Poland

My work is centred on creating robust frameworks for verifying cryptographic protocols within ICT products, services, and processes, ultimately strengthening resilience against cyber threats.

In the broader European context, my fellowship is poised to have a significant impact on cybersecurity practices, aligning with the objectives set forth by the Cybersecurity Act (CSA) and advancing European interests in bolstering digital security.

My primary focus is on developing standardized verification methodologies for cryptographic protocols, which play a key role in enhancing cybersecurity practices across Europe. I am working on creating robust frameworks for verifying these protocols within ICT products, services, and processes, ultimately contributing to greater resilience against cyber threats.
The Cybersecurity Act (CSA) promotes the use of certification as an effective cybersecurity tool that can be applied consistently across Member States without creating unnecessary administrative burdens. Previously, products or services certified in one country often had to undergo similar procedures again when different national requirements were in place.
With the introduction of the European Cybersecurity Certification (EUCC) scheme, however, certificates issued under this framework will be legally recognized across all Member States once the corresponding Implementing Act is in force. This harmonization is essential for reducing duplicated efforts, saving time and resources, and ensuring consistent cybersecurity standards throughout Europe.

By stating that the priority is electronic identification and trust services, this work directly impacts both electronic identification and trust services. Specifically, the ETSI Standard 119 462 (Wallet Interfaces) influences identification and trust services in the following ways:
it establishes a standardised mechanism for identification from the wallet to trust service providers, it creates a standardised mechanism for trust service providers to issue attributes that are used for identification, it sets up a mechanism for collaboration with trust service providers in the process of creating electronic signatures.

The societal impact measured by increasing confidence in the certification as a powerful cybersecurity tool would be real.

The resulting study in the form of PWI 25543 is aimed at keeping the reference standards as the-state-of_the_art documents which cope with emerging and future technologies in cybersecurity certification.
The goal set up in the plan is strongly supported by sound standards with appropriate scope of application. In this way the assessments can be repeatable and comparable thus create the basis for wide recognition of results which usually appear as certificates respected by all EU Member States.