The consortium aims to establish a comprehensive framework for cyber risk assessment by integrating  formal foundations, verification techniques, and a combination of quantitative, qualitative, and semi quantitative approaches. Additional novelty of the framework is the employment of artificial intelligence  and the usage of a methodology based on digital twins of the infrastructure and those of threat agents.  New techniques will be studied for (i) supporting fuzz testing campaigns to effectively discover the  vulnerabilities, and (ii) search-based input generation (iii) supporting security verification, of software (iv)  promoting the design and implementation of resilient and versatile toolkits capable of addressing the various and evolving cyber threats. Privacy-related vulnerabilities in machine learning (ML) components  will be identified. Finally, the consortium will deal with Android System Security. A novel approach will be  to identify entry points susceptible to malicious exploitation, incorporating dynamic analysis and formal  methods. Security abstractions and verification-certification methods will be integrated into  programming models, so to provide a guidance to secure design. This in turns requires the development  of evolutionary computational models and programming languages that support security-by-design  methodologies, with automated tools to verify, measure, assess and monitor security properties and  vulnerabilities along the entire life cycle of software.