SAFE4SOC

Standard Alert Format Exchange for SOCs: A European network establishing standards for data exchange between Security Operations Centers (SOCs) and the integration of cybersecurity systems

What is SAFE4SOC?

SAFE4SOC aims to improve the detection of cyber threats and the sharing of information among public, private, and defense entities responsible for cybersecurity (such as SOCs, CSIRTs, SMEs, etc.). The project develops tools that enable the structured, compliant, and AI-assisted sharing of information on incidents and anomalies.

What is proposed

SAFE4SOC aims to improve the detection of cyber threats and the sharing of information among public, private, and defense entities responsible for cybersecurity (such as SOCs, CSIRTs, SMEs, etc.). The project develops tools that enable the structured, compliant, and AI-assisted sharing of information on incidents and anomalies. The SAFE4SOC project aims to achieve several key outcomes that will have a significant impact on cybersecurity management at the European level. First, the project focuses on developing and deploying a suite of innovative tools—both open-source and commercial—that will enable more efficient and structured information sharing among various Security Operations Centers (SOCs), Computer Security Incident Response Teams (CSIRTs), and other entities involved in cybersecurity management. These tools will be designed to be easily integrated into existing systems, thereby improving collaboration and communication at both the national and cross-border levels. Another expected outcome concerns the standardization of the data exchange format between SOCs through the adoption of a common pivot format (IDMEFv2), proposed as an international standard. This will help overcome current interoperability challenges and ensure that information regarding incidents and threats can be understood and managed by all stakeholders, regardless of the technologies used. Furthermore, the integration of tools based on artificial intelligence and machine learning will enable the shared data to be leveraged to its fullest potential, significantly improving the detection, response, and explainability of cyber incidents. This is expected to lead to reduced response times and greater effectiveness in threat prevention and analysis. Finally, validating the project through a series of pilot initiatives in various European countries will allow for field testing of the proposed solutions’ effectiveness, promoting the dissemination of best practices and alignment with European cybersecurity policies. These results will help strengthen the European digital defense system, fostering greater resilience against emerging cyber threats.

Project type

European Commission, Digital Europe Programme (DIGITAL) - DIGITAL-ECCC-2022-CYBER-B-03 (Cybersecurity & Trust) - Project No. 101145846

SAFE4SOC

Information

Area

RESEARCH AND DEVELOPMENT

Period

January 1, 2024 – December 31, 2026

Total value

€ 7.101.101,36

Total value for EHT

€877,480.00 > EHT

Status

Ongoing

Partners

INSTITUT MINES-TELECOM (IMT) (LEAD PARTNER)

FRAUNHOFER SOCIETY FOR THE PROMOTION OF APPLIED RESEARCH EV – FRAUNHOFER

French Alternative Energies and Atomic Energy Commission – CEA

EHT SCPA

VICOMTECH Foundation – Center for Visual Interaction and Communication Technologies – VICOM

NICOS CORPORATION

TECLIB

UAB NRD CS - NRD CS

Vytautas Magnus University – VMU

CONSORTIUM FOR INFORMATION SYSTEMS (CSI PIEDMONT)