1. INTRODUCTIONSecurity has become a growingconcern in the European politicaland societal context, but the needsof the European Union in this fieldhave yet to be further studied andunderstood.In this context, IMG-S was createdas a structured technologyplatform to build a commonunderstanding between academia,industry and end-users towardsidentifying R&T priorities that mayanswer to the European securityneeds and gaps.In this process, new, emerging anddual use technologies areidentified and related to end-userrequirements and needs, therebyfacilitating the transition from thepure research field to Europeandevelopment programmes and theglobal market place.The IMG-S Position Paper presents theGroups perspective with respect to theEuropean technological research prioritiesfor the Security domain in Horizon 2020(H2020).It is based on expert contributions from 119organisations from 24 European countriesparticipating in IMG-S. This is the result ofwork being developed in several TechnicalAreas and Working Groups that representkey knowledge areas in the Security domain.IMG-S participants have extensiveexperience in European Union securityincluding ERSP, ESRIF, EPCIP, ESRABand many projects conducted within theSeventh Framework Programme (FP7).The IMG-S Position Paper is intended to bea source of information for stakeholders inEuropean Security Research, specificallythose engaged in research orientation andmanagement (namely within the EuropeanCommission H2020 management), nationalsecurity research representatives anddirectors, as well as end-users andregulators.This Position Paper presents the IMG-S viewof research priorities for Horizon 2020 aspresented in the next table. Its researchtopics are further described in the Paperssections pertaining to the respective IMG-STechnical Area or Working Group. Whenapplicable, critical technologies are alsopresented.The paper concludes by providinginformation about IMG-S and onlineresources with further material.Next, IMG-S view on critical technologies isdescribed.Critical TechnologiesIn order to fulfill capability needs in responseto themes and missions, some basic ortransversal technologies must be used,adapted or specifically developed.

2. INTRODUCTIONSome of these technologies can benefit, ifplanned in synergy, from other H2020themes and topics, in particular the 4 Keyand Emerging Technologies (KETs) areas,space and societal challenges such asenergy. Joint approaches and even joint callsmight be recommended in such fields asinnovative materials, photonics andinformation technologies.The IMGS experts propose a first list ofcritical technologies addressing civil securityand defence issues and that may benefitfrom such transferable technologies.An additional aim of this action is to considerdefence and security synergies andsynchronize the understanding of capabilityrequirements for civil security and defence.Criteria used to evaluate if a technologyshould be included for consideration are:1. Critical items for which no adequate orsufficient development is on going;2. The technology is not available from aEuropean source and the unrestrictedavailability from non-European supplierscan not be assured;3. Items with a civil-defence urgentoperational requirement;4. Items thatshall have a clearly identifiedfunction and performance target;5. Items that shall be multi use and/orapplications (i.e. not an enablingtechnology for a one shot use);Items shall be of low integration level, morespecifically, shall be building blocks andcomponents.Critical technologies were considered asbelonging to three categories:Security focused that should be handledwithin the H2020 security theme (ornational programmes),Key enabling that should be developedeither in the security theme or in joint callswith other themes,Generic technologies that can serveseveral themes and may just need limitedadaptations from other applications. 3. IMG-S H2020RESEARCH PRIORITIESIMG-S H2020ResearchPrioritiesH2020 R&D ActivitiesAdaptiveWideAreaSurveillance&MonitoringSystemCitizenasasensorSituationAwarenessSharingPerformancemetricsforsurveillancesystemsFutureBorderSurveillanceAutomatedBorderControlUnderwaterSecurityHugeheterogeneoussensorsnetworks(HSN)forWideAreaSurveillanceSecurevehiclecommunicationsforsecurityapplicationsNextgenerationPPDRcommunicationsAdvancedcapabilitiesforlawenforcementImprovingcrisismanagementresponseAutonomousplatformsforcrisismanagementImprovingthefirstresponderworkloadPhysicalProtectionofInfrastructureEuropeanPlatformforSimulationandTrainingReducingthesocietalcostofrestorationResilienceByDesignEnablingrapidexternalassistanceEngagingthepopulationincrisismanagementRapidindicatorrecognitionEuropeaninformationplatformforfightersagainstorganisedcrimeandterrorismMultinationalinformationexchangeplatformSmartenvironmenttoreduceCBRNEimpactAgroterrorismandsecurityofthefoodchainDetectingCBRNattacksonutilitydistributioninfrastructuresEfficientCBRdetectioninsupportoftradeStand-offCBREdetectionandidentificationNano-securityFieldBasedDrugdetectionandidentificationImprovingCBRNEdisastermanagementHarmonizingdetectionandidentificationofbioagentsFighting Crime and Terrorism Cyber crime and cyberterrorism Strengthening securitythrough border management Critical infrastructureprotection Increasing Europes resilienceto crises and disasters Enhancing the societaldimension of security Enhancing interoperability Addressing the EU-externaldimension of security Future and Emergingtechnologies 4. TA 1 | TA 3 SURVEILLANCEAND IDENTIFICATION SYSTEMSta1@imgs-eu.orgSurveillance and Identificationsupply information to securityoperators concerning possibledangerous situations and events.The pervasive exploitation ofsurveillance and identificationtechnologies and systems suffersfrom several drawbacks, related toreliability (too many false alarms or,on the contrary, missed detection ofspecific events), usability(operators can be overwhelmed bydata load) and citizen acceptance(concerns about trust, privacy andindividual freedom: the BigBrother effect). The desiredevolution of Surveillance andIdentification in the Europeanperspective calls for technologyenhancements along withprocedural amelioration, in therespect of citizens personal rightsand user- and citizen-friendliness.R&D and I Priorities for H2020 Adaptive Wide Area Surveillance &Monitoring System - Wide area surveillancewill be a major key contributor of Horizon 2020societal challenges:Monitoring and controlling networks utilities(transport, energy, food, )Improve data gathering in such a way thatit allows a real situation awareness forwide areas when neededReal time information for citizen(everywhere, every time)Climate action and especially resourcemonitoringWe need to develop advanced technologies tomeet these challenges:Dust of sensorsNew platforms (HASP, airships, ultra-lightUAV, UGV, USS, )New sensors (low cost radars,hyperspectral, active optronics, ) 5. TA 1 | TA 3 SURVEILLANCEAND IDENTIFICATION SYSTEMSData fusion and big data managementEnforcing privacy and freedom is a specificchallenge as all these technologies may bedetrimental. Privacy by design may be a wayto take this point into account. Citizen as a sensor - Citizens areincreasingly adopting more mobiletechnologies (with advanced capabilities) andinformation sharing and consuming behaviors.Improved and ubiquitous connectivity resultsinan always-connected state. This themeexploits the fact that citizen will be more andmore connected becoming a real integratedsuite of sensors Situation Awareness Sharing - thepresence and production of high amounts ofinformation are the consequence of theInformation Age. However, it also surpassesthe processing capacity of most entitiesleading to information overflow. New andsmart European alerting systems and crisismanagement systems will greatly benefit fromincorporating information from numeroussources, but new methods and technologiesare required to manage new smart alertingsystems.Topics to be considered are related to:Heterogeneous data and sources of data,and new actors in the system.Operators cooperation, in terms oftypologies (variety of operators, variety ofcooperation such as hierarchical orfunctional) and tools (task representation,assisted task allocation, assisted dialog).Displays and controls for situationawareness and multi-entity cooperation &communicationAssociated main issues are:Fault tolerant infrastructureHarmonized certification and evaluationschemesProtection against physical and logicalintrusionInterfaces standardizationUpload and download informationInformation processing capacity Performance metrics for surveillancesystems - Standardization and validation ofsurveillance systems performance withrespect to spatial, temporal and environmentalvariability by means of definition of severalperformance metrics allowing the analysis ofthe scalability, reliability and efficiency ofsurveillance systems.Main items:Assessment of the performance of stand-alone sub-systems with respect tofunctional requirements ofcomplex/integrated systems through a setof application-based indicators andbenchmarks;Assessment of integrated platforms basedon a joint simulated/test bed approachtaking into account data collection,processing, classification, retrieval andfusion. Future Border Surveillance - a mainchallenge of future border surveillancesystems is continuous and full coveragesurveillance: surveillance shall cover the full 6. TA 1 | TA 3 SURVEILLANCEAND IDENTIFICATION SYSTEMSborder area 24/7 to be able to provide realtime detection, early warning and riskassessment to allow in-time response.Coverage of ground, air, sea, underwater andunderground both for people and goods:Detection and Classifications of objects:e.g. detection of humans, classificationhuman vs. animal for ground surveillance,detection of small vessels and smallairplanes at low altitudes at long ranges.Interoperability of different sensingsystems and integration of different sensormodalities.Interoperability of detection, riskassessment systems and responsesystems to be deployed in complexcontexts such as multinational operations,heterogeneous end-user organisationsetc..The research shall be done taking intoaccount societal aspects of surveillancetechnologies and respecting privacy insideand outside Europa. Automated Border Control - Mainchallenge is to increase the speed andconvenience of the border crossing bykeeping security at the highest level for peopleand goods. Harmonization is needed onEuropean level; standardized equipment,procedures and security processes shall beproposed. Future technologies of identificationand surveillance must be brought intoconsistent legally correct and operationalefficient procedures with minimum intrusion ofprivacy. Future developments are needed forfast biometric identification, detection of illegalgoods. Develop an integrated approach withcustoms and actors within the supply chain.Border control must be integrated with theprocesses of infrastructure operations forgetting advance information and to speed upthe overall process. Underwater Security - Sea and Oceanenvironments are becoming more and moreimportant elements in human economy and,because of their basically different conditions,they are managed in a much less affordableway than surface and air environments.Underwater represent potential threats:maintenance of the sea bottom andsurveillance of pollutions are priorities for mostof the European Member States. Hundredsand perhaps thousands of sunken ships arelying in the seabed, containing dangerous andsometimes deadly wastes, ranging fromnuclear and radioactive slags to chemicalwastes with potential damages not only for thesea life, but also for the human society owingto the dependency by the sea food. Alsoimportant threats are connected to the need ofprotection of sites like the oil terminals, themilitary ship during their operations in supportof peacekeeping missions, the protection ofports with their high passenger volumes andthe surveillance of sea borders. 7. TA 2 COMMUNICATIONSta2@imgs-eu.orgTA 2 Communications addresses alltechnologies employed incommunications in the Securitycontext.Encompassing network relatedaspects and applicable services,communications are an enabler tosecurity applications, such asborder surveillance, homelandsecurity, mobile systems for firstresponders and sensor networksfor wide area surveillance.Communications offer efficient andcost-effective mechanisms toexchange data between nodes,overcoming physical barriers anddistance. Interoperability amongdiverse security systems is ofparamount importance, as are theissues pertaining to confidentiality,privacy, security, safety andReliability, Availability andMaintainability / Serviceability(RAM/RAS) conditions.R&D Priorities for H2020 Large heterogeneous sensors networks(HSN) for wide area surveillance - In anincreasingly complex and unpredictablesecurity environment,effectiveness dependson close, accurate and precise observation oftheenvironment, so that proper and rapidaction may be taken by competentauthorities.Developments in sensors, networks,communications, mobility and miniaturisation,together with the reduction of the relatedproduction costs, enable the implementationof a wide surveillance system, based on largeheterogeneous sensor networks. A number ofapplications may be implemented applying theHSN concept for wide area surveillance,namely:urban environment monitoring,monitoring and detection of criticalinfrastructures early failures,border surveillance, support for firstresponders during emergency or crisissituations. 8. TA 2 COMMUNICATIONSMoreover, sensors may offer crucialinformation to First Respondersandoperational officers during an emergencyor crisis intervention by augmenting andenriching situational awareness andunderstanding.RTD technical challenges and issues relatedwith the implementation of HSN for wide areasurveillance include:autonomy,automation (minimal operator interventionrequired),interoperability,security and privacy,resilience,mobility,plug-in interfaces to external systems,energy efficiency,which should be tackled while keepingreasonable cost of the overall system.Furthermore, implications on privacy,legal/ethical and societal dimensions have tobe considered as well. Secure vehicle communications forsecurity applications- As the density of thevehicles used for transportation increasesfrom year to year, there is a growingopportunity for the development of vehiclecommunications systems (VCS). In thesecurity perspective, there are severalchallenges which need to be solved in thiscontext, including:selecting the appropriate securityapproach for different communicationstypes;need for more efficient flooding andGeocast strategies;assuring adequate security and privacylevels;integrating with other networks;effectively applying emerging features(self-forming, self-configuration, self-healing, self-recover, smart routing);delay-tolerant networking;assuring secure localisation;protecting from malicious attacks;Implement early warning and detection ofattacks (such as intrusion detectioncapabilities) and, subsequently, recoverymechanisms;providing support to communications indifficult environments.In a broad sense, VCS comprise networknodes, that is, vehicles with communicationsand networking and infrastructure units, thatis, units equipped with onboard sensory,processing, and wireless communicationmodules (e.g., road-side infrastructure unitswhen dealing with automotive systems).Among the main applications in this area, it ispossible to highlight:securingvehicular communicationssystems,maritime VCS for broadband and high-performing communications,VCS for broadband and high-performingcommunications in closed environments(tunnels),air-land VCS for broadband and high-performing communications during crisis. Next generation PPDR communications -Public Protection and Disaster Relief (PPDR)operations (which include search and rescueand disaster recovery) would greatly benefitfrom the capability to support high datarate 9. TA 2 COMMUNICATIONSthroughput to enable the real time exchangeof critical information (position and status),using rich formats (picture and video feedsabout an event). Meeting stringent PPDRrequirements (high availability and reliability)is too difficult for most civilian technologies(cellular technology). Moreover, PPDRs dealwith spectrum constraints and congestion,thus the use of spectrum is limited to voiceand text. There have been a few advances inthe telecommunications sector, promoting amore flexible and dynamic use of thespectrum, being the most notable one theCognitive Radio (CR) technology. CRs canexploit the best available opportunities forradio communications, including dynamicselection frequencies, selection of best radioprotocols, waveforms and cognitivemanagement. Additionally, CRs flexibilityensures a key requirement for PPDRs: thebackward compatibility with legacy systems(TETRA and PPMR). Additional PPDRrequirements encompass mobility,miniaturisation and human factors(lightweight, autonomous, simple-to-use,ergonomic and comfortable). Therefore, thestudy, research, development,experimentation and validation of CRtechniques and technologies for PPDRoperational use are highly recommended. Thisapproach requires addressing the specificitiesof the security sector, including needs,requirements, the spectrum bands used forsecurity purposes across the European Union.Critical TechnologiesPublic Safety services depend highly oncommunications capabilities. Thisdependency will increase in coming years dueto the growing application of newcommunications technologies by theinformation society.In accordance to TA 2, the pertinent corerequirements for Communicationstechnologies applicable in Security are:(a) Provision of wide networks, both fixed andmobile, and including ad-hoc networks withbackup options;(b) High data rate throughput (LTE anddynamic use of spectrum), in particular forapplications requiring image and videotransfer;(c) High reliability and availability for publicsafety services require constant access tocommunications assets;(d) Assurance of information security becauseexchanged or transmitted information mightbe sensitive;(e) Mobility, since first responders and oftendecision-makers are either deployed or on themove;(f) Localisation of people (especially firstresponders), equipment and resources, is acritical factor in life-threatening situations;(g) Interoperability is important for there arenumerous legacy systems being used bymultinational and joint teams in securitymissions that tend to be more and moreinterdisciplinary.TA 2 Communications signals the importanceof building awareness to the increasing needfor communications between public safetyservices and citizens (bi-directionalcommunications). Social media networks andplatforms are in fact becoming more and more 10. TA 2 COMMUNICATIONSpopular, offering novel communicationspossibilities.Moreover, it is noted that the Internet of things(IoT) empowers additional opportunities forsecurity-focused applications.Issues herein defined represent majorchallenges facing todays researchers,working and studying the applicational area ofcommunications in the Security domain. 11. TA 4 PROTECTION, NEUTRALISATIONAND RESTORATION TECHNOLOGIESta4@imgs-eu.orgTA 4 is mainly focused on thetechnology solutions and provides aconsensual view on Europes researchpriorities for Protection, Neutralisationand Restoration.H2020 recognises the need for Europeto anticipate, prevent and managesecurity threats, requiring innovativetechnologies, solutions andknowledge. TA 4 is relevant for anumber of specific objectives thatsupport the EUs policies for internaland external security: Fighting crime and terrorism; Increasing Europes resilience tocrises and disasters.The EU faces many challenges in thesecurity domain, most characterisedby threat unpredictability. TA 4focuses on delivering technology andsocietal solutions to increaseresilience and strengthen recovery toman-made and natural disasters.R&D and I Priorities for H2020 Advanced capabilities for lawenforcement- Law enforcement officers playa major role in policing and security. Theyhave to enable citizens lawful activities, toprotect human rights and to be prepared forpublic disorder, major incidents and acts ofterrorism. Key to their mission is the ability togather intelligence, record crime andincidents, retrieve information from policesystems and input data, identify found people,but primarily to be accessible to theircommunity. As the intentions of the threat maybe unclear or below the law enforcers radar,law enforcement officers must have thecapability to execute an adaptive, graduatedresponse according to the threat level. Theyneed to spend as much time as possibleengaged in traditional policing, being seen bycitizens but respectful of privacy. In addition to 12. TA 4 PROTECTION, NEUTRALISATIONAND RESTORATION TECHNOLOGIESthe daily police work, they also have to actquickly in critical situations, where effectiveprotection is needed and the use of forcerequired. In these cases, their equipment mustprovide them protection and be compatiblewith performing the required activities. Toaccommodate H2020 needs, further researchshould be applied on adaptive and proactiveprotection for responders against diversethreats and on the delivery of more efficientreaction equipment that meets societalexpectations and needs. In addition, work isrequired to address ethically acceptablemeans of weapons, vehicles and personnelneutralisation. Improving crisis management response-A response system must support all therequired tasks performed by all theorganisations involved at the various levels inthe emergency management effort, from theresponse phase, such as fire fighting, marinepollution protection and search and rescue, tothe preparedness and the recovery phases,including training, planning and best practices.Innovation research needs include:(a) Improved communications, to ensure end-to-end connectivity and security with wirelessnetworks;(b) Improved decision support and situationawareness, with focus on information filteringand delivery, establishment of social,informational and ICT networks andorganisational awareness;(c) Improved integration and connection withlegacy systems (ontology conversion).(d) The exploration of rapid deployable multi-disciplinary teams for crisis management;(e)Citizens involvement in crisis managementfrom prevention, to early detection, responseand recovery. Autonomous platforms for crisismanagement - The operation of FirstResponders (FR) in critical situations (either ofnatural or human origin) may be conditionedby a number of factors, which can causeserious risks for human operators, alsoreducing their effectiveness. Moreover, indangerous situations (fires, earthquakes) thedecision to send a FR team into an unreliablebuilding is subject to confirmation of thepresence of citizens inside, which often mayonly be verified by direct observation. In thesecritical situations, a robotic platform with thenecessary skills to operate in hazardousenvironments, in place of or in cooperationwith a FR team, would substantially reduceinjury or loss of life among FRs, whileenhancing overall operational effectivenessand capability. Currently, the use of roboticdevices is not yet reasonably efficient,autonomous and cost-effective, a situationthat prompts the need for substantialimprovement in the behaviour and skills offuture robotic implementations to meetoperational needs. In particular, research isrequired on improved mobility, cognitivefeatures, mission capability, human machineinterface and societal acceptance ofautonomous platforms for crisis response. 13. TA 4 PROTECTION, NEUTRALISATIONAND RESTORATION TECHNOLOGIES Improving the first responder workload -FRs need a variety of equipment andenvironmental support measures to meetdifferent operational capability requirements.Research is required to continue the reductionof the FRs burden and to provide improvedrescue treatment and evacuation, includingImproved diagnostics and medical provision inthe field. A key enabler would be a light,ergonomic, intuitive Human MachineInterface, focused in new ways of offeringinformation to users, enabling natural andstraightforward use of equipment andcommunications and of ensuring minimalinterference with First Respondersoperations, while providing reliable, linked andaffordable detection. Research is alsorequired on improved cross-borderinteroperability of security forces, with theestablishment of procedures for forcecollaboration with reduced command andcontrol involvement. Physical protection of infrastructure -Substantial research has already beenconducted in the field of physical protection ofinfrastructures but research still remains to beconducted in active and passive measures toreduce the vulnerability and enhance theresistance of built structures against multiplekinds of hazards, whether natural or man-made. Research needs for H2020 include theconvergence of physical and cyber securitycapabilities and the rapid restoration after acyber security incident. Vulnerabilities andhardening of smart grids also requirecontinued research activities, as well as smartand adaptive built-in protection capabilities tocritical infrastructures. European Platform for Simulation andTraining - Modelling, Simulation and Analysis(MS&A) provides a valuable tool tounderstand the inherent causality in complexprocesses involving crises management. Withsimulation, the evolution of physical systemsand human actions can be predicted in a safeway and new technologies developed forindustrial design or entertainment (VirtualReality, Serious Gaming), providing newopportunities for simulation, useful to supportlarge-scale cross-border exercises. Today,there is a need to develop a generic pan-European simulation platform that forms thebasis for planning, training and managementof operations and critical events. The platformshould be used for training rescue services,medical personnel, police and militarypersonnel. It can be used as online support fordecision-making during actual operations, bysupporting the analysis of operational picturesand evaluating different courses of action. Itmay also fit land-planning purposes, assistingthe cities planning and placement of differentbuildings and services. With a genericsimulation platform, it would be possible tostudy more complex situations and cascadingeffects. Reducing the societal cost of restoration-Crisis Management challenges are dependent 14. TA 4 PROTECTION, NEUTRALISATIONAND RESTORATION TECHNOLOGIESupon the phase of the crisis managementcycle and the type of incident that hasoccurred (terrorism, natural disaster,humanitarian, industrial, local and cross-border). Complex incidents will poseespecially significant demands duringrestoration, particularly on logisticscapabilities. A core challenge for crisismanagement operations is RecoveryLogistics, which encompasses both crisislogistics and consequence management.Research needs for H2020 include:(a) Rapid deployment of shelters, medicalprovisions, power restoration anddecontamination;(b) Post-crisis needs assessment methodsand tools for reconstruction and recoveryplanning;(c) Improved structural damage assessmenttools, sustainability logistics planning andconsequence management tools;(d) Improved recovery of, and support to,national and regional government, socialnormality (schools, employment, particularlyhousehold economic security). Resilience by design - It will take a new setof principles to create more resilient cities,communities and infrastructure. Resilience bydesign should provide more cost-effective andorganised operational solutions to improveEuropean resilience.Research areas in H2020 should include:(a) Improved critical infrastructure resilienceby design and ability to easily upgraderesilience;(b) Improved resilience design of criticalinfrastructures to reduce smart gridsvulnerabilities;(c) Determination and surpass of societysbarriers for taking up crisis and disasteradvice;(d) Embedding security in every aspect of ourlives without exposing it to citizens all thetime;(e) Deployment of security measures to workbehind the scenes without the need forcitizens direct interaction (be less aware ofexisting security measures). Enabling rapid external assistance- TheEU-external security dimension covers manyareas including humanitarian aid, Internationalrelief logistics, conflict prevention, post-crisisstabilisation and civil-military cooperation(dual-use technologies). This is a new areawithin H2020 and will require the adaptationand evolution of EU-internal security themesto provide:(a) Improved response and operationaleffectiveness in rescue evacuation andtreatment and delivery of basic servicerestoration (energy, food, water,communications);(b) Improved interoperability, integration,situational awareness and decision supportbetween military and civilian forces;(c) The potential use of remote tele-presencefor diagnostics and treatment. 15. TA 4 PROTECTION, NEUTRALISATIONAND RESTORATION TECHNOLOGIES Engaging the population in crisismanagement- Information systems arepermeating society, for they are present inalmost every infrastructure. Crisismanagement should use and distributeavailable information to enable civilians to bebetter prepared and contribute to crisismanagement. Information systems wouldprovide resilience, contribute to improvedsituation awareness and reduce securityprovisioning costs, through the adoption of acitizen-government partnership. In order tobe effective, the involved processes should bespatially adaptive in time, autonomous andimplemented at the system design level, witha special attention to societal concerns and tothe respect of privacy rights. In this context,TA4 highlights a number of relevanttechnologies to be further analysed:(a) Cloud computing;(b) Internet of Things;(c) Smart meters;(d) Social media;(e) Smart cities;(f) Law enforcement system interfaces;(g) Resilience;(h) Data mining, social acceptance andprivacy concerns.Critical TechnologiesWith respect to the technologicaldevelopments deemed critical for Protection,Neutralisation and Restoration, TA 4identifies:(a) European security of supply of keyenabling materials such as detection andpersonal protection technologies(b) Long endurance Portable Power andEnergy Management(c) Localisation technologies in urban areasunder GPS denied environments(d) Technologies to support autonomousplatforms for crisis and border management 16. TA 5 INFORMATIONPROCESSING AND MANAGEMENTta5@imgs-eu.orgEffective Information processing andmanagement is a fundamentalcapability in all missions required forguaranteeing Europes security.Aiming at strengthening this capability,TA 5 focuses on technologies requiredfor: Defining system and softwarearchitectures supporting advanceddata processing (High PerformanceComputing, Grid/Cloud Computing,Software Architectures, PlatformsDevelopment, Middleware); Processing information acquiredfrom heterogeneous sources(extraction, classification, semanticanalysis, correlation, fusion); Formally representing knowledge(ontology definition, conversion,fusion, translation); Supporting collaboration betweenEuropean law enforcement and crisismanagement organisations.R&D and I Priorities for H2020 Rapid indicator recognition - In manysecurity domains, such as security of largesporting events or rave parties or protection ofinternational public transportation, threatsituations can be recognised by identifyingand correlating elementary precursor eventsto provide early warnings. As a result, theimpact of security incidents on citizens andthe cost of any response can be minimised.Often, indications are perceived by securitypersonnel or sensors but their significance isnot understood and they are correlated toallow threats to be recognised. This isincreasingly difficult when such indicationsoccur in different locations, with no seamlessinformation flows. Tools to assist with thegathering of information from heterogeneoussources and subsequent analysis, especiallypre-defined scenarios, could enhance early 17. TA 5 INFORMATIONPROCESSING AND MANAGEMENTrecognition. Such tools will rely on trustedinformation. European information platform forfighters against organised crime andterrorism - The globalisation and thetransnational nature of criminal organisationsand crimes, such as those related to peoplesmuggling and trafficking, fraud, drugs andweapons contraband require correspondinginternational cooperation among Europeancountries agencies andEuropean/international police organisations,such as EUROPOL and INTERPOL. Effectivecooperation among law enforcement agenciesis only possible if their information systemsmay be integrated, so that knowledge,information and tools are easily shared andeffective work coordination can be achieved.Several problems should be tackled toachieve this objective, the most relevant onesbeing related to interoperability (multinationaland multi-linguistic environment), security andprivacy (including legal issues). Thesuggested approach is based on theexploitation of emerging but existing matureICT technologies, namely SOA, SemanticWeb and ontologies. The idea is to have eachagency making requests to otherorganisations using available semantic webservices, described in accordance with acommon ontology and possibly discovered,invoked and composed automatically forsatisfying a specific requirement. Requestsmay concern the availability of information andknowledge or the use of advanced processingor decision support tools owned or managedby another organisation. Multinational information exchangeplatform - Today the security domaincomprises a variety of organisations dealingwith a broad range of tasks in the overallmission to care for societys security.However, the complexity in foreseeing,planning for and coordinating action againstsecurity threats lead to the increasing need tocommunicate large amounts of data of manydifferent kinds and origin among securityorganisations. The need for effectiveinformation management and processingsupport (ICT security) will evolve and increasedramatically.A common information infrastructure for actorsin the European security domain creates anumber of information interoperability issues:(a) Standardisation of information to supportinteroperability in information processingalong value chains across securityorganisations and their technical systems;(b) Standardisation of information withindomains to support leverage of domain-specific IT support and interoperabilitybetween domain specific IT products toenhance information utilisation;(c) Management and coordination ofinformation standards from multipleindependent standardisation communities as 18. TA 5 INFORMATIONPROCESSING AND MANAGEMENTthe applications in business data processingand technical (real time) data systems tend tobecome interconnected;(d) Management and coordinated sharing ofcritical data assets (geographical and spatialinformation, directories). 19. TA 6 CBRNEta6@imgs-eu.orgThe TA 6 CBRNE is focused on thetechnological solutions to counterChemical, Biological, Radiological,Nuclear and Explosives (CBRNE)actions.Counter CBRNE is defined as thecollective efforts, at all levels, toenhance the security measuresagainst the CBRNE threat.TA 6 CBRNE addresses thecomplete range of technologies,methods and procedures taken toprovide effective Prevention,Resilience, Resistance, Reactionand Recovery concerning theCBRNE environment.R&D and I Priorities for H2020 Smart environment to reduce CBRNEimpact- Existing FP7 CBRNE projects providefoundations for moving to the next phaseengaging infrastructure owners to introduceprotective, preventive and mitigatingmeasures forming a joint European doctrinewith off-the-shelf procedures (multi-agencytraining, drills and simulations) and technology(dual purpose, such as sensors integrated intoHVAC systems). These technologies andprocedures are practical, user-friendly andethical (attracting public support) forintegrating with existing infrastructures or forspecifying in new built ones. Agro terrorism and security of the foodchain - The European food safety system andrapid alert system is designed in order todetect the most likely causes ofcontamination, not for countering a deliberatecontamination by a CBR agent. Innovativesolutions should be multifunctional, coveringsecurity threats and contributing to higherquality and improved efficiency of theEuropean food industry at the same time.Capabilities and technologies to be developedfall into three main categories:(a) Lessening the impact of an attack by, forexample, increasing the speed or specificity ofdetection;(b) increasing the monitoring scope in terms ofthe range of organisms and the degree ofinterpretation;(c) Addressing the practicality of monitoring interms of cost, reliability and automationfeatures. Detecting CBRN attacks on utilitydistribution infrastructures - It has longbeen recognised that critical infrastructures,namely transportation, food, water and powerdistribution, are particularly vulnerable toterrorist attacks. This vulnerability liesprimarily in these infrastructures major nodes(airports, water treatment plants), where anattack effects may propagate far beyond.Security research has focused on thesenodes physical protection and access controland on the prediction of intent to penetrate 20. TA 6 CBRNEdefences. However, these infrastructures arenetworks with vulnerabilities at all points andattacks at minor nodes and links canpropagate widely in the network. Thus,capabilities and technologies to be developedshould extend surveillance beyond the keynodes and address intrusion detection,monitoring and prediction of propagationextent and the practicality of monitoring interms on autonomy, specificity andbreadth/scope. Efficient CBR detection in support oftrade- In an increasingly global world, trade ofgoods is vital to the economic stability andsecurity. This vital activity is likely to betargeted by attacks, particularly in areas closeto entry ports, where the density of trade ishigh enough to support the necessarymultiplicity and finesse of sensing capabilities.The focus on entry points not only limits manypractical difficulties but also introduces theserious difficulty of providing the sufficientsensing speed to a given negligible reductionin the trade flow. Indeed, there is a need forreducing the impeding of current inspectionprocesses by replacing them with automatedsensing of key CBR threats, while reducingfalse alarms likelihood Effectivenessincreases as it considers the whole systemsneeds, rather than single sensor solutions. Stand-off CBRE detection andidentification - Chemical, Biological,Radiological and Explosive detection andidentification is of primary importance forsecurity as well as for the safety of citizens.The topic includes standoff techniques fromvery large distances (space borne, airborne,ground based) up to the contactlesscontamination and decontamination check. Nano-security - Since a few decades,spectacular developments in nanotechnologyhave given little regard to their potentialeffects on health, environment or security.Nanoparticles are so promising in medicine,protecting coatings, material innovations, thatthe risks of an uncontrolled dissemination areunderestimated. Indeed, if not confined,nanoparticles (NPs) can trigger pathologies byaffecting skin, lung or be used as a vector fordisease dissemination. Technics for theirdetection, especially in air, andcharacterisation of their shape should beurgently investigated. In fact, it is expectedthat the accidental release of NPs containedin new building materials, provoked by hightemperature explosions or voluntary events,could impact the credibility of Europeancontrol. Field Based Drug detection andidentification - Drug trafficking andconsumption is a great concern of allEuropean countries. Established routes forillegal drug and precursors delivery, intensiveefforts in introducing new drugs and growingconsumption require adequate measures oflaw enforcement agencies, supported byeffective technology means. Suchtechnological solutions and methods shouldbe applicable to the complete detectionprocedures, from sniffing the traces of drugsand precursors to bulk detection of illicit drugsmixed with cutting agents and diluents. Theyshould address the features of easy use,robustness, high throughput and reliability and 21. TA 6 CBRNEdirect on-site application. Correspondingharmonisation of European law and specialinvolvement of European labs should beconsidered for effective implementation ofthese developments. Improving CBRNE disaster management -Following FP7 CBRNE activities, a few gapsstill remain which may be filled, simplybenefiting from breakthrough underpinningand specific technologies and methods. Thisis a permanent activity including short andlong term research, development andinnovation.There are three primary levels of actions:(a) Tools for the operators and the population.At the moment detection is somehowsatisfactory, but reliable stand off detection isstill needed, shorter identification and multi-threat detection or identification times are thecoming challenges. Only limitedstandardisation of sensors or robots exists atinterface level. Pre-normative and co-normative research is needed, taking intoaccount the CBRNE constraints at the EUlevel. Tools should be simpler and more user-friendly (close to COTS operations),ruggedised (in particular to C and R agents,as well as to decontamination procedures),scalable and unmanned, with variabledegrees of autonomy when needed.(b) Procedures. Involving improvedawareness, training, alarm systems for publicand non-specialised responders.(c) Top level organisation and decisionprocesses. Involving improved awareness,decision support and training systems for top-level decision-makers (also involving thepolitical sphere). Harmonizing detection and identificationof bio agents - There are presently only a fewCBRN training facilities and capabilitiesdedicated to the civilian security sector in theEU. Available capabilities and facilities areoften dedicated to military training or focusedon first responders education and training, inbroader terms. Improving and coordinatingactivities in CBRN training and testing willimprove performance interoperability betweenEU Member States. Networking betweentraining and testing facilities and capabilities istherefore an important component in makingEuropean security efforts more effective.Furthermore, high level training and testingwith real threat substances or similisubstances are crucial for further developmentof CBRN preparedness and resilience. Accessto adequate and standardised/harmonisedtraining and technology testing is paramountalso for the understanding and creation of aglobal market for technological investment inthe security market.Critical technologiesTA 6 has identified critical technologies thatare pertinent for CBRNE security research.These technologies pertain to different systemareas:(a) High power optical systems (for detectionat distance);(b) Even higher energy density systems(nuclear) for the detection of hidden materials;(c) Lower energy (THz) systems for thedetection of hidden materials; 22. TA 6 CBRNE(d) Specific biological material sensing with nofalse positives, for the detection of biologicalthreats;(e) Biological material sensing with certaindetection, for decontamination;(f) Specific chemical detection systems;(g) Broad spectrum biological detection toclassify unknown threats.In order to fulfil capability needs in responseto themes and missions, basic or transversaltechnologies should be used, adapted orspecifically developed.A few of these technologies benefit, if plannedin synergy, from other H2020 themes andtopics, in particular, the 4 Key and EmergingTechnologies (KETs) areas, space andsocietal challenges, such as energy. Jointapproaches and joint calls might berecommended in the fields of innovativematerials, photonics and informationtechnologies. 23. TA 7 CYBER SECURITYcyber@imgs-eu.orgTA7 (Cyber Security) was created in2012 as an IMG-S joint effort,combining expertise on the societalaspects of cyber, communications,networks and informationprocessing and management withthe purpose of providing a holisticapproach to security and resilience.Considering the ubiquity of cyberspace in every aspect of modernsocieties, it is understood thatexploited vulnerabilities may lead todisturbing or potentially dangerouseffects for Society.TA7 aims to develop a newparadigm in cyber security thatprovides a more secure, asustainable economic model andbetter social environment.R&D and I Priorities for H2020 Cyber security and resilience of NextGeneration Infrastructures (NGI) - There isa challenge to secure design of NGIs(including smart grids) and for tools ensuringtheir resilience. The focus should be on NGIserving critical infrastructures and theirprotection. There is also a need for ensuringNGIs security and smart grids connected toolder energy and SCADA deployments. Theresearch should focus on both design anddevelopment phases, wile taking into accountresults of the previous initiatives in thisdomain. Trust management in federated networks- The concept of sharing information aboutnetwork security and joining federatednetworks and systems (Federation of Systemsor FoS) gained attention recently. However,there is a need to investigate trustmanagement in such federations, fromprocedural and technical perspectives. Anomaly detection in networks - Researchshould be focused on user security-relatedprofiling based on the generated traffic and oncorrelation of various network events, toincrease efficiency of anomaly detectiontechniques, both in terms of detection rate andfalse positives. Research should considersemantic approaches for Complex EventProcessing and ontology-based eventcorrelation derived from semanticrelationships between different terms orentities. Anomaly-based approach should bemerged with signature-based approaches. Security and trust of e-governmentservices - Citizens demand new electronicpublic administration services, but the criticalaspect is to ensure security and trust of suchnew services. Research should focus on thetechnical and societal dimensions of serviceslike e-voting or e-health. Dissemination andtraining aspects should be taken into account. Ethical, legal and societal aspects ofcyber defence Research, strategies andguidelines are needed to identify and describe 24. TA 7 CYBER SECURITYethical and legal aspects and threats tosociety regarding cyber protection techniques.New guidelines regarding monitoring of usergenerated traffic and content, users profiling,information sharing (including trans borderdata transfer), cloud computing, reactioncapabilities etc. are urgently needed. Protecting personal information - Whenconsidering protection against identity theft weshould first define what kind of identity shallbe protected. Nowadays this means in mostcases a citizens identity, but in the internet-of-things paradigm will mean the identity ofthings.Various applications, from Smart Energy Grids(e.g., refrigerators communicating with powerplants) to smart traffic control systems (wherecars communicate with each other and with acentral control system) require that allconnected devices should be securelyprotected, otherwise malicious users canexploit its vulnerabilities and disrupt the entiresystem (cause energy blackouts, cause trafficjams).On the matter of securing a citizens identity, itis a concern to protect it over the Internet(where identity theft is a common problem),but it is also essential to consider otherapplications as well, such as future automatedborder control systems, smart public transportdevices and even in mobilenetworks.Criminals who exploit thisinformation may cause harm and loss to thecitizen. Efficient Cyber Events Audit Trail - Onestrategy for detecting unexpected eventswithin information systems is to generate anaudit trail of activities. When undertaken inhigh-volume networked systems this creates asignificant information management problem.Techniques for efficiently storing andprocessing this audit trail need to bedeveloped that can cope with constraints onbandwidth and the demand for near real-timeanalysisFurthermore, we consider that the followingareas require attention. Attribution - Effective management of cyberincidents needs an understanding of thenature of the attack. It is important to be ableto determine the motivation of an attacker.The ability to identify the individual or groupsresponsible for an attack enables action bylaw enforcement. Innovative techniques tosupport attribution need to be developed. Cultural and practical techniques toenable cyber security - Research is requiredto better understand human behaviour todevise strategies for improving the secure useof information systems Standardisation - Standards are required inareas such as:establishing trust in critical infrastructureequipment;interoperability and management ofsecurity enforcing components withincritical infrastructures;evidential capture and analysis of auditinformation;European Test Platform for cyber securitytesting and training; 25. TA 7 CYBER SECURITY 26. ABOUT IMG Sscg@imgs-eu.orgIMG-S is an open forum bringing togethertechnology experts from Industry, SMEs,Research and Technology Organisations(RTOs) and Academia.With more than one hundred entities, itcovers the entire security RTD domain andis able to bring an answer to European andglobal security needs.IMG-S aims to support the EuropeanCommission and its Member States tobuild world-class European technologicalcapabilities. By defining research prioritiesfor the security domain at all levels, fromfundamental research to missioncapabilities and system integration, IMG-Scontributes to ensure that short, mid-termand long-term security needs areaddressed.SCGSynthesisandCoordinaonGroupTA 1TA 3TA 4TA 5TA 6Protec on, Neutralisa on andRestora on TechnologiesSurveillance and Iden fica onSystemsTA 2 Communica onsInforma on Processing andManagementCBRNETA7 Cyber SecurityIMG-S Products andOnline ResourcesIMG-S Strategic Research Roadmap forSecurity targets a timeframe of 2015and beyond. The Roadmap is public andmay be accessed online through theIMG-S website:http://www.imgs-eu.orgThe IMG-S website also providesinformation about the Group, itstechnical areas, points of contact andmembership statistics.If you wish to contact IMG-S, please usethe following email:scg@imgs-eu.orgDuring the preparation of this Position Paper, Mr. Olivier Sagnes, a dear friend and active contributor to IMG-S, passedaway. We would like to acknowledge his proactiveness, positiveness and deep knowledge that he shared by collaborating 27. ABOUT IMG Sscg@imgs-eu.org