Our Consortium

Athlone Institute of Technology (AIT) – Ireland

AIT is a leading centre of applied research in networking and software engineering in Ireland. It has over 6000 students on campus drawn from some 25 countries. The Software Research Institute (SRI) conducts research in the areas of network security, network management and networked media. Current research activities include cloud and IoT security, IoT interoperability and distributed data analytics, application aware networking over SDN and ICN and QoE in immersive media. SRI has engaged in more than 400 research projects at national and international levels and works closely with industrial and IT companies to commercialise research outputs. AIT personnel have been involved in a number of CELTIC (MADEIRA, MAGNETO, COMMUNE) and EU research programs including RACE (ADVANCE) and FP7 (4WARD, EFIPSANS). AIT leads security research in the Irish Centre for Cloud Computing and Commerce (IC4) a nationally funded program for cloud research.


AIT is the Project Coordinator and has overall responsibility for the management and direction of the project. Its main technical contribution is to context awareness in WP4 based on ongoing research and expertise in this area – it is also WP leader. It contributes also to WP5. AIT has both research and engineering expertise and will employ both capabilities to help ensure that both the novel and applied aspects of the project are covered.


SYNYO GmbH – Austria

SYNYO is an innovative company based in Vienna and structured into the divisions of research, development and consulting. Focused on “ICT & Society”, SYNYO follows a research-oriented approach, holds in-depth expertise in technical development, social research, and merges these areas successfully within applied research projects. The SYNYO staff consists of highly motivated academics specialised in various technical fields, including software engineering, architecture design, proof of concept prototyping, application development, Social Media analytics and usability testing. SYNYO also covers various social research disciplines such as security research, technological sociology, mass media and conflict communication and social research methods. In various projects SYNYO uses innovative methods such as monitoring approaches or collective intelligence techniques to collect, filter and present user generated content and mass data out of social media.


The primary role of SYNYO in the project will be to coordinate the effort in the pilots under WP7. Throughout the project duration SYNYO will be involved in the data analytics and visualisation tasks. Considering the extensive networks of partners and affiliates from governments, industry and research sectors SYNYO will also ensure wide-reaching impacts of the project closely supporting the activities of WP8.


Poznań Supercomputing and Networking Center (PSNC) ‒ Poland

PSNC is a research center affiliated to the Institute of Bioorganic Chemistry of the Polish Academy of Sciences. It employs about 300 people. It is an HPC Center, Systems and Network Security Center and R&D Center of New Generation Networks, Grids and Portals. PSNC is also the operator of Polish NREN PIONIER and Poznan Metropolitan Area POZMAN networks. All PSNC’s divisions have an active computer science research group working e.g. on aspects such as: middleware, tools and methods for Grid and HPC (incl. cloud) computing, resource management, security mechanisms and policies, distributed storage management, Data Center issues. PSNC has participated in numerous R&D projects e.g.: European: RinGrid, GridLab, Porta Optica, Phosphorus, RinGRID (all 5 as the coordinator), CrossGrid, SEQUIN, 6NET, ATRIUM, EGEE (I-III), GN (2/3/3+/4), PRACE, HIPERMED, P-MEDICINE, HPC Europa. The national projects include e.g. Virtual Laboratory, SGIgrid, Polish Platform for Homeland Security (PPBW), PLATON, National Data Storage (1-2), PL-Grid/PL-Grid+/PL-Grid NG (the Polish NGI), SECOR, ZPTP, dLibra. Thus PSNC has necessary experience to coordinate part of the research.


Security has always been crucial for PSNC. The Cybersecurity Department (http://security.psnc.pl/en, formerly PSNC Security Team), since 1996 groups people concerned about IT security research. Its tasks include securing the infrastructure of PSNC, PIONIER and POZMAN networks (via PIONIER CERT), security research in R&D projects, security audits and assessments. Currently the Department employs 10 experienced security experts (1 Ph.D.). Since 12 years, the Department conduct research on cyber threats detection. The first internal prototype of VALIS IDS was deployed in Progress project. The next prototype, MetaIDS, was built in the national project “Knowledge and Information Management in High Security Level Services”. It was also deployed in the “Advanced Architecture of Integrated IT Platform for the Polish Police” (ZPTP) national project. Most recently, PSNC participated in SECOR national project aimed to build an advanced correlation engine for detecting anomalies. This research is going to be continued and extended in PROTECTIVE.


PSNC is the technical coordinator and has responsibility to ensure interoperability of individual components delivered within the Project. Its main technical and research contribution is to correlation and prioritisation within WP3, framework development, integration and system tests within WP6. PSNC as NREN operator will take also active role in WP7 (Pilot Management and Execution).


The Email Laundry (EML) ‒ Ireland

The Email Laundry (EML) is a trading name of Clean Communications Ltd. The company was founded in 2007.

The company currently develops services for hosted email security, email security, email continuity, email archiving, email branding, web security and end-user phishing awareness training. The company markets these services through its Managed Service Provider (MSP) partner channel with primary markets being Ireland, the UK and the USA. Service users are from both the public and private sectors in the industry.


EML will lead the SME pilot 2 component in WP7. This will involve leveraging PROTECTIVE tools and actionable data into three specific areas – an information sharing service, a virtual firewall service and improvements on the existing email security service. EML will also provide relevant Threat Intelligence feeds to PROTECTIVE that will be leveraged by end-users of the system.


Technische Universität Darmstadt (TUDA) ‒ Germany

Since its foundation in 1877, the Technische Universität Darmstadt (TUDA) has been an internationally oriented university with a strong technical focus. TUDA has been ranked repeatedly among the top three technical universities in Germany.


The Telecooperation (TK) Division (head: Prof. Dr. Max Mühlhäuser), under the department of computer science, targets cooperation among humans and machines, based on information & communication technology. Ubiquitous Computing denotes the next era of Telecooperation, where humans are surrounded by zillions of networked computers that support all aspects of our daily life. Research at TK emphasizes cooperation of different kinds of parties: (1) humans, most of them not using a desktop PC, (2) smart services, i.e., distributed context-aware software components and (3) sensor nodes of all kinds, i.e., wearable computers, appliances embedded sensors, etc. The TK Division consists of about 30 researchers, organized into the following ten areas of research: Smart Environments, Model Driven Interaction, Talk and Touch Interaction, Smart Security and Trust, Secure Smart Infrastructures, Peer-to-Peer Networking, Tangible Interaction, Smart Interaction, Ambient Learning Structures, and Smart Urban Networks. TK’s extensive background on smart environments, multimodal user interfaces, distributed systems, critical infrastructure security, and privacy & trust together with the profound expertise from plenty of public or industry funded research projects form a solid basis for coordination and providing substantial contributions.


TK is working on cyber security topics namely privacy, security, and computational trust for last 8 years and has more than 70 publications on these topics. The topic of cyber security is also one of the 6 main research pillars of TUDA. In last years, TK has been successful in acquiring and being part with some of the high valued research clusters and projects affiliated with TU Darmstadt. TK has recently acquired and being part of two German Research Foundation (DFG) funded research clusters: i) doctoral college “Privacy and Trust for Mobile Users” and ii) collaborative research centre “CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments”. TK is also participating in the European Centre for Security and Privacy by Design (EC SPRIDE) and a project (PolyEnergyNet) linking smart micro-grids with cyber security, funded by the German Ministry of Education and Research (BMBF).


TUDA will focus on improving the management and sharing of threat intelligence within the community of NREN CERTS. This task will be executed in WP5. TUDA will contribute their expertise of computational trust management for the purpose of assessing and visualizing the quality of threat intelligence.



RoEduNet was officially founded in August 1998, through a Romanian Government Decision (HG 515/August 21st, 1998 modified by HG 1056/September 8th 2005) as a separate institution under the administration of the Romanian Ministry of Education and Research. Actual name of the institution is Agency ARNIEC, legal name in Romanian being “Agentia de Administrare a Retelei Nationale de Informatica pentru Educatie si Cercetare”.


RoEduNet acts as the Romanian National Research and Education Network (NREN) and is a member of the GÉANT association and CEENet (Central and East European Networking Association). RoEduNet connects a large number of Local Area Networks to a national WAN data communication infrastructure. This infrastructure is operated by Network Operations Centres (NOCs) in Bucharest, Galati, Iaşi, Târgu-Mureş, Cluj, Timişoara and Craiova. The aim of this technical complex is to offer the participants – universities, high schools, cultural, scientific and non-profit research institutions – the means to communicate with each other, as well as to have access to Internet information resources.


RoCSIRT, the CSIRT service offered by Agency ARNIEC – RoEduNet is operational since December 2008. The primary purpose of RoCSIRT is to provide mechanisms for institutions connected to RoEduNet to deal with computer security problems and their prevention. Two main goals can be specified:


  1. Handle security incidents and solve security problems occurring within the RoEduNet operated network and systems;
  2. Warn and educate systems administrators and users by means of information distribution.


RoCSIRT constituency is formed by all RoEduNet connected institutions (research centers, universities, high schools, primary schools etc). Additionally, RoCSIRT may provide CSIRT services to other entities within Romania. Those entities are considered by RoCSIRT as an integrating part of its constituency if they comply with specific conditions related to sensitive information handling. RoCSIRT is member of TF-CSIRT and is accredited by Trusted Introducer. Also, RoCSIRT is member of FIRST.


RoEduNet will focus on pilot activities of WP7, especially execution, monitoring and feedback phases, alongside with the other two participating NREN CERTs/CSIRTs. Also, RoEdunet will contribute in defining user requirements within the context of this project (WP2), domain and technology requirements for the modelling and visualisation (WP4 and WP5). WP8 dissemination objectives will be materialised at RoEduNet annual conferences as well as through RoCSIRT’s participation in network security-related meetings.


GMV Soluciones Globales Internet S.A.U (GMV) ‒ Spain

GMV Soluciones Globales Internet S.A.U, hereinafter GMV, belongs to GMV Group which is a privately owned holding founded in 1984. It provides engineering and expert support services to the aerospace, defense, transportation and telecommunications industries. It designs, develops, integrates and delivers turn-key systems for advanced applications in these markets.


Clearly geared towards high-technology markets such as the aerospace, and defence, or aeronautics markets, the group’s structure is now made up of four subsidiaries: GMV, S.A. (telematics solutions for aerospace and defence) GMV Sistemas, S.A. (GNSS applications and transport), GMV-SGI (Soluciones Globales Internet, S.A., Global IT Security and e-Solutions) and GMV Space Systems Inc made of different subsidiaries. One of these subsidiaries is GMV-SGI.


GMV aims at supporting the organizations wishing to integrate the new IT services into their business processes. Furthermore, GMV has become a reference company in the IT Security field and thus is specialized in providing our customers with Security, IT infrastructure engineering and integration, having in place an Information Security Management System certified by AENOR according to ISO27001.


GMV main areas of expertise in the IT security field are: Corporate security policies and plans, Network security, R&D on new telecomm networks, Public Key Infrastructure, Security audits, Secure applications development; with target markets: Defense, Banking and Finance, Telecommunications, Information Technologies for Public Administration and large corporations.


GMV is the WP6 Leader in PROTECTIVE. GMV will also be a main actor in the correlation specification and implementation. Additionally, GMV will also have an important role in the development of the pilots, especially correlation pilots, according to its profile a as a commercial partner. GMV’s expertise with end users in big companies and its daily collaboration with CERTs as Service Provider provide the needed expertise to execute these tasks successfully. GMV will contribute to the project execution with his knowledge and expertise in security and in correlation based in Big Data architectures, result of the daily activities developed in the context of its clients. We consider this expertise to be of great value to the execution of this project.


CESNET, a.l.e. ‒ Czech Republic

CESNET, association of legal entities, is operator of Educational and research Network of The Czech Republic. CESNET was held in 1996 by all universities of the Czech Republic and the Czech Academy of Sciences. Its main goals are:


  • operation and development of the Czech NREN
  • research and development of advanced network technologies and applications
  • broadening of the public knowledge about the advanced networking topics


CESNET participates in corresponding international projects and platforms. The most important international relationships of CESNET association are – GÉANT Association member, CEENet member, GLIF participant, Internet2 international partner. At national level CESNET is founding member of CZ.NIC, a. l. e. (operator of national top level domain .cz) and NIX.CZ, a. l. e. (Czech peering centre), member of CSIRT.CZ Working group (group organized by CSIRT.CZ, National CSIRT Team of The Czech Republic) and founding member of project FENIX – a project aimed to ensure uninterrupted Internet services for connected entities during DoS attacks.


CESNET e-infrastructure is very large and can be divided into several logical self-contained parts. The main components are: communication infrastructure (CESNET2 network), grid infrastructure for mass computations, storage infrastructure and remote collaboration infrastructure.


CESNET communication infrastructure is called CESNET2 (AS2852). Currently there are about 310 organizations connected into CESNET2 network, 27 members (Czech universities and The Academy of Sciences of the Czech Republic) and about 280 “participants” – organizations that deal with science, applied research and development, dissemination of culture and education. In total CESNET e-infrastructure is utilized by more than 400 thousand users – the biggest group are students and the most important scientific workers.
CESNET operates security team CESNET-CERTS. Its constituency covers the CESNET2 network, i.e, all IP addresses within the AS2852 autonomous system. CESNET-CERTS addresses and coordinate the resolution of security incidents involving CESNET2 in cooperation with the security teams operated in the end-networks connected to CESNET2.


CESNET will have an important role in development of the TI sharing component (and therefore in WP5) since it has a lot of experience with alert sharing and corresponding data formats and taxonomies from its development and operation of the Warden system ( a system for efficient sharing detected security events). CESNET will also be one of the NRENs taking part in the pilot deployment of the PROTECTIVE solution (WP7). CESNET will utilize its long-established and experienced CSIRT team to test the PROTECTIVE solution during the pilot, so it will be able to give a valuable feedback. Also, good contacts of the team in national, European as well as worldwide CSIRT community will be useful for dissemination activities in WP8.


ITTI sp. z o.o. (ITTI) ‒ Poland

ITTI sp. z o.o. is an SME working in IT and telecommunications sectors, located in Poznan, Poland. The company has at present a team consisting of approximately 80 persons. The activities of ITTI can be grouped into three categories:


  • technical consulting in the area of telecommunications and IT – ITTI assists end-users in purchasing, implementation and optimisation of IT and telecom systems; a number of professional methodologies are used in this area, e.g. PRINCE2, CISA, PMI, TOGAF, ITIL, ISO 27001, BS25999; ITTI offers also its services to practically all key telecommunications players in Poland;
  • applied R&D in the area of IT and telecommunications – ITTI contributes to the R&D projects providing the expertise in the following areas: cybersecurity, simulation of telecommunication networks, simulation of procedures in crisis situations, user requirements, system design, data processing (ontologies, data mining), lessons learnt systems, graphical user interfaces, mobile applications, quality of service and quality of experience;
  • development of innovative applications and software solutions – ITTI designs and develops innovative solutions which are adjusted to customer needs (e.g. in crisis management and health sector).


ITTI carried out research activities in the following programmes: EU-funded initiatives, currently in the Horizon 2020 (formerly also FP7, FP6 and FP5), European Defence Agency programmes (e.g. JIP-FP, JIP-CBRN) as well as EC CIPS Programme and NATO Industrial Advisory Group studies. The company has also been active in some Polish applied research projects. Recently, ITTI has been also involved in the first projects for European Space Agency (ESA) and ENISA (i.e. Enabling and managing end-to-end resilience for ENISA, and Consulting services in the area of Optimization of ENISA Threat Analysis Process for ENISA).


Moreover, ITTI is an institutional member of the Public Safety Communication Europe (PSCE) Forum, Integrated Mission Group for Security (IMG-S) and ITIC Group – International Telecommunications and IT Consultants. ITTI is also one of the co-founders of Polish Space Industry Association and participates to Wielkopolska ICT Cluster.
In the recent years ITTI was awarded the prestigious “Cristal Brussels Prize 2013” for the most active and successful Polish company participating in FP7, while in 2009 ITTI received the reward for high performance in R&D projects for the European Defence Agency awarded by the Polish Ministry of Defence.


ITTI is the WP8 leader, with main focus on exploitation (Exploitation & Innovation manager) and managing the WP8 as a whole. ITTI is the leader of task 4.2 (context awareness) where we will be working on the vulnerability management (extending capabilities of tool Cyber Tool).


University of Oxford (UOXF) ‒ UK

UNIVERSITY OF OXFORD (UOXF) ‒ The University of Oxford is home to world-leading research in a variety of subjects including in cyber security. Cyber Security Oxford is a network of academics bringing together experts from a broad range of disciplines in Oxford to address the cyber security challenges of the 21st century. With over 60 academics working in over 26 units across the University, the network at the university is able to address the difficult questions that cross the borders of traditional academic disciplines. For instance: what does ‘good’ cyber security look like? How does that change in different contexts (business, government and society)? How can technology interact gracefully, yet securely, with complicated human realities? In July 2012, Oxford was one of the first universities to be recognised by GCHQ (UK Government Communications Headquarters) and EPSRC (the UK Engineering and Physical Sciences Research Council) as an Academic Centre of Excellence in Cyber Security Research. Members of the PROTECTIVE consortium have been key players in the projects related to understanding how cyber-security alerts relates to the mission of an enterprise (CyberVis), corporate insider threat detection (CITD), development of automated network defences (RicherPicture), and understanding trust in cyberspace to creating systems for enhanced physical situational awareness and computational trust (TEASE). Oxford will work on WP2 – a work package that focuses on the requirements analysis and conceptual model development (a form of specification that assures the PROTECTIVE tool is as straightforward for CERTs to adopt as possible, and caters their specific needs). Furthermore, this enables Oxford to also feed into the other work packages from a theoretical perspective, but also to share their lessons learned on progressing from theory to implementation.