DFM Platform
DFM Funding Monitor

Cybersecurity Certification and Assessment Toolscore

CCAT · Horizon Europe grant · 2026-01-01–2028-12-31

EC contribution

€4,223,156

Total cost

€0

Beneficiaries

9
About the data

Source: CORDIS (official EU open data), Horizon Europe. Framework HORIZON · call HORIZON-CL3-2024-CS-01 · scheme HORIZON-IA · topic HORIZON-CL3-2024-CS-01-01. CORDIS record →

Objective

Cybersecurity regulations are becoming increasingly complex. The Cybersecurity Act (CSA) introduces an EU-wide cybersecurity certification framework, while the Cyber Resilience Act (CRA) sets mandatory cybersecurity requirements for products with digital components. A reliable and flexible set of tools is essential for continuous security assessment and navigating these evolving regulations.In the CCAT project, we propose adapting four open-source tools, developed in academic cybersecurity research, to support the implementation of new regulations: (1) TLS-Scanner for assessing security in TLS clients and servers; (2) SCRUTINY for evaluating cryptographic implementations, software libraries, and hardware, including black-box setups; (3) ALVIE for testing embedded security architectures against vulnerabilities; (4) sec-certs for analysing certification landscapes and evaluating the relationships between certified products and actual vulnerabilities.CCAT will enhance these tools to meet the needs of various users involved in or dependent on cybersecurity assessment and certification. The CCAT methodology builds upon: (1) Relevant feedback for purpose-driven enhancements enabled by collaboration with users applying the CCAT tools in diverse application scenarios. (2) Robust usable security research exploring and collaboratively improving user interaction with the tools. (3) Aligning the tools with the emerging EU security certification landscape.CCAT tools aim to empower both ICT producers and consumers, fostering a more transparent, accountable, and resilient digital environment. Regulatory bodies can use these tools to assess the effectiveness of cybersecurity certifications, verify the security of specific implementations, and ensure the EU digital single market cybersecurity.

Beneficiaries (9)

OrganisationCountryRoleEC contributionSME
Masarykova univerzita CZ coordinator €1,608,650
UNIVERSITAET PADERBORN DE participant €1,559,318
UNIVERSITA CA' FOSCARI VENEZIA IT participant €500,852
10SEC SRL IT participant €236,544 Yes
CYBERNETICA AS EE participant €151,112 Yes
MONET+,A.S. CZ participant €124,250
TARTU ULIKOOL EE participant €42,430
RED HAT CZECH S R O CZ associatedPartner
TROPIC SQUARE S.R.O CZ associatedPartner Yes

Get the DFM funding briefing — free

New EU defence calls, tenders and awards in your inbox.

Countries
Sectors
Sources

We store your email only to send the DFM briefing/alerts and to add you to DFM Analysis. Unsubscribe anytime.

Defence Finance Monitor is an analytical and informational product. Grant data is official CORDIS; payment and subscription happen on DFM Analysis.