Data repository for security research and innovation

1. GRANT PURPOSE AND TARGET

Core Objective

This grant aims to fund the creation and deployment of a fully functional and operational common research data repository for the European security research community. The project will build upon the results of the previous LAGO project to create a centralized platform for storing, managing, and sharing verified research, training, and testing data, thereby preventing data loss and enhancing the trustworthiness and impact of security research.

Funding Organization

European Commission, under the Horizon Europe framework programme.

Target Recipients

This call is open to any legal entity, regardless of its place of establishment, provided they meet the consortium requirements. The intended community for the repository includes researchers, practitioners (end-users), industry (including SMEs), and policy makers involved in security research.

Sector Focus

SECTOR-AGNOSTIC. While the repository's subject matter is specific to the civil security sector (including fighting crime, disaster resilience, border management, and infrastructure resilience), applicants from any sector (e.g., software development, data science, IT services) with the required technical expertise are eligible to apply.

Geographic Scope

The grant is open to entities from EU Member States and countries associated with the Horizon Europe programme. However, specific restrictions apply:
* Legal entities established in China are not eligible to participate in Innovation Actions.
* Legal entities established in Russia, Belarus, or non-government controlled territories of Ukraine are not eligible to participate.
* Entities assessed as 'high-risk suppliers' of mobile network equipment are not eligible to participate due to security restrictions on European communication networks.

Key Filtering Criteria

• Project Scale: The expected EU contribution is €3,000,000.
• Project Type: Innovation Action (IA), requiring the development and deployment of a fully functional and operational data repository.
• Project Duration: Maximum estimated duration of 3 years.
• Prerequisite: Proposals must build on the roadmap and outcomes of the LAGO project.

4. FINANCIAL STRUCTURE

Funding Range

• The EU contribution for this topic is specified as €3,000,000. The call expects to fund one project.

Co-financing

• This is an Innovation Action (IA). The funding rate is:
  • 100% of total eligible costs for non-profit legal entities.
  • 70% of total eligible costs for for-profit legal entities. This implies a co-financing requirement of 30% from for-profit participants.

Eligible Costs

Eligible costs must be actually incurred by the beneficiary, necessary for the project, and recorded in the accounts. Key categories include:
* Personnel costs: Salaries and social security contributions for staff assigned to the project.
* Subcontracting costs: Costs for services outsourced to third parties to perform specific project tasks.
* Purchase costs: Including travel and subsistence, equipment (depreciation costs), and other goods, works, and services (e.g., consumables, dissemination costs).
* Indirect costs: A 25% flat-rate of the eligible direct costs is applied to cover general overheads. This excludes subcontracting costs and costs of financial support to third parties.

Ineligible Costs

Costs that are not eligible for reimbursement include, but are not limited to:
* Debt and debt service charges.
* Provisions for future losses or debts.
* Interest owed.
* Currency exchange losses.
* Deductible VAT.

Payment & Reporting

• Payments are managed through the EU Funding & Tenders Portal. A pre-financing payment is typically made at the start of the project to provide a float.
• An amount of 5-8% of the maximum grant amount is retained from the pre-financing and contributed to the Mutual Insurance Mechanism.
• Subsequent interim payments are linked to the submission and approval of periodic reports (both technical and financial).
• The final payment is processed after the submission and approval of the final report at the end of the project.

2. ELIGIBILITY REQUIREMENTS

Formal Criteria

• Consortium Composition: To be eligible, a consortium must consist of at least three independent legal entities, each established in a different country, with the following structure:
  • At least one independent legal entity established in an EU Member State.
  • At least two other independent legal entities, each established in different EU Member States or Associated Countries.
• Gender Equality Plan (GEP): As of 2022, public bodies, research organisations, and higher education establishments from EU Member States and Associated Countries must have a Gender Equality Plan in place to be eligible for funding. This is a self-declared criterion at the proposal stage.
• Application Submission: Proposals must be submitted electronically via the EU Funding & Tenders Portal before the specified deadline and must adhere to the page limits and formatting requirements outlined in the application template (Part B: 45 pages for Innovation Actions).

Organizational Status

• Any legal entity, regardless of its place of establishment, is eligible to participate, provided they adhere to the consortium and geographic scope rules. This includes universities, research organizations, public bodies, non-profits, SMEs, and large enterprises.

Technical Expertise

The consortium must demonstrate expertise in the following areas:
* Development and deployment of large-scale data repositories and databases.
* Research data management, including FAIR principles (Findable, Accessible, Interoperable, Re-usable).
* Technical, legal, and ethical requirements for handling sensitive and security-related data, including data protection and privacy (GDPR).
* Interoperability with major European data initiatives such as the European Open Science Cloud (EOSC), TESSERA project, European Data Spaces, and GAIA-X.
* Knowledge of the European security research landscape and the specific data needs of domains like fighting crime and terrorism, infrastructure resilience, border management, and disaster resilience.
* The proposal must demonstrate a clear understanding of and plan to build upon the findings of the LAGO project.

Exclusion Criteria

• Geographic Exclusions: Legal entities established in Russia, Belarus, or non-government controlled territories of Ukraine are not eligible. Legal entities established in China are not eligible to participate in Innovation Actions.
• EU Restrictive Measures: Entities subject to EU sanctions are not eligible to participate in any capacity.
• High-Risk Suppliers: Entities identified as high-risk suppliers for European communication networks (and entities they control) are not eligible to participate as beneficiaries, affiliated entities, or associated partners.

5. APPLICATION PRACTICAL INFORMATION

Deadlines

• Call Opening: 12 June 2025
• Submission Deadline: 12 November 2025, 17:00:00 Brussels Time (CET)

Required Documents

The application consists of two main parts, submitted electronically:
* Part A (Administrative Forms): Structured data entered directly into the online submission system, including participant details, budget overview, and declarations.
* Part B (Technical Description): A narrative document uploaded as a PDF, detailing the project's excellence, impact, and implementation. The page limit for Innovation Actions is 45 pages. The template is available in the submission system.
* Call-specific Annex: Applicants may need to complete and upload the 'Information on Security Practitioners Template'.

Application Process

• Proposals must be submitted electronically through the EU Funding & Tenders Portal via the topic page for HORIZON-CL3-2025-01-SSRI-05.
• The submission process is a single-stage procedure.
• Applicants must be registered in the Participant Register and have a 9-digit Participant Identification Code (PIC).

Support

• Financial Support: The action is supported through a grant of €3,000,000.
• Guidance and Assistance: Applicants can access support through:
  • National Contact Points (NCPs)
  • Enterprise Europe Network (EEN)
  • EU Research Enquiry Service, IT Helpdesk, and IPR Helpdesk.
  • Extensive documentation including the Online Manual and Programme Guide.

Post-Award Obligations

• Implementation: The project must be implemented as described in Annex 1 of the Grant Agreement. The repository must be operational for testing for at least one year before the project's conclusion.
• Reporting: Beneficiaries must provide continuous reporting on milestones and deliverables via the portal, as well as periodic technical and financial reports to trigger payments.
• Exploitation & Sustainability: A detailed plan for the exploitation and dissemination of results must be delivered and updated. This must include a sustainability plan for the repository's operation beyond the project's funding period.
• Record-Keeping: Records and supporting documents must be kept for up to 5 years after the final payment for potential audits and checks.

3. EVALUATION CRITERIA

Proposals will be evaluated based on three main criteria: Excellence, Impact, and Quality and Efficiency of the Implementation. Each criterion is scored from 0 to 5. To be considered for funding, a proposal must meet an individual threshold of 3/5 for each criterion and an overall threshold of 10/15. For Innovation Actions (IA), the 'Impact' criterion is weighted by 1.5 for ranking proposals with the same total score.

Scoring Factors

• 1. Excellence (Threshold: 3/5)

  • Clarity and Pertinence of Objectives: The project's goals must be clear, relevant to the topic, and ambitious. It must demonstrate how it goes beyond the current state-of-the-art.
  • Soundness of Methodology: The proposed methodology for creating, testing, and deploying the data repository will be assessed. This includes the soundness of the underlying concepts, models, and assumptions. The quality of interdisciplinary approaches and open science practices (data management, FAIR principles) are key. The methodology must build upon the LAGO project's roadmap and outcomes.
  • Gender Dimension: Applicants must describe how the gender dimension (sex and/or gender analysis) is taken into account, if relevant to the research content. Justification is required if it is not considered relevant.

• 2. Impact (Threshold: 3/5, Weight: 1.5)

  • Credibility of Pathways to Impact: The proposal must convincingly describe how the project's results will contribute to the expected outcomes and impacts listed in the work programme. This includes achieving more trustworthy research, increasing the visibility of research work, and enhancing collaboration within the security community. The scale and significance of these contributions will be evaluated.
  • Measures to Maximise Impact: The quality of the 'plan for the dissemination and exploitation including communication activities' is crucial. This includes a robust strategy for exploitation and a sustainability plan to maintain the repository after the project's lifetime.

• 3. Quality and efficiency of the implementation (Threshold: 3/5)

  • Work Plan and Resources: The quality and effectiveness of the work plan, including the allocation of tasks and resources across work packages, will be assessed. The plan must include extensive testing and validation of the repository, which should be operational for testing at least one year before the project ends.
  • Risk Assessment: The proposal must include a credible assessment of critical risks to implementation and provide appropriate mitigation measures.
  • Consortium Capacity: The capacity of each participant and the consortium as a whole will be evaluated. The consortium must demonstrate it brings together the necessary expertise (technical, legal, ethical, security domain knowledge) and has access to any required infrastructure.

Strategic Fit

The project must explicitly align with the goal of creating a common data repository for security research, building directly on the foundation laid by the LAGO project. It must demonstrate how it will interact with and ensure interoperability with other key European initiatives like EOSC, TESSERA, and GAIA-X.

Cross-cutting Themes

• Open Science: The proposal must detail how it will implement open science practices. Data sharing should adhere to the 'as open as possible, as closed as necessary' principle, and research data must be managed according to FAIR principles. This is a core part of the methodology evaluation.
• Gender: While mandatory integration of the gender dimension into the content is only required if relevant, proposals should consider if data disaggregation by gender is applicable to enhance the repository's value. A Gender Equality Plan is an eligibility requirement for certain types of organizations.
• AI and Digital Agenda: The project directly contributes to the EU's digital agenda by creating a significant data infrastructure. The use of AI-based tools is mentioned as a potential application area for the data within the repository.

6. COMPLIANCE AND SPECIAL REQUIREMENTS

Regulatory Compliance

• Data Protection: The repository's design and operation must be fully compliant with applicable data protection legislation, notably the General Data Protection Regulation (GDPR). This includes handling personal data according to the principles of necessity and proportionality.
• Ethical Standards: The project must adhere to the highest ethical standards as outlined in the Grant Agreement. This is particularly relevant given the sensitive nature of security research data. Ethical principles from the LAGO project's findings should be incorporated.

IP Policy

• Ownership: Results are owned by the beneficiaries that generate them. The EU receives a royalty-free, non-exclusive, irrevocable license to use project materials for communication and policy purposes.
• Access Rights: Consortium partners must grant each other access to background and results needed for project implementation (royalty-free) and for exploitation of their own results (on fair and reasonable conditions).
• Open Science: The project must comply with Horizon Europe's open science policy. Scientific publications must be open access. Research data must be managed according to FAIR principles and made 'as open as possible, as closed as necessary,' with a Data Management Plan (DMP) as a required deliverable.

Unique Aspects

• Dependency on LAGO Project: Success is contingent on effectively building upon the roadmap and results generated by the LAGO project. Proposals that duplicate LAGO's work will be penalized.
• Operational Deliverable: A key success factor is the delivery of a fully functional and operational repository ready for extensive testing at least one year before the project concludes, not just a proof-of-concept.
• Sustainability Mandate: A critical component of the proposal is a credible exploitation and sustainability plan that outlines how the repository will be maintained and grown after the EU funding period ends.
• Interoperability Requirement: The project must ensure interoperability with key European data infrastructures, including the European Open Science Cloud (EOSC), the TESSERA project, European Data Spaces, and GAIA-X.

Industry-Specific Rules

• Security Restrictions: This topic is subject to specific restrictions for the protection of European communication networks. This results in the exclusion of entities identified as 'high-risk suppliers'. Proposals must also adopt sound security practices, such as comprehensive access rules and multi-factor authentication, to secure the sensitive data within the repository.