Funded Projects

First launched in February 2021, the GÉANT Innovation Programme has funded various projects covering various topics. Interest in this year’s edition of the GÉANT Innovation Programme increased significantly, six projects were successful with awards of up to EUR 50,000 each. The geographic expanse of awardees has increased, with three countries represented for the first time. As we seek to ensure improvements in gender equality in our activities we’re delighted that four out of the six awarded projects were led by females, an increase from previous years. The table below shows an overview of the projects funded since 2021:

2024

Cloud

Business Platform for OpenStack Clouds
The objective of the project is to develop BP-OSC (Business Platform for OpenStack Clouds), an all-in-one solution for OpenStack cloud management. This platform aims to offer a turnkey system that eliminates the need for organisations to develop their own web UIs, billing systems, payment gateways, and reporting tools. These interfaces empower administrators with robust tools for efficient cloud management, while simultaneously providing clients with user-friendly access to cloud resources. The platform is open to all interested organisations planning to utilise OpenStack cloud as their preferred cloud solution.

Submitter organisation: Georgian Research and Educational Networking Association - GRENA - Georgia

Network

Effective Multi-Laser-Beam Transmission for Satellite-Airborne Backhaul Networks
To satisfy the requirements of B5G/6G, achieving high-speed/long-distance wireless communications is crucial for efficiently transmitting extensive data traffic in satellite airborne backhaul links. However, current radio frequency and microwave backhaul links face challenges such as limited transmission range and interference with existing terrestrial services. Laser communications (lasercom) could provide a compelling alternative. Lasercom operates in the near infrared band enables Gbps data transmission over long distances. Lasercom also allows for the generation of pencil beams, effectively minimising interference and crosstalk issues with terrestrial services. In this project, they will explore a novel satellite-airborne backhauling based on multiple laser beams to enhance the flexibility and capacity of future communication networks.

Submitter organisation: University of Bradford - UK

Mobile App Network trAffic Nutrition fActs (MANANA)
End-users of mobile applications hardly know which enterprises and countries are involved in their online activities, and the implied rights and risks. Researchers and regulators need actual usage data to verify data sovereignty compliance. MANANA aims at providing the former with understandable characterisations of infrastructure usage, and the latter with a monitoring system of actual mobile apps usage. The user will be enabled to choose among similar apps and report her data exposure (providing visibility to authorities). The app and the collection server will be released as open-source.

Università degli Studi di Napoli Federico II - Dipartimento di Ingegneria Elettrica e delle Tecnologie dell'Informazione - Italy

Security

Explainable AI for DNS Security in Privacy-aware NREN Federations - FedXAI4DNS
Machine learning (ML) algorithms addressing cybersecurity applications have seen limited operational adoption within large-scale multi-domain federated network environments (e.g. NRENs and GÉANT). FedXAI4DNS will build and pilot ML-based Domain Generation Algorithms (DGA) name classifiers that differentiate between legitimate and malicious DNS requests, blocking botnet communications and stopping the propagation of malevolent activities.

The objective is to extend traditional cybersecurity approaches, raise NREN awareness on Federated Learning methods that may be used to establish privacy-aware collaborations and raise GÉANT awareness of eXplainable Artificial Intelligence methods, which may be used to interpret the functionality of complex, black-box ML classifiers in a systematic manner. The project is expected to expedite the adoption of ML within large-scale federated networks, including GÉANT and NRENs.

Institute of Communication and Computer Systems – ICCS – Greece

Education

ZoomIn4PinkHats
The Zi4PH - ZoomIn4PinkHats project will promote cyber security skills among young women in the education system. Their aim is to empower female mentors to implement activities for popularising cyber security among students, educate them through workshops on different cyber security topics, and initiate the creation of peer-to-peer learning projects in the mentoring community. This project will benefit all women who weren’t sure how to enter the field of cyber security, by providing materials and support from the newly established community.

Croatian Academic and Research Network – CARNET - Croatia

Trust and Identity

Design User Experiences for Digital Identities
The number of digital identities that users need to manage are increasing due to the diversification of actors offering digital services and identity provision. The main objective of this project is to explore the user experience during the users’ decision processes about the digital identities they choose for accessing digital services in the contexts of research and education. This will contribute to solving frequent mismatch adoption problems between technical solutions and user experiences with digital identities, both federated and decentralised. The aim is to develop solutions that are truly inclusive and address the unique challenges faced by these individuals.

University of Málaga (UMA) - Spain

2023

e-Health

Digital Children Kidney Twin
The project aims to create a new generation of compact, contactless medical devices to transform the medical support that can be provided on a continual basis to elderly patients, supporting their dependence and social inclusion. Outputs of the project will also include open-source data paradigms for analysis, interpretation, and sharing.

Submitter organisation: University of Kragujevac

EDUCATION NEVER DIES - Dissection room audio-video system innovation
This project aims to provide an immersive learning experience for remote medical students in anatomy, surgical anatomy, and surgical techniques, by combining wearable technology for the surgeon with audio/visual broadcasting from the laboratory, to provide a distributed first-person learning experience for remote students.

Submitter organisation: IRCCS MultiMedica - MultiMedica SpA

Networking

Fair-RL-CC: Towards Fair Congestion Control with Reinforcement Learning
This project aims to overcome some limitations identified in the literature on reinforcement learning-based congestion control, namely fairness amongst competing network flows without sacrificing performance and network utilisation, and the scalability of existing policies.

Submitter organisation: University of Sussex

Cloud

SecMC: Secure Data Management for Multi-Cloud Environments
This project aims to address the challenges faced by industries in managing and securing data in a multi-cloud environment, developing a solution that solves data fragmentation and silos caused by the use of multiple clouds by organisations.

Submitter organisation: University of Galway

Security

Graph Based Intrusion Detection System The goal of this project is to develop and test advanced and innovative graph-based techniques for anomaly-based intrusion detection. Graph theory has been identified as a promising tool for improving the accuracy and performance of network intrusion detection systems. The end goal is to provide the GÉANT community and the wider scientific community with an innovative approach to intrusion detection that will result in improved security monitoring and better protection of cyber assets against malicious actors.
Submitter organisation: Università Politecnica delle Marche
DP4N: Differential Privacy for Networks This project aims to study and implement viable techniques for applying differential privacy to network data, such as passive network measurements, network device log files, or flow records. This is expected to ease the tension between data and users’ privacy due to the high among of personal data generated by ICT systems and stored in the cloud. Differential privacy is a promising approach to anonymise data releases and queries to private datasets.
Submitter organisation: University of Trieste
SUNET Network Controller This project, a joint activity between SUNET and NORDUnet, aims to design and implement and Open Source network controller for the management of core network devices including programmable automatic network services. This open platform is expected to be applicable to the wider community and to be beneficial not only because it is free but also because it supports innovative activities thanks to its open source code.
Submitter organisation: SUNET
IoT Device Identification at the Edge With the increase of Internet of Things (IoT) devices, security has become a priority. These devices would benefit from being managed on a network level but first they need to be identified. This project proposes to create a system improve device identification and any change to its communication, which could be an indication of the device being hacked or misconfigured.
Submitter organisation: University of Cambridge

Trust & Identity

International login in TSD (Services for Sensitive Data) and Educloud TSD and Educloud are two on-premise cloud services used by the University of Oslo. This project aims to digitising the process to register foreign Primary Investigators (PI) - one not having the Norwegian electronic ID – to avoid any hassle, help-desk service or physical paperwork and, instead, by using services as eIDAS, Life Science IAM, and eduGAIN.
Submitter organisation: University of Oslo

Blockchain

CAMEL - Comparative Analysis of Metrics for an Enhanced Level of Blockchain KPI measurement Blockchain applications are on the rise and it is of paramount importance that the protocols they are based on are investigated and monitored to guarantee high performance. This project’s working group aims at measuring protocols’ KPIs with a more systematic and scientific approach with the aim of providing the research community more trust and control over them to increase their use.
Submitter organisation: Università degli studi di Cagliari

2022

eHealth

Artificial Intelligence-based contactless Devices for tele-Rehabilitation and Health
To deal with the increasing number of diseases connected to ageing, the Healthcare system has to change its paradigms in order to reduce costs and, more importantly, to offer elderly citizen the possibility to receive effective and continuous care. In the last years, assistive electromechanical devices have been introduced but they are complex, bulky, expensive, not reusable and limiting for natural free movements and posture.
The project aims at overcoming the above limitations by characterising a new generation of intelligent monitoring/tracking/evaluation systems for tele-rehabilitation, tele-monitoring and well aging and by providing new data interpretation and data sharing paradigms. By producing long streams of high temporally and spatially resolved data which have to be shared among specialists and researchers, the project also aims at providing new open-source paradigms for the analysis, interpretation and interoperable standards for data and results sharing from the above devices.

Submitter organisation: University of L'Aquila (UNIVAQ)

Multimedia

drawOnMeet - Common drawing on any video in eduMEET sessions
drawOnMeet is an extension for eduMEET, allowing all participants to draw on any video stream within a videoconference, to highlight important areas of videos and to focus the discussion. The uniqueness of this solution lies in the fact that participants can use any of the video streams, while in commercial tools the presenter can draw on own screen sharing video, but not on the main video. Furthermore, as eduMEET has the possibility of sending more than 1 video stream, drawing on any video would bring great benefit to teachers and presenters. Also, any participant could draw on any video, further enhancing the collaboration. drawOnMeet will be added to the eduMEET repository and made freely available.

Submitter organisation: PSNC

Cloud and Networks

eCLAT: eBPF Chains Language And Toolset
To answer the growing demand for more efficient and complex networking services, tech giants have moved to fully programmable solutions which are based on eXtensive Berkley Packet Filter (eBPF). eBPF offers unrivalled performance characteristics but unfortunately these programmes require experience in programming in a restricted (in‐kernel) environment. This is the reason why some frameworks for eBPF configuration such as Cilium and Polycube are emerging, to make eBPF applications easier to build. This project will provide a contribution in this field, specifically by supporting eBPF programmability, modularity and code reuse by a tool called eCLAT (eBPF Chains Language And Toolset).

Submitter organisation: University of Rome

PBSPro-Kubernetes Connector for Seamless HPC Submission
The overall objective is to develop a connector between PBSPro scheduling system (one of common scheduling systems in NRENs) and container-platform Kubernetes. The connector will enhance the possibilities of computational pipelines performed in Kubernetes without rewriting HPC-tailored code into containers and provide hybrid cloud with single entry point from user perspective. The connector will also provide ways of seamlessly integrating data from various storage points and a simple way of providing authentication. Connector’s performance and usability will be tested on real use-cases that use bioinformatics workflow manager such as Nextflow. Research groups that would like to use the best of HPC and container worlds will benefit from the solution.

Submitter organisation: Masaryk University

Borderless Data Spaces
Data is the key value of our modern society. However, often the actors in charge of data production and consumption are different, hence posing non-trivial challenges to control who can access what, and (even more important) the guarantee that data is not stolen / copied illegally, in particular when sensitive data is concerned. The BORDES project leverages the open-source Liqo.io framework to demonstrate a cloud-based technology that can dynamically create flexible data spaces upon request, potentially spanning across multiple administrative domains, enabling a data producer to offer its data to potential consumers, without giving up on security and data ownership/sovereignty rules, and without affecting the possibility of consumers to read and process arbitrary data. This technology will dramatically simplify the operations of data producers and consumers (which are often different actors), as well as processing multiple data sources, thanks to a data-gravity approach in which processing is (securely) moved close to data sources.

Submitter organisation: Politecnico di Torino

Networks

TCPLS Low-Lat
Future applications like remote health, industrial automation and cloud gaming require a low and stable latency while new mobile networks such as 5G and Low Earth Orbit Satellite (LEOS) Internet o/er more path diversity. But for decades, protocols have been optimised for single-path throughput rather than latency. Unfortunately, innovation in the transport layer is hard to deploy and use due to several factors.

Our approach, called TCPLS, demonstrates that by revising the way TCP and TLS are combined today, we can securely extend the transport services they o/er to include multiplexing, connection migration and multipath capabilities. To enable low-latency applications, our project proposes to extend the TCPLS library with a mechanism to probe and select a network path given a latency criterion, e.g., lowest, more stable.

Submitter organisation: The Université catholique de Louvain (UCLouvain)

Federated Learning-Driven Network and Service Management
Traffic and services monitoring has always played a strategic role in understanding and managing computer networks. The rich information brought by network measurement data has germinated many machine learning models for network performance studies. Yet, meaningful sharing of data with researchers and professionals is limited mainly due to the privacy-sensitive nature of much of today's network data. Where dataset sharing is unavailable, a viable alternative is to share the learned models and their underlying learning algorithms. The proposed research aims to take a step towards a paradigm shift from data to model/algorithm sharing by developing a federated learning-driven network and services management approach. To this end, we aim to implement a software framework that provides a common platform for computer network traffic flow measurement and feature computation, and federated model learning, sharing, and deployment. The proposed approach can help fuel innovation in operations and management to improve the quality and reliability of future computer networks and services, eventually benefiting the GÉANT European Research community by having scientific and professional impacts.

Submitter organisation: Budapest University of Technology and Economics (BME)

Research and Education Network as a Service for Developing Nations
This project proposes a clean-slate approach for National research and education network (NREN) infrastructures and implements a showcase in a NREN-to-be in the west coast of Africa (Cape Verde). It is based on three vectors, namely, i) the advances of public infrastructures and services; ii) emerging paradigms such as overlay networking, network function virtualization (NFV), data plane programmability; and Open Networking initiatives. In addition, another key concept is combining low-cost access broadband internet (instead of traditional connectivity services which may be very expensive) with (edge) cloud for hosting most of the network functionalities that operate now in a virtualized way (instead of relying on expensive, specialised, and power-hungry boxes on premises).
Our work hypothesis assumes that community-building and stakeholder awareness for supporting the creation of sustainable NRENs can benefit from cloud-based quick deployment of relevant services (such as eduroam) where regular connectivity is already present. Our innovation strategy involves aggregating proven solutions from past and current NREN R&D projects - such as RARE and eduroam itself - with private cloud-based NFV developed in NosFVeraTO from Brazil’s NREN (RNP).

Submitter organisation: Trinity College Dublin

Trust & Identity and Education

SMART Campus – Building the campus on Digital key identification
The SMART Campus project addresses current aim to re-use digital identities of students and employees for the benefit of better integration and wider usability of digital services in higher education institutions, improved user-experience for students and employees, easier access to campus facilities and services, better trackability of study processes, upgraded management of access to campus premises, such as auditoriums, libraries, dormitories, exams, sport centres, and even improved access to public transportation.
As a result of the project, a proof-of-concept SMART Campus architecture will be described in a segmented manner, where both campus premises, services, access, resources, and security are integrated in such way that the synergy works for the benefit of the students and employees. The tangible result of this project will be a working solution for campus dormitory access with tap-in student identification card model, with additional security of face control security solution, and integration of both LSP and ISIC student card identification, as part of university digital identity system.

Submitter organisation: Vytautas Magnus university

SIEVA: SIEM Visibility Assessment
Assessing the security state of an information system requires relying on sufficient detection capacities to monitor a satisfactory range of threat occurrences. However, selecting the adapted tooling is a complex task for security operators: not only must they thoroughly evaluate the detection features of their deployed appliances, but manually comprehend which attacks fail to be covered. To address these challenges, we propose the SIEVA tool. We aim at designing and implementing a visibility tool that allows Security Operations Centre (SOC) teams to assess the degree of visibility they have over several Tactics, Techniques and Procedures (TTPs) from real-world threat scenarios. Our approach is threefold: (i) we carry the identification of the different data sources in their environment; (ii) we train and operate AI models to classify which information can be extracted and verify its completeness; and (iii) we align the results with the techniques from well-established security frameworks (i.e., MITRE ATT&CK) to pinpoint how the threat monitoring capabilities of a SOC can be extended. The main outcome of this project is a tool that can integrate with widely used tools, such as those laid out by the SOCTools stack provided by GÉANT. SIEVA incorporates a graphical user interface that can didactically reflect the visibility the team has by mapping it against procedure specification provided by widely adopted referents. The outcome of this project will be made available to the GÉANT community to reinforce the innocuity of NREN information systems, and foster the adoption of security best practices.

Submitter organisation: i2CAT

2021

Multimedia

mingleMeet - Interactive meeting space for eduMEET
The objective of the project is to extend the functionality of eduMEET by the creation of a user friendly, graphical mingling space to allow quick group building and interaction. Using the WebRTC and Selective Forwarding Unit (SFU) capacities on which eduMEET is based, we can switch in real-time the audio-video streams which the user sees and hears in real-time, when they enter or leave a group.

The project will bring benefits to the whole GÉANT community, allowing for better interactions between people during conferences, like the TNC, or creating new concepts of educational sessions conducted online. Our project breaks the standard approach to videoconferencing, where people meet at a fixed time, in fixed rooms. Our solution creates a game-like space where users move around using the keyboard or mouse, creating dynamic groups where they can interact. Such an approach will allow to find new usage scenarios for eduMEET and extend existing ones.

Submitter organisation: PSNC

VoDsync - Synchronous playback of high quality videos in eduMEET sessions
The objective is to extend the functionality of eduMEET by the creation of an innovative solution for synchronous playout of high quality videos. The project will extend the eduMEET server capacities by creating a upload space for Video on Demand (VoD) files. In a videoconferencing session, a user will be able to upload videos and initiate playback for all users and control the playback progress. This way, the user can show high quality videos, without reencoding and losing quality like in screen-sharing.

The project brings benefits to the GÉANT community, allowing for better video presentations during reviews or conferences.

Submitter organisation: PSNC

Trust & Identity and Education

The impact of EU Digital Identity Wallets on NRENs
The project provides a SWOT analysis and high-level architectures to explore what is necessary for a connection between NRENs and the EU digital identity wallets from different roles (identity wallet provider, trusted source of micro-credentials, provider of infrastructure) and to identify how existing NREN initiatives can be leveraged to accomplish such connections. The outcomes of this work are beneficial to both NRENs and providers of credentials as it will give an overview of functional and organizational preparations that are necessary to work with the EU digital identity wallets. This facilitates cross-border education and lowers the barriers for student mobility.

Submitter organisation: SURF

eduCLAIMS - educational claims and recommendation letter service with eduGAIN identifiers
The objective of the project is to study in detail, including both technical and legal aspects and show with a proof-of-concept system how digital educational claims should be released in a manner that (1) allows for marginal then gradual uptake and (2) observes and re-uses the GÉANT’s T&I ecosystem instead of creating a parallel world of identifiers and schemas.

The main beneficiaries of the project are the students and educators of educational institutes within the NRENs as well as the NRENs themselves if they have plans for promoting claims and microcertifications.

Submitter organisation: Budapest University of Technology and Economics (BME)

Networks

RaQSaC - RaptorQ-based data transport for low earth orbit Satellite Constellations
The project’s key objective is to develop and evaluate next-generation data transport protocols for LEO satellite networks that will deal with significant challenges arising from such unprecedented network deployments, effectively, and support unicast, multicast, many-toone, and many-to-many applications workloads, efficiently. We will develop simulation models in OMNeT++ that will enable us and the research community to experiment with existing and future LEO satellite constellations and evaluate the performance of novel data transport and routing protocols in said deployments. Using these models, we will experimentally evaluate research outputs of this proposal and compare them to state-of-the-art data transport protocols.

Submitter organisation: University of Sussex

Adaptive DNSSEC - DNSSEC: Make or Break Vulnerabilities in DNS
The Domain Name System (DNS) is a most critical, distributed system on which any access to a resource on the Internet depends (e.g., web page, virtual meeting, cloud storage, etc.) This critical infrastructure and the wellbeing of the Internet are the main potential beneficiaries of this project. The DNS system is under many different attacks in recent years [9,10,11,12] that have caused considerable damage. Worse than this are the potential of new attacks that can easily paralyze parts of the Internet, e.g., [1]. The main ingredient in these attacks is a flood of non-existent domain name requests, that by pass the resolver cache because each requests is for a different random sub-domain name. Such requests incur large overhead due to the necessity to online-sign each response, which cannot be prepared off-line without enabling zone-walking/enumeration attacks. An outcome of this project is a considerable improvement to the robustness and attack-resiliency of the DNS system.

Submitter organisation: Tel Aviv University (TAU)

Connected area(s): Security and Privacy

User Controlled SD-WAN Services (UCSS) with Performance Monitoring over GÉANT
The objective is to deploy a service for creating overlay VPNs for end users based on SRv6 with an integrated Performance Monitoring framework. We will provide a web based GUI to:

  1. Create on-demand VPNs according to specific application requirements.
  2. Monitor the end-to-end performance (loss and delay).

The project will assess the capability and the limitations of user controlled VPNs over the NREN and GÉANT and will help to understand how the NREN and GÉANT could provide services to improve the user experience.

Submitter organisation​: Consorzio Nazionale Interuniversitario per le Telecomunicazioni (CNIT)

Connected area(s): Cloud

Cloud

PLAS: Platformed Workflows
The GÉANT Cloud Flow (GCF) platform allows to run large-scale workflows consisting of tasks. Tasks are typically embedded in Docker Container images, and GCF deploys these Containers to the most convenient GÉANT site offering a Container platform. The project goal is to extend GCF's services with open-source software so that a user can not only run containerized-tasks, but platformed-tasks, i.e., tasks running within overlay platforms to leverage better the underlying cloud resources and make the workflow faster. For example, this extension would allow the execution of complex machine learning tasks within the Horovod distributed training platform, deployed by GCF as part of the workflow.

Submitter organisation: Consorzio Nazionale Interuniversitario per le Telecomunicazioni (CNIT)

Security & Privacy

ABEBox: Privacy Preserving File Sharing Service
The objective of the project is to build a privacy preserving file sharing service. The project will output a software tool that adds end-to-end data privacy on top of existing file sharing services. The problem we want to solve is related to the trade-off between data privacy and ease-to-use of cloud storage services. Indeed, the emerging need of data privacy, well addressed by Instant Messaging applications, is not adequately covered in cloud storage systems. We propose a new flexible solution to fill this gap, based on Attribute Based Access Control.

Submitter organisation: Tor Vergata University of Rome -
Electronic Engineering Department

Design and Implementation of an 802.11 Privacy Preserving Sub-Layer
​Objective: Protect peoples' privacy preventing un-authorized surveillance via Wi-Fi sensing.

Project: Research and Innovation, implementation oriented.

Outcome: 

  1. Working prototype of the privacy-protection sublayer implemented in the OpenWiFi framework; can be used to setup APs based on SDR in a Linux environment;
  2. Design of a protocol enabling the negotiation of the privacy-protection algorithm during association.

Beneficiaries: People and society at large that have one additional tool to protect their privacy. Startups and hardware vendors can pick-up the project and prototype to make it a fully-fledged commercial product.

Submitter organisation: ​University of Brescia (UniBS)

Connected area(s): Networks

Contacts

For further information, please contact us.
Skip to content