# PQC Integration — Reviewer-Ready Pack **Proposal:** Post-Quantum Cryptography Integration for EU Critical Infrastructure **Call:** HORIZON-CL3-2025-CS-ECCC-06 **Budget:** €2.8M (€2.0M EU contribution) **Submission Deadline:** 2025-12-15, 17:00 CET **Status:** ✅ Reviewer materials complete (2025-11-06) --- ## Overview This directory contains **EU reviewer-ready materials** for the PQC Integration proposal — the critical components needed for Part B sections (Excellence, Impact, Implementation) and submission to the EU Funding & Tenders Portal. **Distinction from parent `funding-roadmap/` directory:** - Parent directory: Strategic coordination (consortium materials, Treasury Nebula, genesis receipts) - This directory: **Tactical execution** (proposal-specific documents for EU reviewers) --- ## Files in This Directory ### 1. PQC_Work_Package_Gantt.mmd (Mermaid Gantt Chart) **Purpose:** Visual timeline for Part B Section 3.1 (Work Plan & Resources) **Content:** - 5 work packages (WP1-5) across 24 months - 13 deliverables with dependencies - 5 major milestones (M0, M6, M12, M18, M24) - Critical path highlighted (integration points) **Usage:** ```bash # Render to PNG for Part B mmdc -i PQC_Work_Package_Gantt.mmd -o gantt.png -w 2000 -b white # Include in Part B Section 3.1 as Figure 2 ``` --- ### 2. PQC_Risk_Register.md (15 Identified Risks) **Purpose:** Part B Section 3.4 (Other Aspects) and Annex B **Content:** - 15 risks across technical, organizational, financial, external categories - Likelihood × Impact scoring (weighted average: 2.9/9 = MODERATE) - Specific mitigation strategies mapped to WPs and owners - €280K contingency budget (10%) with allocation plan - Monthly review process embedded in consortium governance **Key risks:** - R01: NIST PQC standards change (Score: 4) - R04: Pilot site deployment delays (Score: 4) - R08: Ψ-Field false positives (Score: 4) **Reviewer impact:** Shows systematic risk management, not naive optimism --- ### 3. PQC_KPI_Dashboard.md (18 Quantitative KPIs) **Purpose:** Part B Section 2.1 (Pathways to Impact) **Content:** - **Excellence KPIs:** TRL 4→6, 10+ publications, 5+ standards drafts - **Impact KPIs:** 30% audit cost reduction, 50% faster incident detection, 500+ downloads, 15+ federation nodes - **Implementation KPIs:** 100% deliverable on-time, ≤10% budget variance, ≥90% steering attendance **Format:** Table with baseline, target (M24), verification method, measurement frequency **Reviewer impact:** Demonstrates concrete, measurable outcomes (not vague claims) --- ### 4. PQC_Architecture_EU_Reviewer.mmd (Sanitized Technical Diagram) **Purpose:** Part B Section 1.3 (Methodology) as Figure 1 **Content:** - Removed "Rubedo/alchemical" language (kept in parent directory) - EU-friendly annotations (call topic alignment, policy compliance) - Shows: Current state (TRL 4) → Hybrid transition (TRL 5) → PQC target (TRL 6) - VaultMesh core components (LAWCHAIN, Ψ-Field, Federation, Receipts) - External anchors (TSA, Ethereum, Bitcoin) - 3 pilot sites (France, Czech, Greece) **Usage:** ```bash # Render to PNG for Part B mmdc -i PQC_Architecture_EU_Reviewer.mmd -o architecture.png -w 2500 -b white # Include in Part B Section 1.3 as Figure 1 ``` --- ### 5. PQC_Submission_Checklist.md (Complete Submission Guide) **Purpose:** Coordinator's step-by-step reference for Dec 11-15 submission sprint **Content:** - Pre-submission checklist (Part A, Part B, Annexes, Admin Docs, Consortium Agreement) - EU portal mandatory fields verification - File format & size requirements (PDF/A, <10 MB per file) - Timeline: Dec 11 (freeze) → Dec 12 (upload) → Dec 13 (validation) → Dec 14 (review) → Dec 15 (submit) - Post-submission actions (debrief, lessons learned, archive) **Critical sections:** - Budget sanity check (must sum to exactly 100%) - Person-month sanity check (4.3 FTE avg over 24 months) - Deliverable cadence check (13 deliverables over 24 months = ~1 every 2 months) --- ## How These Files Integrate with Part B ### Part B Section 1 — Excellence (30 points) **1.1 Objectives:** - Use KPI Dashboard (E1-E3) to define measurable objectives - "Achieve TRL 6 validation across 3 pilot sites (France, Czech, Greece)" - "Integrate 3 NIST PQC algorithms (Kyber, Dilithium, SPHINCS+)" - "Publish 10+ papers in top-tier venues, submit 5+ standards drafts" **1.2 Relation to Work Programme:** - Reference Architecture Diagram (Figure 1) showing call topic alignment - Map WP1-WP5 to call expected outcomes **1.3 Methodology:** - Insert Gantt Chart (Figure 2) showing 24-month timeline - Reference Risk Register: "15 identified risks with mitigation strategies (Annex B)" - Architecture Diagram shows TRL progression visually **1.4 Open Science:** - Reference KPI I3 (Adoption): "Target 500+ open-source downloads post-M24" --- ### Part B Section 2 — Impact (30 points) **2.1 Pathways to Impact:** - **Insert full KPI Dashboard table** (18 KPIs) - Societal: "30% audit cost reduction, 50% faster incident detection" - Economic: "€100K+ cost savings per organization via cryptographic governance" - Scientific: "10+ publications, 5+ standards contributions" - Policy: "NIS2/DORA compliance, EU digital sovereignty" **2.2 Measures to Maximize Impact:** - Reference KPI I3 (Adoption): dissemination channels, target audiences - "Open-source under Apache 2.0, community governance post-project" **2.3 IPR Management:** - "All foreground IP under Apache 2.0 (open-source)" - "Background IP: VaultMesh existing codebase (Apache 2.0)" --- ### Part B Section 3 — Implementation (40 points) **3.1 Work Plan & Resources:** - **Insert Gantt Chart** as Figure 2 (PQC_Work_Package_Gantt.mmd) - Work package table (WP1-5 with lead, person-months, budget) - Deliverable list (13 deliverables from Gantt) - Milestone table (5 major milestones: M0, M6, M12, M18, M24) **3.2 Management Structure:** - Reference Risk Register: "Monthly risk review in steering committee" - "Quality assurance: external TRL audit at M12 and M24" **3.3 Consortium as a Whole:** - Partner complementarity table (from parent directory `consortium/consortium-tracker.csv`) - Track record: cite H2020/Horizon Europe projects if partners have them **3.4 Other Aspects:** - Reference Risk Register (Annex B): "15 identified risks, weighted average score 2.9/9 (MODERATE)" - "€280K contingency budget (10%) with allocation plan" - Ethics: "GDPR compliance for pilot data, no human subjects" --- ## Part B Annexes (Include These Files) **Annex A: Cryptographic Proof-of-Governance** - Source: `../PROOF_CHAIN.md` - Purpose: Demonstrate VaultMesh's unique proof-driven coordination - Reviewer impact: Differentiates from competitors, shows systematic rigor **Annex B: Risk Register** - Source: `PQC_Risk_Register.md` - Purpose: Detailed risk mitigation strategies - Reviewer impact: Shows proactive management (positive for Implementation score) **Annex C: Data Management Plan** - Source: (to be created) `PQC_Data_Management_Plan.md` - Purpose: FAIR data principles, open access publications **Annex D: Partner CVs** - Source: Collect from partners (2-page EU format) - Purpose: Demonstrate expertise (2-3 key personnel per partner) **Annex E: Letters of Commitment** - Source: (if pilot sites are not full partners) — France, Czech, Greece - Purpose: Confirm pilot site availability **Annex F: Gender Equality Plan** - Source: (if required by call) — reference institutional policies - Purpose: EU cross-cutting priority --- ## Rendering Diagrams for Part B ### Option 1: Online (Mermaid Live Editor) ```bash # Copy diagram content cat PQC_Work_Package_Gantt.mmd | pbcopy # macOS # Open https://mermaid.live/ # Paste → Export PNG (2000px width, white background) ``` ### Option 2: Command-Line (mermaid-cli) ```bash # Install once npm install -g @mermaid-js/mermaid-cli # Render Gantt chart mmdc -i PQC_Work_Package_Gantt.mmd -o gantt.png -w 2000 -b white # Render architecture diagram mmdc -i PQC_Architecture_EU_Reviewer.mmd -o architecture.png -w 2500 -b white # Result: High-res PNGs ready for Part B ``` --- ## Timeline: Using These Materials (Nov 6 - Dec 15) ### Week 1 (Nov 6-12) — Consortium Alignment - [x] Reviewer materials created ✅ COMPLETE - [ ] Share Gantt, Risk Register, KPI Dashboard with partners - [ ] Conduct consortium kickoff call (discuss WP assignments) ### Week 2-3 (Nov 13-26) — Part B Drafting - [ ] VaultMesh: Draft Section 1 (Excellence) using Architecture Diagram + KPIs - [ ] Cyber Trust: Draft Section 2 (Impact) using KPI Dashboard - [ ] VaultMesh + Univ Brno: Draft Section 3 (Implementation) using Gantt + Risk Register - [ ] Render diagrams to PNG for inclusion ### Week 4-5 (Nov 27 - Dec 10) — Internal Review - [ ] Steering committee reviews full Part B draft - [ ] Partners provide feedback on their sections - [ ] Integrate changes, finalize budget table - [ ] Consortium agreement signed (Dec 8) ### Week 6 (Dec 11-15) — Final Submission Sprint - [ ] Dec 11 (5pm): Proposal freeze (no more edits) - [ ] Dec 12: Upload to EU portal (Part A + Part B + Annexes) - [ ] Dec 13: Fix any validation errors - [ ] Dec 14: Final review by coordinator - [ ] Dec 15 (before 5pm CET): **SUBMIT** --- ## Quality Assurance ### Internal Peer Review (Week 4-5) - [ ] Each partner reviews sections they're not lead on - [ ] External reviewer (optional): former EU evaluator reviews Part B (€1K budget) - [ ] Spell check (UK English), grammar check - [ ] References formatted consistently ### EU Portal Validation (Dec 12-13) - [ ] All mandatory fields filled (green checkmarks) - [ ] Budget sums to exactly 100% - [ ] File sizes <10 MB (Part B) and <5 MB (each annex) - [ ] PDF/A format (archival quality) ### Final Sanity Checks (Dec 14) - [ ] Budget: VaultMesh 70.4%, Brno 10%, Cyber Trust 12.5%, France 7.1% = 100% ✓ - [ ] Person-months: 104 PM total = 4.3 FTE avg over 24 months ✓ - [ ] Deliverables: 13 total, evenly distributed across 24 months ✓ - [ ] KPIs: 18 quantitative targets with verification methods ✓ - [ ] Risks: 15 identified, 0 high-risk (score ≥6), €280K contingency ✓ --- ## Success Criteria **Reviewer materials are strong if:** - ✅ Gantt chart shows realistic timeline (not overly aggressive, not too conservative) - ✅ Risk register identifies genuine risks (not trivial), with concrete mitigations (not vague) - ✅ KPIs are measurable (not "we will contribute to...") and ambitious but achievable - ✅ Architecture diagram is clear (reviewers understand in 30 seconds) - ✅ Submission checklist prevents last-minute errors (all mandatory fields filled) **Proposal is strong if:** - 🎯 Excellence: Clear innovation beyond state-of-the-art, TRL 4→6 credible - 🎯 Impact: Quantified outcomes (30% cost reduction, 10+ publications, 5+ standards) - 🎯 Implementation: Realistic work plan, experienced consortium, proactive risk management - 🎯 Differentiation: PROOF_CHAIN.md (Annex A) positions VaultMesh as unique trust anchor **Estimated evaluation score:** **13-14/15 points** (threshold: 12) → **High funding probability (70-80%)** --- ## Contact & Support **Coordinator:** - Karol Stefanski (VaultMesh Guardian) - Email: guardian@vaultmesh.org - Role: Part B integration, EU portal submission, consortium coordination **Section Leads:** - VaultMesh: Part B Section 1 (Excellence), Section 3 (Implementation) - Cyber Trust: Part B Section 2 (Impact) - Univ Brno: Part B Section 3 (Implementation, co-lead with VaultMesh) **Steering Committee:** - Weekly check-ins (30 min) — review progress, resolve blockers - Emergency calls (if critical issues) — within 24h response time --- ## Related Directories **Parent:** `~/vaultmesh-core/funding-roadmap/` (strategic coordination) - Treasury Nebula Map (meta-visualization of all 8 proposals) - Genesis Receipt (Merkle-rooted proof-of-governance) - Consortium tracker (14 partners across 4 proposals) - Partner onboarding kit, LOI templates **Sibling (future):** `digital-twins/`, `genai-health/` (similar reviewer packs for other proposals) --- ## Lessons Learned (Post-Submission) **What worked well:** - (To be filled after Dec 15 submission) **What could improve:** - (To be filled after Dec 15 submission) **Apply to Digital Twins (Jan 20 deadline):** - (To be filled after PQC submission) --- **Document Control:** - Version: 1.0-REVIEWER-PACK - Date: 2025-11-06 - Owner: VaultMesh Technologies B.V. (Coordinator) - Classification: Consortium Internal (Critical Reference) - Status: ✅ Complete — Ready for Part B drafting (Week 2-3)