Team, Advisors and Partners

Executive Team

Board of Directors

Steering Advisory Board

Governance Advisory Board

Scientific Advisory Board

R&D Partners - Governance

The following public and private entities participated as formal governance partners to formal EU R&D initiatives that we conceived and coordinated since 2015 to build the Trustless Computing Certifications Body and SeeVik Net Initiative:

• European Organisation for Security (Belgium). A member-supported research, dissemination and strategic organization that represents most leading European IT security providers, researcher entities, universities, clusters and associations, including Thales, Almaviva, Atos, CEA, Fraunhofer, Engineering, Airbus, Indra, Saab, STM. Role: contribute to analysis and recommendation from a perspective of large IT industry actors, and networking and dissemination towards the same.

• Federal Chief Information Officer of Austria. (Austria) Represented by Reinhard Posch, since 2001 it has reported directly to the Austrian Chancellor for directing all Digital Austria and e-government activities in Austria. Led the Digital Austria ICT Board", responsible for creating the legal and technical requirements as well as coordinating the planning and development of eGovernment solutions between the Federal Government, the provinces, and local authorities. It acts as Director general of A-SIT and therefore coordinates Austria’s role in SOGIS and the most relevant cybersecurity standardization and certification activities.

• ISCOM - Istituto Superiore delle Comunicazioni e delle Tecnologie dell’Informazione (Italy) is a General Direction of the Italian Ministry of Economic Development and it runs OCSI, the Italian Scheme for ICT Security Certification. OCSI is the Italian official member within CCRA and SOG-IS MRA. As authorizing member in both agreements it produces ICT security certifications which are recognized in Europe and world-wide. OCSI operates in the context of certification of ICT products and systems for civil use. In addition to OCSI, ISCOM hosts Ce.Va, an evaluation center laboratory for ICT products and systems dealing with classified data.

• Data Protection Authority of the State of Schleswig-Holstein (Germany). Unabhängiges Landeszentrum für Datenschutz (ULD, Engl. Independent Centre for Privacy Protection) is the Data Protection Authority of Schleswig-Holstein, the northernmost Federal State of Germany. Its office with 40 employees is located in Kiel, Germany. The Privacy Commissioner of Schleswig-Holstein, Marit Hansen, is head of ULD. ULD is responsible for both freedom of information as well as data protection at private and public sector entities seated in Schleswig-Holstein.

• Lombardia Informatica. (Italy) It is a public-capital service company which was constituted in December 1981 as an initiative of the Regional Government of Lombardia (Regione Lombardia). It has around 630 employees and a turnover of about 200 million Euro. Lombardia Informatica’s mission is to innovate services and increase the Regional System’s productivity through Information Technology, in order to improve Citizens’ quality of life and Lombard companies’ competitiveness. As the IT partner of Regione Lombardia, Lombardia Informatica designs and implements ICT Systems for the Regional Government and represents the unique interface between Regione Lombardia and the marketplace. LISPA team has a complete expertise in providing public services. The large experience in complex service and in providing critical privacy and security services in e-Gov and eHealth fields involving citizens and public employees guarantees that it has all the competence needed to manage the pilot site.

• The Secure Information Technology Center of Austria (Austria). A-SIT is the leading IT standardization and certification public body in Austria. It represents public authorities or assists Austrian public authorities in various international and EU bodies (e.g., Council of Europe, ENISA Management Board, Common Criteria Management Board, SOG-IS, OECD, etc.). Its members are the Austrian Federal Ministry of Finance (BMF), the Central Bank of the Republic of Austria (Oesterreichische Nationalbank, OeNB), the Federal Computing Centre of Austria (BRZ), and Graz University of Technology (TU Graz). Further formal duties are Competent Authority for certifying online collection systems for the European Citizen Initiative (EU Regulation 211/10, art. 6(4)), security assessment of e-voting technical components (student union elections), or expert opinions for the Data Protection Commission. Following a Cabinet Council decision the Austrian federal ministries are asked to call on A-SIT in the cases of research orders or questions corresponding to the A-SIT mission. Thus, A-SIT has the duties of a national ICT security advisory agency, even though not organized as an agency, but as an association.

• Municipality of Barcelona (Spain). It is the capital city of the autonomous community of Catalonia in Spain and Spain's second most populated city, with a population of 1.6 million[5] within its administrative limits. As the capital of the autonomous community of Catalonia, Barcelona is the seat of the Catalan government, known as the Generalitat de Catalunya; of particular note are the executive branch, the parliament, and the Supreme Court of Catalonia. It has historically been an EU leader in government and e-government practices centered on promoting citizens’ autonomy. 

R&D Partners - Scientific

The following public and private entities participated as formal governance partners to formal EU R&D initiatives that we conceived and coordinated since 2015 to build the Trustless Computing Certifications Body and SeeVik Net Initiative:

• COSIC - KU Leuven. (Belgium)  
  Research group COSIC (Computer Security and Industrial Cryptography) of the Dept. of Electrical Engineering-ESAT ept. Led by Prof. Bart Preneel, the COSIC research group provides world-leading expertise in digital security and strives for innovative security solutions. Their research is applied in a broad range of application domains, such as electronic payments, communications, identity cards, e-voting, protection of e-documents, intelligent home appliances, telematics for the automobile industry and trusted systems.

  • Role: Design the crypto infrastructure of the target architecture; and lead analysis and recommendation of related improved assurance assessment methods and governance. 

• Applus+ Laboratories  (LGAI Technological Center S.A)  (Spain)
  Performs testing, inspection, certification, R&D in more than 25 sectors, including ICT technologies. Part of Applus+ is a leading company in testing, inspection, certification and technological services. First Spanish multinational in the certification sector (9th in the world), present in 5 continents and structured in 4 Divisions: Applus+ Laboratories (which will participate in this project), Applus+ IDIADA, Applus+ Auto and Applus Energy & Industry. The annual turnover is around 40M€, and has around 400 employees of high technical skills and different knowledge areas. R&D projects are part of the activities of the entity, and as some of the most representative R&D Projects carried out in the last years are: National: Adv-SCA, Adv-FI, MalpApp, Mobile , Ctless-Tool (internal),  NFC-DCC (MICINN-INNPACTO), SINTONIA (CENIT), SMARTCARD (internal), LI-MASH (MICINN), eCID and TRATAMIENTO 2.0 (MITyC-Plan Avanza), TS- CIMONHET (CATRENE, without funding), IMPACT-EMR (ENIAC, without funding), NET-EMC (Eurostars), COSY3D (Euripides), COOPERS (FP6).

  • Role: Key expert in standard setting and certification processes.

• TUBITAK BILGEM Cyber Security Institute (SGE) (Turkey).
  Cyber Security Institute (SGE) founded in 1997 as a network security department then established as an individual institute in 2012. The institute is one of the six institutes of the governmental research center of TUBITAK BILGEM (Informatics and Information Security Research Center). The Scientific and Technological Research Council of Turkey (TUBITAK) is the leading agency for the management, funding and conduct of research in Turkey. TUBITAK also acts as an advisory agency to the Turkish Government on science, technology and research matters. The Cyber Security Institute (SGE), is a group of researchers working on Systems Security projects, mainly within the public sector. The Institute focuses on applied research where the results can be used with immediate effect and has a strong relationship with both public and private sector stakeholders in Turkey.

  • Role: Strategy, analysis, specification, and implementation contributions as the leading national technical authority on high-assurance IT for public sector organizations.

• Genode Labs GmbH.  (Germany)
  It is a German SME specialized in building highly secure operating systems (OS). The company is the driving force behind the Genode OS Framework - an open-source OS technology that aligns highly dynamic workloads with security, robustness, and scalability. It is compatible with seL4 the only formally proven OS/kernel in the world. The combination of seL4, Genode, and the SCuP SoC will represent an unprecedented platform in terms of security, scalability, and confirmability.
  Unlike traditional high-assurance systems, Genode is based on a completely open and transparent development methodology. Since its foundation in 2008, Genode Labs operates as an independent company solely owned by its founders. The community of users, participants, and customers includes individuals, small and medium sized businesses, governmental institutions, and research groups of multinational corporations alike.

  • Role: Contribute the operating-system foundation to the project and related critical software components

• DFKI German Research Centre for Artificial Intelligence.  (Germany)
  Deutsches Forschungszentrum für Künstliche Intelligenz, DFKI). Currently is the largest research center worldwide in the area of Artificial Intelligence and its application in terms of number of employees and the volume of external funds. DFKI shareholders include Deutsche Post, Deutsche Telekom, Google, Microsoft, SAP, BMW, Intel and Daimler.

  • Role: Contribute to analysis, requirements and recommendations from the point of view of critical cyber-physical systems, as well as analyse medium and long-term impact on AI control, safety and security. Will lead the lab validation of the CivicCPS for securing a moveable autonomous system in human environments.

• SCYTL Secure Electronic Voting S.A. (Spain) Global leader in e-voting and high-assurance remote deliberations technologies. It is focused on providing electoral modernization solutions with the highest security levels in the market. Scytl cryptographic measures rely on more than 40 international patents which contribute to ensuring the privacy and integrity of sensitive electoral information. 

  • Role: prototype of software application layers, other TBD.

• EMAG Institute of Innovative Technologies (Poland) The Institute of Innovative Technologies EMAG is the R&D leader in many sectors of the market, such as information security management systems, business continuity systems, risk management systems, natural hazards monitoring, and systems for automation and measurement. EMAG Institute employs 138 people, including 42 scientists and 74 engineers and technicians. The Institute has been given almost 500 patents, over 80 protection rights and 6 trademarks and has been granted several hundred awards at different competitions and fairs. The Institute’s research team has also knowledge and experience in the development of risk assessment methods and tools for different domains of applications e.g. for critical infrastructures, transport utility.

  • Role: analysis and optimization of certification processes, also through new IT enabled process.

• Delft University of Technology - Parallel and Distributed Systems Group (Netherlands)  Delft University of Technology (http://www.tudelft.nl/) is the oldest, largest and most comprehensive technical university in the Netherlands. With over 19,000 students and 2,500 scientists (including 400 professors), it is an establishment of both national importance and significant international standing. The PDS group of TU Delft has a 15-year history in designing, implementing, deploying and analysing P2P systems. It has created the BitTorrent-based P2P client Tribler that has many added functionalities such as support for video on demand and live streaming, channels, information dissemination protocols, and a reputation system.

  • Role: Design of the P2P and mixed network layer of the target architecture. Lead related analysis and recommendations.

• Kryptus (Brazil) Kryptus is a Brazilian company with unique global capabilities in secure hardware design and system integration. It designed the 400,000 voting machines of Brazil, fighter to fighter communications systems, and the Hardware Security Module (HSM) of the core Root CA of the main Brazilian PKI. It developed the first secure general-purpose CPU microprocessor in the Southern Hemisphere, the SCuP, which uniquely provides open and verifiable designs and FLOSS microcode. Runs at 100-300Mhz. It is at the core of CivicIT HW architecture.

  • Role: Design and prototype of critical HW, including CPU and SoC of target architecture; and contribute to related analysis and recommendations for improved assurance assessment methods.

• TECNALIA Research & Innovation (Spain) is a private, independent, nonprofit applied research centre of international excellence. Tecnalia is the leading private and independent research and technology organisation in Spain and one of the largest in Europe, employing 1,319 people (198 PhDs) and with income of 94 Million € in 2014. It’s ICT unit has extensive expertise in assurance and certification of ICT in many domains. In H2020 TECNALIA participates in 87 projects, coordinating 17 of them, up to December 2015. TECNALIA is a member of EARTO and of EUROTECH, linking together the most important research centres in Europe.

  • Role: contribute to collecting and analysing assurance guidelines and certification schemes (particularly with respect to critical infrastructures and autonomous cyber-physical systems, like drones, vehicles, etc.)  Collection and analysis of  assurance guidelines, standards  and certification schemes. Analysis of requirements and recommendation for assurance models and related certification schemes

Other Partners