D2.1 Supply Chain Analysis and Requirements

The objective of this deliverable is to report the results of the activities performed in the first phase of CYRENE’s Work Package 2. The main output is related to the requirements that have been collected from relevant standards and literature review, project pilot partners, as well as external stakeholders.
The document can be divided in four main parts. In the first one, an overview of the Supply Chains is given, describing both their classification, including three different views (business, technical and sectorial) of the SCs, and their security aspects, consisting of the threat landscape, legal framework, SC security and Risk Management standards and SC risk assessment methodology and tools.
In the second part, an overview of the EU Certification schemes is provided, encompassing the general definition and requirements (policy, legal, standards, methodologies, technical) regarding the security certification.
Moreover, in the third part, the document reports on the methodology used for collecting, analyzing and validating the requirements through the project’s Advisory Boards. The feedback obtained from the proposed questionnaire for requirements validation are presented in this part and conclusions are drawn afterwards.
Finally, the fourth part of the deliverable deals with the three Targets of Evaluation (ToEs), namely, the Business, Technical, and Sectorial. Their descriptions and the respective validated requirements are provided in this section.
Two appendixes are included in the document. The first one gives information on a glossary that forms the basis of the concepts used in the project, while the second one gives details regarding the first workshop organized with the Advisory Boards at the end of the first six months of the project.