted content. This allows one the flexibility of processing and managing content in the encrypted domain, thus minimizing the overhead of downloading and decrypting all of the online content. One of the many uses of HE is the possibility of performing a search in the encrypted domain, usually referred to as Searchable Encryption (SE). This feature allows one to perform a keyword search on online stored content, thus making it possible to identify which content needs to be downloaded for further processing. It ensure the required security by limiting knowledge of the cloud or any adversary accessing the cloud platform. It also mitigates the possibility of an intermediator eavesdropper of knowing what is being relayed. This demonstrator which is submitted as a part deliverable of WP5, D5.7 explains in detail the tool designed and developed for the FORTIKA project that allows Small and Medium-sized Enterprises (SMEs) to encrypt and upload content onto a third party cloud and then perform search on the encrypted data. The data encryption tool treats the whole data as a running text and encrypts it word by word, thus producing string of searchable ciphers. These ciphers aid the proposed Public Key Encryption with Keyword Search algorithm (PEKS) in performing SE tasks on the cloud by exploiting the homomorphic properties of the cipher content.

This deliverable provided evidence of advances towards the achievement of project objectives related to WP5, T5.5 “Design and Implementation of virtual Security Appliance”. This docu-ment is the first version discussing the specifications and development of the components related to the virtual Security Appliance”, the methodologies put in place to address end-user requirements, and the tasks foreseen in the future. This document specified in details the virtual Security Appliance (vSA), which is one of the bundles under development in the context of the FORTIKA project. It comprises two main components: a packet filer (firewall) and an Intrusion Detection system (IDS). Two architec-tures were proposed. The first one fully resides on the ARM part of the FORTIKA Gateway, however, the second one moves the components that require intensive processing to FPGA. For further development and evaluation, a testbed including the vSa subcomponents (firewall, IDS, RESTApi, etc) was setup. This document is the first specification and development report concerning the vSA. Further refinements will be made available in the next versions where feedback from the develop-ment and integration activities will be taken into account.

Deliverable D5.9 describes and demonstrates the FORTIKA Middleware; a middleware is the software entity that lies between heterogeneous systems/applications aiming to facilitate their interactions. In the context of FORTIKA, the Middleware facilitates the interactions between the FORTIKA GW and the FORTIKA Marketplace; the ARM and FPGA components of the FORTIKA GW; the FORTIKA SW developers and a part of the FPGA application development process. To achieve these, the Middleware consists of five main components, namely the Synthesis Engine, the Security Bundle Handler, the Notifications Collector, the Metrics Collector and the Lightweight Machine to Machine client:

1. The Synthesis Engine enables the FORTIKA SW developers to develop security applications, able to run in the FORTIKA GW’s FPGA, without the need to know and use the HW details and design; a task that otherwise would need experienced HW designers.
2. The Security Bundle Handler allows for the deployment and management of the FORTIKA Marketplace security bundles to the FORTIKA GW; furthermore, it provides the necessary mechanisms for the dynamic change of the loaded FPGA bundles (e.g. change on the fly the FPGA deployed encryption algorithm) and the configuration of the data interfaces that are needed to exchange data between the SW and FPGA deployed components.
3. The Notifications Collector collects the generated notifications and forwards them for visualisation to the FORTKA GW and Marketplace Dashboards.
4. The Metrics Collector gathers the metrics produced from the FORTIKA GW or the deployed FORTIKA bundles and forwards them to the FORTIKA Marketplace where they are utilised from the Monitoring and SLA components.
5. Lightweight Machine to Machine client provides for the communication and interactions of the FORTIKA GW and the FORTIKA Marketplace.

The Security Bundle Handler, the Metrics and Notification Collectors, and the Lightweight Machine to Machine client have been deployed in two online and six pilot FORTIKA GWs and their functionalities can be tested and demonstrated via Postman API calls; in addition, two demo applications, showcasing the Security Bundle Handler’s mechanisms of changing in real time the FPGA deployed bundles, and also configuring the data interfaces used to exchange data between the ARM and FPGA components of the GW, have been developed and installed in the online FORTIKA GW. On the other hand, the Synthesis Engine has been deployed in a Virtual machine that is hosted in the FINT’s private cloud. The binaries (and in some cases the code) for these Middleware components have been uploaded to FORTIKA Gitlab repository. It is noted that this deliverable builds on the content of the previous report version (D5.1); in this context, the outcomes and achievements produced in the second and final iteration period (M24-M32) of the associated task (T5.1) are included in this report (D5.9) as updated or new content.

The purpose of this report is to provide a second version related to WP5 “FORTIKA Middleware and Cyber Security Services”. This second version defines the development of the components under the Task 5.2 “Real-time Network Traffic Analysis Module”. This task aims at providing the design and development of a real-time Network Traffic Analysis (RTNTA) and active cybersecurity service based on big data and open source framework. Due to the fact that the first version presented an overview of the RTNTA module, this deliverable describes in detail. The RTNTA module as a way to fill the gaps of cybersecurity in the network in detail. The module analyses the traffic from the SME network (connected to the FORTIKA gateway) and send data in the form of NetFlow records to other modules (i.e. Visual Analytics modules, SIEMS). To be able to analyse the security status of the network, the level of consumption of services or to check the level of digital trust are going to be used tools as monitoring, protocol analysis and packet analysis. Along with the Visual Analyzer and other traffic information modules, RTNTA combines metadata storage for real-time analysis, with raw storage working on aggregate data. The techniques in storage and dynamic updates of heterogeneous mass data are major data for data management. Such a combination of traffic analysis information provides the basics for the detection of a wide range of attacks in the cybersecurity area (from DOS attack detection based on anomalies on the traffic patterns to ARP Spoofing detection).

Deliverable D5.11 reports on the implementation of the FORTIKA Attribute-Based Access Control (ABAC) module that has been developed to provide authorization services to the FORTIKA project which, in turn, aims to provide security solution for SMEs. ABAC services are not limited to a specific operation environment (which is the case with most access control solutions); instead, ABAC services enable FORTIKA to provide a complete Authorization-as-a-service (AuthZaaS) solution. AuthZaaS enable customers to adopt and modify existing or future Information Systems (IS), by exploiting the provided API, to support a unified authorization scheme throughout the enterprise. This document reports on the main components of the module and the design approach that was chosen to implement the base components of ABAC, namely: The Policy Administration and Policy Information Points (PAP and PIP, respectively), the Policy Decision Point (PDP), and the Policy Enforcement Point (PEP). Moreover, an implementation example is provided using a prototype windows agent that was created to test and evaluate the system. It is worth mentioning that the ABAC module targets Technology Readiness Level (TRL) 6. To achieve TRL6 the system should be demonstrated in a relevant environment. This deliverable provides, among others, this demonstration.

This report presents the second version of the Social Engineering Attack Recognition Service (SEARS), as an integrated part of the cyber security solutions that are provided by the FORTIKA project. The purpose of the D5.12 deliverable is to present a SEARS demonstrator in M32. The report provides an in-depth analysis of the various aspects regarding the implementation and deployment of SEARS’ main software components and its integration to the FORTIKA Platform as a security bundle. The main content concerns the SEARS.Cloud subcomponent that was developed during M20-M32 and the changes to the SEARS.Agent and SEARS.Fog subcomponents that were developed at earlier stage. This version presents the final state of the system that is tested during the Pilots phase. In particular, the final functional SEARS components are presented, together with deployment information and integration details. Furthermore, all privacy issues encountered are also mentioned along with a Use Case Scenario and a sample social engineering attack text dialog. This report serves as a guide regarding the operation, deployment, configuration and integration of the SEARS bundle.

This deliverable presents the FORTIKA Security Information and Event Management (SIEM) solution that acts as the core FORTIKA component for threat detection and mitigation. The work documented in this deliverable has been developed under the Work Package 5, in Subtask 5.5.5 “Development of FORTIKA SIEM solution”. This report extends the prototype release for SIEM, providing an enhanced SIEM solution with many new components in the second version of the SIEM customized solution. The FORTIKA SIEM solution is considered as collaboration of several FORTIKA components towards the fulfilment of the main objectives: security monitoring, threat detection and incident response. The framework is also coupled with Visual Analytics interfaces for the proper visualization and monitoring of network status and alerts generated, designed for system operators and administrators of the SMEs. Special emphasis has been put on the proper integration of the developed software on the FORTIKA gateway, i.e. lightweight computational parts are designed for the ARM processor, while computationally intensive for the FPGA part. All developed software has been tested individually and in conjunction with the rest of the FORTIKA components. This document is the second version of the ‘D5.5 Design and implementation of customised SIEM Service.v1’ deliverable. A list of the differences between the v1 and v2 of the deliverable is show below:

1. Added two new SIEM solutions for cybersecurity, found in literature, in chapters 2.12 and 2.13.
2. Updated the system requirements in chapter 3.
3. Updated the SIEM system architecture in chapter 4.1.
4. Added three new SIEM modules in chapters 4.2.2, 4.2.4, and 4.2.5.
5. Updated the rest of the SIEM modules in chapters 4.2.1, 4.2.3, and 4.2.7 to the newest versions.

FORTIKA online marketplace will be hosted in the FORTIKA Cloud Service Provider, and FORTIKA as a Digital Service Provider, will need to establish certain guarantees to provide a secure consumption of the cloud services offered. The EU legislation on cybersecurity relies on the Directive on security of network and information systems, the NIS Directive. NISD security requirements are mandatory for DSPs. The first version of this deliverable (D5.6 FORTIKA continuous monitoring-based compliance mechanism v1), was released on M20 and proposed a solution for FORTIKA cloud monitoring adaptable to different condition of provided cloud services, using a continuous assessment and monitoring service CCAM to enable continuous measure of the security objectives. The deliverable finally, presented the demonstrator architecture and proposed a solution for collecting data from FORTIKA cloud environment, detailing an architecture for continuous cloud assessment monitoring CCAM using a distributed approach composed by server and agent infrastructure applied to FORTIKA cloud services, and also identifying the required software components. The present document corresponds to the second version of the deliverable (D5.14 FORTIKA continuous monitoring-based compliance mechanism v2), is to be released on M32 and includes further work on this task. It is oriented to implement particular compliance checks using OpenSCAP framework (as part of the CCAM service) to guarantee continuous monitoring of compliance, and additionally to complete a set of monitoring metrics for the FORTIKA cloud as initiated on the present study, taking into account the particular requirements for monitoring microservices, applications and cloud nodes deployed on the FORTIKA IaaS Marketplace. This final version has the objective to complete a demonstrator for the CCAM service applicable to FORTIKA cloud services, to contribute with a continuous cloud assessment monitoring to guarantee compliance with security objectives for DSP. The main aim of D5.14 is to continue the work done on D5.6 by focusing on the deployment and exploitation of Cloud Security Mechanisms on the FORTIKA Cloud Service and Marketplace. The document also includes how the cloud security compliance is covered by these mechanisms.

The current technological developments have led us to a dangerous set of crossroads, where the pursuit of a smart ecosystem has landed us in the pool of a high amount of personal data that is a serious privacy violation incident waiting to happen. These large datasets are the core cause of the recent privacy violation incidents such as that of Equifax [1] and Talk-Talk [2]. These privacy violation incidents and the fines that follow them have forced SMEs to opt for a more secure way of information sharing and storing. Despite this, SMEs tend to rely heavily on 3rd party cloud infrastructures for the mere purpose of the flexibility in operational cost and management. In order to maximize their gain from such infrastructures, SMEs tend to move towards cryptographic solutions. These solutions bring with themselves their own constraints. Conventional symmetric key encryption approaches, such as Advanced Encryption Scheme (AES), or asymmetric key encryption approaches, such as Rivest-Shamir-Adleman (RSA), rely on uploading encrypted content to the cloud and once the content is needed, download it and then decrypt it and process it. Although, this is a secure way of processing content, it is highly unfeasible for managing and processing large volumes. Homomorphic Encryption (HE) provides the highest level of security. It makes use of the public and private key infrastructure of an asymmetric encryption scheme and allows to perform arithmetic operations on encrypted content. This allows the flexibility of processing and managing content in the encrypted domain, thus minimizing the overhead of downloading and decrypting all the online content. One of the many uses of HE is the possibility of performing a search in the encrypted domain, usually referred to as Searchable Encryption (SE). This feature allows to perform a keyword search on online stored content, thus making it possible to identify which content needs to be downloaded for further processing. It ensures the required security by limiting knowledge of the cloud or any adversary accessing the cloud platform. It also mitigates the possibility of an intermediator eavesdropper knowing what is being relayed. This demonstrator, which is submitted as a second version of D5.7 Homomorphic encryption embedded engine, explains in detail the tool designed and developed for the FORTIKA solution. It explains in detail the encryption scheme used, the implementation environment and the different modules that are collectively labelled as the Homomorphic Encryption embedded engine. This document also shows, with the help of screenshots, how different functionalities would be used for the HE module.

This deliverable provided evidence of advances towards the achievement of project objectives related to WP5, T5.5 “Design and Implementation of virtual Security Appliance”. This document is the second and final version discussing the specifications and development of the components related to the virtual Security Appliance”, the methodologies put in place to address end-user requirements, and the tasks foreseen in the future. This document specifies in details the virtual Security Appliance (VSA), which is one of the developed bundles in the context of the FORTIKA project. It comprises two main components: a packet filter (VSA.Firewall) and an Intrusion Detection system (VSA.IDS). Two architectures were proposed. The first one fully resides on the ARM part of the FORTIKA Gateway, however, the second one moves the components that require intensive processing to FPGA. For further development and evaluation, a testbed including the VSA subcomponents (VSA.Firewall, VSA.IDS, VSA.TLS, REST Api, etc) was setup. This document is the update of the first specification and development report concerning the VSA. Refinements were made in this version where feedback from the development and integration activities were considered. The VSA was extended by a new component (VSA.TLS) and this modification is described in this version. One of the main changes along the development phase has been the handling of encrypted traffic which will be discussed in more detail in this document. Scope of the second version of this deliverable has been to finalize and improve the FPGA implementation of the VSA components. These results can be found in this document too. The document includes a table that depicts in detail the changes between the two versions of this document i.e. the deliverables D5.8 and D5.16.

This document constitutes the deliverable D6.2 - System Integration & Final FORTIKA Prototype.v1 of FORTIKA project. It details the implementation and integration status of the FORTIKA architecture components. In addition, it describes the connectivity of each component in relation to the supported functionality, communications interfaces, implemented APIs, and data flows. First, a short description of the hardware part of system integration is given. Then a detailed description for all of the FORTIKA bundles is provided, in both the FORTIKA Cloud and the FORTIKA Gateway. For each module, a description of the functionality, the communication with other FORTIKA components (using UML sequence diagrams), the integration and development status, and the type of license along with the derived GDPR requirements covered are given. A list of some use case scenarios is also provided, where the functionality and the integration of the FORTIKA bundles in a potential cyber-attack in the network of an SME is presented. These scenarios depict the data flow during certain cyber-attacks, as also how FORTIKA responses with them. The document is concluded by giving a table of the integration status of the FORTIKA bundles for each one of the presented use case scenarios. The content of this deliverable is the final prototype and integrated platform of the FORTIKA solution that is used and evaluated through the pilots.

The purpose and scope of the deliverable is to verify that the deployed pilots meet the functional, operational and technical requirements as described in T6.1 and in other WPs, through the deployment of an evaluation methodology and the gathering of evaluation results from the first pilot release (M25-M27) and the second pilot release (M32-M34). The evaluations framework consists of functional results, technical results, key performance indicators (KPIs), performance activities, lessons learnt and recommendations. In order to gather functional results and technical results the pilot evaluations were provided in distinct ways and phases. The pilots were requested in October of 2019 and March of 2020 to assess common features and technical characteristics of the FORTIKA platform. A comprehensive analysis of the results obtained in both assessments is presented. The analysis is divided:

1. Evaluation of common features (Ease to use, Design, Interaction with the System, Adequacy of user and admin manuals)
2. Evaluation of system technical characteristics (Installation, System performance, Compliance to Cybersecurity and Quality Standards, Report generators, Adequacy of bundles in addressing threats, Adequacy of support, User satisfied with functionality of modules)
3. Evaluation of technical results for FORTIKA modules

Outcomes of the evaluation process are documented in a dedicated chapter comprising of lessons learnt and recommendations. Finally, conclusions are drawn for overall FORTIKA evaluation and way ahead.

This document constitutes the deliverable D6.8 - System Integration & Final FORTIKA Prototype.v2 of FORTIKA project. This report extends the FORTIKA prototype provided on the previous version of the document. It details the implementation and integration status of the FORTIKA architecture components. In addition, it describes the connectivity of each component in relation to the supported functionality, communications interfaces, implemented APIs, and data flows. First, a short description of the hardware part of system integration is given. Then a detailed description for all of the FORTIKA modules is provided, in both the FORTIKA Cloud and the FORTIKA Gateway. For each module, a description of the functionality, the communication with other FORTIKA components (using UML sequence diagrams), the integration and development status are given. A list of some use case scenarios is also provided, where the functionality and the integration of the FORTIKA module in a potential cyber-attack in the network of an SME is presented. These scenarios depict the data flow during certain cyber-attacks, as also how FORTIKA responses with them. The document is concluded by giving a table of the integration status of the FORTIKA components for each one of the presented use case scenarios. The content of this deliverable is the final prototype and integrated platform of the FORTIKA solution that is used and evaluated through the pilots. This document is the second version of the D6.2 System Integration & Final FORTIKA Prototype.v1 deliverable. A list of the differences between the two versions of the deliverable is shown below:

1. Updated development status and pending actions for components in sections 3.2.2, 3.3.4, 3.3.5.2, 3.3.5.3, 3.3.1, 3.3.6.1, 3.3.6.2, 3.3.7, 3.3.8
2. Updated the integration status and pending actions for components in sections 3.2.2, 3.3.4, 3.3.5.2, 3.3.7, 3.3.8
3. Addition of the DPI tool in section 3.3.5.6
4. Addition of the Domain Generation Algorithm detection component in section 3.3.5.7
5. Addition of the High Entropy randomness identification component in section 3.3.5.8
6. Addition of the Periodic communication identification component in section 3.3.5.9
7. Addition of Homomorphic encryption use case in section 4.10

This document provides an overview of the Business Models and the first results for commercialization achieved during the first 18 months of the FORTIKA project. In it, an analysis of the market segments that have been identified as target for the FORTIKA solution is provided. It should be highlighted that this document is a revision of D7.5 Business Models & Final plan for the use and exploitation of foreground.v1 that was delivered on M18. The document is updated based on the reviewers’ comments, specifically on recommendation 2 regarding Business Plans and Commercialization, as detailed below. This new version will be delivered on M30 of the project. The analysis of the market concludes that the characteristics of the FORTIKA components and their advantages, both as individual products and as a complete solution, comply with all market necessities and clients demands. The client segments are defined, and their need are in line with the product functionalities. Further needs will be analysed and provided as feedback from the FORTIKA pilots results. These analyses also assure that FORTIKA is in line with the foreseen market trends, which gives a long-term success and validity to the product. A Business Canvas exercise for a FORTIKA joint exploitation has been completed and also individual exploitation for all FORTIKA partners in terms of Business Canvas per partner. Here, an individual exploitation plan for the exploitable assets for FORTIKA has been defined as well, according to the reviewers’ comments and specifically to recommendation 2 regarding Business Plans and Commercialization. Individual exploitation plans include a table with the description of the solution, the value proposition and the licence model among other fields. The list of the exploitable assets for FORTIKA is extracted from D1.5 IPR and D1.7 IPR management and reports and includes the following solutions:

1. FORTIKA GW (HW and FORTIKA FPGA Accelerator Component)
2. FORTIKA Marketplace (comprising of front-end and back-end services)
3. FORTIKA SIEM Bundle
4. FORTIKA HE Bundle
5. FORTIKA ABAC Bundle
6. FORTIKA SEARS Bundle
7. FORTIKA RTNA Bundle
8. FORTIKA Risk Detection Bundle
9. Cloud Orchestration Services
10. FORTIKA VSA Bundle
11. CCAMS - Cloud Continuous Assessment Monitoring Services

Additionally, further proposals to generate two or three different FORTIKA products in terms of exploitation of results in a different way has been presented. The following list proposes a list of three different and independent products for FORTIKA:

1. On premises FORTIKA service: Hardware and a functional set of core accelerated security services.
2. Cloud service FORTIKA Marketplace of services.
3. SaaS FORTIKA Service Provider and 3rd party services RedBorder, ABAC, SEARs, HE.

Anyway, FORTIKA project presents a great potential for holistic exploitation where the scope and collaboration between a cloud-based solution and an on-premises implementation would be included as a combined proposition: Local Installation (on-premises) for Accelerated Analysis and Cloud deployment for complementary services and statistical Analysis, along with Marketplace bundles deployments. The value proposition will satisfy a customer needs and could also be packaged. The document also includes a financial analysis section. Again, according to the reviewers’ comments and specifically recommendation 2 regarding Business Plans and Commercialization, this chapter includes information concerned to cost study. Such information was included on Deliverable D7.4: “Cost benefit & Cost effectiveness analysis of FORTIKA prototype.v1” which was delivered on M24, while D7.5 was previously released on M18 and did not include a detailed analysis of the different cost elements of the FORTIKA solution (the FORTIKA GW, the on-line marketplace and software bundles). Additionally, the cost study from D7.4 has been updated not only with the data from the marketplace but also providing financial estimation for HW and security services, completing the view for all the components; and also, with the analysis of NVP and IRR should consider at least 5 years of operations. Furthermore, the next version of the deliverable D7.5 (D7.10 Business Models & Final plan for the use and exploitation of foreground.v2) will develop further the approach on two or three different products of FORTIKA project, as well as developing further the holistic approach proposed in a joint business case for the whole FORTIKA platform. The efforts for the next period will concentrate on:

1. Delivering the final version of FORTIKA Business Models of the commercially exploitable results, on both approaches mentioned
2. Developing further investment initiatives
3. Signing-off on the final IPR and joint exploitation agreements
4. Formalisation and sign-off on the plan for the transition and maintenance of exploitable assets
5. Definition of the market entry strategy and plan for market-oriented project assets

This document provides an overview of the Business Models and the final results for commercialization achieved during the FORTIKA project. In it, an analysis of the market segments that have been identified as target for the FORTIKA solution is provided. It should be highlighted that this document is a continuation of D7.5 Business Models & Final plan for the use and exploitation of foreground that was delivered on M30. The analysis of the market concludes that the characteristics of the FORTIKA components and their advantages, both as individual products and as a complete solution, comply with all market necessities and clients demands. The client segments are defined, and their need are in line with the product functionalities. Further needs will be analysed and provided as feedback from the FORTIKA pilots results. These analyses also assure that FORTIKA is in line with the foreseen market trends, which gives a long-term success and validity to the product. A Business Canvas exercise for a FORTIKA joint exploitation has been completed, and also individual exploitation for all FORTIKA partners in terms of Business Canvas per partner. Here, an individual exploitation plan for the exploitable assets for FORTIKA has been defined as well, according to the reviewers’ comments and specifically to recommendation 2 regarding Business Plans and Commercialization. Individual exploitation plans include a table with the description of the solution, the value proposition and the licence model among other fields. The list of the exploitable assets for FORTIKA as stated in D1.5 IPR and D1.7 IPR management and reports and includes the following solutions:

1. FORTIKA GW (HW and FORTIKA FPGA Accelerator Component)
2. FORTIKA Marketplace (comprising of front-end and back-end services)
3. FORTIKA SIEM Bundle
4. FORTIKA HE Bundle
5. FORTIKA ABAC Bundle
6. FORTIKA SEARS Bundle
7. FORTIKA RTNA Bundle
8. FORTIKA Risk Detection Bundle
9. Cloud Orchestration Services
10. FORTIKA VSA Bundle
11. CCAMS - Cloud Continuous Assessment Monitoring Services

Additionally, further proposals to generate two or three different FORTIKA products in terms of joint exploitation of results in a different way has been presented. The following proposes a list of five different and independent products for FORTIKA:

1. FORTIKA Gateway alone with basic encryption and routing functionalities.
2. On premises FORTIKA service: Hardware and a functional set of core accelerated security services. This includes the Gateway and the following bundles: SIEM/VAM, Risk Detection, VSA and Cloud Services (Orchestration and CCAMS).
3. Cloud service FORTIKA Marketplace of security services. This includes the deployment of additional bundles from the marketplace. These additional bundles are deployed on SME premises from the FORTIKA marketplace as add-ons. Thus, for this scenario the previous scenario (ii) “On premises FORTIKA service” is a prerequisite.
4. SaaS FORTIKA Service Provider and extra services. This includes the provision of cyber security services from the cloud such as RTNTA, ABAC, SEARS, HE and more. This scenario does not include on premises hardware (i.e. the Gateway) but includes Cloud Services (Orchestration and CCAMS).
5. Holistic FORTIKA solution: collaboration between a cloud-based solution and an on-premises implementation. This includes a Local Installation (on-premises) for Accelerated Analysis and Cloud deployment for complementary services and statistical Analysis, along with Marketplace bundle deployments. It engages all exploitable assets mentioned above.

FORTIKA project presents a great potential for holistic exploitation where the scope and collaboration between a cloud-based solution and an on-premises implementation would be included as a combined proposition. Further actions between partners could produce results combining the above. Local Installation (on-premises) for Accelerated Analysis and Cloud deployment for complementary services and statistical Analysis, along with Marketplace bundles deployments. The value proposition will satisfy a customer needs and could also be packaged. So, to have market packages tailored to SMEs necessities, being these all results of a joint exploitation. The document also includes a financial analysis section, information concerned to cost study. Such information was included on Deliverable D7.9: “Cost benefit & Cost effectiveness analysis”. Additionally, the cost study from D7.9 has been updated not only with the data from the marketplace but also providing financial estimation for HW and security services, completing the view for all the components; and also, with the analysis of NVP and IRR should consider at least 5 years of operations. The deliverable develops further the approach on two or three different products of FORTIKA project, as well as developing further the holistic approach proposed in a joint business case for the whole FORTIKA platform. The efforts were focused on:

1. Delivering the final version of FORTIKA Business Models of the commercially exploitable results, on both approaches mentioned
2. Developing further investment initiatives
3. Signing-off on the final IPR and joint exploitation agreements
4. Formalisation and sign-off on the plan for the transition and maintenance of exploitable assets
5. Definition of the market entry strategy and plan for market-oriented project assets

This deliverable presents the informed consent forms and information sheets that were also part of the Technical Annex. The forms will be revised (if needed) during the implementation of the project.

“D8.2 – POPD Requirement No. 4” is specified in the FORTIKA Description of Action as: “Copies of opinion or confirmation by the competent Institutional Data Protection Officer and/or authorization or notification by the National Data Protection Authority must be obtained (which ever applies according to the Data Protection Directive (EC Directive 95/46, and the national law). Confirmation should be sent to the REA.” This document describes the procedures to be followed in order to obtain the appropriate copies of opinion or confirmation, by either the competent Institutional Data Protection Officer or the National Data Protection Authority, depending on the Data Protection Directive and the national law, with respect to the protection of personal data.

“D8.3 – POPD Requirement No. 5” is specified in the FORTIKA Description of Action as: “Detailed information must be provided on the procedures that will be implemented for data collection, storage, protection, retention and destruction and confirmation that they comply with national and EU legislation.” This document describes the procedures to be followed in order to fulfil these objectives, i.e. the data collection, storage, protection, retention and destruction and confirmation of collected data, according to national and EU legislation.

Deliverable D8.4 “POPD - Requirement” is described in the FORTIKA’s Description of Action as: “In case of data not publicly available, relevant authorisations must be obtained, and confirmation sent to the REA.” Although public datasets exist and will be utilized within the FORTIKA project, a data management plan has been foreseen (T1.3.) to define the procedures for collecting the necessary data from the pilot sites to adequately assess the developed solution. This document provides a brief description on the actions to be taken to address any ethical and privacy issues risen by the collection and processing of personal data.