ERMIS Project

Marketplace Governance services (H1):
This set of services aim to support the secure and reliable operation of the ERMIS marketplace for the European organisations.

Evidence-based security assurance and insurance risk assessment (C1):
This layer comprises the first set of services that supports the implementation of the ERMIS cyber risk assessment process that includes the specification of the potential attack surface in cyber systems, consisting of cyber assets and their models, the assessment of the vulnerabilities related to these assets and a risk estimation from the exposure of the assets to threats

Risk-aware security certification (C2):
The dynamic certification process in ERMIS. This is built on top of verifiable certification models with the aim to support the execution of static and dynamic security testing for the assessments of the soundness and the effectiveness of the security controls used in composite ICT environments to mitigate cyber risks

Risk awareness-enriched cyber insurance management (C3):
In this layer, we include the service capabilities for the management of cyber insurance policies and related contracts. These capabilities rely on the continuous and iterative interaction with the dynamic certification and risk assessment processes.

Operational space analytics (H2):
The ERMIS Marketplace introduces a set of ML-based models and components that facilitate the collection and analysis of logs from the organisational cyber systems (SO1.4, T5.4) with the aim to support the execution of the processes for security assurance, risk management, certification and insurance through operational evidence.

User Interfaces (H3):
ERMIS delivers intuitive visualisations and dashboards to support the implementation of the marketplace business scenarios and the management of the governance services