Opendata, web and dolomites


Critical Infrastructure Protection using Adaptive MILS

Total Cost €


EC-Contrib. €






 CITADEL project word cloud

Explore the words cloud of the CITADEL project. It provides you a very rough idea of what is the project "CITADEL" about.

forced    engineering    ict    self    extensive    runtime    undergo    tools    preserving    solution    adaptive    verified    industrial    demonstrated    vital    modular    innovative    infrastructures    critical    time    extend    reconfiguring    certification    enforcing    physical    kernel    malicious    defences    configuration    dependable    architecture    automated    hosts    behavior    intelligently    monitoring    platform    separation    mechanisms    reducing    deployment    placed    methodology    affordable    exhibiting    dynamic    maintaining    events    diverse    rely    cope    scrutiny    environments    resilience    stress    mils    manages    threats    reconfiguration    agent    continuous    establishing    adversity    compositional    ci    unpredictable    date    generate    verification    costly    confound    resilient    unexpected    safety    construction    featuring    functions    security    healing    supports    maintenance    natural    policies    safe    artifacts    reverse    networks    automatically    adding    regimes    assurance    citadel    attacker    analyzing    occurrences    leveraging    adapts   

Project "CITADEL" data sheet

The following table provides information about the project.


Organization address
postcode: RG1 1AX

contact info
title: n.a.
name: n.a.
surname: n.a.
function: n.a.
email: n.a.
telephone: n.a.
fax: n.a.

 Coordinator Country United Kingdom [UK]
 Project website
 Total cost 6˙065˙267 €
 EC max contribution 4˙842˙819 € (80%)
 Programme 1. H2020-EU.3.7. (Secure societies - Protecting freedom and security of Europe and its citizens)
 Code Call H2020-DS-2015-1
 Funding Scheme IA
 Starting year 2016
 Duration (year-month-day) from 2016-06-01   to  2019-10-31


Take a look of project's partnership.

# participants  country  role  EC contrib. [€] 
1    X/OPEN COMPANY LIMITED UK (READING) coordinator 578˙539.00
2    SYSGO GMBH DE (KLEIN WINTERNHEIM) participant 599˙967.00
3    TTTECH COMPUTERTECHNIK AG AT (WIEN) participant 529˙273.00
4    IKERLAN S. COOP ES (MONDRAGON) participant 453˙378.00
5    FONDAZIONE BRUNO KESSLER IT (TRENTO) participant 437˙085.00
7    UNIVERSITE GRENOBLE ALPES FR (GRENOBLE) participant 370˙503.00
9    FREQUENTIS AG AT (WIEN) participant 214˙348.00
10    OAS AKTIENGESELLSCHAFT DE (BREMEN) participant 171˙356.00
11    UNICONTROLS A.S. CZ (PRAHA) participant 167˙884.00
12    KASPERSKY LAB UK LTD UK (LONDON) participant 162˙112.00
13    J.W. OSTENDORF GMBH & CO. KG DE (COESFELD) participant 159˙688.00
14    ATSEC INFORMATION SECURITY AB SE (DANDERYD) participant 151˙569.00
15    Q-MEDIA, S.R.O. CZ (PRAHA) participant 117˙638.00


 Project objective

Critical infrastructures (CI) rely on complex safety- and security-critical ICT systems placed into unpredictable environments and forced to cope with unexpected events and threats while exhibiting safe adaptive behavior. Recent security trends stress continuous adaptation to increase attacker work factor and to confound reverse-engineering. Critical CI systems must undergo extensive and costly scrutiny under diverse certification regimes. Improved, effective and affordable development and certification methods are essential.

CITADEL will provide innovative platform technology, methodology and tools for development, deployment, and certification of adaptive MILS systems for CI, to be demonstrated in three industrial CI use cases. The solution enables robust and resilient CI through monitoring and adaptive self-healing mechanisms that respond to natural and malicious occurrences by intelligently reconfiguring hosts, functions, and networks, while maintaining essential functions and defences.

CITADEL is based on MILS, an approach featuring modular construction and compositional assurance, reducing the time and cost for development, certification, and maintenance of dependable systems. The MILS platform, based on a separation kernel, manages physical resources while establishing and enforcing a verified application architecture.

Leveraging advances from the D-MILS and EURO-MILS projects, CITADEL will extend the MILS approach by adding dynamic reconfiguration to the MILS platform, and Monitoring and Adaptation Systems enabling resilience to adversity while preserving vital system properties.

CITADEL supports certification of Adaptive MILS systems by analyzing configuration change mechanisms, adaptation system, configuration properties, and configuration change policies with automated verification tools, and by providing an innovative runtime evidence management agent to automatically generate up-to-date certification assurance artifacts as the system adapts.


List of deliverables.
CITADEL Verification Techniques and Tools Documents, reports 2020-03-11 11:30:52
AM-ETB Tool Bus for tool integration and assurance Documents, reports 2020-03-11 11:30:50
Training Materials for Electronic Delivery Documents, reports 2020-03-11 11:30:45
MILS Monitoring System Documents, reports 2020-03-09 16:08:14
MILS Adaptation System Documents, reports 2020-03-09 16:08:12
CITADEL Design Techniques to Specify, Verify, and Synthesize Policies for Run-Time Monitors Documents, reports 2020-03-09 16:08:20
CITADEL Configuration and Reconfiguration Synthesis Documents, reports 2020-03-09 16:08:59
Web Site and Dissemination Materials Documents, reports 2020-02-13 16:19:23
Interfaces and workflow definition for AM-ETB Documents, reports 2020-02-13 16:19:23
CITADEL Modeling and Specification Languages Documents, reports 2020-02-13 16:19:23
Methodology for Industrial Evaluation and Readiness Assessment Documents, reports 2020-02-13 16:19:23

Take a look to the deliverables list in detail:  detailed list of CITADEL deliverables.


year authors and title journal last update
List of publications.
2018 Mohammed Abuteir ; Zaher Owda ; Hamidreza Ahmadiarr ; Roman Obcrmaisscr
Simulation Model and Environment for Mixed-Criticality Networked Multi-Core Chips
published pages: , ISSN: , DOI:
2018 IEEE 13th International Symposium on Industrial Embedded Systems (SIES) 2020-02-20
2018 Nouri, Ayoub; Mediouni, Braham,; Bozga, Marius; Combaz, Jacques; Bensalem, Saddek; Legay, Axel
Performance Evaluation of Stochastic Real-Time Systems with the SBIP Framework
published pages: , ISSN: 1757-8779, DOI:
International Journal of Critical Computer-Based Systems 1 2020-02-20
2018 Ballouli , Rim ,; Bensalem , Saddek; Bozga , Marius; Sifakis , Joseph
Programming Dynamic Reconfigurable Systems
published pages: , ISSN: , DOI: 1 2020-02-20
2018 Alberto Griggio ; Marco Roveri ; Stefano Tonetta
Certifying Proofs for LTL Model Checking
published pages: , ISSN: , DOI:
2018 Formal Methods in Computer Aided Design (FMCAD) 2020-02-20
2019 Prochazka, Jan; Novobilsky, Petr; Prochazkova, Dana
Cyber Security of Urban Guided Transport Management according to MILS Principles
published pages: , ISSN: , DOI:
1 2020-02-20
2018 Koelemeijer, Dorien; Araby, Rasma; Nouri, Ayoub; Bozga, Marius; DeLong, Rance
A Model-based Approach to Certification of Adaptive MILS
published pages: , ISSN: , DOI: 10.5281/zenodo.1306089
International Workshop on MILS: Architecture and Assurance for Secure Systems, MILS@DSN 2018 1 2020-02-20
2018 Ballouli , Rim ,; Bensalem , Saddek; Bozga , Marius; Sifakis , Joseph
Four Exercises in Programming Dynamic Reconfigurable Systems: Methodology and Solution in DR-BIP
published pages: , ISSN: , DOI: 1 2020-02-20
2017 Stefano Tonetta
Linear-time Temporal Logic with Event Freezing Functions
published pages: 195-209, ISSN: 2075-2180, DOI: 10.4204/EPTCS.256.14
Electronic Proceedings in Theoretical Computer Science 256 2020-02-13
2016 Lacramioara Aştefănoaei, Saddek Bensalem, Marius Bozga, Chih-Hong Cheng, Harald Ruess
Compositional Parameter Synthesis
published pages: 60-68, ISSN: , DOI: 10.1007/978-3-319-48989-6_4
Lecture Notes in Computer Science LNCS, volume 9995 2020-02-13
2016 Najah Ben Said, Takoua Abdellatif, Saddek Bensalem, Marius Bozga
A Model-Based Approach to Secure Multiparty Distributed Systems
published pages: 893-908, ISSN: , DOI: 10.1007/978-3-319-47166-2_62
Lecture Notes in Computer Science LNCS, volume 9952 2020-02-13

Are you the coordinator (or a participant) of this project? Plaese send me more information about the "CITADEL" project.

For instance: the website url (it has not provided by EU-opendata yet), the logo, a more detailed description of the project (in plain text as a rtf file or a word file), some pictures (as picture files, not embedded into any word file), twitter account, linkedin page, etc.

Send me an  email ( and I put them in your project's page as son as possible.

Thanks. And then put a link of this page into your project's website.

The information about "CITADEL" are provided by the European Opendata Portal: CORDIS opendata.

More projects from the same programme (H2020-EU.3.7.)

IECEU (2015)

Improving the Effectiveness of the Capabilities (IEC) in EU conflict prevention

Read More  


ERNCIP thematic group activities in 2016 supporting development of Mandate 487 for standards in security

Read More  

SEREN 3 (2015)

Security Research NCP Network 3

Read More