From Research Results to Strategy: A Mapping Exercise.

Abstract

In 2013, the European Commission released the Cybersecurity Strategy for the European Union [EU2013] outlining the EU’s vision for ensuring strong and effective protection in the digital world. At the same time, research in cybersecurity and trust is very active in Europe. In fact, security research project panorama is quite vast and diverse, making it extremely challenging to derive a single and comprehensive view of the results.

The research project community, facilitated by the CSP Forum project cluster activity of SecCord coordination action, decided to perform a research portfolio analysis’, to evaluate how they can contribute to European strategy. The idea of this ‘research portfolio analysis’ is mapping the research results coming from security projects to the priorities of European cybersecurity strategy and analysing how projects can provide significant inputs.

At a very abstract level, we observed that to cope with the increasing complexity and dynamicity of today’s large software systems, security research is moving in the direction to provide automatic methods and tools, ultimately reducing human intervention. This automation trend is visible at different levels, such as automatizing security configuration checks, making security certification flexible and dynamics, increasing the automatic security controls at code level, automatizing testing, and automatizing privacy policy handling. Beyond this general trend, the major research lines are addressing the core pillars of cybersecurity strategies, such as Confidence Building, Data Protection and Security Assurance and Certification

An extended version of this paper is available as a report at http://www.cspforum.eu/CSPReport.pdf CSP Forum 1st Clustering Workshop on Cyber Security- Report [CSP2013]