Multimodal Itinerary Planner

Pilot Goals:

Working with other partners the goal for the Car Sharing Pilot, in which this analytic is used, is to supply an interface for service providers so a single routing interface can calculate multimodal trips for users using their services. Using the architecture designed in the project, data is securely transferred between service providers and the platform where only required parties can access the data. This ensures that only the information required by the service providers is accessible to them and any other data supplied by the user is kept safe from prying eyes. For example, a bus company does not have access to a driver license, the Multimodal Itinerary planner only requires a list of routing preferences including start and end locations, the CO2 calculator only needs distance and vehicle information. Preserving the privacy of the data in the way reduces the potential of data leaks or cyber-attack.

Project Goals:

  • Develop an analytic that supplies users with Itineraries through the Information Sharing Infrastructure (ISI)
  • Integrate services from service providers to the analytic
  • Supply CO2 information in relation to the Itinerary that the user requested



When a user plans a trip the data is sent to the ISI and then retrieved by the multimodal itinerary planner using service credentials supplied. The multimodal itinerary planner searches for the best routes/plans that serve the users preferences and once that information is collected the itinerary planner contacts a second analytic [CO2 calculator] that calculates the CO2 usage over the trip supplied. All this information is collated And using the ISI interface the itinerary, including routing details is written to the data lake where it can be retrieved by the end user.

With strong progress being made to finish on a high, the testbed configurations are being tweaked and the final pilot testing phase is starting to ramp up. With so many bespoke components to be integrated it is nice to see healthy collaboration taking place to solve issues and reduce friction between components where possible. We look forward to seeing the finalized pilot and hope you do too.

ERCI/STARS Webinar | Cybersecurity for Railway Passengers and Freight


Title of the webinar

ERCI/STARS Webinar | Cybersecurity for Railway Passengers and Freight

Virtual platform MS Teams
Date and time Wednesday, 10 May 2023 | 10:00-11:30 UTC+2 (CEST)
Registration link
Contact Person Guido Ancarani, Robert Hopkin


In this Webinar you will learn about innovative solutions for ensuring cybersecurity for railway passengers and freight.


First, the Consiglio Nazionale delle Ricerche (CNR), as project coordinator, presents the European project E-CORRIDOR, which aims to create a flexible, secure and privacy-friendly framework that enables trusted, distributed and edge-enabled security services such as threat analysis and prevention, as well as privacy-friendly seamless access mechanisms in multimodal transport systems.

The second presentation is on the safety assessment of Ethernet on-board networks in trains. The related research at the University of Birmingham focuses on the assessment of the networks and components that form the communication backbone in modern trains. Based on experience from other industries and taking into account binding legal frameworks, it has been possible to develop a uniform methodology that provides both independent technical rigour and the necessary flexibility for bespoke network designs. The methodology can already be applied in the planning of trains, benefiting manufacturers, owners and operators.

Agenda 10:00 Welcome words

·        ERCI - European Railway Clusters Initiative

10:10 The E-CORRIDOR Project - Cybersecurity and privacy for multimodal transport

·        Dr Fabio Martinelli | Co-ordinator of the European project E-CORRIDOR | Consiglio Nazionale delle Ricerche (CNR)

10:40 Security Assessment of On-board Ethernet Train Networks

·        Mark Lodge, University of Birmingham

11:10 Questions & Answers
11:25 News from the ERCI network & STARS project

·        ERCI - European Railway Clusters Initiative

Please note ·        By registering for this webinar, you agree that the webinar will be recorded and published on the YouTube channel of the STARS project.

·        Registered participants will receive an access link to the webinar in a separate e-mail.

About ERCI This webinar is organised by the European Railway Clusters Initiative (ERCI). ERCI comprises 16 research and innovation-oriented railway technology clusters, covering 16 countries. ERCI represents more than 1,500 SMEs and aims to promote innovation and the development of new business opportunities as a means to sustainably strengthen competitiveness within the European railway industry. ERCI promotes cooperation between industry and research, initiates innovation projects, organises B2B meetings and workshops. This also includes promoting visibility and networking at EU level.
About the STARS project The application of advanced technologies and their Europe-wide dissemination in internal company processes should help to significantly improve the adaptability of traditional SMEs from the rail and mobility sector to the changed economic environment after the Corona crisis and to increase their competitiveness on a European scale. The project thus contributes to the European Commission's economic stimulus package. To achieve this, the STARS project aims to support international cooperation between technology-savvy SMEs/start-ups and traditional SMEs.


ERCI Task Force MultiModal Logistics (TF MML)
Meeting #7

A Secure and Privacy-enabled Data Sharing and Analytics Platform for Multimodal Logistics?

ERCI Task Force MultiModal Logistics (TF MML)

Meeting #7

A Secure and Privacy-enabled Data Sharing and Analytics Platform
for Multimodal Logistics?

Online meeting – 5 May 2023


Foreword: The European H2020 project E-CORRIDOR has developed the E-CORRIDOR platform ensuring the secure and privacy-enabled sharing and analytics of information concerning Multimodal transport of Passengers. The platform unleashes the power of information sharing coupled with edge-based collaborative analytics for cyber protection. The framework has been tailored for multimodal transport needs by developing a significant set of security services based on it.

The framework allows data prosumers (producers/consumers) to easily express their preferences on how to share their data, which analytics operations can be performed on such data and by whom, with whom the resulting data can be shared etc. This entails a framework that combines several technologies for expressing and enforcing data sharing agreements as well technologies to perform data analytics operations in a way which is compliant to these agreements.

The framework - mainly based on an Information Sharing Infrastructure (ISI) and an Information Analysis Infrastructure (IAI) - can be deployed in several ways and on several devices (from cloud to mobile devices).

The project has developed 3 pilot products of the E-CORRIDOR platform:

  1. Information sharing and analysis centre for multimodal transport (ISAC)
  2. Airport and integrated train transport (AT)
  3. Car sharing in smart cities (S2C).

The project is participated by DITECFER (all the partners are listed here), and the President of ERCI, Dirk-Ulrich Krüger, is Member of the Advisory Board of E-CORRIDOR.

Goal of the meeting: The meeting is organised in the framework of the Exploitation activities of the E-CORRIDOR project. The main goals are therefore:

  • Presenting the E-CORRIDOR platform and results to meaningful stakeholders of the European Multimodal transport of freight ecosystem
  • Discuss with them whether the E-CORRIDOR platform can answer needs of the Multimodal logistics ecosystem and under what conditions
  • Brainstorming on potential collaboration / innovation activities / other new ideas to improve the sector of Multimodal Logistics, as well as ideas for supporting the exploitation of the E-CORRIDOR platform.


10:00 Welcome words

·        ERCI - European Railway Clusters Initiative – Short intro on mission and members (5 min)

·        TF MML – Short intro on mission and meetings held so far (10 min)

10.15 Tour-de-table to present the European Stakeholders in freight (1 slide each to be prepared by TF MML and shown when the participant presents himself/herself – 1 minute each)

·        Port of Barcelona (Spain) - Noelia Martin – Responsible de Hinterland – Estrategia de Negoci

·        CIMALSA (Spain) - Jordi Fornós - Director Consultancy

·        HUPAC (Spain) - Ricard Vendrell - Spain Representation

·        Tenalach Consulting (Spain) - Aristarco Tomas – CEO

·        Aéroport de Liège / Flexport (cargo) (Belgium) - Torsten Wefers/Frederic Brun

·        Port Authority of La Spezia and Marina di Carrara (Italy) – Simone Pacciardi  - Special Projects, Relations with the EU, Market development and Intermodal transport (from 11.00)

·        Interporto di Prato (Italy) - tbc

10:25 E-CORRIDOR Project

·        Fabio Martinelli | Coordinator of the European project E-CORRIDOR (CNR-National Research Council of Italy)

·        Stefano Sebastio, (Collins Aerospace) E-CORRIDOR Pilot

10:50/10.55 Open Discussion / Brainstorming

·        Can the E-CORRIDOR platform answer needs of the Multimodal logistics ecosystem? Under what conditions?

·        Are there any potential collaboration envisaged? Innovation activities? Other emerging ideas inspired by E-CORRIDOR to improve the sector of Multimodal Logistics? Any other idea for supporting the exploitation of the E-CORRIDOR platform within and beyond the Multimodal Logistics ecosystem?

12:15 Conclusions and wrap-up messages
12:30 End


Seamless Authentication Services as a Booster for Multimodality in Urban Mobility

With the surge of MaaS ecosystems, passenger travels are more and more multimodal. Passengers can start a trip with their own vehicle to be parked nearby public transport stations, take the subway and once they get to the desired station drive a shared car provided by a car sharing service to ride the last miles until their final destination.

Within the MaaS model boundaries among private, shared, and public transport become blurred and passengers are enabled to move around their city seamlessly using a combination of private, shared and public alternatives that rely on the existing transportation infrastructure to go to work or come back home every day.

The E-CORRIDOR approach

In the framework of the project, we have created a trip planner to enable multimodal trips.

With this trip planner we provide:

  • Test unified registration to improve user experience.
  • Test unified bookings - to test usability and measure user satisfaction.
  • Test subsidies offer and control.
  • Interoperability among mobility partners.

In this scenario, multiple stakeholders and domains are involved, such as:

  • Passengers (including PRM, people with reduced mobility requiring assistance)
  • Car sharing companies
  • Bus companies and DRT providers
  • Any other mobility provider or MaaS application

Requirements and challenges

Solutions designed for the Pilot cover:

  • Seamless, robust, and privacy-aware authentication: the traveller can take advantage and be in control of a unique, centralised, identification that have different essential data-sharing agreements with the mobility providers that integrate e-Corridor
  • Take advantage of a trusted identity provider to ask the user for highly personal, identifiable data, triggering the utilisation of such data to use mobility services with more confidence. Having scattered sensitive information on different platforms scares many users making the implementation of some services a challenge to scale
  • Use such personal data to allow users to take advantage of policies and subsidies that can benefit the implementation of sustainable mobility strategies that are micro-targeted to individuals hence more effective

Workshop on Privacy, Transparancy, Sovereignty and Security
Inria Mediterranean Campus Sophia Antipolis, 27-28 April 2023

Co-organised by E-CORRIDOR and TRAPEZE and co-sponsored by ERCIM and Inria, this collaborative workshop brought together leading researchers and practitioners, experts and enthusiasts in the fields of privacy, cybersecurity and technology.

The Inria Mediterranean Campus, Sophia Antipolis was the setting for the event, which ran across April 27th, and 28th, 2023. The workshop was designed to be highly interactive and presentations from experts were followed by interactive sessions where contributors had the opportunity to challenge assumptions or add to proceedings with their own ideas and experience in the field. These sessions gave participants the opportunity to explore cutting-edge technologies and methods for protecting privacy, as well as novel applications of these technologies across various domains, such as e-government, telecoms, banking and transportation.

The event design also afforded many opportunities for networking, knowledge sharing and an occasion to learn from experts in the field and explore new ideas in privacy and related technology. The workshop was preceded by individual project meetings for both E-CORRIDOR and TRAPEZE.
Taking place amongst the trees of Sophia Antipolis, participants enjoyed a tranquil setting and two days of productive collaboration and knowledge sharing in the world of privacy research and technology.

Agenda TRAPEZE E-CORRIDOR Privacy Workshop - 27/ 28 Apr

Workshop on Privacy, Transparency,

Sovereignty and Security

Sophia Antipolis, France

Research and Technology on Thursday, 27 April 2023

Private meetings in the morning with Workshop start at 13:00 CEST (UTC+2)

9:00-11:30 E-CORRIDOR (Room Kahn 1 & 2) and TRAPEZE (Room Kahn 3) Individual Project Meetings
11:30-13:00 Lunch
13:00-13:25 Alexander Vasylchenko (TenForce): “Enabling digital privacy, security and identity through TRAPEZE services”
13:30-13:55 Fabio Martinelli (Institute of Informatics and Telematics, Italian National Research Council): “E-CORRIDOR approach for Confidential Analytics”
14:00-14:25 Sabrina Kirrane (Vienna University of Economics and Business): “Blockchain-based resource governance for decentralized web environments”
14:30-14:55 Jean-Paul Bultel (French Alternative Energies and Atomic Energy Commission-CEA): “Homomorphic encryption-based similarity matching for privacy-preserving interest-based data sharing”
15:00-15:25 Paolo Mori (Italian National Research Council): “Data usage control”
15:25-16:00 Break
16:00-16:25       Videoconference Simone Fischer-Hübner (Karlstad University): “Towards usable transparency and consent” (Presentation by Videoconferencing)
16:30-16:55 Roland Rieke (Fraunhofer-Gesellschaft): “Machine-Learning Methods for In-Vehicle Intrusion Detection”
17:00-17:25 Harshvardhan J. Pandit (Dublin City University): “Consent Through the Lens of Semantics: State of the Art Survey and Best Practices”
17:30-18:00 Francesco di Cerbo and Volkmar Lotz (SAP): “Privacy research topics at SAP”
18:00-19:00 Wine & Cheese Reception in Kahn Entryway

Data Protection Authorities, Politics and Applications on Friday, 28 April 2023

9:00-11:00 CEST for the DPA Session and 11:05-17:00 CEST for Day 2 of the Workshop
 9:00-11:00 Videoconference


DPA and Data Protection Community Session: This two-hour session will bring together research and Data Protection Authorities (DPAs) as well as experts from the data protection community to foster synergies and collaboration. Selected privacy-enhancing results of the TRAPEZE project (consent management through a citizen-centric privacy dashboard; policy language and the concept of sticky consent policies) will be presented and discussed with leading experts and practitioners. The discussion will also look at the project results in light of the latest trends, challenges and opportunities facing DPAs and the data protection community. The session will also explore the role of DPAs in promoting data protection and privacy across different sectors and jurisdictions.

Organised by Marit Hansen (Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein, Germany-ULD).

11:05-12:00 Martin Kurze (Deutsche Telekom), Ramon Martín de Pozuelo (CaixaBank) and Lauro Vanderborght (Digital Flanders): “An overview of the TRAPEZE use cases & their impact on society”
12:00-13:30 Lunch
13:30-13:55 Videoconference Theo Dimitrakos (Huawei Tech. Dues. GmbH (DE) / Univ. of Kent): “Challenges of trust and sovereignty awareness for global transactions in an increasingly fragmented polarized world”
14:00-14:25 Rigo Wenning (ERCIM/W3C): “Privacy and legal issues in Big Data”
14:30-14:55 Stefano Sebastio (Collins Aerospace): “Privacy-preserving passenger processing and operations solutions for multi-modal travels”
14:55-15:25 Break
15:25-15:50 Ilaria Matteucci (Italian National Research Council): “Privacy issues and automotive sector”
15:55-16:25 Fabio Podda (Azienda Mobilità e Trasporti Genova) and Liivar Luts (Tallinna Transpordiamet): “Protecting Data and Privacy in public transport sector: the CitySCAPE project”
16:30-16:55 Alexander Vasylchenko and Fabio Martinelli: Workshop conclusions and questions moving forward
17:00 Workshop Close


E-CORRIDOR Framework: Enabling Sustainable Multimodal Mobility in Smart Cities

Multimodality is essential for sustainable mobility, but it comes with its own challenges. Compared to personal car use, multiple modes are required for door-to-door travel, which can be inconvenient for travelers and mobility providers. The path to sustainable multimodality is to eliminate friction and barriers for both parties, making it easier and more attractive to choose sustainable modes of transportation.

The main challenge for travelers is interacting with multiple entities :

  • Mobility service providers (MSPs),
  • Public transport authorities,
  • Ticketing systems and user interfaces.

This means that travelers have to check in multiple times and manage their data privacy in complex and obscure ways through different interfaces.


In addition, travelers have to manage and seek information from different sources :

  • Availability,
  • Reservations,
  • Prices…


For mobility service providers, the challenges are critical , especially in services where the traveler is the driver which include :

  • Data governance,
  • data sharing of personal information,
  • cybersecurity management,
  • trust in the data sharing system and the "partners" with whom the data is exchanged,
  • Identity management and verification.


The E-CORRIDOR approach and the Car Sharing (S2C) pilot solution :

The S2C pilot is the evaluation of the capabilities of the E-CORRIDOR framework and the E-CORRIDOR analysis toolkit and the periphery deployment functionalities in the context of multimodal mobility in urban and peri-urban areas.

The pilot introduce a shared secured digital wallet, The wallet will be adapted specifically to the purpose of mobility and will be a one stop digital identity manager for end users of transport services, it will allow them to use any transport service, without having to create a separate, unique digital profile for each service. Each mobility provider will keep the added value of the data of the user profile and usage. In addition, exploiting the car as sensor paradigm, the car will generate a lot of relevant data that can be aggregated and shared with other services (as temperature, pollution, traffic, etc).


The current implementation shows a fully functional main scenario, from check-in to reservation to trip planning, with the use of different analysis services from the E-CORRIDOR analysis toolkit. In addition, the current implementation integrates intrusion detection analysis, and behavioral conduct identification into the driver that fulfills all scenarios and use cases.

Expected Outcomes

The pilot implemented in E-CORRIDOR project will demonstrate seamless secure access management for all citizens to all types of vehicles in the pan-European Multimodal Transport domain – through the Digital Wallet (eWallet) Sharing.


This wallet will be adapted specifically for the purpose of mobility and will therefore contain necessary and validated information such as the driver’s licence, a proof that the driving licence has been validated by a mobility provider, proof of address, mobility profile etc. as required by various transport providers and national regulations. As an example, the following scheme explains the vision of the pilot from the point of an end user – to move from point A to B, (s)he can simply choose which mode of transport to use in the journey and can automatically log in to any mobility app without making multiple accounts. Here, we take an example of Clem’s car sharing service, but this can be any transport service provider on the platform.




The principal challenge we face in tackling cyber threats is to exchange, process and disseminate information regarding cyber threats (alerts) in an efficient manner allowing interested parties to receive timely data related to cyber threats or incidents and in a way easy to process.

The alerts are based on discovered vulnerabilities and knowledge of common attack patterns which have been found in the wild or have been shared by peer organizations.

Those data should be “actionable”, meaning that they should be immediately deployed in the systems in order to protect the organization.

For that the ability to process and distribute information in an automated manner is crucial.


The ISAC pilot has produced automated tools to exchange and process information in an automated way, while respecting the privacy requirements.

The following functionalities have been acquired:

  • interaction speed-up between MiSE-ISCOM and stakeholders, in particular SMEs, which may allow users to act and mitigate the attack damages quickly;
  • increasing number of disseminated alerts, finding new patterns thanks to the collaborative data analysis developed in the project;
  • MiSE – ISCOM publish alerts being sure not to disseminate by mistake private information of the stakeholders, since E-CORRIDOR will take care, thanks to DSAs, of providing data in a privacy preserving manner.

Security Monitor for Connected Vehicles

New and binding regulations of the United Nations, such as UNECE 155, show the importance of cybersecurity in increasingly connected, automated mobility.

Networks and attacks in vehicles get increasingly more complex and difficult to secure by hand. But as of now machine learning (ML) based approaches are not universally used in safety-critical systems, as the lack of insight into the results effectively prevents corrective actions.

We are developing a hybrid, lightweight anomaly detection system with a workflow whose results are traceable enough rule sets to understand as a human operator and reliably initiate mitigation measures.


  • The development of trustworthy and explainable analysis methods for vehicle networks
  • Detection and prevention in a unified structure for road and rail
  • A ML-based security monitor that can detect anomalies and relations in data that are not captured in manually created rules
  • Generation of rule sets that humans can read, comprehend and verify, as well as use as a base for the execution of mitigation actions

Key Contributions

  • Notification of safety-relevant events
  • Rule-based analysis services
  • Transparency and explainability
  • Lightweight classification
  • Controls mitigation procedures
  • Privacy and anonymization
  • Conformity to the Ethics Guidelines


Initially data is collected from different sources, such as car sharing providers or vehicle manufacturers. Data is then anonymized, saved in a data lake and made available depending on access agreements through a system such as the E-Corridor ISI.



An ensemble of pre-classification approaches is then used to analyze the data for potential anomalies.

  • Such a classification approach is already integrated into the E-Corridor IAI as the Automotive IDS service
  • The pre-classification approaches often require high computational performance to detect anomalies and are therefore most suited to be run on a cloud system.


Using the pre-classification results, rule generation is used to generate rules.

  • These sets based on simple logical and conditional operations on configurable values within a message and thus verifiable and comprehensible
  • Generated rules are lightweight and run efficiently on low performance edge components

Manually generated rules can also be used as an input for rule generation, closing the gap between hand-crafted rule-based systems and MLS systems. The generated rules are then saved to the data lake and can be verified and transferred to the edge components within vehicles.


  • The proposed approach was chosen as a finalist at the 9th German IT Security Award
  • Lightweight Anomaly Detection for Edge Computing
  • Usable for implementation of regulations such as UNECE 155
  • AUTOSAR-compliant integrable into connected vehicles
  • Compliance with the European Commission's Ethics guidelines for trustworthy AI