Loading…
Strategic Analysis
This Horizon Europe Innovation Action targets the critical need for trustworthy AI by focusing on its security, privacy, and robustness. A winning proposal must demonstrate highly innovative, practical solutions that directly counter emerging threats like adversarial attacks and data poisoning, while embedding privacy-by-design for sensitive applications in government and enterprise. The key is to deliver deployable technologies that align with the EU AI Act and reinforce Europe's digital sovereignty.
TRL 4 → 8
Based on programme defaults
Develop robust AI models resistant to adversarial attacks. Exploring techniques to harden AI models and systems against adversarial perturbations, such as adversarial training, robust optimisation, and defence mechanisms that enhance the trustworthiness of AI.
Improve detection of manipulated or poisoned training data. Advancing methodologies to identify and mitigate compromised datasets, leveraging techniques such as anomaly detection, provenance tracking, and automated data validation mechanisms.
Address the concept of Private AI by developing mechanisms that enable AI models to be trained, deployed and operated in privacy-preserving environments, particularly for sensitive use cases, as for example for government and enterprise settings. This includes ensuring AI computations and data remain within trusted execution boundaries (e.g. on-premise or regulated cloud environments), and leveraging existing and emerging privacy-enhancing techniques such as federated learning, secure aggregation, computing on encrypted data, quantum-safe homomorphic encryption and secure inference in deep learning to safeguard the protection of personal and other sensitive data throughout the AI lifecycle.
Robust AI models and systems capable of resisting different classes of adversarial manipulation;
Innovative defence mechanisms for AI models and systems against new attack families;
Methodologies for detecting and mitigating attacks, such as data poisoning, backdoor exploitation and misclassification;
AI systems leveraging privacy-enhancing technologies that maintain data confidentiality and regulatory compliance, enabling trusted in-house AI deployments (e.g., for governments and enterprises).
No expected impacts identified for this destination.
AI Act
highThe AI Act establishes a regulatory framework for AI systems, categorising them by risk and setting requirements for transparency, safety, and accountability, particularly for high-risk applications like healthcare.
Evaluators will prioritise proposals that conduct thorough risk assessments of existing AI models under the AI Act and outline how the AGI roadmap ensures compliance with its provisions.
1. Admissibility conditions — Proposal page limit and layout described in Annex A and Annex E of the Horizon Europe Work Programme General Annexes. Proposal page limits and layout: described in Part B of the Application Form available in the Submission System.
2. Eligible Countries — described in Annex B of the Work Programme General Annexes. A number of non-EU/non-Associated Countries that are not automatically eligible for funding have made specific provisions for making funding available for their participants in Horizon Europe projects. See the information in the Horizon Europe Programme Guide .
3. Other Eligibility Conditions — In order to achieve the expected outcomes, and safeguard the Union’s strategic assets, interests, autonomy, and security, participation in this topic is limited to legal entities established in Member States and Associated Countries. In order to guarantee the protection of the strategic interests of the Union and its Member States, entities established in an eligible country listed above, but which are directly or indirectly controlled by a non-eligible country or by a non-eligible country entity, shall not participate in the action. described in Annex B of the Work Programme General Annexes.
4. Financial and operational capacity and exclusion — described in Annex C of the Work Programme General Annexes.
5a. Evaluation and award: Award criteria, scoring and thresholds — are described in Annex D of the Work Programme General Annexes.
5b. Evaluation and award: Submission and evaluation processes — are described in Annex F of the Work Programme General Annexes and the Online Manual .
5c. Evaluation and award: Indicative timeline for evaluation and grant agreement — described in Annex F of the Work Programme General Annexes.
6. Legal and financial set-up of the grants — Eligible costs will take the form of a lump sum as defined in the Decision of 7 July 2021 authorising the use of lump sum contributions under the Horizon Europe Programme – the Framework Programme for Research and Innovation (2021-2027) – and in actions under the Research and Training Programme of the European Atomic Energy Community (2021-2025) [[This decision is available on the Funding and Tenders Portal, in the reference documents section for Horizon Europe, under ‘Simplified costs decisions’ or through this link: https://ec.europa.eu/info/funding-tenders/opportunities/docs/2021-2027/horizon/guidance/ls-decision_he_en.pdf ]]. described in Annex G of the Work Programme General Annexes.
described in the [specific topic of the Work Programme] Some activities resulting from this topic may involve using classified background and/or producing of security sensitive results (EUCI and SEN). Please refer to the related provisions in section B Security — EU classified and sensitive information of the General Annexes.
Application form templates — the application form specific to this call is available in the Submission System Standard application form (HE RIA, IA) Evaluation form templates — will be used with the necessary adaptations Standard evaluation form (HE RIA, IA) Guidance HE Programme Guide Model Grant Agreements (MGA) Lump Sum MGA Call-specific instructions Detailed budget table (HE LS) Guidance: "Lump sums - what do I need to know?" Ownership Control Declaration Information on Security issues (Security section)
HE Main Work Programme 2026-2027 – 1. General Introduction HE Main Work Programme 2026-2027 – 6. Civil Security for Society HE Main Work Programme 2026-2027 – 15. General Annexes HE Programme Guide Decision authorising the use of lump sum contributions under the Horizon Europe Programme Rules for Legal Entity Validation, LEAR Appointment and Financial Capacity Assessment EU Grants AGA — Annotated Model Grant Agreement Funding & Tenders Portal Online Manual Funding & Tenders Portal Terms and Conditions Funding & Tenders Portal Privacy Statement
Evaluators will prioritize proposals that offer cutting-edge and practical solutions for enhancing AI security, privacy, and robustness, clearly demonstrating advancement beyond the current state-of-the-art. They will look for a strong emphasis on real-world integration and validation in sensitive use cases (e.g., government, critical infrastructure, enterprise), ensuring compliance with the upcoming AI Act and relevant data protection regulations. For an Innovation Action, a clear path to market uptake and tangible impact is paramount.
Everything the call asks for, seen from the call's point of view. Each line shows what answers it, and which partner carries it.
This matrix lists everything the call asks for: outcomes, impacts, scope, the requirements buried in the call text, and policy alignment. Sign up free and GrantForge tracks each line against the concept you build.
| Requirement | Covered by | Carried | Status |
|---|---|---|---|
| Scope activities | |||
| SC1Develop robust AI models resistant to adversarial attacks. Exploring techniques to harden AI models and systems against adversarial perturbations, such as adversarial training, robust optimisation, and defence mechanisms that enhance the trustworthiness of AI. | · | · | Sign up to track |
| SC2Improve detection of manipulated or poisoned training data. Advancing methodologies to identify and mitigate compromised datasets, leveraging techniques such as anomaly detection, provenance tracking, and automated data validation mechanisms. | · | · | Sign up to track |
| SC3Address the concept of Private AI by developing mechanisms that enable AI models to be trained, deployed and operated in privacy-preserving environments, particularly for sensitive use cases, as for example for government and enterprise settings. This includes ensuring AI computations and data remain within trusted execution boundaries (e.g. on-premise or regulated cloud environments), and leveraging existing and emerging privacy-enhancing techniques such as federated learning, secure aggregation, computing on encrypted data, quantum-safe homomorphic encryption and secure inference in deep learning to safeguard the protection of personal and other sensitive data throughout the AI lifecycle. | · | · | Sign up to track |
| Expected outcomes | |||
| EO1Robust AI models and systems capable of resisting different classes of adversarial manipulation; | · | · | Sign up to track |
| EO2Innovative defence mechanisms for AI models and systems against new attack families; | · | · | Sign up to track |
| EO3Methodologies for detecting and mitigating attacks, such as data poisoning, backdoor exploitation and misclassification; | · | · | Sign up to track |
| EO4AI systems leveraging privacy-enhancing technologies that maintain data confidentiality and regulatory compliance, enabling trusted in-house AI deployments (e.g., for governments and enterprises). | · | · | Sign up to track |
| Other requirements | |||
| No other requirements in this call. | |||
| Expected impacts | |||
| No expected impacts in this call. | |||
| Underlying policies | |||
| POL1ai actThe AI Act establishes a regulatory framework for AI systems, categorising them by risk and setting requirements for transparency, safety, and accountability, particularly for high-risk applications like healthcare. | · | · | Sign up to track |
The binding rules of this call. Items marked auto are verified by GrantForge from the call and the template. The others are yours to confirm.
LMIC entities auto-eligible
Low/middle-income country entities are automatically eligible for funding.
EU space data infrastructures
If the project uses satellite-based Earth observation, positioning, navigation or timing data/services, beneficiaries must use Copernicus and/or Galileo/EGNOS. Other sources may be added but not substitute EU infrastructures.
Civil applications only
Horizon Europe funds exclusively civil applications. Research with exclusive military or dual-use application is excluded.
Gender Equality Plan
Having a Gender Equality Plan (GEP) is an eligibility criterion for public bodies, research organisations, and higher education institutions from Member States and Associated Countries.
Open Science
Mandatory open access to peer-reviewed scientific publications and responsible management of research data (FAIR principles, DMP required).
Talk to the Grant Coach to build your concept. The steps below fill in as it takes shape, and your coverage tracks the progress. You can refine everything once your project workspace is created.
Step 1 of 2 · Build your concept
The problems this call frames, and who they affect. Your concept and plan address them.
Step 2 of 2 · Build your concept
The long-term impacts your project should drive — this shapes the objectives next.