← Back to home
HORIZON-CL3-2026-02-CS-ECCC-01

Approaches and tools for security in software and hardware development and assessment

Fetched
2026-06-09T15:42:49Z
Open official EU page

Topic description

Expected Outcome: Proposals are expected to contribute to one or more of the following: Enhanced security frameworks for both hardware and software supply chains, building on root-of-trust architectures and secure lifecycle management; Secure and trusted chip architectures for next-generation computing and networking systems; Integrated security-by-design approaches in software development, aimed to be aligned with relevant regulatory requirements; Security testing methodologies, including formal verification approaches and AI-driven security testing methodologies; Standardised methodologies for hardware security assessment, also contributing to cybersecurity certification. Scope: The increasing complexity and globalisation of software and hardware supply chains introduce new vulnerabilities that cyber adversaries can exploit. Ensuring the security of both software and hardware components across the lifecycle of digital systems is paramount. This topic aims to develop innovative tools, methods, and processes to secure the entire ecosystem of software and hardware development. Proposals should explicitly select one main area of focus but can also address both: a. Secured hardware systems over trusted Chips The security of modern computing infrastructures relies heavily on the robustness of hardware components. This subtopic aims to develop robust security solutions for trusted hardware platforms, focusing on secured microprocessors, secure boot mechanisms, and cryptographic acceleration. Proposals are also expected to address the risks of hardware-based vulnerabilities and backdoors, ensuring the security of devices from edge to cloud, also taking into account emerging threats, including quantum where relevant. Synergies with existing EU initiatives on trusted hardware (e.g., CHIPS JU, EuroHPC) are encouraged. The topic is expected to: Develop new architectures for tamper-resistant chips and processors. Exploring novel designs for secure microprocessors, leveraging hardware-level security enhancements, and integrating cryptographic co-processors that may also support post-quantum cryptography (PQC), for enhanced protection against tampering and side-channel attacks. Enhance supply chain transparency for chip production and integration. Exploring innovative ways to improve traceability and accountability in chip manufacturing processes, including methods such as post-quantum secure hardware roots of trust, blockchain for tracking components, or certification mechanisms. Establish security-by-design methodologies for hardware security assessment. Advancing methodologies for systematic security testing of hardware components, including automated vulnerability analysis, verification frameworks, and integration of security assessment into chip design and lifecycle management. Develop methods and tools for an effective and efficient non-destructive authentication and physical analysis of integrated circuits and multi-chips modules (chiplets). Develop technical means for ensuring hardware supply chain security, and secure PQC implementations: hardware trojan and backdoor detection, hardware watermarking, relevant reverse engineering techniques, countermeasures also against new classes of hardware physical attacks. Develop self-healing firmware able to recover from cyber-attacks. Develop firmware able to leverage advanced anomaly detection, AI-driven threat mitigation and secure rollback mechanisms to automatically identify cyber-attacks, isolate compromised components restore the system to a trusted state while maintaining operational continuity. b. Software Supply Chain security The integrity of software supply chains is critical to mitigating cybersecurity threats such as supply chain attacks, dependency vulnerabilities, and compromised software components. This subtopic focuses on mitigating security risks in software supply chains, including secure code provenance, automated vulnerability detection, and secure software development lifecycle (SDLC) methodologies and tools, including those related to PQC security. Proposals should integrate formal verification approaches or AI-assisted security testing, leveraging upcoming European and International standards for supply chain security. The topic is expected to: Develop innovative tools for real-time software vulnerability detection and automatic patching. Advancing the state of automated detection techniques, incorporating dynamic analysis, AI-driven pattern recognition, predictive analytics to proactively identify security weaknesses before exploitation and self-healing mechanisms. Enhance secure software frameworks, including protection against the quantum threat. Exploring new methodologies for integrating security-by-design principles across development workflows, incorporating approaches such as automated security policy enforcement, modular security components, and improved dependency management. Improve resilience against supply chain cyber threats. Investigating novel mitigation strategies, including provenance tracking for software components and their analysis, secure update distribution mechanisms including protection from emerging quantum threats where relevant, enhanced anomaly detection, and multi-layer defence approaches to ensure integrity and trustworthiness.

Conditions and documents

General conditions 1. Admissibility Conditions: Proposal page limit and layout described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes. Proposal page limits and layout: described in Part B of the Application Form available in the Submission System. 2. Eligible Countries described in Annex B of the Work Programme General Annexes. A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon Europe projects. See the information in the Horizon Europe Programme Guide . 3. Other Eligible Conditions In order to achieve the expected outcomes, and safeguard the Union’s strategic assets, interests, autonomy, and security, participation in this topic is limited to legal entities established in Member States and Associated Countries. In order to guarantee the protection of the strategic interests of the Union and its Member States, entities established in an eligible country listed above, but which are directly or indirectly controlled by a non-eligible country or by a non-eligible country entity, shall not participate in the action. described in Annex B of the Work Programme General Annexes. 4. Financial and operational capacity and exclusion described in Annex C of the Work Programme General Annexes. 5a. Evaluation and award: Award criteria, scoring and thresholds To ensure a balanced portfolio covering a broad range of research areas, grants will be awarded to applications not only in order of ranking but at least also to the two highest ranked proposal addressing area a) as their main area of focus and the highest ranked proposal addressing area b) as its main area of focus , provided that the applications attain all thresholds. are described in Annex D of the Work Programme General Annexes. 5b. Evaluation and award: Submission and evaluation processes are described in Annex F of the Work Programme General Annexes and the Online Manual . 5c. Evaluation and award: Indicative timeline for evaluation and grant agreement described in Annex F of the Work Programme General Annexes. 6. Legal and financial set-up of the grants Eligible costs will take the form of a lump sum as defined in the Decision of 7 July 2021 authorising the use of lump sum contributions under the Horizon Europe Programme – the Framework Programme for Research and Innovation (2021-2027) – and in actions under the Research and Training Programme of the European Atomic Energy Community (2021-2025) [[This decision is available on the Funding and Tenders Portal, in the reference documents section for Horizon Europe, under ‘Simplified costs decisions’ or through this link: https://ec.europa.eu/info/funding-tenders/opportunities/docs/2021-2027/horizon/guidance/ls-decision_he_en.pdf ]]. described in Annex G of the Work Programme General Annexes. Specific conditions described in the [specific topic of the Work Programme] Some activities resulting from this topic may involve using classified background and/or producing of security sensitive results (EUCI and SEN). Please refer to the related provisions in section B Security — EU classified and sensitive information of the General Annexes. Application and evaluation forms and model grant agreement (MGA): Application form templates — the application form specific to this call is available in the Submission System Standard application form (HE RIA, IA) Evaluation form templates — will be used with the necessary adaptations Standard evaluation form (HE RIA, IA) Guidance HE Programme Guide Model Grant Agreements (MGA) Lump Sum MGA Call-specific instructions Detailed budget table (HE LS) Guidance: "Lump sums - what do I need to know?" Ownership Control Declaration Information on Security issues (Security section) Additional documents: HE Main Work Programme 2026-2027 – 1. General Introduction HE Main Work Programme 2026-2027 – 6. Civil Security for Society HE Main Work Programme 2026-2027 – 15. General Annexes HE Programme Guide Decision authorising the use of lump sum contributions under the Horizon Europe Programme Rules for Legal Entity Validation, LEAR Appointment and Financial Capacity Assessment EU Grants AGA — Annotated Model Grant Agreement Funding & Tenders Portal Online Manual Funding & Tenders Portal Terms and Conditions Funding & Tenders Portal Privacy Statement

Budget overview

{
  "budgetTopicActionMap": {
    "113178": [
      {
        "action": "HORIZON-CL3-2026-02-CS-ECCC-01 - HORIZON-RIA HORIZON  Research and Innovation Actions",
        "budgetYearMap": {
          "2026": "20000000"
        },
        "deadlineDates": [
          "2026-09-15"
        ],
        "deadlineModel": "single-stage",
        "expectedGrants": 5,
        "maxContribution": 4000000,
        "minContribution": 3000000,
        "plannedOpeningDate": "2026-03-03"
      }
    ],
    "113179": [
      {
        "action": "HORIZON-CL3-2026-02-CS-ECCC-03 - HORIZON-RIA HORIZON  Research and Innovation Actions",
        "budgetYearMap": {
          "2026": "15000000"
        },
        "deadlineDates": [
          "2026-09-15"
        ],
        "deadlineModel": "single-stage",
        "expectedGrants": 4,
        "maxContribution": 3000000,
        "minContribution": 2000000,
        "plannedOpeningDate": "2026-03-03"
      }
    ],
    "113180": [
      {
        "action": "HORIZON-CL3-2026-02-CS-ECCC-02 - HORIZON-IA HORIZON Innovation Actions",
        "budgetYearMap": {
          "2026": "21200000"
        },
        "deadlineDates": [
          "2026-09-15"
        ],
        "deadlineModel": "single-stage",
        "expectedGrants": 5,
        "maxContribution": 4000000,
        "minContribution": 3000000,
        "plannedOpeningDate": "2026-03-03"
      }
    ]
  },
  "budgetYearsColumns": [
    "2026"
  ]
}