CyberFactory#1 won the ITEA Award of Excellence 2022 for Business Impact!

After three eventful years the CyberFactory#1 project has come to an end. We successfully completed the final ITEA review at the end of May in Sevilla, where Airbus Defence and Space hosted us on their site in Tablada. As it was the last review of the project the focus lay on the project impacts and specifically the business impacts created from the use-cases, which can be directly exploited by the involved partners. We also presented our outlook on impact according to which the project partners expect to generate around 150 M€ additional revenues in 2025.

For these achievements the CyberFactory#1 consortium was awarded the ITEA Award of Excellence 2022 for Business Impact! We are very honoured to receive this award and congratulate all partners for their strong contributions in this project!

The ITEA Awards of Excellence are awarded annually to outstanding projects. In 2022 four projects have been chosen. Next to CyberFactory#1, OPTIMUM is the winner of the ITEA Award 2022 for Exceptional Excellence, IMPACT will receive the ITEA Award of Excellence 2022 for Innovation, and PANORAMA won the ITEA Award of Excellence 2022 for Standardisation. The ITEA Awards will be presented at the ITEA Family reunion, on September 15, 2022. More information on the event and the awards can be found here.

FIIF Event: CyberFactory#1

This hybrid dissemination event organised by the Finnish Industrial Internet Forum and CyberFactory#1 partner VTT will be held on June 9th, in Helsinki and online via Teams. The event will feature speakers from Finnish, German, Turkish and Portuguese project partners. The presentations will cover the two main themes of the project, resilience and optimization in the Factory of the Future and give some insights into how digital twins, real-time asset tracking and a cybersecure architecture can contribute to these goals.




Jarno Salonen is a Senior Scientist in the Applied cybersecurity research team at VTT. He is VTT’s project manager, WP leader and the Finnish country coordinator of CyberFactory#1 and has a professional background of over 20 years in making the digital world a better place for ordinary users especially in the areas of cybersecurity, privacy, resilience and the development of digital services.

Jarno will present the CyberFactory#1 project objectives and structure, focus on R&D work in the project done for FoF resilience and showcase some examples about the work done by the Finnish partners.

Join us for our PizzaSeminar in Berlin

CyberFactory#1 German National Demonstration

  April 26, 2022 at 12 pm c.t.

In a hybrid format in Berlin Mitte or via Zoom.

Note: The main language of the event will be German.

The factory of the future should be automated, interconnected and at the same time secure. To meet these requirements, however, a number of technical solutions must be devised. In particular, the aspect of security is often still neglected. The CyberFactory#1 project therefore aims at combining resilience against cyber and cyber-physical threats with optimization of manufacturing processes from the outset.

CyberFactory#1 is an international ITEA3 project in which BIGS is working with 27 partners from Germany, France, Spain, Portugal, Finland, and Turkey to develop key capabilities for the factory of the future. In particular, key capabilities will be developed in the areas of (1) modelling and simulation of the factory of the future and its elements; (2) optimization of the factory of the future; and (3) methods to improve the resilience of the factory of the future to cyber and cyber-physical threats. The applicability of the results will be demonstrated in realistic use cases.

Among the German partners, end users (ASTI Mobile Robotics, Alstom), solution providers (Airbus CyberSecurity, LISA) and research institutions (OFFIS, Fraunhofer AISEC, the Berlin University of Applied Sciences) are working together on a single use case. It deals with a fleet of automated guided vehicle (AGVs), so-called transport robots. The goal of the CyberFactory#1 project for this use case is to increase the resilience of the fleet and to optimize the behaviour of the fleet.

In our PizzaSeminar we would like to present the partners’ work on the use case and discuss the developed key capabilities with you. If you are interested, please register by email to by April 25 indicating whether you would like to participate on-site in Berlin Mitte or via Zoom. For on-site participation a COVID-19 rapid test (2G Plus) is required, the pizza however is included as usual. The exact location of the PizzaSeminar or the Zoom link will be provided after registration.

Milestone and STG Meeting in Seville

On the 24th and 25th of March the CyberFactory#1 partners came together in Seville for the Milestone 12 workshop and the strategy meeting. We were hosted by Airbus Defence and Space (ADS) in Tablada and were able to see the local use-case, the Roboshave, during a factory tour. As it was a hybrid event, partners who were unable to travel to Seville had the possibility to join virtually.

The milestone 12 workshop marked the last milestone before the final demonstration and review of the project at the end of May. The use-case owners and contributors presented their preliminary demonstrations and received feedback from the consortium.

The Roboshave use-case by Airbus received special attention as it is located at the Tablada site. The use-case is focused on the optimization of robotic manufacturing systems through automation based on IIoT (Industrial Internet of Things) technologies. The Roboshave is an automated rivet shaving machine for use in the shaving of jo-bolt rivets in structural components of an aircraft. Next to Airbus Defence and Space Spain, Airbus CyberSecurity France and Airbus CyberSecurity Germany are also involved in this use-case. The optimization capabilities of the Roboshave were presented by Airbus Defence and Space. The first optimization capability focuses on real time sensing and tracking. This is implemented by (near) real-time machine data acquisition, including process and product data, through an IIoT platform deployed for the ADS Tablada Factory. The second capability refers to human/machine optimization. For the Roboshave this is accomplished by the automation of communication between the machine and the manufacturing execution system (MES) application, thereby saving human time and improving traceability. The capabilities demonstration was followed by a demo of the digital twin of the Roboshave by Airbus CyberSecurity France. The third part of the presentation, given by Airbus CyberSecurity Germany, was focused on anomaly detection and the use of mitigation measures.

The Roboshave at the Tablada site.

The other use-case demonstrations followed a similar outline but were kept much shorter. The STG Meeting on the following day was used by the consortium partners to exchange feedback, to align the work for the remaining project months and prepare the final demonstrations of use-cases.

CyberFactory#1 Results Webinar in Finland


The webinar provides insights to the research and development work done by the Finnish consortium partners, Bittium, High Metal, Houston Analytics, Netox, Rugged Tooling and VTT during the past three years. We focuse on the ITEA project core themes, namely optimization and cybersecurity. The webinar starts with the host Jarno Salonen (Senior Scientist and the CyberFactory#1 project country coordinator) introducing the project briefly. Then the partners present their key results from the project and the participants may raise questions after each presentation.


Please note: The main language of this event is Finnish.

Jarno Salonen is a Senior Scientist in the Applied cybersecurity research team at VTT. He is the Finnish country coordinator of CyberFactory#1 and also coordinates VTT’s research in three other EU projects, namely SeCoIIA, CyberSec4Europe and Mind4Machines. He has a professional background of over 20 years in making the digital world a better place for ordinary users especially in the areas of cybersecurity, privacy, resilience and development of digital services.

Lauri Nurminen is a Vice President and entrepreneur at family owned company High Metal Oy. At High Metal he is responsible for marketing, sales and project management of CyberFactory#1. He has a professional background of over 15 years in translating the engineers’ ideas to customers. His goal is to transform a traditional manufacturing company to a technology and data-oriented company.

Antti Syväniemi is the  CEO and Founder of Houston Analytics Ltd. Antti possesses over 15 years of experience in the application of analytics to business processes. Prior to founding Houston Analytics, Antti  held executive positions in business development, CRM, customer and market intelligence and category management. Antti’s key focus areas include analytics-based management models and intelligent strategy processes.

Mirko Sailio is a research scientist in VTT Technical Research Centre of Finland with over 10 years of experience, concentrating on network security monitoring in complex networks. He’s interested in technical security, threat actors and in challenges of using AI/ML to increase network security.

Jari Partanen is the Director, Quality, Environment and Technology Management at Bittium. The target for Bittium in the Cyberfactory#1 project has been to create a consistent and secure information architecture, processes and information tools which enable real-time, partnered manufacturing and deliveries including various product support services and related information tools. Jari Partanen has been active researcher for over 20 years with over 20 peer-reviewed publications. Research interests include topics like cybersecurity, agile software development, real-time value delivery methods, innovation exploitation methods as well as mass customization techniques. Jari Partanen is actively engaged with wide number of European or Finnish research projects continuously.

Markku Korkiakoski is the Chief Operating Officer at Netox. He is responsible of Cyberfactory#1 project management at Netox and the task leader of 5.1. in workpackage 5. Markku has more than 20 years of professional experience and is an active member of the cyber security domain, both nationally and internationally. He is in the management board of Finnish Information Security Cluster, working group member in ENISA and chairman of the Industry Advisory Board in SERC (I/UCRC, National Science Foundation program, FIN-USA).

Risto Kauppi is CEO (act.) and major partner of Rugged Tooling. His main task in CyberFactory#1 is to seek for scalable business opportunities based on the research results of the project. Risto is a seasoned business professional with 25 years of experience of international partnerships and negotiations.

If you have any questions regarding the event please contact Jarno Salonen.


Paper presentations at the FPS2021 and ICITST-2021

In december 2021 we had two more conference participations by our partners. Colleagues from ISEP presented a paper on “Comparative Analysis of Machine Learning Techniques for IoT Intrusion Detection” at the 14th International Symposium on Foundations & Practice of Security on the 9th of December in Paris. In the same week, during the 16th International Conference for Internet Technology and Secured Transactions, our colleagues from VTT presented a “Review on Cybersecurity Threats Related to Cyber Ranges”.

The conference proceedings will be linked here once they are published.

Title: Comparative Analysis of Machine Learning Techniques for IoT Intrusion Detection

Authors: João Vitorino, Rui Andrade, Isabel Praça, Orlando Sousa and Eva Maia

Abstract: The digital transformation faces tremendous security challenges. In particular, the growing number of cyber-attacks targeting Internet of Things (IoT) systems restates the need for a reliable detection of malicious network activity. This paper presents a comparative analysis of supervised, unsupervised and reinforcement learning techniques on nine malware captures of the IoT-23 dataset, considering both binary and multi-class classification scenarios. The developed models consisted of Support Vector Machine (SVM), Extreme Gradient Boosting (XGBoost), Light Gradient Boosting Machine (LightGBM), Isolation Forest (iForest), Local Outlier Factor (LOF) and a Deep Reinforcement Learning (DRL) model based on a Double Deep Q-Network (DDQN), adapted to the intrusion detection context. The best performance was achieved by LightGBM, closely fol- lowed by SVM. Nonetheless, iForest displayed good results against unknown at- tacks and the DRL model demonstrated the possible benefits of employing this methodology to continuously improve the detection. Overall, the obtained results indicate that the analyzed techniques are well suited for IoT intrusion detection.

Title: Review on Cybersecurity Threats Related to Cyber Ranges

Authors: Sami Noponen, Juha Pärssinen and Jarno Salonen

Abstract: Cyber ranges are often used to enhance the cybersecurity posture of a company by training relevant skills. These environments are traditionally used to host exercises that simulate cybersecurity scenarios, improve the cybersecurity skills of employees and enhance the security of networks and processes. By using digital twins, it is possible to organise cyber range trainings also to the critical infrastructure sector. However, in the aforementioned sector it is important to consider the cybersecurity of these environments themselves as they often may handle company-specific confidential information. This study presents several cybersecurity related threats and challenges that cyber ranges may face during different phases of use. Cyber threats may be exposed to the actual systems that the ranges are meant to protect if these issues are not taken into consideration and mitigated. Malicious attackers may use the information in the cyber range to learn the weaknesses in the actual system. We approach the subject by reviewing the relevant literature, which is currently very limited especially when looking at the cybersecurity issues of cyber ranges. We divide the subject into the different phases of cyber range development and use, and also discuss relevant cloud security issues. Finally, we present actions to mitigate the identified cybersecurity threats and issues in cyber ranges when using them for training and awareness activities. 

Milestone 11: Demonstration Planning

On the 9th of December the CyberFactory#1 consortium organised a Milestone 11 workshop on demonstration planning. The hybrid workshop took place in Paris, during the 14th International Symposium on Foundations & Practice of Security with some partners joining digitally. The main goal of the workshop was to plan and prepare the final demonstration of the 10 Cyberfactory#1 use-cases. The use-case owners or involved partners presented the progress they made since the last Milestone and what they planned to show in the final demonstration. In most cases this also included a demonstration of a potential cyberattack or misuse-case followed by the demonstration of the mitigation strategy. As we are nearing the end of the project, several national workshops to present the findings of the project as well as a final demonstration of all use-cases are planned as public events in spring and early summer 2022. Sign up for our newsletter or check our website regularly to stay informed!



CyberFactory#1 will join the Cyber Security & Cloud Expo!

Taking place on November 23rd-24th at the RAI Amsterdam, the Expo will cover top-level content and thought leadership discussions looking at the Cyber Security & Cloud ecosystem. For those who are unable to attend in-person, the event will also be held virtually a week later, from the 30th of November to 1st of December. Next to the exhibition booths, visitors to the Expo will be able to attend a number of top-level keynotes, interactive panel discussions and solution-based case studies. Some of the topics adressed at the conference include: Cloud security | SASE | Awareness & Culture | Vulnerability Management | AI in cyber | Application Security & DevSecOps | Cloud Security | Zero Trust | IoT.

The CyberFactory#1 consortium will participate in the Expo via a dedicated space in the ITEA booth, prominently located opposite the entrance. Three of our consortium members, Airbus Cybersecurity, Eneo and ISEP will be present at the booth to pitch the (intermediate) project results and answer your questions.

Free registration is possible for the exhibition and networking!

Presentation and Podcast: The Underestimated Risk of Cyber Supply Chain Attacks


The Brandenburg Institute for Society and Security in Potsdam, Germany regularly organises so-called PizzaSeminars, which offer participants the opportunity to discuss an interesting presentation on a current issue while enjoying a slice of pizza. Esther Kern and Alexander Szanto used the first in-person seminar of the year to present their research from the Cyberfactory#1 project: Cyberattacks on supply chains and their financial impact. The PizzaSeminar took place on the 19th of August 2021 in Berlin.

Click here to access the slides (in German).


The discussion from the presentation has been turned into a podcast moderated by Dr. Tim Stuchtey to be made available to those who were unable to attend the PizzaSeminar. The episode is part of the series “Sicher das? – Der BIGS-Podcast zur Sicherheitsforschung” published by the Brandenburg Institute for Society and Security.

Click here to access the podcast (in German).


Despite the fact that there are still some serious security gaps, many companies perceive IT and cyber security now as part of their risk management. However, the quality of the technical and organizational measures and the available budget vary considerably. This is partly due to a lack of awareness of certain security issues at the decision-making levels and an assessment of the cost-benefit calculation. IT and cyber security is often not recognized in everyday work, and if it is, then only as an additional workload. What companies do perceive, however, is the damage that occurs when their own company is affected.

Dealing with supply chain attacks is not a new issue, but one that is still often underestimated. Supply chain attacks are often not taken into account in risk assessments and thus the opportunity to identify dependencies, build up suitable redundancies and better protect both interfaces and vulnerabilities of suppliers is missed.

In cyber supply chain attacks, attackers target vulnerabilities in supply chains for their malicious purposes. On December 13, 2020, FireEye reported the discovery of a widespread supply chain attack in which SolarWind’s Orion business software updates were trojanized to spread malware. ORION is an IT monitoring and management software used by the vast majority of Fortune 500 companies, as well as many government agencies. Affected entities include government agencies as well as organizations in the consulting, technology, telecommunications, healthcare and oil and gas industries on four continents. According to SolarWinds, the vulnerability is likely the result of a sophisticated, targeted and manual supply chain attack by an unknown nation-state.

Symantec reported a 78% increase in supply chain attacks in 2018 in its 2019 Internet Security Threat Report, with the top 20 observed groups being particularly active. Well-known groups such as Dragonfly have been using targeted suppliers to gain access to specific companies since 2011, with the targets in this case primarily located in the energy sector.

Against this background, BIGS, in cooperation with VTT Finland, has taken a closer look at the ecosystem of supply chains and considered the financial impact of attacks on them.

Milestone 10 and Strategy Meeting 9 in Barcelona

The CyberFactory#1 consortium has finally come to together for the first hybrid meeting on a European level since the start of the pandemic! Partners from France, Germany, Portugal, Turkey and Finland travelled to Spain for the 2-day meeting in Barcelona at PAL Robotics, while others were connected via video-call.

The first day of the meeting saw the Milestone 10 workshop on the validation of the use-cases. After being given a welcome from Jordi Pages, the Head of Intra-logistics & Retail Solutions at PAL Robotics, the consortium members followed a presentation on the integration and validation process in CyberFactory#1. Throughout the rest of the day the 10 use-cases were presented by their owners and validation demonstrations shown in presentations and videos. A highlight of the day was the interactive demonstration of the robots at PAL Robotics. On the second day the members of the consortium attended the 9th strategy meeting, which included a status updates on all open workpackages and discussions on future activities, including upcoming events and publications.

Some impressions: