Project CYRENE


Global Supply Chains are a way of life for modern business, becoming more complex and integrated.

Funding source:

EU Horizon 2020 Research and Innovation program


October 2020 – September 2023

Project website:

Global Supply Chains are a way of life for modern business, becoming more complex and integrated. The organizations that operate within the Supply Chains have become smarter and are not only heavily dependent on Information and Communication Technologies but are also interconnected for exchanging and sharing large amounts of data. Moreover, there is still no easy, structured, standardized and trusted way to forecast, prevent and manage interrelated and propagated cybersecurity vulnerabilities and threats, in a way that takes into account the heterogeneity and complexity of today’s Supply Chains. Therefore, there is a pressing need for devising methodologies, techniques and tools for the efficient evaluation and handling of security threats and vulnerabilities supporting all involved infrastructures for the provision of critical Supply Chain services. CYRENE comes to fill this gap for devising such methodologies, techniques and tools.

CYRENE aims to enhance the security, privacy, resilience, accountability and trustworthiness of Supply Chains through the provision of a novel and dynamic Conformity Assessment Process that evaluates the security and resilience of supply chain services, the interconnected IT infrastructures composing these services and the individual devices that support the operations of the SCs. In particular, the proposed CAP will support, at different levels, SCs security officers and operators to recognize, identify, model, and dynamically analyse cyber risks. Moreover, it will support forecasting, treatment and response to advanced persistent threats and handle daily cyber-security and privacy risks, incidents and data breaches.

As such, CYRENE establishes new scientific foundation and radical shift in assessing and reducing security risks and incidents, cascading effects of threats, and propagated vulnerabilities, addressing the complexity of underlying interconnected CIIs, supply chain services, applications and cyber assets. In doing so, the project will bring together and advance the state of the art in various research fields including security engineering (e.g., forecasting, detection and prevention of supply chain propagated vulnerabilities), supply chain certification and audit (e.g., conformity assessment and certification schemas) and privacy engineering (e.g., privacy assessment of SCs).