ANNEX G - PADR SECURITY CLASSIFICATION GUIDE

Security Classification Guide

Version 3.0 14 March 2019

PADR SCG V3.0 – 14 March 2019

2

Table of Contents

IMPORTANT NOTICE

This document aims at assisting national experts with the security scrutiny of PADR

proposals, informing applicants on how information will be EU-classified and helping

Commission staff to decide about the sensitivity of their calls for proposals.

This guidance concerns solely measures to be taken to protect the classified information in

PADR research projects. Other aspects (e.g. data protection, ethical issues, confidentiality

etc.) are covered in other parts of the evaluation procedure.

PADR SCG V3.0 – 14 March 2019

3

HISTORY OF CHANGES

Version Publication

Date Change

1.0 18.12.2017 Initial version

2.0 15.09.2018 Addition of categories for 2018 topics

3.0 14.03.2019 Addition of categories for 2019 topics

TABLE OF CONTENTS

1. When and for how long must information be classified? .............................................. 4

2. Classification levels ...................................................................................................... 4

3. How to classify information? ........................................................................................ 4

Annex to the SCG.............................................................................................................. 6

PADR SCG V3.0 – 14 March 2019

4

1. When and for how long must information be classified?

Under the Commission Decision 2015/4441, information must be classified if its

unauthorised disclosure could adversely impact the interests of the EU or of

one (or more) of its Member States.

To minimise costs and restrictions caused by classifying project information, the

information items will be classified for a limited time — after which their classification

will be reviewed and possibly downgraded, withdrawn (i.e. items declassified) or

extended.

2. Classification levels

There are four levels of classification:2

TRES SECRET UE/EU TOP SECRET: information and material the unauthorised

disclosure of which could cause exceptionally grave prejudice to the essential

interests of the European Union or of one or more of the Member States. TRÈS

SECRET UE/EU TOP-SECRET is NOT used for the security scrutiny of research

proposals.

SECRET UE/EU SECRET: information and material the unauthorised disclosure

of which could seriously harm the essential interests of the European Union

or of one or more of the Member States. (S-UE/EU-S)

CONFIDENTIEL UE/EU CONFIDENTIAL: information and material the

unauthorised disclosure of which could harm the essential interests of the

European Union or of one or more of the Member States. (C-UE/EU-C)

RESTREINT UE/EU RESTRICTED: information and material the unauthorised

disclosure of which could be disadvantageous to the interests of the European

Union or of one or more of the Member States. (R-UE/EU-R)

3. How to classify information?

The classification of information produced by research projects will normally depend

on two parameters: the subject matter of the research and the type of the information. The subject matter of the research is defined in the annual work programmes of the PADR. Regarding the type of the information the following

general categories3 could be applied:

1 See Commission Decision (EU, Euratom) 2015/444 of 13 March 2015 on the security rules for protecting EU

classified information (OJ L 72, 17.3.2015, p.53.) 2 See. Commission Decision (EU, Euratom) 2015/444 of 13 March 2015 on the security rules for protecting

EU classified information (OJ L 72, 17.3.2015, p.53.)

3 These categories may overlap regarding specific items of information.

PADR SCG V3.0 – 14 March 2019

5

threat assessments (estimation of the likelihood of an act against an asset, with particular reference to factors such as intention, capacity and potential

impact)

vulnerability assessments (description of gaps or weaknesses in networks, services, systems, assets, materials, equipment, operations or processes which

can be exploited and often contain suggestions to eliminate or diminish these

weaknesses)

specifications (exact guidelines on the design, composition, manufacture, maintenance or operation of substances, equipment, components, technologies,

systems and procedures)

capability assessments (description of the ability of an asset, system, network, service or authority to fulfil its intended role — and in particular the capacity of

units, installations, systems, technologies, equipment, substances and personnel

to carry these out successfully)

incidents/scenarios (detailed information on real-life incidents and potential

threat scenarios:

on past incidents (often including details not otherwise publicly available,

demonstrating the real-life effects of particular attack methods or gaps

which have since been addressed)

on devised scenarios (commonly derived directly from existing vulnerabilities, but normally with a lower level of detail, particularly of the

attack preparation phase).

Depending on the specific subject matter, each type of information may need to take

different level of classification. For the purpose of this document a table with

suggested level of classification for the topics of the work programme of 2017,

2018 and 2019 is found in appendix. Classification levels should be applied taking

into account both the need to protect information and the need to avoid unnecessary

obstruction to the use of research information and results.

PADR SCG V3.0 – 14 March 2019

6

Appendix to the SCG

SECRET UE/EU SECRET: S-UE/EU-S

CONFIDENTIEL UE/EU CONFIDENTIAL: C-UE/EU-C

RESTREINT UE/EU RESTRICTED: R-UE/EU-R

UNCLASSIFIED: UNCL

SCG TABLE

Research topic Type of Information

Threat Vulnerability Specifications Capability Inc/Scen4 Remarks

Technological demonstrator for

enhanced situational awareness in military operations in a maritime environment

Unmanned platform

Ability to be launched and recovered from manned platforms

R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Autonomous Guidance, Navigation and Control (including collision avoidance and decision making)

R-UE/EU-R C-UE/EU-C C-UE/EU-C R-UE/EU-R R-UE/EU-R

Self-Protection and electronic warfare (incl. NAVWAR5)

R-UE/EU-R C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

4 Incidents/Scenarios

5 Navigation Warfare

PADR SCG V3.0 – 14 March 2019

7

Secure data links for command and control

R-UE/EU-R C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

Low-observability R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

Mission Payload

On-board sensors C-UE/EU-C C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

On-board data processing and decision making

UNCL C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

Anti-mine warfare C-UE/EU-C C-UE/EU-C S-UE/EU-S C-UE/EU-C C-UE/EU-C

Anti-submarine warfare C-UE/EU-C S-UE/EU-S S-UE/EU-S S-UE/EU-S S-UE/EU-S

Anti-air warfare capability R-UE/EU-R C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

Anti-jamming and anti-spoofing protection

R-UE/EU-R C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

Detectors performance (incl. optical, radar, IR signatures)

R-UE/EU-R C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

Global system integration

Multi systems EMC management R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

Secure high-speed mission data exchange

R-UE/EU-R C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

Global data processing within C4ISTAR (including data fusion and decision making)

R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

Information Security management R-UE/EU-R C-UE/EU-C S-UE/EU-S C-UE/EU-C R-UE/EU-R

PADR SCG V3.0 – 14 March 2019

8

Protection against cyber attacks R-UE/EU-R S-UE/EU-S C-UE/EU-C C-UE/EU-C R-UE/EU-R

Cooperation between heterogeneous vehicles (including swarming)

R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

Force protection and advanced soldier systems beyond current programmes

Generic open soldier systems architecture

UNCL R-UE/EU-R C-UE/EU-C R-UE/EU-R R-UE/EU-R

Tailor-made blast and ballistic protection of military personnel

CBRN aspects R-UE/EU-R R-UE/EU-R C-UE/EU-C R-UE/EU-R R-UE/EU-R

Adaptive camouflage

Signatures UNCL C-UE/EU-C R-UE/EU-R C-UE/EU-C R-UE/EU-R

Strategic Technology Foresight

Short-medium term UNCL R-UE/EU-R UNCL UNCL UNCL

Long term UNCL UNCL UNCL UNCL UNCL

Recommendations/Key Conclusions UNCL UNCL R-UE/EU-R R-UE/EU-R UNCL

Mapping of non-EU sourced components subject to export restrictions

UNCL R-UE/EU-R UNCL R-UE/EU-R UNCL

PADR SCG V3.0 – 14 March 2019

9

Criticality analysis R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

European high-performance, trustable (re)configurable system-

on-a-chip or system-in-package for defence applications

Hardware R-UE/EU-R C-UE/EU-C R-UE/EU-R R-UE/EU-R R-UE/EU-R

Software R-UE/EU-R C-UE/EU-C R-UE/EU-R R-UE/EU-R R-UE/EU-R

Encryption R-UE/EU-R S-UE/EU-S S-UE/EU-S C-UE/EU-C R-UE/EU-R

Design R-UE/EU-R C-UE/EU-C R-UE/EU-R R-UE/EU-R R-UE/EU-R

Manufacturing UNCL R-UE/EU-R UNCL UNCL UNCL

Anti-tampering R-UE/EU-R S-UE/EU-S S-UE/EU-S C-UE/EU-C R-UE/EU-R

High power laser effector

R&D assessment R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Technology roadmap R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

PADR SCG V3.0 – 14 March 2019

10

Measurements aspects R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Requirements for the overall laser system R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

Concepts of employment and use R-UE/EU-R S-UE/EU-S S-UE/EU-S S-UE/EU-S R-UE/EU-R

Criticality Mapping R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

R&T activities R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Key Performance Indicators UNCL R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Combined radar, communications, and electronic warfare AESA system

R&D assessment R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Technology roadmap R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

System definition R-UE/EU-R C-UE/EU-C S-UE/EU-S S-UE/EU-S R-UE/EU-R

Architecture R-UE/EU-R R-UE/EU-R S-UE/EU-S S-UE/EU-S R-UE/EU-R

Functional specification R-UE/EU-R C-UE/EU-C S-UE/EU-S S-UE/EU-S R-UE/EU-R

Criticality Mapping(CM)

PADR SCG V3.0 – 14 March 2019

11

CM: Materials and components R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

CM: R&D capacity R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

CM: Industrial capacity R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Concepts of employment and use R-UE/EU-R S-UE/EU-S S-UE/EU-S S-UE/EU-S R-UE/EU-R

R&T activities (RT)

RT system: antenna array R-UE/EU-R C-UE/EU-C S-UE/EU-S S-UE/EU-S R-UE/EU-R

RT system: beamforming R-UE/EU-R C-UE/EU-C S-UE/EU-S S-UE/EU-S R-UE/EU-R

RT system: resource manager R-UE/EU-R C-UE/EU-C C-UE/EU-C C-UE/EU-C R-UE/EU-R

RT system: key performance indicators R-UE/EU-R R-UE/EU-R S-UE/EU-S R-UE/EU-R R-UE/EU-R

RT system: measurement methodology R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

RT components: design R-UE/EU-R R-UE/EU-R C-UE/EU-C C-UE/EU-C R-UE/EU-R

RT components: fabrication R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

RT components: key performance indicators

R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

RT components: measurement methodology

UNCL UNCL UNCL UNCL UNCL

PADR SCG V3.0 – 14 March 2019

12

Future Disruptive Defence

Technologies (FDDT)

FDDT OPEN R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

FDDT EMERGING: Positioning, Navigation

and Timing R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

FDDT EMERGING: Artificial Intelligence R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

FDDT EMERGING: Quantum technologies R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

FDDT EMERGING: Long-range effects R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

FDDT EMERGING: Augmenting soldier

capacity R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R R-UE/EU-R

Interoperability standards for military unmanned systems

UNCL UNCL UNCL UNCL UNCL