Description and outcomes
The growth in our dependency on the digital electronic infrastructure for very many aspects of European economic and social activity demands that we continue to strengthen its security and dependability.

R&D work in the field of ICT has been concerned mainly with the provision of protection mechanisms and processes for specific, often disjoint, sections of communications, computing, and information-handling services. Whilst this is necessary to provide the basic foundations and facilities, it is not sufficient to deliver the entire concept of a dependable, trustworthy digital environment that is increasingly responsible for many of the services required by European citizens, society, businesses, and administrations – hereinafter, the stakeholders.

Today, the ability of hackers, organized cyber-crime and terrorists to attack ICT infrastructures, people’s identities, and their online lives in cyber-space has grown substantially. Facilitated by Industry's recent trends toward commoditisation and convergence and being capable of exploiting human or organizational weaknesses, adversaries can target vulnerabilities at all points in the ICT supply chain from hardware fabrication and software production, to collaborative content creation and diverse end uses. The bottom line is that the threat is growing in sophistication, scope and magnitude.

There is a strong need to develop “smart” - meaning intelligent, user-friendly and user-centric - ICT security environments that take full yet simultaneous account of:

  • freedom of access, interaction and use;
  • respect for privacy within society;
  • underpinning security and dependability.


Further effort is required to bring together what is technically available and achievable with what will be required and expected by the stakeholders.

There are potential tensions, particularly in the current context of heightened sensitivity to organised threats, between what is required in Europe with respect to:

  • the justifiable and legitimate expectations of European citizens for more security in their online interactions and transactions while protecting their privacy and safeguarding their personal information and assets;
  • the evolution of personalised services while maintaining personal control of privacy of information and identity;the need to decentralise control and to allocate greater rights and responsibilities to the user – so called user empowerment;
  • the blurring of domain boundaries and the inflexibility of exercising complete central control;the needs of business and administrations for protection and preservation of services and systems;
  • the economics of security – the costs of security and dependability in terms of the impact on productive functionality as well as the cost of developing and deploying the TSD measures themselves. How much security do we actually need and how can the user control this trade off? Perhaps we should strive for good-enough security, not for more security than necessary in order to meet other requirements, such as performance.


The overall goal is to assist in the development of a framework to enable a sustainable balance between these factors while strengthening the security of the digital environment and enhancing its dependability and trustworthiness.

Think-Trust's main focus is on formulating recommendations through the work of RISEPTIS and the supporting Working Groups on:

  • Policy environment – The development of coherent legal and administrative frameworks, operational environments, and human behaviour relating to security, privacy and confidence, in view of the technological changes leading to and arising from the future Information Society,
  • Research Agenda – Future European research and development that can facilitate the creation of an Information Society that will be secure, whilst respecting freedom and privacy of its citizens, with due attention given to the ICT infrastructures, networks, services and applications.