Loading…
Strategic Analysis
This call seeks to significantly advance the security posture of both hardware and software, addressing vulnerabilities from design to deployment, including emerging quantum threats. A winning proposal will present integrated, innovative solutions for tamper-resistant architectures, supply chain transparency, and self-healing mechanisms, demonstrating clear pathways to practical implementation and contribution to EU cybersecurity resilience and certification.
TRL 2 → 6
Based on programme defaults
Develop new architectures for tamper-resistant chips and processors. Exploring novel designs for secure microprocessors, leveraging hardware-level security enhancements, and integrating cryptographic co-processors that may also support post-quantum cryptography (PQC), for enhanced protection against tampering and side-channel attacks.
Enhance supply chain transparency for chip production and integration. Exploring innovative ways to improve traceability and accountability in chip manufacturing processes, including methods such as post-quantum secure hardware roots of trust, blockchain for tracking components, or certification mechanisms.
Establish security-by-design methodologies for hardware security assessment. Advancing methodologies for systematic security testing of hardware components, including automated vulnerability analysis, verification frameworks, and integration of security assessment into chip design and lifecycle management.
Develop methods and tools for an effective and efficient non-destructive authentication and physical analysis of integrated circuits and multi-chips modules (chiplets).
Develop technical means for ensuring hardware supply chain security, and secure PQC implementations: hardware trojan and backdoor detection, hardware watermarking, relevant reverse engineering techniques, countermeasures also against new classes of hardware physical attacks. Develop self-healing firmware able to recover from cyber-attacks. Develop firmware able to leverage advanced anomaly detection, AI-driven threat mitigation and secure rollback mechanisms to automatically identify cyber-attacks, isolate compromised components restore the system to a trusted state while maintaining operational continuity.
Develop innovative tools for real-time software vulnerability detection and automatic patching. Advancing the state of automated detection techniques, incorporating dynamic analysis, AI-driven pattern recognition, predictive analytics to proactively identify security weaknesses before exploitation and self-healing mechanisms.
Enhance secure software frameworks, including protection against the quantum threat. Exploring new methodologies for integrating security-by-design principles across development workflows, incorporating approaches such as automated security policy enforcement, modular security components, and improved dependency management.
Improve resilience against supply chain cyber threats. Investigating novel mitigation strategies, including provenance tracking for software components and their analysis, secure update distribution mechanisms including protection from emerging quantum threats where relevant, enhanced anomaly detection, and multi-layer defence approaches to ensure integrity and trustworthiness.
Enhanced security frameworks for both hardware and software supply chains, building on root-of-trust architectures and secure lifecycle management;
Secure and trusted chip architectures for next-generation computing and networking systems;
Integrated security-by-design approaches in software development, aimed to be aligned with relevant regulatory requirements;
Security testing methodologies, including formal verification approaches and AI-driven security testing methodologies;
Standardised methodologies for hardware security assessment, also contributing to cybersecurity certification.
No expected impacts identified for this destination.
No EU policy alignment identified for this call.
1. Admissibility conditions — Proposal page limit and layout described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes. Proposal page limits and layout: described in Part B of the Application Form available in the Submission System.
2. Eligible Countries — described in Annex B of the Work Programme General Annexes. A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon Europe projects. See the information in the Horizon Europe Programme Guide .
3. Other Eligibility Conditions — In order to achieve the expected outcomes, and safeguard the Union’s strategic assets, interests, autonomy, and security, participation in this topic is limited to legal entities established in Member States and Associated Countries. In order to guarantee the protection of the strategic interests of the Union and its Member States, entities established in an eligible country listed above, but which are directly or indirectly controlled by a non-eligible country or by a non-eligible country entity, shall not participate in the action. described in Annex B of the Work Programme General Annexes.
4. Financial and operational capacity and exclusion — described in Annex C of the Work Programme General Annexes.
5a. Evaluation and award: Award criteria, scoring and thresholds — To ensure a balanced portfolio covering a broad range of research areas, grants will be awarded to applications not only in order of ranking but at least also to the two highest ranked proposal addressing area a) as their main area of focus and the highest ranked proposal addressing area b) as its main area of focus , provided that the applications attain all thresholds. are described in Annex D of the Work Programme General Annexes.
5b. Evaluation and award: Submission and evaluation processes — are described in Annex F of the Work Programme General Annexes and the Online Manual .
5c. Evaluation and award: Indicative timeline for evaluation and grant agreement — described in Annex F of the Work Programme General Annexes.
6. Legal and financial set-up of the grants — Eligible costs will take the form of a lump sum as defined in the Decision of 7 July 2021 authorising the use of lump sum contributions under the Horizon Europe Programme – the Framework Programme for Research and Innovation (2021-2027) – and in actions under the Research and Training Programme of the European Atomic Energy Community (2021-2025) [[This decision is available on the Funding and Tenders Portal, in the reference documents section for Horizon Europe, under ‘Simplified costs decisions’ or through this link: https://ec.europa.eu/info/funding-tenders/opportunities/docs/2021-2027/horizon/guidance/ls-decision_he_en.pdf ]]. described in Annex G of the Work Programme General Annexes.
described in the [specific topic of the Work Programme] Some activities resulting from this topic may involve using classified background and/or producing of security sensitive results (EUCI and SEN). Please refer to the related provisions in section B Security — EU classified and sensitive information of the General Annexes.
Application form templates — the application form specific to this call is available in the Submission System Standard application form (HE RIA, IA) Evaluation form templates — will be used with the necessary adaptations Standard evaluation form (HE RIA, IA) Guidance HE Programme Guide Model Grant Agreements (MGA) Lump Sum MGA Call-specific instructions Detailed budget table (HE LS) Guidance: "Lump sums - what do I need to know?" Ownership Control Declaration Information on Security issues (Security section)
HE Main Work Programme 2026-2027 – 1. General Introduction HE Main Work Programme 2026-2027 – 6. Civil Security for Society HE Main Work Programme 2026-2027 – 15. General Annexes HE Programme Guide Decision authorising the use of lump sum contributions under the Horizon Europe Programme Rules for Legal Entity Validation, LEAR Appointment and Financial Capacity Assessment EU Grants AGA — Annotated Model Grant Agreement Funding & Tenders Portal Online Manual Funding & Tenders Portal Terms and Conditions Funding & Tenders Portal Privacy Statement
Evaluators will prioritize proposals that demonstrate a holistic and cutting-edge approach to securing the entire hardware and software lifecycle. Key aspects they will look for include novel architectures for tamper-resistance, effective post-quantum cryptography (PQC) integration, robust supply chain transparency and traceability, and advanced, automated security-by-design methodologies. The development of real-time, AI-driven vulnerability detection, self-healing firmware, and contributions to cybersecurity certification will be highly valued, emphasizing practical impact and alignment with EU strategic autonomy.
Everything the call asks for, seen from the call's point of view. Each line shows what answers it, and which partner carries it.
This matrix lists everything the call asks for: outcomes, impacts, scope, the requirements buried in the call text, and policy alignment. Sign up free and GrantForge tracks each line against the concept you build.
| Requirement | Covered by | Carried | Status |
|---|---|---|---|
| Scope activities | |||
| SC1Develop new architectures for tamper-resistant chips and processors. Exploring novel designs for secure microprocessors, leveraging hardware-level security enhancements, and integrating cryptographic co-processors that may also support post-quantum cryptography (PQC), for enhanced protection against tampering and side-channel attacks. | · | · | Sign up to track |
| SC2Enhance supply chain transparency for chip production and integration. Exploring innovative ways to improve traceability and accountability in chip manufacturing processes, including methods such as post-quantum secure hardware roots of trust, blockchain for tracking components, or certification mechanisms. | · | · | Sign up to track |
| SC3Establish security-by-design methodologies for hardware security assessment. Advancing methodologies for systematic security testing of hardware components, including automated vulnerability analysis, verification frameworks, and integration of security assessment into chip design and lifecycle management. | · | · | Sign up to track |
| SC4Develop methods and tools for an effective and efficient non-destructive authentication and physical analysis of integrated circuits and multi-chips modules (chiplets). | · | · | Sign up to track |
| SC5Develop technical means for ensuring hardware supply chain security, and secure PQC implementations: hardware trojan and backdoor detection, hardware watermarking, relevant reverse engineering techniques, countermeasures also against new classes of hardware physical attacks. Develop self-healing firmware able to recover from cyber-attacks. Develop firmware able to leverage advanced anomaly detection, AI-driven threat mitigation and secure rollback mechanisms to automatically identify cyber-attacks, isolate compromised components restore the system to a trusted state while maintaining operational continuity. | · | · | Sign up to track |
| SC6Develop innovative tools for real-time software vulnerability detection and automatic patching. Advancing the state of automated detection techniques, incorporating dynamic analysis, AI-driven pattern recognition, predictive analytics to proactively identify security weaknesses before exploitation and self-healing mechanisms. | · | · | Sign up to track |
| SC7Enhance secure software frameworks, including protection against the quantum threat. Exploring new methodologies for integrating security-by-design principles across development workflows, incorporating approaches such as automated security policy enforcement, modular security components, and improved dependency management. | · | · | Sign up to track |
| SC8Improve resilience against supply chain cyber threats. Investigating novel mitigation strategies, including provenance tracking for software components and their analysis, secure update distribution mechanisms including protection from emerging quantum threats where relevant, enhanced anomaly detection, and multi-layer defence approaches to ensure integrity and trustworthiness. | · | · | Sign up to track |
| Expected outcomes | |||
| EO1Enhanced security frameworks for both hardware and software supply chains, building on root-of-trust architectures and secure lifecycle management; | · | · | Sign up to track |
| EO2Secure and trusted chip architectures for next-generation computing and networking systems; | · | · | Sign up to track |
| EO3Integrated security-by-design approaches in software development, aimed to be aligned with relevant regulatory requirements; | · | · | Sign up to track |
| EO4Security testing methodologies, including formal verification approaches and AI-driven security testing methodologies; | · | · | Sign up to track |
| EO5Standardised methodologies for hardware security assessment, also contributing to cybersecurity certification. | · | · | Sign up to track |
| Other requirements | |||
| No other requirements in this call. | |||
| Expected impacts | |||
| No expected impacts in this call. | |||
| Underlying policies | |||
| No underlying policies in this call. | |||
The binding rules of this call. Items marked auto are verified by GrantForge from the call and the template. The others are yours to confirm.
LMIC entities auto-eligible
Low/middle-income country entities are automatically eligible for funding.
EU space data infrastructures
If the project uses satellite-based Earth observation, positioning, navigation or timing data/services, beneficiaries must use Copernicus and/or Galileo/EGNOS. Other sources may be added but not substitute EU infrastructures.
Civil applications only
Horizon Europe funds exclusively civil applications. Research with exclusive military or dual-use application is excluded.
Gender Equality Plan
Having a Gender Equality Plan (GEP) is an eligibility criterion for public bodies, research organisations, and higher education institutions from Member States and Associated Countries.
Open Science
Mandatory open access to peer-reviewed scientific publications and responsible management of research data (FAIR principles, DMP required).
Talk to the Grant Coach to build your concept. The steps below fill in as it takes shape, and your coverage tracks the progress. You can refine everything once your project workspace is created.
Step 1 of 2 · Build your concept
The problems this call frames, and who they affect. Your concept and plan address them.
Current chip designs often do not inherently incorporate sufficient tamper-resistance or cryptographic co-processors, making them susceptible to physical and advanced logical attacks. The rise of quantum computing further exacerbates this, requiring new post-quantum secure hardware implementations.
The complex global supply chains for hardware and software components present numerous opportunities for malicious actors to introduce hardware Trojans, backdoors, or vulnerabilities. Without robust traceability, authentication, and secure update mechanisms, the integrity and trustworthiness of critical systems are at risk.
Traditional security testing struggles to keep pace with the complexity of modern hardware and software. There is a need for more systematic, automated, and AI-driven approaches for vulnerability analysis, formal verification, and non-destructive physical analysis of integrated circuits, which can be integrated into design and lifecycle management to support robust cybersecurity certification.
The speed and sophistication of cyber-attacks often outmatch current software security defenses. There is a critical need for innovative tools that can perform real-time vulnerability detection, automatic patching, and self-healing capabilities, leveraging advanced techniques like AI-driven anomaly detection and secure rollback mechanisms.
Direct beneficiaries who will utilize the developed tools, methodologies, and secure components to enhance their operational security, threat detection, and incident response capabilities.
Direct beneficiaries responsible for designing, producing, and integrating secure chips, processors, and multi-chip modules, who will adopt the new architectures and assessment methods.
Direct beneficiaries who will implement security-by-design principles, leverage secure software frameworks, and use advanced vulnerability detection and patching tools in their development workflows.
Direct beneficiaries whose essential services and systems will benefit from enhanced hardware and software security, leading to greater resilience against cyber threats and operational continuity.
Direct beneficiaries who will integrate the project's standardized methodologies for hardware and software security assessment into new or existing cybersecurity certification schemes and standards.
Indirect beneficiaries who will benefit from the new knowledge, advanced research methods, and scientific publications generated by the project, fostering further innovation in hardware and software security.
Indirect beneficiaries who will experience increased trust, safety, and reliability in digital products and services due to enhanced underlying hardware and software security.
Indirect beneficiaries who will use the project's outcomes and insights to inform the development of future cybersecurity policies, regulations, and strategic initiatives at national and EU levels.
Step 2 of 2 · Build your concept
The long-term impacts your project should drive — this shapes the objectives next.
The project will significantly enhance the ability of European digital infrastructures and systems to withstand, detect, and recover from sophisticated cyber-attacks, including those leveraging advanced hardware vulnerabilities and quantum threats. This will lead to greater trust in digital services and reduced disruption.
By developing cutting-edge, EU-led solutions for secure hardware architectures, supply chain transparency, and security-by-design methodologies, the project will reduce reliance on external technologies and foster a competitive European cybersecurity industry, contributing to strategic autonomy.
The advanced detection, prevention, and self-healing capabilities developed will lead to fewer successful cyber-attacks, faster recovery times, and reduced financial losses for businesses and public services, as well as minimizing societal disruption.
The project's methodologies for hardware security assessment, supply chain transparency, and security-by-design will provide a strong basis for new or updated European cybersecurity standards and certification frameworks, enhancing trust and market access for secure products.