Facilitating strategic cooperation to ensure the provision of essential services

Call updates

Nov 29, 2023 6:06:34 PM

A total of 26 proposals have been submitted in response to this call. The number of proposals for each topic is shown below including the indicative budget of the topics for 2023:

· HORIZON-CL3-2023-INFRA-01-01: 5 proposals (indicative budget: 5 M€)

The evaluation of the proposals will start by mid-December and will be closed by mid-February 2024. Applicants will be informed on the outcome of the evaluations in mid-April 2024.

Jun 29, 2023 12:00:09 AM

The submission session is now available for: HORIZON-CL3-2023-INFRA-01-01(HORIZON-IA)

Facilitating strategic cooperation to ensure the provision of essential services

TOPIC ID: HORIZON-CL3-2023-INFRA-01-01

Programme: Horizon Europe Framework Programme (HORIZON)
Call: Resilient Infrastructure 2023 (HORIZON-CL3-2023-INFRA-01)
Type of action: HORIZON-IA HORIZON Innovation Actions
Type of MGA: HORIZON Lump Sum Grant [HORIZON-AG-LS]
Deadline model: single-stage
Planned opening date: 29 June 2023
Deadline date: 23 November 2023 17:00:00 Brussels time

ExpectedOutcome:
Projects’ results are expected to contribute to all of the following outcomes:

Tools for EU Member State authorities and operators for the assessment and anticipation of relevant risks to the provisions of essential services are identified;
The cooperation between authorities of EU Member States is facilitated by providing solutions for data exchange and joint cross-border risk assessments;
Simulation tools are developed for large-scale exercises to test the resilience of operators and of specific sectors, and related training courses are designed;
Measures by Member State authorities to facilitate risk assessments by operators are identified, including the assessment of dependencies on different sectors and cross-border interdependencies;
Provide common European guidance and support for the drafting of their resilience plans in order to meet all the provisions of the proposed CER-Directive: risk analysis, domino effects, cross-sector and cross-border analysis, standardised plans, educational and training tools;
An all-hazards framework is created to support Member States in ensuring improved concepts and instruments for the anticipation of risks to entities that provide essential services, resulting in an improved preparedness and response against disruptions of key sectors in the EU and enhanced resilience of the EU internal market.
Scope:
The EU Security Union Strategy for 2020-2025, Counter-Terrorism Agenda for the EU and the Cyber Security Strategy stress the importance of ensuring resilience in the face of various risks. The livelihoods of European citizens and the good functioning of the internal market depend on the reliable provision of services fundamental for societal or economic activities in many different sectors. Those services often are reliant upon one another, thus disruptions in one sector can generate severe and long-lasting effects on the provision of services in others.

Member States hold the primary responsibility in ensuring that operators who use critical infrastructures to deliver such services (hereafter: ‘operators’) comply with applicable rules and have the necessary support to ensure their own resilience and as part of a complex system of interdependencies. On EU-level, there has been a revision of certain legislation aiming at the minimum harmonisation of such rules, such as the [proposals] for a directive on the resilience of critical entities (CER) and the directive on measures for high common level of cybersecurity across the Union (NIS-2). In combination with sectoral EU-legislation and policies on resilience (e.g. the proposal for a Network Code on sector-specific rules for cybersecurity aspects of cross-border electricity flows), this provides a comprehensive framework that needs to be put in practice.

“Facilitating strategic cooperation” refers to the necessity for public authorities of the Member States to be able to exchange information, in a secure way, on the risk assessments of their critical entities as well as their resilience. “Critical entities” is the specific term used in the proposed CER directive to designate those entities that will be identified by the Member States under the directive. Pursuant to the directive, in particular of its articles 1 and 5, the identity of the critical entities will be classified. In the performance of the project, project participants will interact directly with Member States authorities responsible for risk assessment and analysis of the vulnerabilities of their critical entities. Pursuant to the proposed directive, the confidentiality of the critical entities (and of their vulnerabilities) shall be ensured and protected.

Proposals under this topic should support the competent authorities of Member States to identify and develop the most suitable tools, solutions and strategies to ensure the resilience of key sectors and thus facilitate the implementation of [related/ future] EU legislation.

Applicants should focus on delivering solutions that can be used by the competent authorities of EU Member States, to support their task in overseeing the resilience of key sectors in line with relevant EU rules. Such solutions should enhance their ability for cooperation and communication, conducting large-scale risk assessments (including the cross-border dimension), developing best practices for exercises and dedicated complex training modules. The proposals should address the development of improved concepts and instruments for the anticipation and management of strategic risks, strengthening governance framework and enhancing coordination between different authorities.

It is recommended that proposals develop concrete tools to support all-hazard analysis by integrating domain specific risk assessment and allowing to manage interdependencies phenomena among different sectors and Member States. Possible examples are virtual reality tools, dashboards, complex training and serious gaming modules or other instruments to be used and that currently may not exist on such scale.

Proposals should aim to cover the largest possible number of sectors described in the respective Annexes of the [proposals for a] directive on the resilience of critical entities (CER[1]) and the directive on measures for high common level of cybersecurity across the Union (NIS-2[2]).

Participation of at least 3 government authorities, from 3 different EU Member States, responsible for resilience on national level and/ or for overseeing operators is mandatory. The inclusion of associations representing private or public operators in specific sectors, or across sectors on EU- or national level, is encouraged.

In this topic the integration of the gender dimension (sex and gender analysis) in research and innovation content should be addressed only if the consortium deems it relevant in relation to the objectives of the research effort.

Projects are expected to outline how results are fed into the work of relevant Commission expert groups – [for example the Critical Entities Resilience Group (CERG) and the NIS-2 Cooperation Group] – and to explore synergies with the actions undertaken by relevant EU agencies.

Specific Topic Conditions:
Activities are expected to achieve TRL 6-8 by the end of the project – see General Annex B.

[1]Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the resilience of critical entities (COM(2020) 829 final.

[2]Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on measures for a high common level of cybersecurity across the Union, repealing Directive (EU) 2016/1148 (COM(2020) 823 final.