Scroll Top

Project Pilots

  • All of the SUNRISE results (strategy and tools) will be co-created and piloted in a real-world setting with several relevant public CI authorities and operators from across Europe. This will enable preparation of results for a wide uptake, replication, and up-scaling across different critical entities, critical sectors, and European countries.
  • During the SUNRISE project, several pilot trials will be conducted by partners for tool demonstration, validation, and evaluation, focusing on both architectural and privacy related issues. The SUNRISE strategy and technologies will be validated and demonstrated by CI stakeholders in operational environments.
  • SUNRISE’s validation activities focus on three countries: Spain, Italy, Slovenia. A series of national workshops are scheduled to place with critical infrastructure operators in each of these countries. The first of these workshops took place in November 2022 to gather participants’ experiences, identify shortcomings, expectations and good practices to improve the resilience of organizations as Critical Infrastructures and Vital Services during the pandemic. Read more about the first national workshop here.

Risk-Based Access Control Tool

Between June and August 2024 (SUNRISE M21-M23), the WP4 team successfully conducted the first round of piloting activities for the Risk-Based Access Control (RiBAC) Tool, which entailed nine individual pilots across seven sites in three countries: Slovenia, Italy, and the Czech Republic. These pilots aimed to validate and refine the tool’s innovative features in relevant real-world environments, bringing it closer to operational readiness.

The participating CI partner organizations were grouped into clusters:

  • SLO Cluster: University Medical Centre Ljubljana (UKC), SZ/PIL offices, TS offices
  • IT Cluster: INS/FVG headquarters in Trieste, CAF offices in Udinese
  • CZ Cluster: Military University Hospital in Prague (MUH) and WITTE-IMA office

Key Objectives of the Piloting Activities

Tool Demonstration: Pilots provided an opportunity for end-users to interact with the RiBAC tool’s core functionalities as well as its latest features. This included its innovative Risk-Based Exit Control (RiBEC) function and system integration capabilities.

Validation and Testing: The pilot deployments tested the tool’s ability to handle site-specific requirements and enabled each CI partner organization to independently test the tool.

Real-Time Feedback: The pilots helped gather valuable insights into usability, system integration with legacy infrastructure, and the overall functionality of the RiBAC tool, contributing to its continued development.

RiBAC Y2 Innovation

A notable feature during the piloting phase was the RiBEC (Risk-Based Exit Control), a new functionality initially requested by UKC Ljubljana. The RiBEC automates compliance verification, ensuring that only individuals meeting specific clothing requirements can pass through exit points without time-consuming manual checks. Equipped with an RGB camera and an IMA software module, the system can autonomously trigger actions in response to non-compliant outfits. The module also features direct management of door locks and turnstiles.

Demand Prediction and Management Tool

The first round of piloting activities for the Demand Prediction and Management tool (DPM), initiated in June 2024 and concluded in August 2024, was successfully completed.

The primary objective of these piloting activities was to enable the respective Critical Infrastructures to test and benchmark the developed DPM tool and navigate its core functionalities. To this end, the upgraded tool components were tested and validated in relevant environments, allowing for the assessment and further enhancement of user requirements.

For the first piloting activities, a specific methodology was adopted, concluding three key phases: planning, preparation and implementation/validation.

During the piloting activities, multiple online meetings were scheduled with the respective CIs, cluster leaders and the technical partners according to the specific use case. During these sessions, the technical partners demonstrated the online tool, which is hosted by SQD. Additionally, training videos were distributed to the partners, as far as feedback surveys were collected.

The key objectives achieved in this initial pilot phase include:

  • Demonstrating and explaining the tools in their technical and functional aspects.
  • Allowing each pilot CI to independently test the tool.
  • Facilitating discussions between tool providers and pilot CIs.
  • Collecting feedback from pilot CIs on various aspects to focus on future developments and integrations for the second pilot phase

Cyber-Physical Resilience tool

The first round of piloting activities for the Cyber-Physical Resilience tool (CPR) that took place between June 2024 and August 2024, was successfully completed.

Four CI partner organizations grouped in two pilot clusters belonging to different sectors, participated in this first piloting phase:

  • Italian Cluster: FVG-INS (Health-Digital), CAFC (Water)
  • Slovenian Cluster: TS (Digital) and SZ (Transport)

This first piloting phase of the CPR tool was focused on the demonstration and validation of the main workflows involving all their modules (AI-powered log monitoring, Cyber-physical security risk assessment, Incident response and Threat intelligence sharing) together with the integration of real operational environment log files generated by the Critical Infrastructure operators. In particular, the activities done during this first phase was based on the use case proposed by INS concerning the monitoring of a subset of servers included in the Virtual Private Network (VPN) used by employees of the public administration who works with citizens’ health-related data through an application called SESAMO. However, although the integration with the CI environment was done only for INS, which is the lead of the Italian cluster, since the workflows are the same for all the Critical Infrastructures, this use case was also valid and relevant for validation and feedback from all of them.

A demonstration session with all the CIs was arranged and the technical partners, ATS and XLAB, demonstrated the different functionalities of the CPR tool, deployed in their premises during this first phase. The session was recorded as training material and to be available for pilot users do not present during the presentation. Additionally, during this phase, it has been enabled access to the different CPR modules in order the own CIs users had the possibility to use the tools by themselves. Feedback was collected through surveys and in discussions during the demonstration session from all the CIs.

As a summary, during this initial piloting phase many of the CPR requirements were successfully validated and it was received valuable insights about its usability and potential improvements. Some key features of the CPR tool demonstrated during this phase were the dynamic cyber-physical security risk assessment with the use of temporary conditions and the improved automation for external threat intelligence assessment.

Remote Infrastructure Inspection Tool

How are we performing work in WP7: There are two modalities, which are used to get the information about the infrastructure – UAV (unmanned aerial vehicle) and satellite imagery. The first is applicable in local, meticulous inspections, while the second is good for general overview of the infrastructure and connected concerns that the CIs might have (e.g., illegal buildups under high-voltage power lines in case of electricity). The piloting was concerned with both and while we were able to execute satellite connected experiments in the lab, we had to venture to the field to execute UAV-based experiments.

Locations: For piloting, 4 main sectors were located. 2 were in Slovenia (electricity transmission, partner ELS; railway management, partner SZ) and 1 in Spain (water management, partner ACO) and Italy (electricity production, partner HDE).

For Slovenian pilots, there were 2 locations that were investigated and 1 for Italian and Spanish execution of pilots – 6 experiments overall.

What did we test: Tests were concerned with evaluation of the state of the infrastructure:

  • Partner ELS: State of the electricity transmission infrastructure. State of powerline, catenary and insulators.
  • Partner SZ: State of the electricity distribution infrastructure. State of powerline, catenary and insulators. Detection of fire.
  • Partner ACO: Detection of water leaks in remote areas. State of the infrastructure (e.g. manholes)
  • Partner HDE: Detection of cracks in waterdams/state of the infrastructure.

AIM: We were testing the complete pipeline of tooling, developed under remote infrastructure inspection tool:

  • How hard is to get all the flight licenses for the UAV flights?
  • Does UAV capture the necessary information under the legal framework?
  • Are we able to detect the requested information in situ – this is valid for the UAV flight especially.’

 

 

Results: The answer to all the above question is resounding yes. We were able to get the necessary clearances for flying (we flew in the open category, but on one location there was an airport nearby). This process is long and complicated, however the CIs have to do it only once. The UAV was able to capture all the information using 4K camera with 30x zoom. This is important, as e.g. insulators on the railway electrical network had to be captured from the side – regulation states that UAV is not allowed to fly over railway tracks. LIDAR was also captured and we understand that in cases where there is a low deck for flight given (e.g., in case of airport nearby), there is required higher number of passes over the infrastructure, to gather all the information reliably. We also demonstrated that the AI tools were able to generate alerts about the deteriorated infrastructure in the field, using the UAV’s output.