Key enabling technologies for the development of an inclusive and trustworthy democratic society and a successful digital economy. This includes technologies that guarantee complete data protection, protecting digital communication and digital transactions. They are technologies that are constantly evolving in response to continuous technological development and emerging threats. Cyber security technologies are transversal to other key enabling technologies, becoming particularly important in life science technologies (e.g. for the protection of medical data or the protection of IECT infrastructures responsible for biological processes) and advanced manufacturing technologies (e.g. for the protection and proper functioning of industrial infrastructures and processes, as well as industrial property).
Data security and privacy technologies
As the economy and digital economy develop, the value and sensitivity of data are increasing exponentially, being used as currency in many current digital services. That is why technologies that allow for the protection of data repositories and avoid unauthorized access are included as essential technologies. The following subgroups have been identified:
- Data protection solutions. The externalization of storage and processing increases the risk of exposing sensitive information to breaches in privacy and security. Technologies are necessary for data encryption (structured, unstructured and semi-structured) that guarantee not only confidentiality, but also integrity (verifying data has not been modified/falsified) and availability (complying with availability restrictions).
- User-centric security and privacy solutions. Solutions geared towards empowering the user with respect to the use of their data and the exercise of their rights of access, rectification, portability, erasure or the right to be forgotten. Technologies are required that allow data to be encapsulated with layers of protection against unintentional use and to guarantee user control during the entire life cycle of their data. For example, this includes technologies to selectively reveal data through attribute encryption (attribute-based credentials).
- Privacy-preserving technologies for data intensive applications. Technologies to avoid the processing of sensitive data by data analysis applications (e.g. big data analytics or artificial intelligence). For example, this includes advanced anonymization and pseudonymization techniques, privacy techniques for machine learning algorithms able to balance privacy/analysis utility, database technologies capable of working with encrypted data (property-preserving encryption) as well as protocols for preserving privacy and confidentiality in data analysis (secure multi-party computation).
Distributed identity and trust management technologies
Technologies to authenticate and authorize people and objects in a distributed manner compared to traditional identity and trust-providing technologies, which are centralized and therefore single points of failure/attack. These include two major groups:
- Flexible authentication and authorization of artifacts. Systems for the decentralized and scalable authentication of physical objects (sensors, actuators, IoT objects, cyber-physical systems) in the digital world. These include M2M (machine-to-machine) and M2H (machine-to-human) authentication and authorization protocols.
- Distributed ledger technologies and smart contracts. Technologies for distributed transaction ledgers are a new type of databases that allow multiple parties to share access to the same data at the same time with a high degree of trust. For their part, smart contract technologies allow for the implementation of automated processes based on registered transactions. These include shared public systems (public blockchains) as well as those with restricted write access (consortium blockchains) or read access (private blockchains).
ICT infrastructure protection technologies
Technologies to protect ICT infrastructures against attacks and external threats. The following key technologies have been identified:
- Threat management technologies. Advanced technologies to quickly detect and manage threats against ICT infrastructure. These include automated technologies with a certain degree of artificial intelligence able to respond in real time for the monitoring and smart search for system threats (robo-hunters), quickly respond to attacks (automated remediation and mitigation technologies) or forecast attacks through predictive models (threat forecasting technologies).
- Network security technologies. Technologies to protect communication networks, ranging from authenticating and establishing secure channels (secure & authenticated communications) to the use of traps, decoys and tricks to thwart or detect attacks (deception technologies).
- Secure execution environments. Environments for secure application and system execution: trustworthy hardware, virtual machines, containers and platforms. These environments must incorporate mechanisms that ensure an adequate level of security to execute all processes as well as consider the interaction between these environments with regard to supporting the implementation of highly dynamic distributed systems.
Quantum resistant cryptography
Current cryptographic systems and, in particular, those based on asymmetric algorithms (public/private key) are highly vulnerable to emerging quantum technologies. New methods and tools are necessary which allow migrating current systems to post-quantum cryptography. New algorithms, protocols and devices that allow new secure cryptographic systems to be implemented against potential attacks launched by quantum computers are included as key enabling technologies.
Security and Privacy by Design tools
All digital technologies must be designed and built taking privacy and security into account from the very start. To do so, it is necessary to have advanced tools available which measure and guarantee the secure development and deployment of digital systems. Technologies that incorporate a certain degree of automation are included as key enabling technologies:
- Automated security verification. Tools for the automated testing and verification of software/hardware system security in the development phase (white box). This group includes analysis tools at the code level, including static analysis, dynamic analysis and the combination of both. This also includes SCA (software composition analysis) tools to analyze interactions with other external components such as open source components.
- Automated vulnerability discovery, analysis and prediction. Tools based on big data analytics and machine learning which, based on large sets of vulnerability data, are able to automatically discover vulnerabilities in software/hardware systems.