Addressing security, trust and privacy to ensure the security of citizens and organizations

Trustworthy, secure and reliable ICT systems are crucial for a wide take up of converging digital services and a global requirement for the reliable and undisturbed functioning of our information society.

In this scenario, the Cybersecurity (CS) lab is an interdisciplinary group that conducts research in trust, security and privacy domains for the improvement of information technology security, as well as the increase of trust and dependability in systems and services.

See the EPICA Factsheet


Our ambition is to coherently address security, trust and privacy from a technological perspective, in an effort to ensure innovation in the field of secure software development, secure service composition, and secure service delivery. The goal is to find solutions for ensuring the security of citizens and organizations from threats such as terrorism, natural disasters and crime, while respecting fundamental rights, such as privacy.

Our research areas include, among others: cyber security, compliance & policy management, secure software engineering, security in virtualized environments, automated reconfiguration of security and high performance Security Information and Event Management (SIEM) systems.

Main Activities: 
  • Innovative security mechanisms (e.g. dynamic or adaptive features).
  • Compliance & Policy Management.
  • Security event and information management infrastructure (e.g. evidence-based policy enforcement, including security/privacy event monitoring, collection and assessment).
  • Security methodologies and frameworks (e.g. risk assessment and secure software development).
  • CyberSecurity: fight against malware and botnets, improved resilience against cyber threats.
  • Security of IoT and IIoT devices.
  • Critical Infrastructures protection
  • Security in shared service applications and infrastructures such as Cloud.
  • Applying Machine Learning to Advance Cybersecurity Analytics.
  • Security & Privacy in Social Networks.
  • Security of ICT in large distributed IT systems (sensor networks, interconnected critical infrastructures).
  • Information exchange, interoperability and data fusion for situational awareness.
  • Context-aware security and context-aware privacy protection.
  • Digital forensics (e.g. forensics in Cloud).
Current Research Topics and Findings: 
  • IoT/IIoT Security
  • Distributed Ledger Technology & Cybersecurity.
  • Machine Learning for Cybersecurity Analytics.
  • Trust (establishment of trust relations, management of trust).
  • High Performance Security Information and Event Management (SIEM).
  • High Performance Compliance Management, including: Evidence Collection, Compliance Assessments and Accountability.
  • Privacy by Design, Context-aware privacy enhancement and privacy preservation.
  • Security for Virtualized environments.
  • Secure Software Engineering.
  • Automated Reconfiguration of Security.
  • Risk and cost-driven security decision making.
  • Prevention of crime and efficient collaboration of police forces.
  • Data protection technologies and applications.
  • Botnets detection and mitigation.



Advanced networked agents for security and trust assessment in CPS / IoT architectures
Edit project Link

A holistic solution enabling trust and security by-design for Cyber Physical Systems (CPS) based on IoT and Cloud architectures.


Enhancing critical infrastructure protection with innovative security framework
Edit project Link

A unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection for Critical Infrastructures.


Ecosystem for collaborative manufacturing processes
Edit project Link

Digital automation framework that optimizes the manufacturing processes by exploiting existing data, knowledge and tools to increase productivity and dynamically adapt to changing market requirements.


Diversity enhancements for security information and event management
Edit project Link

Enhance existing SIEM systems to improve the quality of events collected, add support for collecting infrastructure-related information, create new ways for visualising the information, and allow the use of multiple storage clouds for secure long-term archival.


Cybersecurity for small and medium-sized enterprises
Edit project Link

Cost-effective suite of cyber-security tools to support SMEs in managing network information, security risks and threats.


Strategic, tactical, operational protection of water infrastructure against cyber-physical threats
Edit project Link

Focuses on the strategic, tactical and operational protection of critical water infrastructures against physical and cyber threats by bringing together a strong team of partners from Europe and Israel to develop solutions to the most pressing threats.