The project IRIS (artificial Intelligence threat Reporting and Incident response System), in which Eviden led the Technical Coordination, the definition of the architecture and the designing and developing a risk and vulnerability assessment module, was successfully completed in August 2024 after 36 months of work involving colleagues from the Cybersecurity team.

At the end of the project, a final online review was organised by the EC on 31 October 2025. The consortium presented the outcomes of the project, consisting of a platform to address threats and minimise the attack surface in large-scale ICT infrastructures driven by IoT and AI, targeting the MeliCERTes ecosystem.

The project has successfully achieved its objectives with relevant validation results (most of the components of the IRIS platform have reached a technology maturity validation at TRL7 - system prototype demonstration in an operational environment) through three pilot use cases: securing the smart city IoT and control system infrastructure for the safety of tram users in Barcelona, securing the AI-enabled infrastructure of autonomous transport systems in Tallinn, and with effective incident response and threat intelligence collaboration for critical cross-border smart grid threats in Helsinki.

Some of the main results achieved have been:

• A set of tools for automated threat analytics for IoT and AI-driven systems operating in Critical Infrastructures, including risk and vulnerability assessment (ref. VDM and CERCA assets of Cyber), monitoring and detection of threats (including network traffic analysis, host-based intrusions, and machine learning algorithms to detect and prevent anomalies and cyber-attacks for IoT-based smart environments and for vision systems in automated vehicles) and digital twin honeypots (with replicas of complex systems, such as LiDAR and Modbus).
• Proof of concept of an innovative Automated AI-based Pentesting Framework based on reinforcement learning for continuous vulnerability discovery and assessment imitating a human pentester behaviour.
  Sharing, storing, communicating and collaborating on cyber threat intelligence between all stakeholders using advanced threat intelligence orchestration and data protection and accountability using distributed ledger technologies (DLT).
• Semi-automated risk-based incident response and self-recovery capabilities on target IoT and AI-based infrastructures.
• Enhancement of the MeliCERTes platform with a customized dashboard suitable for different target users with appropriate role and rights access management capabilities to shared information.
• Virtual cyber range platform and training environment for emulating complex ICT systems and with the deployment of IRIS components.

Eviden’s contribution has been key to the project because of our role as technical coordinators and leaders of the architecture work package, but also for providing risk and vulnerability assessment module to the IRIS platform, based on VDM – Vulnerability Discovery Manager - asset and a new asset Pentesting-AI with a PoC (proof-of-concept) developed in the project.

The development of an innovative automated AI-based Pentesting Framework that integrates the implementation of a Deep Reinforcement Learning agent with a set of scanning, discovering and penetration testing tools is seen as one of the solutions that could be integrated with the SW Factory for HPC products of BDS.