The target outcomes qualify the needed level of reliability, trust and resilience that applies to a critical infrastructure like 6G based on a globally connected continuum of heterogeneous environments supported by the convergence of networks and IT systems to enable new future digital services.

• Availability of technologies supporting the necessary levels of trustworthiness, resilience, openness, transparency, and dependability expected under the EU regulations (such as GDPR and Cyber Security Act, including associated provisions including new certification processes) across a complete continuum incorporating the human-cyber-physical system including connectivity-service provision, supporting complex human centric multimodal communications, including entangled devices.
• Availability of technologies ensuring secure, privacy preserving and trustworthy services in the context of a programmable platform accessed by multi-stakeholders and tenants including vertical industries as users, for increasingly fleeting and dynamic scenarios.
• Secure host-neutral infrastructure where multiple infrastructure providers are involved in the deployment, hosting and orchestration of the network service, especially in the context of stringent requirements for the communications.
• Identification of the life cycle of smart services security and trust requirements including development, provision, operation, maintenance and of their business impact on the stakeholders’ ecosystem.
• AI technology applied to security and service deployment in several ways: i) correct application of AI to enhance security and service deployment in 6G; ii) consideration of potential security threats using AI.
• Operational security: End-to-End, system wide Security policies composition and management among multiple stakeholders based on trusted and eventually certified services, eventually providing technology solutions in the context of regulatory initiatives like the cybersecurity toolbox.
• New services and security technologies that will fulfil 6G needs and EU policies in this area.

Note: The perimeters of the heterogeneous domains considered addressed by the proposals should be clearly identified as well as the expected impact towards the adoption of solutions, especially when domains outside of EU jurisdiction are considered.

Please refer to the "Specific Challenges and Objectives" section for Stream B in the Work Programme, available under ‘Topic Conditions and Documents - Additional Documents’.

The focus of this Stream is on several complementary issues mentioned below and applicants may select one or more of these issues.

• Service deployment for complex services: In-network / edge computing has evolved into a standard component of network architecture. However, it is geared mostly to "conventional" workloads: services running on behalf of individual users, with ordinary resource needs (e.g., web servers or network functions). The scope extends these capabilities towards truly flexible, resilient and versatile in-network computing, including: i) a broader range of deployable artefacts (e.g., Web Assemblies); ii) workloads that pertain to an entire user population (shared services like games, or even services for huge populations like joint video streaming for many watchers); iii) workloads with new characteristics (like bursty in-network training for ML models; iv) End-to-End Security Policies composition in distributed dynamic scenarios; v) data authenticity and trusted digital interactions in dynamically composed service environments. Challenges here pertain to the entire lifecycle from development, deployment, operation and decommitment, for a diversity of dynamic user populations, including explicit support for in-network computation with advanced patterns (e.g., ML training workloads, workloads coming from user populations not just individual users, additional types of deployment units).
• Cooperative holistic E2E security for 6G architectures. Developing security architectures for providing E2E security guarantees across the heterogeneity and dynamicity of technologies envisaged in 6G is a major challenge. This topic should be able to address multi-layer, multi-provider protocols and interfaces for E2E adaptive security delivery (inter-orchestrator agent-based distributed convergence) ensuring multi-tenancy (e.g., verticals) remediation strategies with regard to business objectives (although vertical specifics); multi-layers/stakeholders authorities (including compute/network/security service providers); and include cooperative and adaptative (AI-based) attack detection (attacks known/zero days-anomalies). The solutions should be able to handle a diversity of 6G scenarios (cell, cell-less, 3D/NTN, private, public environments), and should cover realistic E2E security for Cyber Physical scenarios, with termination points of the system being sensing. Ultimately the work can delve on the challenges of roots for an EU wide, private/public CTI (Cyber Threat Intelligence) dedicated to 6G systems.
• Zero-touch integrated security deployment: The dynamics of the 6G system require autonomic and multi-agent approaches to security deployment, similar to the challenges of service deployment, in an environment with multiple control loops. Techniques should be able to address adaptive protection, detection and response, and reasoning techniques based on digital twins or AI are promising for candidates to consider.
• Exploitation of (distributed) AI/ML for 6G Infrastructures, targeting net-zero scenarios: This topic covers security and service deployment scenarios. The objective is the development of techniques, protocols of novel architectures for the integration of AI/ML in scenarios to multiple applications in terms of security and service processes, including aspects as securing physical layers (e.g. anti-jamming), provide adaptive response to incidents, define service and security function placement (protection and detection), and for the intrinsic resilience of the AI process (e.g. data poisoning in control/management), improving AI security. It can address societal concerns such as potential biased usage of AI and includes both the threats directly applicable to user data traffic, and their control and management. Another major concern inside this challenge is to promote the utilisation of renewable energy resources (deployed and distributed all over the network) for the learning process, able to provide an efficient greenness-accuracy trade-off, preserve privacy, and scale to large networks.
• Developments on service technologies for secure time-sensitive and computation intensive applications. The challenges posed by virtualised environments require a new set of technologies to support stringent requirements. The topic aims to develop techniques able to: i) assure time guarantees for containers or similar virtualisation technologies; ii) time aware orchestration frameworks; iii) provide secure isolation techniques for dynamic instantiations; iv) abstraction mechanisms for the network compute fabric to support function delegation in low power scenarios.
• Physical layer security: Physical layer security technologies, including ML based techniques to combat the increased number of potential threats (e.g., rogue terminal/network identification, eavesdropping detection) and cyberattacks to secure both users and networks, and considering the new attack surfaces brought in by new hardware and software architectures (e.g., massive MIMO, RIS).

Human Centric methods that give the control to the user to guarantee privacy and confidentiality, for both service development and service execution. It addresses service and business enablement with security attributes exposure and security awareness through security SLA, auditable per stakeholders and users. Methods for quantification of security to make the users aware of the systems and services used and associated risks is in scope, including certification proposals to raise user awareness.