Webinar: Architecting Trust in 6G – Technical Insights from SNS JU Projects

• Introduction and opening
• Mir Ghoraishi (Gigasys Solutions, iTrust6G Coordinator)

• From Specification to Operational 6G Security Management: The RIGOUROUS approach

Prof. Antonio Skármeta (University of Murcia, Rigorous Coordinator, SNS Security WG Chair)

Abstract: RIGOUROUS smart service framework is capable of ensuring a secure, trusted and privacy-preserving environment for supporting the next generation of trustworthy continuum computing 6G services along the full device-edge-cloud-continuum on heterogenous multi-domain networks. This includes establishing compliance with the design of software (SW), protocols and procedures, as well as AI-governed mechanisms to cope with the security-related requirements in the full DevOps lifecycle, from the service onboarding up to the day-2 operations.

• iTrust6G: Dynamic and Context-Aware Trust Modelling

Dr Shuaib Siddiqui, (i2CAT, iTrust6G technical manager)

Abstract: This talk explores the iTrust6G Trust Model, which leverages the Zero Trust (ZT) principle for multi-tenant 6G environments. The model treats trust as a dynamic, context-aware attribute managed throughout an entity’s entire lifecycle, contrasting with static perimeter defences. It considers an end-to-end trust pipeline covering initial Conformity Assessment and the Trust Maintenance Loop. It also implements Continuous trust evaluation, fusing real-time telemetry, threat intelligence, and behavioural analytics. Finally, iTrust6G employs Explainability and Accountability to ensure all decisions are transparent, auditable, and traceable for operators and auditors.

• The PRIVATEER Enablers for Privacy-First Security

Dr. Georgios Gardikis (Space Hellas, PRIVATEER Coordinator)

Abstract: The mission of the SNS PRIVATEER project is to pave the way for 6G “privacy-first security” by studying, designing and developing innovative security enablers for 6G networks, following a privacy-by-design approach. The PRIVATEER “privacy-first” 6G security framework will consist of a set of enablers built around four pillars: i) decentralised robust security analytics, towards avoiding data centralisation as well as AI mechanisms hardened against adversarial actions resulting in privacy breaches; ii) privacy-aware slicing and security service orchestration, introducing “privacy intent” as an additional factor affecting network service lifecycle management; iii) distributed attestation and identity check, making authentication and integrity verification more privacy-friendly; and iv) searchable encryption mechanisms for privacy-preserving Cyber Threat Intelligence (CTI) sharing.
In this session, as the project is approaching its end, we will present selected security enablers, as they were developed, tested and demonstrated within the project.

• Securing 6G: the HORSE Approach

Prof. Fabrizio Granelli (CNIT, HORSE Coordinator)

Abstract: HORSE holistic vision provides an end-to-end approach to 6G security, by leveraging on ML and Network Digital Twins. The resulting platform is capable not only to evaluate the impact of security threats, but also to predict potential attacks and detect potential anomalies.

• Coffee Break

• Designing a Security Plane for 6G networks

Prof. Xavier Masip Bruin (Universitat Politècnica de Catalunya, MARE Coordinator)

Abstract: The talk introduces the work currently being carried out within the MARE project (SNS-JU call 3), proposing a solution for security and privacy provisioning in 6G ecosystems. This challenge is addressed through the definition of a novel Security Plane built on a well-defined set of open and programmable security functions, in a transparent and multi-domain/stakeholder environment, with the ability to proactively propose and assess strategies to efficiently handle novel attacks and threats. Supported by a softwarised approach, the proposed Security Plane pivots on two main contributions: 1) A set of enriched security functions built upon basic primitives, referred to as DOTs; 2) A smart “pre-assessment” ecosystem, where security and privacy functions are analysed prior to production and deployment.

• COCOS AI – Collaboration without Borders

Danko Miladinović (Ultraviolet, CONFIDENTIAL6G partner)

Abstract: Cocos AI (Confidential Computing System for AI) is a software platform designed to enable confidential and privacy-preserving AI and machine learning. It allows model training and inference to be performed directly on sensitive data—without ever exposing that data. This approach addresses one of the key challenges in AI today: protecting privacy while unlocking the full potential of intelligent systems. By ensuring trust and privacy, Cocos AI opens the door to secure and collaborative AI development. At its core, Cocos AI is built on Confidential Computing—an emerging paradigm that uses specialized hardware (CPU extensions) to create secure, encrypted enclaves in memory, known as Trusted Execution Environments (TEEs). These enclaves isolate data and code from the rest of the system, providing a strong layer of protection even from privileged software on the host machine. The result is a platform that empowers data scientists to train AI/ML models on private data—without ever seeing or exposing that data. It also supports Secure Multi-Party Computation (SMPC), enabling joint analysis and model training across datasets from different sources. This capability unlocks significant value while maintaining strict privacy guarantees.

• SAFE-6G: An AI-Driven Cognitive Coordinator for Mapping User Intent to Trustworthiness in 6G Networks

Dr. Harilaos Koumaras (NCSR “DEMOKRITOS”, SAFE-6G Technical Manager)

Abstract: The transition to 6G mobile networks envisions a fully software-defined, cloud-native architecture that spans from central clouds to far-edge micro-data centres. While SDN, NFV, and edge computing unlock unprecedented agility and service diversity, they also enlarge the attack surface and elevate risks to confidentiality, integrity, and availability. Existing security measures in 5G remain fragmented—separate efforts address privacy, resilience, reliability, security, or safety in isolation—and lack a unified metric for end-to-end trust. This paper introduces trustworthiness as a holistic, multi-dimensional metric that aggregates user-specified requirements across five pillars— Safety, Security, Privacy, Resilience, and Reliability—into a single Level of Trustworthiness (LoTw). A proof-of-concept prototype of an AI-driven Cognitive Coordinator that ingests user intents via a chatbot and maps them to LoTw with BERT-based regression heads is presented, validating the proposed formal definition of Trustworthiness towards a truly user-centric and trustworthy 6G network.

• NATWORK’s Perspective in Cybersecurity and Resilience for 6G: From Physical Layer Security to AI-powered Intrusion Detection

Dr. Antonios Lalas (CERTH, NATWORK Deputy Coordinator & Technical Manager)

Abstract: As the Internet of Things and digital technologies continue to proliferate rapidly, cybersecurity has become increasingly vital. However, despite its significance, cybersecurity encounters numerous challenges, ranging from adaptability to responsiveness to attacks. With this in mind, the EU-funded NATWORK project aims to address these challenges by developing an innovative, bio-inspired, AI-based 6G cybersecurity and resilience framework with low energy consumption. This framework will leverage AI and resilient biomimicry to enable networks to self-regulate and adapt to their specific circumstances while adhering to service level agreements. Furthermore, the gathered data will facilitate enhanced self-resilience and flexibility in future 6G network security measures.

This presentation will focus on the current status of the project visiting the main achievements and explaining in more detail the physical layer security solutions that endeavours. Specifically, the Jamming Detection and Mitigation mechanisms will be explored and demonstrated in detail, along with various demonstrations, such as the AI-Driven Network Intrusion Detection and Resource Allocation, the MTD in Kubernetes with Reactive Container Live Migration, the Denial of Sustainability Attack against 6G cloud-native service, and the DDoS detection component.